Updated and Fixed error on updating Letsencrypt cert with NGINX's drupal template.

2025-08-14 18:49:17 -07:00 · 2018-07-18 10:40:35 +07:00 · 2018-07-18 10:40:35 +07:00 · 7958b495c9
commit 7958b495c9
parent 1096fcda9c
114 changed files with 2812 additions and 3591 deletions
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl
@ -31,48 +31,42 @@ server {
        return 403;
    }

-    # No no for private
    location ~ ^/sites/.*/private/ {
        return 403;
    }

-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
    location / {
        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
    }

    location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
        rewrite ^/(.*)$ /index.php?q=$1;
    }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    

-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
    }

    error_page  403 /error/404.html;