Commit 1f9f2d94 authored by omega8cc's avatar omega8cc Committed by anarcat
Browse files

Fix for wysiwyg editors support in the Nginx config + do not use php-fpm to...

Fix for wysiwyg editors support in the Nginx config + do not use php-fpm to serve static files from wysiwyg libs
parent b25ec07b
...@@ -105,9 +105,9 @@ ...@@ -105,9 +105,9 @@
} }
### ###
### imagecache, imagecache_external and (f)ckeditor support ### imagecache and imagecache_external support
### ###
location ~* /(?:external|system|files/imagecache|files/styles|f?ckeditor)/ { location ~* /(?:external|system|files/imagecache|files/styles)/ {
access_log off; access_log off;
expires 30d; expires 30d;
# fix common problems with old paths after import from standalone to Aegir multisite # fix common problems with old paths after import from standalone to Aegir multisite
...@@ -133,7 +133,7 @@ ...@@ -133,7 +133,7 @@
### ###
### serve & log bigger media/static/archive files directly, without all standard drupal rewrites, php-fpm etc. ### serve & log bigger media/static/archive files directly, without all standard drupal rewrites, php-fpm etc.
### ###
location ~* ^.+\.(?:avi|mpe?g|mov|wmv|mp3|mp4|m4a|ogg|flv|wav|midi|zip|t?gz|rar)$ { location ~* ^.+\.(?:avi|mpe?g|mov|wmv|mp3|mp4|m4a|ogg|flv|wav|midi|zip|tar|t?gz|rar)$ {
expires 30d; expires 30d;
# allow files/downloads to be accessed without /sites/fqdn/ # allow files/downloads to be accessed without /sites/fqdn/
rewrite ^/files/(.*)$ /sites/$host/files/$1 last; rewrite ^/files/(.*)$ /sites/$host/files/$1 last;
...@@ -160,10 +160,19 @@ ...@@ -160,10 +160,19 @@
fastcgi_pass 127.0.0.1:9000; ### php-fpm listening on port 9000 fastcgi_pass 127.0.0.1:9000; ### php-fpm listening on port 9000
} }
###
### serve & no-log static helper files used in some wysiwyg editors
###
location ~* /(?:modules|libraries)/(?:tinybrowser|f?ckeditor|tinymce)/.*\.(?:html?|xml)$ {
access_log off;
expires 30d;
try_files $uri =404;
}
### ###
### deny listed requests for security reasons without 403 response ### deny listed requests for security reasons without 403 response
### ###
location ~* (?:delete.+from|insert.+into|select.+from|union.+select|onload|script|\.php.+src|system\(.+|iframe|document\.cookie|alert|\;|\.\.) { location ~* (?:delete.+from|insert.+into|select.+from|union.+select|onload|\.php.+src|system\(.+|iframe|document\.cookie|alert|\;|\.\.) {
return 444; return 444;
} }
......
...@@ -91,9 +91,9 @@ ...@@ -91,9 +91,9 @@
} }
### ###
### imagecache, imagecache_external and (f)ckeditor support ### imagecache and imagecache_external support
### ###
location ~* /(?:external|system|files/imagecache|files/styles|f?ckeditor)/ { location ~* /(?:external|system|files/imagecache|files/styles)/ {
access_log off; access_log off;
expires 30d; expires 30d;
# fix common problems with old paths after import from standalone to Aegir multisite # fix common problems with old paths after import from standalone to Aegir multisite
...@@ -119,7 +119,7 @@ ...@@ -119,7 +119,7 @@
### ###
### serve & log bigger media/static/archive files directly, without all standard drupal rewrites, php-fpm etc. ### serve & log bigger media/static/archive files directly, without all standard drupal rewrites, php-fpm etc.
### ###
location ~* ^.+\.(?:avi|mpe?g|mov|wmv|mp3|mp4|m4a|ogg|flv|wav|midi|zip|t?gz|rar)$ { location ~* ^.+\.(?:avi|mpe?g|mov|wmv|mp3|mp4|m4a|ogg|flv|wav|midi|zip|tar|t?gz|rar)$ {
expires 30d; expires 30d;
# allow files/downloads to be accessed without /sites/fqdn/ # allow files/downloads to be accessed without /sites/fqdn/
rewrite ^/files/(.*)$ /sites/$host/files/$1 last; rewrite ^/files/(.*)$ /sites/$host/files/$1 last;
...@@ -146,10 +146,19 @@ ...@@ -146,10 +146,19 @@
fastcgi_pass 127.0.0.1:9000; ### php-fpm listening on port 9000 fastcgi_pass 127.0.0.1:9000; ### php-fpm listening on port 9000
} }
###
### serve & no-log static helper files used in some wysiwyg editors
###
location ~* /(?:modules|libraries)/(?:tinybrowser|f?ckeditor|tinymce)/.*\.(?:html?|xml)$ {
access_log off;
expires 30d;
try_files $uri =404;
}
### ###
### deny listed requests for security reasons without 403 response ### deny listed requests for security reasons without 403 response
### ###
location ~* (?:delete.+from|insert.+into|select.+from|union.+select|onload|script|\.php.+src|system\(.+|iframe|document\.cookie|alert|\;|\.\.) { location ~* (?:delete.+from|insert.+into|select.+from|union.+select|onload|\.php.+src|system\(.+|iframe|document\.cookie|alert|\;|\.\.) {
return 444; return 444;
} }
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment