Nginx and vBulletin Connect 5 Vhost
vBulletin 5.0.4 was released with Nginx support. Versions prior to <5.0.4 will need to upgrade to at least vBulletin 5.0.4 for Nginx to work properly.
General Notes:- Within the vB 5.0.4 zip download's do_not_upload folder there is an nginx.vhost file that contains an example Nginx vhost you can use with vBulletin 5.0.4. The vBulletin online manual also lists the sample nginx.vhost file. But I would always check the downloaded zip file's version first as updates or changes may occur with new vB5 version releases. You'll have to configure and setup the Nginx vhost yourself if you are using Nginx which is not installed and setup by Centmin Mod installer. The below information is only for Centmin Mod installed Nginx web server's vhost format.
- The nginx.vhost file included in download zip file was created by a vB5 developer who tested on Ubuntu based Nginx servers and due to the nature of Nginx, there isn't one correct way to configure Nginx vhosts for a specific web application or script, especially if you are running other web applications or scripts on the same server/domain. You or the web host or system admin who setup your Nginx server would be responsible for dealing with any conflicts with various web applications or scripts own respective Nginx rewrite rules within the domain's Nginx vhost file.
- For Centmin Mod installed Nginx server, the Nginx vhost configuration for vBulletin 5.0.4+ is different. Again, you or the web host or system admin who setup your Nginx server would be responsible for dealing with any conflicts with various web applications or scripts own respective Nginx rewrite rules within the domain's Nginx vhost file. Below are illustrated examples of how vBulletin 5.0.4 Nginx vhost is configured for Centmin Mod installed Nginx.
- Your domain's Nginx vhost configuration file would be at a location like /usr/local/nginx/conf/conf.d/yourdomainname.com.conf. This file is created when you use Centmin Mod's menu option #2 to 'Add Nginx vhost domain'.
Centmin Mod v1.2.3-eva2000.03 made a change in /usr/local/lib/php.ini for security reasons to disable some PHP functions:
disable_functions = exec,passthru,shell_exec,system,proc_open,popen
For vB to work with ImageMagicK instead of the default GD for image resizing, do following:
- Edit php.ini (shortcut command phpedit) and remove all listed functions exec,passthru,shell_exec,system,proc_open,popen as they are all used for vB5
- Set ImageMagicK path to /usr/bin and save and select ImageMagicK
- Restart php-fpm service (shortcut command fpmrestart)
vBulletin 5.0.4+ Nginx vhost & configuration Examples:
- vBulletin 5.0.4+ subdirectory installs
- vBulletin 5.0.4+ web root installs
- Password Protecting Admincp instructions
vBulletin 5.0.4+ subdirectory installs
Centmin Mod Nginx vhost template for vBulletin 5.0.4+ installed within a subdirectory yourdomainname.com/504 as follows (replace all instances of /504 with your chosen vB5 install subdirectory name):
Domain name, yourdomainname.com's Nginx vhost i.e. /usr/local/nginx/conf/conf.d/yourdomainname.com.conf
:
server {
listen 80;
server_name yourdomainname.com www.yourdomainname.com;
# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;
# limit_conn limit_per_ip 16;
# ssi on;
access_log /home/nginx/domains/yourdomainname.com/log/access.log combined buffer=32k;
error_log /home/nginx/domains/yourdomainname.com/log/error.log;
root /home/nginx/domains/yourdomainname.com/public;
location / {
# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;
# Enables directory listings when index file not found
#autoindex on;
}
include /home/nginx/domains/yourdomainname.com/includes/vb504.conf;
include /home/nginx/domains/yourdomainname.com/includes/vb505.conf;
include /usr/local/nginx/conf/staticfiles.conf;
include /usr/local/nginx/conf/phpvb5.conf;
#include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/drop.conf;
#include /usr/local/nginx/conf/errorpage.conf;
include /usr/local/nginx/conf/vts_server.conf;
}
Contents of /home/nginx/domains/yourdomainname.com/includes/vb504.conf. vb505.conf is same just with /505 directories specified instead. You'll need to create the /includes directory and these file yourself.
# legacy css being handled separate for performance
location ^~ /504/css.php {
include /usr/local/nginx/conf/phpvb5.conf;
rewrite ^ /504/core/css.php break;
}
# make install available from root
location ~ /504/install/ {
rewrite ^ /504/core/install/ break;
}
# configuration rules
# any request to not existing item gets redirected through routestring
location ^~ /504/ {
include /usr/local/nginx/conf/staticfiles.conf;
include /usr/local/nginx/conf/phpvb5.conf;
if (!-f $request_filename) {
rewrite ^/504/(.*)$ /504/index.php?routestring=$1 last;
}
}
location /504/core/(includes|vb|cache|libraries|vb5)/ {
allow 127.0.0.1;
deny all;
}
# make admincp available from root
location ^~ /504/admincp {
#auth_basic "Private";
#auth_basic_user_file /usr/local/nginx/conf/htpasswd;
if (!-f $request_filename) {
rewrite /504/admincp/(.*)$ /504/index.php?routestring=admincp/$1 last;
}
}
Contents of /usr/local/nginx/conf/phpvb5.conf. You'll need to create this file yourself.
location ~ /504/.*\.php$ {
if (!-f $request_filename) {
rewrite ^/504/(.*)$ /504/index.php?routestring=$1 break;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
#fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 256k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;
#fastcgi_param HTTPS on;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
The restart Nginx server and PHP-FPM service for it to take effect:
service nginx restart service php-fpm restart
or command shortcut
nprestart
vBulletin 5.0.4+ web root installs
Centmin Mod Nginx vhost template for vBulletin 5.0.4+ installed from web root i.e. yourdomainname.com/ as follows:
Domain name, yourdomainname.com's Nginx vhost i.e. /usr/local/nginx/conf/conf.d/yourdomainname.com.conf
:
server {
listen 80;
server_name yourdomainname.com www.yourdomainname.com;
# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;
# limit_conn limit_per_ip 16;
# ssi on;
access_log /home/nginx/domains/yourdomainname.com/log/access.log combined buffer=32k;
error_log /home/nginx/domains/yourdomainname.com/log/error.log;
root /home/nginx/domains/yourdomainname.com/public;
# legacy css being handled separate for performance
location ^~ /css.php {
include /usr/local/nginx/conf/phpvb5.conf;
rewrite ^ /core/css.php break;
}
# make install available from root
location ~ /install/ {
rewrite ^ /core/install/ break;
}
# configuration rules
# any request to not existing item gets redirected through routestring
location ^~ / {
include /usr/local/nginx/conf/staticfiles.conf;
include /usr/local/nginx/conf/phpvb5.conf;
if (!-f $request_filename) {
rewrite ^/(.*)$ /index.php?routestring=$1 last;
}
}
location /core/(includes|vb|cache|libraries|vb5)/ {
allow 127.0.0.1;
deny all;
}
# make admincp available from root
location ^~ /admincp {
#auth_basic "Private";
#auth_basic_user_file /usr/local/nginx/conf/htpasswd;
if (!-f $request_filename) {
rewrite /admincp/(.*)$ /index.php?routestring=admincp/$1 last;
}
}
include /usr/local/nginx/conf/staticfiles.conf;
include /usr/local/nginx/conf/phpvb5.conf;
#include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/drop.conf;
#include /usr/local/nginx/conf/errorpage.conf;
include /usr/local/nginx/conf/vts_server.conf;
}
Contents of /usr/local/nginx/conf/phpvb5.conf. You'll need to create this file yourself.
location ~ \.php$ {
if (!-f $request_filename) {
rewrite ^/(.*)$ /index.php?routestring=$1 break;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
#fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 256k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;
#fastcgi_param HTTPS on;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
The restart Nginx server and PHP-FPM service for it to take effect:
service nginx restart service php-fpm restart
or command shortcut
nprestart
Password Protecting Admincp
Notice that admincp directory can be password protected but Nginx doesn't support .htaccess like Apache does. For Nginx you need to use HttpAuthBasicModule. For Centmin Mod Nginx installs, you can use the included python based tool, htpasswd.py to set up password protection files.
- You need to use to either create a password file or append to an existing file (i.e. /usr/local/nginx/conf/htpasswd).
- The password file can be named anything you like and created anywhere you like. Just do not place the file anywhere publicaly accessible i.e. not below /public web root. For this example chose /usr/local/nginx/conf/htpasswd.
To create a new /usr/local/nginx/conf/htpasswd with username and password use the following command like in SSH where you change username and password fields to one of your own choosing:
/usr/local/nginx/conf/htpasswd.sh create /usr/local/nginx/conf/htpasswd username password
To append to existing /usr/local/nginx/conf/htpasswd file, remove the -c option
/usr/local/nginx/conf/htpasswd.sh append /usr/local/nginx/conf/htpasswd username password
Then within admincp location of Nginx vhost uncomment (remove hash # in front of the 2 relevant lines):
#auth_basic "Private";
#auth_basic_user_file /usr/local/nginx/conf/htpasswd;
The restart Nginx server for it to take effect:
service nginx restart
or command shortcut
ngxrestart
