Drupal support majority of web-servers available in the market. Check list here.
To get Drupal 8 working with NGINX, we've to add a following configuration in NGINX vhost file:
NOTE :
Part 2 of this article describes configuring nginx vhost to serve Drupal as sub-directory.
- Change "SERVER_NAME" to actual domain name you want to use. For e.g. example.com
- Change "PHP_FPM_VERSION" to PHP FPM version installed on server. I've php 7.2 installed with fpm on my machine, so I'll be using php7.2-fpm as PHP-FPM version.
For e.g. fastcgi_pass unix:/run/php/php7.2-fpm.sock - Change "SSL_CERTIFICATE_NAME" to actual SSL Certificate file name and its location. For e.g. example.com.pem and example.com.key
# VHOST Config.
server {
server_name SERVER_NAME www.SERVER_NAME;
root /var/www/html/drupal;
listen 80;
# Configure SSL, START HERE.
listen 443;
# Enable SSL.
ssl on;
ssl_certificate /etc/nginx/ssl/SSL_CERTIFICATE_NAME.pem;
ssl_certificate_key /etc/nginx/ssl/SSL_CERTIFICATE_NAME.key;
# Protocol
ssl_protocols TLSv1.2;
# Redirect HTTP to HTTPS
if ($scheme = http) {
# NOTE : Remove www, if non-www url.
return 301 https://www.$server_name$request_uri;
}
# Configure SSL, END HERE.
# Add headers.
add_header Strict-Transport-Security 'max-age=31536000;';
add_header X-XSS-Protection "1; mode=block" always;
# Handle error pages;
# Configure to override nginx default error page(s).
error_page 500 /5xx.html;
error_page 502 /5xx.html;
error_page 504 /5xx.html;
location = /5xx.html {
root /var/www/html/drupal;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Handle robots.txt separately
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Prevent access to files directly.
location ~ .*\.config$ {
return 403;
}
location ~ \..*/.*\.php$ {
return 403;
}
location ~ \..*/.*\.yml$ {
return 403;
}
location ~ /composer.*$ {
return 403;
}
# Prevent any hidden files (.htaccess, .gitignore)
location ~ (^|/)\. {
return 403;
}
location ~ ^/sites/.*/private/ {
return 403;
}
location / {
try_files $uri /index.php?$query_string;
}
# Re-write URLs to start with index.php
location @rewrite {
rewrite ^/(.*)$ /index.php?q=$1;
}
location ~ '\.php$|^/update.php' {
# Allow sub-pages after update.php
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi_params;
include snippets/fastcgi-php.conf;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_intercept_errors on;
fastcgi_pass unix:/run/php/PHP_FPM_VERSION.sock;
}
# Working with image styles.
location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}
# Set expiration for media, CSS and JS files.
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
proxy_cache_bypass 1;
}
}
Above vhost configuration works in Ubuntu, but for this to get working in CentOS, we've to update vhost configuration for "update.php" as below :
server {
server_name SERVER_NAME www.SERVER_NAME;
root /var/www/html/drupal;
listen 80;
# Configure SSL, START HERE.
listen 443;
# Enable SSL.
ssl on;
ssl_certificate /etc/nginx/ssl/SSL_CERTIFICATE_NAME.pem;
ssl_certificate_key /etc/nginx/ssl/SSL_CERTIFICATE_NAME.key;
# Protocol
ssl_protocols TLSv1.2;
# Redirect HTTP to HTTPS
if ($scheme = http) {
# NOTE : Remove www, if non-www url.
return 301 https://www.$server_name$request_uri;
}
# Configure SSL, END HERE.
# Add headers.
add_header Strict-Transport-Security 'max-age=31536000;';
add_header X-XSS-Protection "1; mode=block" always;
# Handle error pages;
# Configure to override nginx default error page(s).
error_page 500 /5xx.html;
error_page 502 /5xx.html;
error_page 504 /5xx.html;
location = /5xx.html {
root /var/www/html/drupal;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Handle robots.txt separately
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Prevent access to files directly.
location ~ .*\.config$ {
return 403;
}
location ~ \..*/.*\.php$ {
return 403;
}
location ~ \..*/.*\.yml$ {
return 403;
}
location ~ /composer.*$ {
return 403;
}
# Prevent any hidden files (.htaccess, .gitignore)
location ~ (^|/)\. {
return 403;
}
location ~ ^/sites/.*/private/ {
return 403;
}
location / {
try_files $uri /index.php?$query_string;
}
# Re-write URLs to start with index.php
location @rewrite {
rewrite ^/(.*)$ /index.php?q=$1;
}
location ~ '\.php$|^/update.php' {
# Allow sub-pages after update.php
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi_params;
include snippets/fastcgi-php.conf;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_intercept_errors on;
fastcgi_pass unix:/run/php/PHP_FPM_VERSION.sock;
}
# Working with image styles.
location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}
# Set expiration for media, CSS and JS files.
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
proxy_cache_bypass 1;
}
}
# For CentOS
location ~ '\.php$|^/update.php' {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
# Allow sub-pages after update.php
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ '\.php$|^/update.php' {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
# Allow sub-pages after update.php
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
Part 2 of this article describes configuring nginx vhost to serve Drupal as sub-directory.