I cant use my flarum website after updating Hestiacp to 1.7.0

1

Flarum NGİNX configuration is wrong. İt is broken after upgrade to 1.7.0 release of HestiaCP.

This is my configuration for Flarum website before update HestiaCP

server {
    listen      XXX.XX.XX.XX:443 ssl http2;
    server_name domain.com;
    root        /home/user/web/domain.com/public_html/public/;
    index       index.php index.html index.htm;
    access_log  /var/log/nginx/domains/domain.com.log combined;
    access_log  /var/log/nginx/domains/domain.com.bytes bytes;
    error_log   /var/log/nginx/domains/domain.com.error.log error;

    ssl_certificate      /home/user/conf/web/domain.com/ssl/domain.com.pem;
    ssl_certificate_key  /home/user/conf/web/domain.com/ssl/domain.com.key;
    ssl_stapling on;
    ssl_stapling_verify on;

    include /home/user/conf/web/domain.com/nginx.hsts.conf*;


    location / {

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP       $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass_request_headers on;

	try_files $uri $uri/ /index.php?$query_string;


        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
            expires     max;
            fastcgi_hide_header "Set-Cookie";
        }

        location ~ [^/]\.php(/|$) {
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            if (!-f $document_root$fastcgi_script_name) {
                return  404;
            }

            fastcgi_pass    unix:/run/php/php7.4-fpm-domain.com.sock;
            fastcgi_index   index.php;
            include         /etc/nginx/fastcgi_params;
        }

    }

#for wordpress (subfolder installation)
    location ^~ /vitrin {
        root        /home/user/web/domain.com/public_html;
        index index.php index.html index.htm;
        try_files $uri $uri/ /vitrin/index.php?$query_string;

        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
            expires     max;
            fastcgi_hide_header "Set-Cookie";
        }

        location ~ [^/]\.php(/|$) {
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            if (!-f $document_root$fastcgi_script_name) {
                return  404;
            }

            fastcgi_pass    unix:/run/php/php7.4-fpm-domain.com.sock;
            fastcgi_index   index.php;
            include         /etc/nginx/fastcgi_params;
        }
     }

    location /error/ {
        alias   /home/user/web/domain.com/document_errors/;
    }

    location ~* "/\.(htaccess|htpasswd)$" {
        deny    all;
        return  404;
    }

    location /vstats/ {
        alias   /home/user/web/domain.com/stats/;
        include /home/user/web/domain.com/stats/auth.conf*;
    }

    include     /etc/nginx/conf.d/phpmyadmin.inc*;
    include     /etc/nginx/conf.d/phppgadmin.inc*;
    include     /home/user/conf/web/domain.com/nginx.ssl.conf_*;
}

currently I can not use last default configuration for flarum of HestiaCP. I get too many redirections.

Also my ssl cert files removed after updating HestiaCP. Then O get Nginx restart failed error.
I solved this error by disable SSL click button web panel and change default nginx conf to no-php. I get ssl certicate by this way. after that I selected flarum nginx configuration but I get error " too many redirections"

server {
	listen      XXX.XX.XX.XX:443 ssl http2;
	server_name domain.com www.domain.com;
	root        /home/user/web/domain.com/public_html;
	index       index.php index.html index.htm;
	access_log  /var/log/nginx/domains/domain.com.log combined;
	access_log  /var/log/nginx/domains/domain.com.bytes bytes;
	error_log   /var/log/nginx/domains/domain.com.error.log error;


	include /home/user/conf/web/domain.com/nginx.forcessl.conf*;

	# Pass requests that don't refer directly to files in the filesystem to index.php
	location / {
	  try_files $uri $uri/ /index.php?$query_string;
	}

	location ~ \.php$ {
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
		try_files $uri =404;
		fastcgi_pass unix:/run/php/php8.2-fpm-domain.com.sock;
		fastcgi_index index.php;
		include /etc/nginx/fastcgi_params;
		include /home/user/conf/web/domain.com/nginx.fastcgi_cache.conf*;
	}

	#Uncomment the following lines if you are not using a `public` directory
	#to prevent sensitive resources from being exposed.
	location ~* ^/(\.git|composer\.(json|lock)|auth\.json|config\.php|flarum|storage|vendor) {
	   deny all;
	   return 404;
	}

	# The following directives are based on best practices from H5BP Nginx Server Configs
	# https://github.com/h5bp/server-configs-nginx

	# Expire rules for static content
	location ~* \.(?:manifest|appcache|html?|xml|json)$ {
	  add_header Cache-Control "max-age=0";
	}

	location ~* \.(?:rss|atom)$ {
	  add_header Cache-Control "max-age=3600";
	}

	location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|mp4|ogg|ogv|webm|htc)$ {
	  add_header Cache-Control "max-age=2592000";
	  access_log off;
	}

	location ~* \.(?:css|js)$ {
	  add_header Cache-Control "max-age=31536000";
	  access_log off;
	}

	location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$ {
	  add_header Cache-Control "max-age=2592000";
	  access_log off;
	}

	# Gzip compression
	gzip on;
	gzip_comp_level 5;
	gzip_min_length 256;
	gzip_proxied any;
	gzip_vary on;
	gzip_types
		application/atom+xml
		application/javascript
		application/json
		application/ld+json
		application/manifest+json
		application/rss+xml
		application/vnd.geo+json
		application/vnd.ms-fontobject
		application/x-font-ttf
		application/x-web-app-manifest+json
		application/xhtml+xml
		application/xml
		font/opentype
		image/bmp
		image/svg+xml
		image/x-icon
		text/cache-manifest
		text/css
		text/javascript
		text/plain
		text/vcard
		text/vnd.rim.location.xloc
		text/vtt
		text/x-component
		text/x-cross-domain-policy;

	location /error/ {
		alias   /home/user/web/domain.com/document_errors/;
	}

	location /vstats/ {
		alias   /home/user/web/domain.com/stats/;
		include /home/user/web/domain.com/stats/auth.conf*;
	}

	include     /etc/nginx/conf.d/phpmyadmin.inc*;
	include     /etc/nginx/conf.d/phppgadmin.inc*;
	include     /home/user/conf/web/domain.com/nginx.conf_*;
}
2

I solved my problem by editing wordpress tpl.

This works with flarum that is work on public folder. Also I use subfolder wordpress installation.

server {
    listen      XXX.XX:XX.XX:443 ssl http2;
    server_name domain.com www.domain.com;
    root        /home/user/web/domain.com/public_html/public;
    index       index.php index.html index.htm;
    access_log  /var/log/nginx/domains/domain.com.log combined;
    access_log  /var/log/nginx/domains/domain.com.bytes bytes;
    error_log   /var/log/nginx/domains/domain.com.error.log error;

    ssl_certificate      /home/user/conf/web/domain.com/ssl/domain.com.pem;
    ssl_certificate_key  /home/user/conf/web/domain.com/ssl/domain.com.key;
    ssl_stapling on;
    ssl_stapling_verify on;

    include /home/user/conf/web/domain.com/nginx.hsts.conf*;

    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    location ~ /\.(?!well-known\/) {
        deny all;
        return 404;
    }

    location / {
        try_files $uri $uri/ /index.php?$args;
        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|woff2|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|webp|ico|bmp|mid|midi|wav|rtf|css|js|jar)$ {
            expires 30d;
            fastcgi_hide_header "Set-Cookie";
        }

        location ~* /(?:uploads|files)/.*.php$ {
            deny all;
            return 404;
        }

        location ~ [^/]\.php(/|$) {
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            try_files $uri =404;
            fastcgi_pass unix:/run/php/php8.2-fpm-domain.com.sock;
            fastcgi_index index.php;
            include /etc/nginx/fastcgi_params;
            include /home/user/conf/web/domain.com/nginx.fastcgi_cache.conf*;
            if ($request_uri ~* "/wp-admin/|/wp-json/|wp-.*.php|xmlrpc.php|index.php|/store.*|/cart.*|/my-account.*|/checkout.*") {
                set $no_cache 1;
            }
            if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|woocommerce_items_in_cart|woocommerce_cart_hash|PHPSESSID") {
                set $no_cache 1;
            }
        }
    }


    location ^~ /vitrin {
        root        /home/user/web/domain.com/public_html;
        index index.php index.html index.htm;
        try_files $uri $uri/ /vitrin/index.php?$query_string;

        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
            expires     max;
            fastcgi_hide_header "Set-Cookie";
        }

        location ~ [^/]\.php(/|$) {
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            try_files $uri =404;
            fastcgi_pass unix:/run/php/php8.2-fpm-domain.com.sock;
            fastcgi_index index.php;
            include /etc/nginx/fastcgi_params;
            include /home/user/conf/web/domain.com/nginx.fastcgi_cache.conf*;
            if ($request_uri ~* "/wp-admin/|/wp-json/|wp-.*.php|xmlrpc.php|index.php|/store.*|/cart.*|/my-account.*|/checkout.*") {
                set $no_cache 1;
            }
            if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|woocommerce_items_in_cart|woocommerce_cart_hash|PHPSESSID") {
                set $no_cache 1;
            }
        }
     }


    location /error/ {
        alias   /home/user/web/domain.com/document_errors/;
    }

    location /vstats/ {
        alias   /home/user/web/domain.com/stats/;
        include /home/user/web/domain.com/stats/auth.conf*;
    }

    proxy_hide_header Upgrade;

    include /etc/nginx/conf.d/phpmyadmin.inc*;
    include /etc/nginx/conf.d/phppgadmin.inc*;
    include /home/user/conf/web/domain.com/nginx.ssl.conf_*;
}
3

Don’t edit a existing template create a new one and select that one…

2 Likes
4

Yes I will create as flarum2 for me by using last conf.