即插即用的基于php-fpm的nginx配置(含https)
2022-06-10 本文已影响0人
玩物励志老乐
服务器这种事,当然需要学习。但是确实没必要死记硬背。学会了原理,就可以根据情况随机应变。下面是基于php-fpm的nginx网站配置。适合需要配项目的时候,随查随用,复制粘贴。
- 最简单的nginx+php的配置
server {
listen 80;
server_name www.example.com;
# 将根目录设置到public目录
root /var/www/[project_name]/public;
charset utf-8;
location / {
index index.php;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# 根据当前环境,选择合适的通讯方式
# fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
- 基于laravel的php+nginx配置(nginx为1.15以上版本;SSL配置以阿里云为例)
server {
listen 80;
server_name www.example.com; #如果使用ip访问,这里填写下划线_
root /var/www/[project_name]/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; #根据实际情况选择9000还是sock
fastcgi_pass [::]:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
server {
listen 443 ssl; #SSL协议访问端口号为443,注意安全组放行443端口。nginx 1.5以上添加ssl。
server_name www.example.com;
root /var/www/[project_name]/public;
ssl_certificate [path]/cert/xxx.pem; #使用pem文件。
ssl_certificate_key [path]/cert/xxx.key; #使用key文件。
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #阿里云的加密套件,腾讯云的见thinkphp的配置。
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #阿里云的加密套件,腾讯云的见thinkphp的配置。
ssl_prefer_server_ciphers on;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_pass [::]:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
- 基于thinkphp5的php+nginx配置(nginx为1.15以上版本;SSL配置以腾讯云为例)
server {
listen 80;
server_name www.example.com;
# 将根目录设置到public目录
root /var/www/[project_name]/public;
charset utf-8;
location ~ .*\.(gif|jpg|jpeg|bmp|png|ico|txt|js|css)$ {
root /var/www/[project_name]/public;
}
location / {
index index.php;
if ( -f $request_filename) {
break;
}
if ( !-e $request_filename) {
rewrite ^(.*)$ /index.php/$1 last;
break;
}
}
location ~ .+\.php($|/) {
fastcgi_pass unix:/run/php-fpm/www.sock; # 根据情况,可以换成127.0.0.1:9000
fastcgi_split_path_info ^((?U).+.php)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server {
listen 443; # nginx1.5以上,请见lavarel配置。
server_name www.example.cn;
root /var/www/[project_name]/public;
ssl on; # nginx1.5以上不用该句。
ssl_certificate [path]/cert/www.example.cn.crt; # 腾讯云的免费证书使用crt文件。
ssl_certificate_key [path]/cert/www.example.cn.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; #腾讯云的ssl证书加密方式
ssl_protocols TLSv1.2 TLSv1.3; #腾讯云的ssl证书这样配置。
ssl_prefer_server_ciphers on;
location ~ .*\.(gif|jpg|jpeg|bmp|png|ico|txt|js|css)$ {
root /var/www/[project_name]/public;
}
location / {
index index.php;
if ( -f $request_filename) {
break;
}
if ( !-e $request_filename) {
rewrite ^(.*)$ /index.php/$1 last;
break;
}
}
location ~ .+\.php($|/) {
fastcgi_pass unix:/run/php-fpm/www.sock; # 根据情况,可以换成127.0.0.1:9000
fastcgi_split_path_info ^((?U).+.php)(/?.+)$;
fastcgi_index index.php;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
