You are not logged in.

#1 2017-02-05 21:27:14

jjb2016
Member
From: Oxfordshire
Registered: 2016-02-29
Posts: 73

[SOLVED] Wordpress / NGINX issues ...

Hi folks,

I've been trying to setup my own wordpress site - self hosted - using nginx as the web server.  I have a VM running wordpress on nginx, configured with SSL.  I can access wordpress from within my LAN without a problem, and everything in wordpress seems to function OK.

In order to access wordpress from the outside world I want to go through a separate nginx reverse proxy server, which I already use for a number of other web apps (owncloud, subsonic, a couple other tomcat apps i've written).  However, when i access wordpress through this proxy server some of the wordpress functions don't work:

1.  When I try to publish a new post, I click the publish button but this just takes me back to the list of posts and the new post remains in draft status.
2.  When I try to change the permalink format settings it keeps reverting back to the default.

These two issues lead me to thinking that there is some php function which is not running correctly, probably due to my nginx rev. proxy configuration.

My nginx rev. proxy server config currently looks like this:

server {
        listen 80;
        server_name  www.example.com;
        return 301 https://$server_name$request_uri;
}

server {
        listen 443 ssl;
        server_name www.example.com;

        ssl_certificate         /etc/nginx/ssl/www.example.com.crt;
        ssl_certificate_key     /etc/nginx/ssl/www.example.com.key;
        ssl on;
        ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers 'ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5';
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:20m;
        ssl_session_timeout 10m;

        proxy_set_header        Host                    $host;
        proxy_set_header        X-Real-IP               $remote_addr;
        proxy_set_header        X-Forwarded-For         $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto       $scheme;
        proxy_set_header        X-Forwarded-Host        $host;
        proxy_set_header        X-Forwarded-Server      $host;
        proxy_buffers 16 8k;
        proxy_buffer_size 8k;
        proxy_redirect          off;
        proxy_cache one;
        proxy_cache_valid any 5m;

        # other irrelevant location blocks here ...

        location /blog/ {
                proxy_pass              https://wordpress.home/;
        }
        location ~* ^/wp-.*$ {
                rewrite ^/wp-(.*)$ /blog/wp-$1 permanent;
                proxy_pass              https://wordpress.home;
        }

The last two location blocks relate to wordpress.  The first of the two basically redirects https://www.example.com/blog/ to https://wordpress.home/ (backend server).  The second of the two is there to get around an issue I found that after logging into wordpress at https://www.example.com/blog/ the URL is changed to https://www.example.com/wp-admin/.... so the /blog/ bit gets removed somehow.  So, the second location block effectively rewrites anything matching regex ^/wp-.* to /blog/wp-.* adding /blog/ back in.
This rewrite rule fixes a lot of issues but there is still something wrong as described above.

If anyone thinks they can help me configure wordpress backend and nginx rev.proxy for this setup to work then please - help :-)  Even if you don't know anything about wordpress or nginx, if you have knowledge of troubleshooting web applications, and you think you can help me find the root cause that would be appreciated.

Thanks!

Last edited by jjb2016 (2017-02-07 12:48:01)

Offline

#2 2017-02-05 21:30:58

Slithery
Administrator
From: Norfolk, UK
Registered: 2013-12-01
Posts: 5,776

Re: [SOLVED] Wordpress / NGINX issues ...

This looks like your WordPress config is incorrect, can you post it please.


No, it didn't "fix" anything. It just shifted the brokeness one space to the right. - jasonwryan
Closing -- for deletion; Banning -- for muppetry. - jasonwryan

aur - dotfiles

Offline

#3 2017-02-05 22:05:06

jjb2016
Member
From: Oxfordshire
Registered: 2016-02-29
Posts: 73

Re: [SOLVED] Wordpress / NGINX issues ...

Hi, thanks for responding.  Here is my wordpress nginx config:

server {
        listen 80;
        server_name wordpress.home;
        return 301 https://$server_name$request_uri;
}

server {
        listen 443 ssl;
        server_name wordpress.home;

        ssl_certificate         /etc/nginx/ssl/wordpress.home.crt;
        ssl_certificate_key     /etc/nginx/ssl/wordpress.home.key;
        ssl on;
        ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers 'ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5';
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:20m;
        ssl_session_timeout 10m;

        root  /usr/share/nginx/html;
        index index.php;

        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }

        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }

        location / {
                try_files $uri $uri/ /index.php?$args;
        }

        location ~ \.php$ {
                fastcgi_pass   127.0.0.1:9000;
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
                include        fastcgi_params;
        }

        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires max;
                log_not_found off;
        }
}

Offline

#4 2017-02-07 12:47:16

jjb2016
Member
From: Oxfordshire
Registered: 2016-02-29
Posts: 73

Re: [SOLVED] Wordpress / NGINX issues ...

Solved it!  For anybody interested ....

In firefox I opened the Web Console and attempted to Publish a post.  I noticed that the Request Header was showing the "Referer" set to "https://www.example.com/wp-admin/post.p … ction=edit".  This was obviously incorrect and should be "https://www.example.com/blog/wp-admin/p … ction=edit".

To correct this I added the following line to my nginx rev. proxy server configuration ...

proxy_set_header X-Custom-Referrer $scheme://$host/blog$uri;

This corrects the Referer part of the request header before it gets passed on to the back-end server.  My corrected nginx reverse proxy server config for wordpress now looks like this ...

server { #Redirect non-https to https - match both www and non-www
        listen 80;
        server_name  www.example.com;
        return 301 https://$server_name$request_uri;
}

server {
        listen 443 ssl;
        server_name www.example.com;

        ssl_certificate         /etc/nginx/ssl/www.example.com.crt;
        ssl_certificate_key     /etc/nginx/ssl/www.example.com.key;
        ssl on;
        ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers 'ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5';
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:20m;
        ssl_session_timeout 10m;

        proxy_set_header        Host                    $host;
        proxy_set_header        X-Real-IP               $remote_addr;
        proxy_set_header        X-Forwarded-For         $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto       $scheme;
        proxy_set_header        X-Forwarded-Host        $host;
        proxy_set_header        X-Forwarded-Server      $host;
        proxy_buffers 16 8k;
        proxy_buffer_size 8k;
        proxy_redirect          off;
        proxy_cache one;
        proxy_cache_valid any 5m;

        # other irrelevant location blocks here ...

        location /blog/ {
                proxy_set_header X-Custom-Referrer $scheme://$host/blog$uri;
                proxy_pass              https://wordpress.home/;
        }
        location ~* ^/wp-.*$ {
                rewrite ^/wp-(.*)$ /blog/wp-$1 permanent;
                proxy_set_header X-Custom-Referrer $scheme://$host/blog$uri;
                proxy_pass              https://wordpress.home;
        }
        location / {
                root "/srv/http";
                index index.htm index.html;
                try_files $uri $uri/ $uri/index.htm $uri/index.html;
        }
}

My "back-end" configuration (also nginx):

server {
        listen 80;
        server_name wordpress.home;
        return 301 https://$server_name$request_uri;
}

server {
        listen 443 ssl;
        server_name wordpress.home;

        ssl_certificate         /etc/nginx/ssl/wordpress.home.crt; # this is a self-signed ssl cert & key
        ssl_certificate_key     /etc/nginx/ssl/wordpress.home.key;
        ssl on;
        ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers 'ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5';
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:20m;
        ssl_session_timeout 10m;

        root  /usr/share/nginx/html;
        index index.php;

        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }

        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }

        location / {
                try_files $uri $uri/ /index.php?$args;
        }

        location ~ \.php$ {
                fastcgi_pass   127.0.0.1:9000;
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
                include        fastcgi_params;
        }

        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires max;
                log_not_found off;
        }
}

Hope this is useful to somebody ...

Cheers - Justin

Last edited by jjb2016 (2017-02-07 13:56:38)

Offline

Board footer

Powered by FluxBB