This forum has moved to a new location and is in read-only mode. Please visit talk.octobercms.com to access the new location.
I'm building a website with a NGINX (443) + APACHE (8080) + VARNISH (80) server and have successfully installed Octobercms on it. But when I visited https://example.com or https://example.com/backend, I was actually presented with a white page with the index.php code. Here's how it looks before it reloads: http://prntscr.com/r7ig9i and after reloading http://prntscr.com/r7igq9. Anyone there please help me find a solution. Now (February 25, 2020) you can still see this page.
Last updated
@endi.linux.mint51510 You will need to investigate your hosting setup. The second screenshot is showing raw PHP code which means it is not interpreting it correctly as a PHP script. I cannot tell which hosting software you are using to deliver the PHP code, as both Nginx and Apache are capable of doing it.
Thank you BennoThommo for your response. Alright I'll try to check according to your advice. But something surprised me from that page. When I add index.php behind the domain name (https://example.com/index.php), it works fine.
Last updated
Hi BennoThommo, I have successfully (on February 27, 2020, at approximately 18:30 WIB) configured my server. After I did a thorough check, I found an error that caused the php page to be raw. This is because I did not change (because I forgot) my Linux distribution and version (centos 7). I found the solution here: https://packagecloud.io/docs#os_distro_version. Now my site is running almost as expected.
This is the current configuration ...
[root@host ~]# netstat -pnltu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:46540 0.0.0.0:* LISTEN 788/varnishd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/init
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 788/varnishd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 779/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 804/sendmail: accep
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 796/nginx: master p
tcp6 0 0 ::1:36389 :::* LISTEN 788/varnishd
tcp6 0 0 :::3306 :::* LISTEN 824/mysqld
tcp6 0 0 :::80 :::* LISTEN 788/varnishd
tcp6 0 0 :::8080 :::* LISTEN 777/httpd
tcp6 0 0 :::22 :::* LISTEN 779/sshd
tcp6 0 0 :::443 :::* LISTEN 796/nginx: master p
udp 0 0 0.0.0.0:111 0.0.0.0:* 1/init
My octobercms website configuration update is now like this :
[root@host ~]# netstat -pnltu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 821/dovecot
tcp 0 0 127.0.0.1:41794 0.0.0.0:* LISTEN 3046/varnishd
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 821/dovecot
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 1163/master
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 821/dovecot
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 821/dovecot
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/init
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 3046/varnishd
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 1163/master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 789/sshd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1163/master
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 3295/nginx: master
tcp6 0 0 :::993 :::* LISTEN 821/dovecot
tcp6 0 0 :::995 :::* LISTEN 821/dovecot
tcp6 0 0 ::1:38058 :::* LISTEN 3046/varnishd
tcp6 0 0 :::3306 :::* LISTEN 840/mysqld
tcp6 0 0 :::587 :::* LISTEN 1163/master
tcp6 0 0 :::110 :::* LISTEN 821/dovecot
tcp6 0 0 :::143 :::* LISTEN 821/dovecot
tcp6 0 0 :::80 :::* LISTEN 3302/httpd
tcp6 0 0 :::8080 :::* LISTEN 3046/varnishd
tcp6 0 0 :::465 :::* LISTEN 1163/master
tcp6 0 0 :::22 :::* LISTEN 789/sshd
tcp6 0 0 :::25 :::* LISTEN 1163/master
tcp6 0 0 :::443 :::* LISTEN 3295/nginx: master
udp 0 0 0.0.0.0:111 0.0.0.0:* 1/init
One more thing, I added configuration in /etc/httpd/mydomain.com.conf and in /etc/nginx/conf.d/mywebsite.com.conf I add :
location / {
try_files $ uri /index.php$is_args$args;
}
open file in /var/www/nickgenom.com/config and make sure like this :
<?php
return [
'driver' => env('SESSION_DRIVER', 'file'),
'lifetime' => 1 * (60 * 24 * 365), /* cookies will expire on 2021-03-18T16:57:06.147Z*/
'expire_on_close' => false,
'encrypt' => false,
'files' => storage_path('framework/sessions'),
'connection' => null,
'table' => 'sessions',
'lottery' => [2, 100],
'cookie' => 'your-website_session',
'path' => '/',
'domain' => null,
'http_only' => true,
'secure' => false,
'same_site' => null,
];
Last updated
I feel guilty for not providing the correct configuration for the octobercms community, for that I will publish my actual settings. And I hope you focus on this paragraph only.
in the apache (Apache version : Apache/2.4.6 on CentOS 7.7.1908) file: /etc/httpd/conf/httpd.conf
ServerRoot "/etc/httpd"
Listen 80
Include conf.modules.d/*.conf
User nginx
Group nginx
ServerAdmin mail@mywebsite.com
ServerName mywebsite.com:80
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot "/var/www/mywebsite.com/"
<Directory "/var/www">
AllowOverride None
# Allow open access:
Require all granted
</Directory>
<Directory "/var/www/mywebsite.com">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.php index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" combined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
ErrorDocument 404 /404.htm
EnableSendfile on
IncludeOptional conf.d/*.conf
Now we go to the nginx (version: nginx/1.17.8) configuration. in the nginx file : /etc/nginx/conf.d/mywebsite.com.conf
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mywebsite.com;
index index.php index.html index.htm;
root /var/www/mywebsite.com;
expires 30d;
location / {
try_files $uri /index.php$is_args$args;
root /var/www/mywebsite.com;
proxy_pass http://mywebsite.com:37089;
resolver_timeout 60s;
proxy_http_version 1.1;
proxy_set_header Connection "";
# Whitelist
## Let October handle if static file not exists
location ~ ^/favicon\.ico { try_files $uri /index.php; }
location ~ ^/sitemap\.xml { try_files $uri /index.php; }
location ~ ^/robots\.txt { try_files $uri /index.php; }
location ~ ^/humans\.txt { try_files $uri /index.php; }
## Let nginx return 404 if static file not exists
location ~ ^/storage/app/uploads/public { try_files $uri 404; }
location ~ ^/storage/app/media { try_files $uri 404; }
location ~ ^/storage/temp/public { try_files $uri 404; }
location ~ ^/modules/.*/assets { try_files $uri 404; }
location ~ ^/modules/.*/resources { try_files $uri 404; }
location ~ ^/modules/.*/behaviors/.*/assets { try_files $uri 404; }
location ~ ^/modules/.*/behaviors/.*/resources { try_files $uri 404; }
location ~ ^/modules/.*/widgets/.*/assets { try_files $uri 404; }
location ~ ^/modules/.*/widgets/.*/resources { try_files $uri 404; }
location ~ ^/modules/.*/formwidgets/.*/assets { try_files $uri 404; }
location ~ ^/modules/.*/formwidgets/.*/resources { try_files $uri 404; }
location ~ ^/modules/.*/reportwidgets/.*/assets { try_files $uri 404; }
location ~ ^/modules/.*/reportwidgets/.*/resources { try_files $uri 404; }
location ~ ^/plugins/.*/.*/assets { try_files $uri 404; }
location ~ ^/plugins/.*/.*/resources { try_files $uri 404; }
location ~ ^/plugins/.*/.*/behaviors/.*/assets { try_files $uri 404; }
location ~ ^/plugins/.*/.*/behaviors/.*/resources { try_files $uri 404; }
location ~ ^/plugins/.*/.*/reportwidgets/.*/assets { try_files $uri 404; }
location ~ ^/plugins/.*/.*/reportwidgets/.*/resources { try_files $uri 404; }
location ~ ^/plugins/.*/.*/formwidgets/.*/assets { try_files $uri 404; }
location ~ ^/plugins/.*/.*/formwidgets/.*/resources { try_files $uri 404; }
location ~ ^/plugins/.*/.*/widgets/.*/assets { try_files $uri 404; }
location ~ ^/plugins/.*/.*/widgets/.*/resources { try_files $uri 404; }
location ~ ^/themes/.*/assets { try_files $uri 404; }
location ~ ^/themes/.*/resources { try_files $uri 404; }
}
location ~ ^/index.php {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
ssl_certificate /etc/nginx/ssl/mywebsite_com/ssl-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/mywebsite_com/mywebsite_com.key;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_dhparam /etc/nginx/ssl/mywebsite_com/dhparam.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/nginx/ssl/mywebsite_com/AddTrustExternalCARoot.crt;
# replace with the IP address of your resolver
# resolver 127.0.0.1;
resolver 8.8.8.8 8.8.4.4 77.88.8.88 77.88.8.2 valid=60s;
# HTTP Response Header Fields
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Frame-Options DENY;
add_header X-XSS-Protection "1; mode=block";
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_types text/plain text/css text/xml text/javascript application/json application/javascript application/x-javascript application/atom+xml application/xml application/xml+rss image/svg+xml application/vnd.ms-fontobject application/x-font-ttf font/opentype image/x-icon;
}
Now we go to the varnish (version: varnish-6.4.0) configuration. in the varnish file: /etc/varnish/default.vcl
vcl 4.1;
# Default backend definition. Set this to point to your content server.
backend default {
.host = "127.0.0.1";
.port = "80";
.connect_timeout = 600s;
.first_byte_timeout = 600s;
.between_bytes_timeout = 600s;
.max_connections = 300;
}
sub vcl_recv {
if (req.url ~ "(\?|&)(utm_source|utm_medium|utm_campaign|utm_content|gclid|cx|ie|cof|siteurl)=") {
set req.url = regsuball(req.url, "&(utm_source|utm_medium|utm_campaign|utm_content|gclid|cx|ie|cof|siteurl)=([A-z0-9_\-\.%25]+)", "");
set req.url = regsuball(req.url, "\?(utm_source|utm_medium|utm_campaign|utm_content|gclid|cx|ie|cof|siteurl)=([A-z0-9_\-\.%25]+)", "?");
set req.url = regsub(req.url, "\?&", "?");
set req.url = regsub(req.url, "\?$", "");
}
# Strip hash, server doesn't need it.
if (req.url ~ "\#") {
set req.url = regsub(req.url, "\#.*$", "");
}
set req.http.Cookie = regsuball(req.http.Cookie, "has_js=[^;]+(; )?", "");
set req.http.Cookie = regsuball(req.http.Cookie, "__utm.=[^;]+(; )?", "");
set req.http.Cookie = regsuball(req.http.Cookie, "_ga=[^;]+(; )?", "");
set req.http.Cookie = regsuball(req.http.Cookie, "_gat=[^;]+(; )?", "");
set req.http.Cookie = regsuball(req.http.Cookie, "utmctr=[^;]+(; )?", "");
set req.http.Cookie = regsuball(req.http.Cookie, "utmcmd.=[^;]+(; )?", "");
set req.http.Cookie = regsuball(req.http.Cookie, "utmccn.=[^;]+(; )?", "");
set req.http.Cookie = regsuball(req.http.Cookie, "optim.=[^;]+(; )?", "");
# Remove Gauges Cookies
set req.http.Cookie = regsuball(req.http.Cookie, "_gau.=[^;]+(; )?", "");
set req.http.Cookie = regsuball(req.http.Cookie, "^;\s*", "");
if (req.http.cookie ~ "^\s*$") {
unset req.http.cookie;
}
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.method != "GET" &&
req.method != "HEAD" &&
req.method != "PUT" &&
req.method != "POST" &&
req.method != "TRACE" &&
req.method != "OPTIONS" &&
req.method != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.method != "GET" && req.method != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if ( (req.http.host ~ "^(?i)mywebsite.com") && req.http.X-Forwarded-Proto !~ "(?i)https") {
set req.http.x-redir = "https://" + req.http.host + req.url;
return (synth(750, ""));
}
return (hash);
if (req.http.Accept-Encoding) {
if (req.url ~ "\.(jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf)$") {
# No point in compressing these
unset req.http.Accept-Encoding;
} elseif (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elseif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
unset req.http.Accept-Encoding;
}
}
if (req.url ~ "^[^?]*\.(7z|avi|bmp|bz2|css|csv|doc|docx|eot|flac|flv|gif|gz|ico|jpeg|jpg|js|less|mka|mkv|mov|mp3|mp4|mpeg|mpg|odt|ogg|ogm|opus|otf|pdf|png|ppt|pptx|rar|rtf|svg|svgz|swf|tar|tbz|tgz|ttf|txt|txz|wav|webm|webp|woff|woff2|xls|xlsx|xml|xz|zip)(\?.*)?$") {
unset req.http.Cookie;
return (hash);
}
return (hash);
}
sub vcl_synth {
if (resp.status == 750) {
set resp.status = 301;
set resp.http.Location = req.http.x-redir;
return(deliver);
}
}
sub vcl_backend_response {
if (
beresp.status == 500 ||
beresp.status == 502 ||
beresp.status == 503 ||
beresp.status == 504
) {
return (abandon);
}
if(beresp.http.X-Requested-With == "XMLHttpRequest" || bereq.url ~ "nocache") {
#set beresp.http.Cache-Control = "private, max-age=0, no-cache, no-store";
#set beresp.http.Expires = "Mon, 01 Jan 2001 00:00:00 GMT";
#set beresp.http.Pragma = "no-cache";
set beresp.uncacheable = true;
return (deliver);
}
if (bereq.method == "POST") {
set beresp.uncacheable = true;
return (deliver);
}
if(beresp.http.X-Logged-In == "False" && bereq.method != "POST") {
unset beresp.http.Set-Cookie;
}
unset beresp.http.etag;
unset beresp.http.Pragma;
set beresp.grace = 12h;
set beresp.ttl = 180s;
set beresp.http.Expires = "" + (now + beresp.ttl);
if (bereq.url ~ "\.(ico|jpg|jpeg|gif|png|bmp|webp|tiff|svg|svgz|pdf|mp3|flac|ogg|mid|midi|wav|mp4|webm|mkv|ogv|wmv|eot|otf|woff|ttf|rss|atom|zip|7z|tgz|gz|rar|bz2|tar|exe|doc|docx|xls|xlsx|ppt|pptx|rtf|odt|ods|odp)(\?[a-zA-Z0-9=]+)$") {
set beresp.http.Cache-Control = "public, max-age=31536000";
}
if (bereq.url ~ "^[^?]*\.(7z|avi|bmp|bz2|css|csv|doc|docx|eot|flac|flv|gif|gz|ico|jpeg|jpg|js|less|mka|mkv|mov|mp3|mp4|mpeg|mpg|odt|ogg|ogm|opus|otf|pdf|png|ppt|pptx|rar|rtf|svg|svgz|swf|tar|tbz|tgz|ttf|txt|txz|wav|webm|webp|woff|woff2|xls|xlsx|xml|xz|zip)(\?.*)?$") {
unset beresp.http.set-cookie;
set beresp.do_stream = true;
}
if (beresp.http.Cache-Control !~ "max-age" || beresp.http.Cache-Control ~ "max-age=0" || beresp.ttl < 180s) {
set beresp.http.Cache-Control = "public, max-age=180, stale-while-revalidate=360, stale-if-error=43200";
}
return (deliver);
set beresp.ttl = 10s;
set beresp.grace = 1h;
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
set resp.http.X-Cache-Hits = obj.hits;
} else {
set resp.http.X-Cache = "MISS";
}
return (deliver);
}
Also add in the file /etc/nginx/nginx.conf under the line http {
upstream backend {
least_conn;
# port 37089 of varnishd
server mywebsite.com:37089 weight=5;
server 192.0.0.1 backup;
zone backend 32k;
}
upstream dns_servers {
# for nginx on port 443
server x.x.x.x:443;
server x.x.x.x:443;
}
I think that's enough to build a powerful (http://prntscr.com/rhzixb) and super-fast ( http://prntscr.com/rhzh6j , last update http://prntscr.com/rihzwk) website server. But I admit that it is rather disobeying EU Cookie Law. I am still learning and I still need the guidance of the experts at octobercms ( screenshoot on Wappalyzer: http://prntscr.com/ri7081 screenshoot on Lighthouse http://prntscr.com/riy7r2 ). If there is any suggestion I accept.
Last updated
1-5 of 5