Drupal + Ubuntu + PHP-FPM + Nginx Configuration
Get a Drupal site running on Ubuntu with PHP-FPM, and Nginx easily with the following help documentation.
Note: Replace yourdomain.com with your domain name.
Create the following Nginx config file in your /etc/nginx/sites-available folder using the following command.
nano /etc/nginx/sites-available/yourdomain.com
Drupal Nginx Config File
The following Nginx config file works with Drupal 7, Ubuntu 14.04.1, PHP5-FPM 5.5.9, and Nginx 1.8.0.
server {
server_name yourdomain.com; ## <-- Your domain name.
root /var/www/yourdomain.com; ## <-- Your only path reference.
# Enable compression, this will help if you have for instance advagg module
# by serving Gzip versions of the files.
gzip_static on;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# This matters if you use drush prior to 5.x
# After 5.x backups are stored outside the Drupal install.
#location = /backup {
# deny all;
#}
# Very rarely should these ever be accessed outside of your lan
location ~* \.(txt|log)$ {
allow 192.168.0.0/16;
deny all;
}
location ~ \..*/.*\.php$ {
return 403;
}
# No no for private
location ~ ^/sites/.*/private/ {
return 403;
}
# Block access to "hidden" files and directories whose names begin with a
# period. This includes directories used by version control systems such
# as Subversion or Git to store control files.
location ~ (^|/)\. {
return 403;
}
location / {
# This is cool because no php is touched for static content
try_files $uri @rewrite;
}
location @rewrite {
# You have 2 options here
# For D7 and above:
# Clean URLs are handled in drupal_environment_initialize().
rewrite ^ /index.php;
# For Drupal 6 and bwlow:
# Some modules enforce no slash (/) at the end of the URL
# Else this rewrite block wouldn't be needed (GlobalRedirect)
#rewrite ^/(.*)$ /index.php?q=$1;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_intercept_errors on;
fastcgi_pass unix:/tmp/php5-fpm.sock;
}
# Fighting with Styles? This little gem is amazing.
# This is for D6
#location ~ ^/sites/.*/files/imagecache/ {
# This is for D7 and D8
location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}
Symlink a copy to your /etc/nginx/sites-enabled folder. Run the following command from in your /etc/nginx/sites-enabled folder.
ln -s ../sites-available/domain.com .
Nginx Config for Adaptive Image Styles Module
AIS: Adaptive Image Style Configuration
location = /modules/image/sample.png {
}
location / {
if ($request_uri ~ "^(.+)/files/styles/adaptive/(.+)"){
rewrite ^/(.+)/files/styles/adaptive/(.+)$ /$1/files/styles/%1/$2 redirect;
}
}
Disable SSL v3 for Nginx
Add the following line to your Nginx configuration to disable SSL v3 to protect against the POODLE SSL v3.0 vulnerability.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;