samjaninf
9/24/2018 - 5:43 PM

mautic nginx

mautic nginx
content_copyfile_download
server {
  listen 80;
  listen 443 ssl http2;
  server_name   your.mautic.location;
  root /your/mautic/path ;
  server_tokens off;
  add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
  add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';


 
	client_max_body_size 64M;
 
  gzip on;
	gzip_disable "msie6";
  gzip_min_length 256;

	gzip_vary on;
	gzip_proxied any;
	gzip_comp_level 6;
	gzip_buffers 16 8k;
	gzip_http_version 1.1;
  gzip_types
    font/truetype
    font/opentype
    font/woff2
    text/plain
    text/css
    text/js
    text/xml
    text/javascript
    application/javascript
    application/x-javascript
    application/json
    application/xml
    application/rss+xml
    image/svg+xml;
       
  error_page 404 /index.php;


  # redirect index.php to root
  rewrite ^/index.php/(.*) /$1  permanent;

  #######################################
  ##  Start Mautic Specific config #####
  #######################################

  # redirect some entire folders
  rewrite ^/(vendor|translations|build)/.* /index.php break;

  location / {
    # First attempt to serve request as file, then
    # as directory, then fall back to index.html
      # one option: try_files $uri $uri/ /index.php$is_args$args;
      try_files $uri /index.php$is_args$args;
    # Uncomment to enable naxsi on this location
    # include /etc/nginx/naxsi.rules
  }

  # Deny everything else in /app folder except Assets folder in bundles
  location ~ /app/bundles/.*/Assets/ {
    allow all;
    access_log off;
  }
  location ~ /app/ { deny all; }

  # Deny everything else in /addons or /plugins folder except Assets folder in bundles
  location ~ /(addons|plugins)/.*/Assets/ {
    allow all;
    access_log off;
  }
  location ~ /(addons|plugins)/ { deny all; }

  # Deny all php files in themes folder
  location ~* ^/themes/(.*)\.php {
    deny all;
  }

  # Don't log favicon
  location = /favicon.ico {
    log_not_found off;
    access_log off;
  }

  # Don't log robots
  location = /robots.txt  {
    access_log off;
    log_not_found off;
  }

  # Deny yml, twig, markdown, init file access
  location ~* /(.*)\.(?:markdown|md|twig|yaml|yml|ht|htaccess|ini)$ {
    deny all;
    access_log off;
    log_not_found off;
  }

  # Deny all attempts to access hidden files/folders such as .htaccess, .htpasswd, .DS_Store (Mac), etc...
  location ~ /\. {
    deny all;
    access_log off;
    log_not_found off;
  }

  # Deny all grunt, composer files
  location ~* (Gruntfile|package|composer)\.(js|json)$ {
    deny all;
    access_log off;
    log_not_found off;
  }

  location ~ /app/bundles/CoreBundle/Assets/js/libraries/ckeditor/filemanager/connectors/php/filemanager.php {
    allow all;
    include /etc/nginx/fastcgi_params;
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
  }

  #######################################
  ##  End Mautic Specific config #####
  #######################################

  # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000

  location ~ \.php$ {
    # try_files $uri =403;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
    
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_index index.php;
    include fastcgi_params;
    
    fastcgi_buffer_size 128k;
    fastcgi_buffers 256 16k;
    fastcgi_busy_buffers_size 256k;
    fastcgi_temp_file_write_size 256k;
  }
}