Flarum NGİNX configuration is wrong. İt is broken after upgrade to 1.7.0 release of HestiaCP.
This is my configuration for Flarum website before update HestiaCP
server {
listen XXX.XX.XX.XX:443 ssl http2;
server_name domain.com;
root /home/user/web/domain.com/public_html/public/;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/domain.com.log combined;
access_log /var/log/nginx/domains/domain.com.bytes bytes;
error_log /var/log/nginx/domains/domain.com.error.log error;
ssl_certificate /home/user/conf/web/domain.com/ssl/domain.com.pem;
ssl_certificate_key /home/user/conf/web/domain.com/ssl/domain.com.key;
ssl_stapling on;
ssl_stapling_verify on;
include /home/user/conf/web/domain.com/nginx.hsts.conf*;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_request_headers on;
try_files $uri $uri/ /index.php?$query_string;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
fastcgi_hide_header "Set-Cookie";
}
location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass unix:/run/php/php7.4-fpm-domain.com.sock;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
#for wordpress (subfolder installation)
location ^~ /vitrin {
root /home/user/web/domain.com/public_html;
index index.php index.html index.htm;
try_files $uri $uri/ /vitrin/index.php?$query_string;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
fastcgi_hide_header "Set-Cookie";
}
location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass unix:/run/php/php7.4-fpm-domain.com.sock;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
location /error/ {
alias /home/user/web/domain.com/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias /home/user/web/domain.com/stats/;
include /home/user/web/domain.com/stats/auth.conf*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /home/user/conf/web/domain.com/nginx.ssl.conf_*;
}
currently I can not use last default configuration for flarum of HestiaCP. I get too many redirections.
Also my ssl cert files removed after updating HestiaCP. Then O get Nginx restart failed error.
I solved this error by disable SSL click button web panel and change default nginx conf to no-php. I get ssl certicate by this way. after that I selected flarum nginx configuration but I get error " too many redirections"
server {
listen XXX.XX.XX.XX:443 ssl http2;
server_name domain.com www.domain.com;
root /home/user/web/domain.com/public_html;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/domain.com.log combined;
access_log /var/log/nginx/domains/domain.com.bytes bytes;
error_log /var/log/nginx/domains/domain.com.error.log error;
include /home/user/conf/web/domain.com/nginx.forcessl.conf*;
# Pass requests that don't refer directly to files in the filesystem to index.php
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
try_files $uri =404;
fastcgi_pass unix:/run/php/php8.2-fpm-domain.com.sock;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
include /home/user/conf/web/domain.com/nginx.fastcgi_cache.conf*;
}
#Uncomment the following lines if you are not using a `public` directory
#to prevent sensitive resources from being exposed.
location ~* ^/(\.git|composer\.(json|lock)|auth\.json|config\.php|flarum|storage|vendor) {
deny all;
return 404;
}
# The following directives are based on best practices from H5BP Nginx Server Configs
# https://github.com/h5bp/server-configs-nginx
# Expire rules for static content
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
add_header Cache-Control "max-age=0";
}
location ~* \.(?:rss|atom)$ {
add_header Cache-Control "max-age=3600";
}
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|mp4|ogg|ogv|webm|htc)$ {
add_header Cache-Control "max-age=2592000";
access_log off;
}
location ~* \.(?:css|js)$ {
add_header Cache-Control "max-age=31536000";
access_log off;
}
location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$ {
add_header Cache-Control "max-age=2592000";
access_log off;
}
# Gzip compression
gzip on;
gzip_comp_level 5;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/javascript
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
location /error/ {
alias /home/user/web/domain.com/document_errors/;
}
location /vstats/ {
alias /home/user/web/domain.com/stats/;
include /home/user/web/domain.com/stats/auth.conf*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /home/user/conf/web/domain.com/nginx.conf_*;
}