当前位置: 文江博客话题详情

NginX 友好的 PHP 框架

发布于 2024-09-28 12:21:08 字数 66 浏览 3 评论 0原文

我正在寻找一种 PHP 框架,如果幸运的话,它只能在 FastCGI 下的 nginx 中工作,否则,不需要太多调整。

原文

I am looking for a PHP framework that, if I'm lucky, just works in nginx under FastCGI, otherwise, one that doesn't take too much tweaking.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

呆橘 2024-10-05 12:21:08

Symfony 1.4 与 nginx 非常棒。我已经完成了调整,这是我的生产配置的概括,我可以保证它适合生产使用。

server {
  listen 80;

  server_name mysite.com;

  root /var/www/mysite.com/web;
  access_log /var/log/nginx/mysite.com.access.log;
  error_log /var/log/nginx/mysite.com.error.log;

  location ~ ^/(index|frontend|frontend_dev|backend|backend_dev)\.php$ {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS off;
    fastcgi_pass   127.0.0.1:9000;
  }

  location / {
    index index.php;
    try_files $uri /index.php?$args;
  }
}

server {
  listen 443;

  ssl on;
  ssl_certificate      /etc/ssl/certs/mysite.com.crt;
  ssl_certificate_key  /etc/ssl/private/mysite.com.key;

  server_name mysite.com;

  root /var/www/mysite.com/web;
  access_log /var/log/nginx/mysite.com.access.log;
  error_log /var/log/nginx/mysite.com.error.log;
  location ~ ^/(index|frontend|frontend_dev|backend|backend_dev)\.php$ {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS on;
    fastcgi_pass   127.0.0.1:9000;
  }

  location / {
    index index.php;
    try_files $uri /index.php?$args;
  }
}

PHP 5.4 注意

dotdeb 附带的 php5-fpm 5.4 现在默认使用套接字而不是环回。如果您使用的是 PHP 5.4,并且上述配置出现错误网关错误,请尝试将 127.0.0.1:9000 的所有实例替换为 unix:/var/run/php5-fpm .sock

php-fpm 5.4 还新将可解析为 PHP 的文件扩展名限制为 security.limit_extensions 中指定的扩展名。如果您已修改位置正则表达式以包含 .php 之外的其他文件扩展名,这可能会引起您的兴趣。下面的安全说明仍然适用。

安全说明

此配置仅使用 PHP 解析文件 index.php、frontend.php、frontend_dev.php、backend.php 和 backend_dev.php。

一般而言,对于 php 和 nginx(不仅仅是 symfony),使用

location \.php$ {
  ...
}

会导致与使用 pathinfo 的 URL 相关的安全漏洞,例如:/index.php/foo/bar。

常见的解决方法是在 php.ini 中设置 fix_pathinfo=0。这会破坏 pathinfo URL,而 symfony 依赖于它们。这里使用的解决方案是显式指定解析为 php.ini 的文件。

有关详细信息,请参阅 nginx+php-cgi 安全警报

平台

这在使用 dotdeb 作为 nginx 和 php-fpm 软件包的 Debian Squeeze 系统以及 Ubuntu 10.04 Lucid Lynx< /em> 使用 ppa/brianmercer 作为 php-fpm 的系统。它可能会也可能不会在其他系统上工作并且安全。

用法说明

要添加另一个 PHP 文件additionalfile.php 进行解析,请在两个位置块中使用以下语法:

location ~ ^(index|frontend|frontend_dev|backend|backend_dev|additionalfile).php$ {
...

编辑: Symfony 2.0 已经发布了!这是根据上面的 1.4 配置改编的配置:

server {
  listen 80;

  server_name symfony2;
  root /var/www/symfony2/web;

  error_log /var/log/nginx/symfony2.error.log;
  access_log /var/log/nginx/symfony2.access.log;

  location / {
    index app.php;
    if (-f $request_filename) {
      break;
    }
    rewrite ^(.*)$ /app.php last;
  }

  # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  #
  location ~ (app|app_dev).php {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS off;
    fastcgi_pass   127.0.0.1:9000;
  }
}

server {
  listen 443;

  server_name symfony2;
  root /var/www/symfony2/web;

  ssl on;
  ssl_certificate      /etc/ssl/certs/symfony2.crt;
  ssl_certificate_key  /etc/ssl/private/symfony2.key;

  error_log /var/log/nginx/symfony2.error.log;
  access_log /var/log/nginx/symfony2.access.log;

  location / {
    index app.php;
    if (-f $request_filename) {
      break;
    }
    rewrite ^(.*)$ /app.php last;
  }

  # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  #
  location ~ (app|app_dev).php {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS off;
    fastcgi_pass   127.0.0.1:9000;
  }
}

Symfony 1.4 with nginx is fantastic. I have already done the tweaking, here is a generalization of my production config that I can vouch is fit for production use.

server {
  listen 80;

  server_name mysite.com;

  root /var/www/mysite.com/web;
  access_log /var/log/nginx/mysite.com.access.log;
  error_log /var/log/nginx/mysite.com.error.log;

  location ~ ^/(index|frontend|frontend_dev|backend|backend_dev)\.php$ {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS off;
    fastcgi_pass   127.0.0.1:9000;
  }

  location / {
    index index.php;
    try_files $uri /index.php?$args;
  }
}

server {
  listen 443;

  ssl on;
  ssl_certificate      /etc/ssl/certs/mysite.com.crt;
  ssl_certificate_key  /etc/ssl/private/mysite.com.key;

  server_name mysite.com;

  root /var/www/mysite.com/web;
  access_log /var/log/nginx/mysite.com.access.log;
  error_log /var/log/nginx/mysite.com.error.log;
  location ~ ^/(index|frontend|frontend_dev|backend|backend_dev)\.php$ {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS on;
    fastcgi_pass   127.0.0.1:9000;
  }

  location / {
    index index.php;
    try_files $uri /index.php?$args;
  }
}

PHP 5.4 Note

php5-fpm 5.4 that comes with dotdeb now uses sockets instead of the loopback by default. If you are using PHP 5.4 and you are getting a bad gateway error with the above config, try replacing all instances of 127.0.0.1:9000 with unix:/var/run/php5-fpm.sock.

php-fpm 5.4 also newly limits the file extensions that can be parsed as PHP to those specified in security.limit_extensions. This might be of interested if you have modified the location regex to include other file extensions than .php. The security note below still applies.

Security Note

This config only parses the files index.php, frontend.php, frontend_dev.php, backend.php and backend_dev.php with PHP.

With php and nginx in general, not just with symfony, using

location \.php$ {
  ...
}

causes a security vulnerability related to URLs that use pathinfo, like these: /index.php/foo/bar.

The common workaround is to set fix_pathinfo=0 in php.ini. This breaks pathinfo URLs, and symfony relies on them. The solution used here is to explicitly specify the files that get parsed as php.

For more information, see the nginx+php-cgi security alert

Platforms

This works and is secure on Debian Squeeze systems that use dotdeb for nginx and php-fpm packages, as well as Ubuntu 10.04 Lucid Lynx systems that use ppa/brianmercer for php-fpm. It might or might not work and be secure on other systems.

Usage note

To add another PHP file additionalfile.php to get parsed, use this syntax in both location blocks:

location ~ ^(index|frontend|frontend_dev|backend|backend_dev|additionalfile).php$ {
...
}

Edit: Symfony 2.0 is out! Here is the config, adapted from the 1.4 config above:

server {
  listen 80;

  server_name symfony2;
  root /var/www/symfony2/web;

  error_log /var/log/nginx/symfony2.error.log;
  access_log /var/log/nginx/symfony2.access.log;

  location / {
    index app.php;
    if (-f $request_filename) {
      break;
    }
    rewrite ^(.*)$ /app.php last;
  }

  # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  #
  location ~ (app|app_dev).php {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS off;
    fastcgi_pass   127.0.0.1:9000;
  }
}

server {
  listen 443;

  server_name symfony2;
  root /var/www/symfony2/web;

  ssl on;
  ssl_certificate      /etc/ssl/certs/symfony2.crt;
  ssl_certificate_key  /etc/ssl/private/symfony2.key;

  error_log /var/log/nginx/symfony2.error.log;
  access_log /var/log/nginx/symfony2.access.log;

  location / {
    index app.php;
    if (-f $request_filename) {
      break;
    }
    rewrite ^(.*)$ /app.php last;
  }

  # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  #
  location ~ (app|app_dev).php {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS off;
    fastcgi_pass   127.0.0.1:9000;
  }
}
回复 原文
无力看清 2024-10-05 12:21:08

正如一些评论者所指出的,您只需要正确设置 nginx 即可。 这是一篇设置 nginx 的帖子对于代码点火器

As some commenters have noted you just need to set up nginx correctly. Here's a post that sets up nginx for codeigniter.

回复 原文
~没有更多了~

关于作者

み零

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

1CH1MKgiKxn9p

文章 0 评论 0

ゞ记忆︶ㄣ

文章 0 评论 0

JackDx

文章 0 评论 0

信远

文章 0 评论 0

yaoduoduo1995

文章 0 评论 0

霞映澄塘

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文