Apache and Nginx - gtbu/Typesetter5.2 GitHub Wiki
Typesetter creates the .htaccess for Apache-Webserver automatic.
-
Many users tend to Nginx and others because of speed. For normal users Apache with Nginx-Proxy is more than sufficient, also because Typesettercms is very fast.
-
Nginx - configuration ( see also winginx - online converter ) - but NOT for CSP-conversion
-
Here an example of a htaccess-nginx-conversion. Place this logic inside your main server block, typically located in a file like /etc/nginx/sites-available/your-domain.conf. The main configuration is usually found within /etc/nginx/nginx.conf file and its include files for site-specific directives, e.g. /etc/nginx/sites/example.com.conf. (You need sudo root - rights for that.)
server {
listen 80;
server_name your-domain.com www.your-domain.com;
root /var/www/html; # <-- IMPORTANT: Set this to your website's root directory
index index.php index.html;
#==================================================================
# Security Rules & Headers (Converted from .htaccess)
#==================================================================
# Block requests using the TRACE method
# Equivalent to: RewriteCond %{REQUEST_METHOD} ^TRACE
if ($request_method = TRACE) {
return 403; # Forbidden
}
# Set Content-Security-Policy header
# Equivalent to: Header set Content-Security-Policy "..."
add_header Content-Security-Policy "frame-src 'self' https://archive.org https://*.google.com; script-src 'self' https://archive.org https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://*.google.com; connect-src 'self' https://archive.org *.archive.org https://*.google.com" always;
# Deny access to hidden files like .htaccess
location ~ /\.ht {
deny all;
}
#==================================================================
# Compression (Converted from mod_deflate)
#==================================================================
# Equivalent to: <IfModule mod_deflate.c> ... </IfModule>
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss;
#==================================================================
# Typesetter CMS Rewrite Rules (Converted from mod_rewrite)
#==================================================================
# Rule: Redirect away from requests with index.php
# Equivalent to: RewriteRule index\.php(.*) "$1" [R=302,L]
if ($request_uri ~ ^/index\.php(.*)$) {
return 302 $1; # Use 301 for a permanent redirect after testing
}
# Rule: Handle the root URL ("/") specifically
# Equivalent to: RewriteRule ^$ "/index.php?gp_rewrite" [qsa,L]
location = / {
rewrite ^ /index.php?gp_rewrite= last;
}
# Rule: Handle all other requests
location / {
# This handles the static file check first:
# Equivalent to: RewriteCond %{REQUEST_FILENAME} -f [OR] -d
# If a file/directory is not found, it falls back to the named location.
try_files $uri $uri/ @typesetter_rewrite;
}
# Named location for the main rewrite rule
location @typesetter_rewrite {
# This is the main front-controller pattern for non-static files
# Equivalent to: RewriteRule /?(.*) "/index.php?gp_rewrite=$1" [qsa,L]
rewrite ^/(.*)$ /index.php?gp_rewrite=$1&$args last;
}
# Rule: Process PHP files
location ~ \.php$ {
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# IMPORTANT: Adjust this to your PHP-FPM socket path/version
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
# This emulates "AcceptPathInfo On" from .htaccess
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
# Prevents Nginx from passing bad requests to PHP
try_files $fastcgi_script_name =404;
}
}
Explanation of the Conversion
MIME Types (AddType)
.htaccess: AddType application/x-javascript .js
Nginx: Nginx handles MIME types via a types block, which is usually defined in a global /etc/nginx/mime.types file and included in your main nginx.conf. This file already contains the correct MIME types for .js, .css, and .xml, so no extra configuration is typically needed.
AcceptPathInfo On
.htaccess: AcceptPathInfo On
Nginx: This is achieved within the location ~ .php$ block using the fastcgi_split_path_info directive, which splits the URI into the script name and path information.
Typesetter Rewrite Rules (mod_rewrite)
The core of the conversion is translating the rewrite logic. Nginx's try_files and separate location blocks provide a powerful and efficient way to replicate the .htaccess rules.
The rule to prevent rewriting if gp_rewrite is already in the query string is handled automatically by Nginx's processing model. The last flag causes Nginx to find a new location for the rewritten URI (/index.php?...), which matches the location ~ .php$ block, terminating the rewrite checks.
Static file checks (-f, -d) are handled efficiently by try_files $uri $uri/.
The final rewrite that sends requests to index.php is handled by the fallback in try_files and the rewrite directive in the named location @typesetter_rewrite.
Compression (mod_deflate)
.htaccess:
Nginx: This is replaced by the gzip directive and its associated options (gzip_types, etc.), which are part of Nginx's standard Gzip module.
Security Rules (TRACE block and Headers)
.htaccess: RewriteCond %{REQUEST_METHOD} ^TRACE
Nginx: A simple if block checking the $request_method variable handles this.
.htaccess: Header set Content-Security-Policy ...
Nginx: This is directly converted using the add_header directive. The always parameter ensures the header is set for all response codes.
After adding this configuration, make sure to test it and then reload Nginx for the changes to take effect:
-
code Bash
-
Test the configuration for syntax errors sudo nginx -t
-
If the test is successful, reload Nginx sudo systemctl reload nginx