So I am trying to install a fresh drupal 6 site on nginx. I have successfully setup the conf files and db. When I try to access mysite.com so that I can follow the step by step installation guide, it properly redirects to mysite.com/install.php but returns a 403 forbidden error.
On my conf file, I tried to add my IP on the list of allowed IPs:
location = /install.php {
allow 127.0.0.1;
allow my_ip_address;
deny all;
}
But then, when I try accessing mysite.com/install.php, the browser downloads the file instead of running it. What should I do?
I could use drush to install a fresh site, but I wanted to use drupal's install.php file instead (to show a friend how it is done).
Thank you.
server {
server_name www.mysite.com;
return 301 $scheme://mysite.com$request_uri;
} # server domain return.
server {
server_name mysite.com;
root /var/www/mysite.com;
index index.html index.htm index.php;
access_log /var/log/nginx/mysite.access.log;
error_log /var/log/nginx/mysite.error.log;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# For drush
location = /backup {
deny all;
}
# Prevent user from accessing settings.php directly
location ~ ^/sites/[^/]+/settings.php$ {
deny all;
}
## Replicate the Apache <FilesMatch> directive of Drupal standard
## .htaccess. Disable access to any code files. Return a 404 to curtail
## information disclosure. Hide also the text files.
location ~* ^(?:.+\.(?:htaccess|make|txt|log|engine|inc|info|install|module|profile|po|sh|.*sql|theme|tpl(?:\.php)?|xtmpl)|code-style\.pl|/Entries.*|/Repository|/Root|/Tag|/Template)$ {
return 404;
}
location ~ \..*/.*\.php$ {
return 403;
}
location / {
# This is cool because no php is touched for static content
try_files $uri @rewrite;
}
location @rewrite {
# Some modules enforce no slash (/) at the end of the URL
# Else this rewrite block wouldn't be needed (GlobalRedirect)
#rewrite ^/(.*)$ /index.php?q=$1&$args;
rewrite ^ /index.php last;
}
# Use an SSH tunnel to access those pages. They shouldn't be visible to
# external peeping eyes.
location = /install.php {
allow 127.0.0.1;
deny all;
}
location = /update.php {
allow 127.0.0.1;
deny all;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
#fastcgi_pass unix:/var/run/php5-cgi/php5.sock;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
## Drupal 7 generated image handling, i.e., imagecache in core. See:
## https://drupal.org/node/371374
location ~* /sites/.*/files/styles/ {
access_log off;
expires 30d;
try_files $uri @rewrite;
}
# Fighting with ImageCache? This little gem is amazing.
location ~ ^/sites/.*/files/imagecache/ {
try_files $uri @rewrite;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}
