Drupal & nginx : a sound "general purpose" configuration?
- by sbrattla
After a bit back and forth with configuring Drupal and nginx to work together, I've come up with the below configuration for a site. It works well, both with private and public file systems. However, as I am fairly new to nginx I'd like to hear if there is something with this configuration that I should change (for
Please note! I'm aiming towards getting feedback on a general purpose Drupal configuration. That is, a configuration which others who are trying out Drupal + nginx can "copy paste" to get up and running.
server {
listen 80;
server_name www.example.* example.*;
access_log /home/example/www/logs/access.log;
error_log /home/example/www/logs/error.log;
root /home/example/www/public_html;
# Site Icon
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Search Engines
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Drush
location = /backup {
deny all;
}
# Very rarely should these ever be accessed from outside
# the local network.
location ~* \.(txt|log)$ {
allow 10.0.0.0/8;
allow 172.16.0.0/12;
allow 192.168.0.0/16;
deny all;
}
location ~ \..*/.*\.php$ {
return 403;
}
# Default location
location / {
try_files $uri @rewrite;
}
# Files managed by Drupal will be served via PHP.
location ~* /system/files/ {
access_log off;
try_files $uri @rewrite;
}
## Images and static content is treated different
location ~* \.(jpg|jpeg|gif|css|png|js|ico|xml)$ {
access_log off;
expires 30d;
}
# Some Drupal modules enforce no slash (/) at the end
# of the URL.
location @rewrite {
rewrite_log on;
rewrite ^/(.*)$ /index.php?q=$1;
}
# PHP5-FPM is used to handle PHP.
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass unix:/var/run/example.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
## Disable viewing .htaccess & .htpassword
location ~ /\.ht {
deny all;
}
}
