CentOS7, nginx, Php 7.2 and Prestashop issue

Hi guys,

I'm posting there here as I'm not certain whether this is an issue with my php configuration, the nginx configuration or prestashop itself and I hope someone can point me in the right direction.

I installed CentOS 7 and Webpanel, configured it, enabled mod security, firewall and ssl, added a package and configured the package to work with my domain (let's call the domain idefix.com).

My configuration is as follows:
- CWP version: 0.9.8.767
- Apache: Apache/2.4.37
- PHP: 7.2.15
- MySQL: 10.1.38-MariaDB
- Hostname set to: cwp.idefix.com
- User deployed for package called: idefix
- Domain associated with user: idefix.com
- Webserver Setting: Nginx & Apache
- Main Nginx & Apache configuration: default and PHP-FPM = 7.2
- Domain configuration for user idefix: nginx -> php-fpm, Nginx default vhost template type:php-fpm, Nginx default vhost template:default, php-pfm version: 7.2, SSL enabled (Auto SSL)
- user Idefix webroot set to: /home/idefix/public_html/

I afterwards checked the configuration: emails are working, I can access the webpage - index file replaced and shows up correctly, and a phpinfo.php file uploaded and checked shows the right PHP version and changes done to the php.ini file (memory limit increase) are showing up correctly.

Next I installed Prestashop using Softaculous into the folder /home/idefix/public_html/ps

the issue:
- Accessing the shop via www.idefix.com/ps/index.php works fine - it shows up nicely with all the sample content
- Accessing the shop admin via www.idefix.com/ps/admin1234/index.php works fine as well, login works and the majority of pages work.

E.g. Orders -> orders which point to www.idefix.com/ps/admin1234/index.php?ontroller=AdminOrders&token=542246647f works fine.

The Invoices link under Orders however does not.
It somehow points to www.idefix.com/ps/admin1234/index.php/sell/orders/invoices/?_token=2BUnptgC5di and throws a 404 error as /sell/... does not exist

The same is the case with Configure, Orders -> Delivery slips, Modules -> module Manager etc. All point to www.idefix.com/ps/admin1234/index.php/....

As my nginx configuration is still unchanged to the default webpanel nginx config, I believed this to be an issue with the nginx configuration assuming that this has something to do with the way the url's are formed so I tried a number of different configuration examples I found on the net for prestashop and nginx but after adopting these to my own environment I either got 404 errors, 500 errors or bad gateway errors all the time which I read could also be the result of missing php configuration changes.

I'm a bit stuck now on how to troubleshoot this and get the shop to work properly.

I'm posting my nginx configurations below based on what I believe are the main ones to look at:

/etc/nginx/  (directly holds 10 files in total currently)
- nginx.conf

/etc/nginx/conf.d (2 files here - one with the server IP, the other for the vhosts)

/etc/nginx/conf.d/vhosts
- idefix.com.conf
- idefix.com.ssl.conf (I believe this should be the main file to adjust for the shop ??)


nginx.conf

Code: [Select]

user nobody;
worker_processes auto;
#worker_rlimit_nofile    65535;
error_log               /var/log/nginx/error.log crit;
pid                     /var/run/nginx.pid;

events {
worker_connections  1024;
use                 epoll;
multi_accept        on;

}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
client_header_timeout 3m;
client_body_timeout 3m;
client_max_body_size 256m;
client_header_buffer_size 4k;
client_body_buffer_size 256k;
large_client_header_buffers 4 32k;
send_timeout 3m;
keepalive_timeout 60 60;
reset_timedout_connection       on;
server_names_hash_max_size 1024;
server_names_hash_bucket_size 1024;
ignore_invalid_headers on;
connection_pool_size 256;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;

include mime.types;
default_type application/octet-stream;

# Compression gzip
gzip on;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
gzip_proxied any;
gzip_min_length 512;
gzip_comp_level 6;
gzip_buffers 8 64k;
gzip_types text/plain text/xml text/css text/js application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg image/svg+xml application/xml+rss text/javascript application/atom+xml application/javascript application/json application/x-font-ttf font/opentype;

# Proxy settings
proxy_redirect      off;
proxy_set_header    Host            $host;
proxy_set_header    X-Real-IP       $remote_addr;
proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header   Set-Cookie;
proxy_connect_timeout   90;
proxy_send_timeout  90;
proxy_read_timeout  90;
proxy_buffers       32 4k;
proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m;
proxy_cache_key "$host$request_uri $cookie_user";
proxy_temp_path  /var/cache/nginx/temp;
proxy_ignore_headers Expires Cache-Control;
proxy_cache_use_stale error timeout invalid_header http_502;
proxy_cache_valid any 1d;

open_file_cache_valid 120s;
open_file_cache_min_uses 2;
open_file_cache_errors off;
open_file_cache max=5000 inactive=30s;
open_log_file_cache max=1024 inactive=30s min_uses=2;

# SSL Settings
ssl_session_cache   shared:SSL:10m;
ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers        "XXXXXXXXXX"; #placeholder - actual cipher included in config

# Logs
log_format  main    '$remote_addr - $remote_user [$time_local] $request '
                '"$status" $body_bytes_sent "$http_referer" '
                '"$http_user_agent" "$http_x_forwarded_for"';
log_format  bytes   '$body_bytes_sent';
#access_log          /var/log/nginx/access.log main;
access_log off;

# Cache bypass
map $http_cookie $no_cache {
default 0;
~SESS 1;
~wordpress_logged_in 1;
}

# Include additional configuration
include /etc/nginx/cloudflare.inc;
include /etc/nginx/conf.d/*.conf;
}




indefix.com.conf

Code: [Select]

server {
listen 22.22.22.22:80; #IP changed, actual server IP shown in config
server_name idefix.com  www.idefix.com;
root /home/idefix/public_html;
index index.php index.html index.htm;
access_log /usr/local/apache/domlogs/idefix.com.bytes bytes;
access_log /usr/local/apache/domlogs/idefix.com.log combined;
error_log /usr/local/apache/domlogs/idefix.com.error.log error;

location / {

location ~.*\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}

location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return  404;
}

fastcgi_pass    unix:/opt/alt/php-fpm72/usr/var/sockets/idefix.sock;
fastcgi_index   index.php;
include         /etc/nginx/fastcgi_params;
}

}

location ~* "/\.(htaccess|htpasswd)$" {deny all;return 404;}

disable_symlinks if_not_owner from=/home/idefix/public_html;

location /.well-known/acme-challenge {
default_type "text/plain";
alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
}
}

idefix.com.ssl.conf

Code: [Select]

server {
listen 22.22.22.22:443 ; #IP changed, actual server IP shown in conf file
server_name idefix.com  www.idefix.com;
root /home/idefix/public_html;
index index.php index.html index.htm;
access_log /usr/local/apache/domlogs/idefix.com.bytes bytes;
access_log /usr/local/apache/domlogs/idefix.com.log combined;
error_log /usr/local/apache/domlogs/idefix.com.error.log error;

ssl                  on;
ssl_certificate      /etc/pki/tls/certs/idefix.com.bundle;
ssl_certificate_key  /etc/pki/tls/private/idefix.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers XXXXXXXXX; #actual cipher shown in config
ssl_prefer_server_ciphers   on;

ssl_session_cache   shared:SSL:10m;
ssl_session_timeout 60m;

location / {

add_header Strict-Transport-Security "max-age=31536000";
add_header X-Content-Type-Options nosniff;

location ~.*\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}

location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return  404;
}

fastcgi_pass    unix:/opt/alt/php-fpm72/usr/var/sockets/idefix.sock;
fastcgi_index   index.php;
include         /etc/nginx/fastcgi_params;
}

}

location ~* "/\.(htaccess|htpasswd)$" {deny all;return 404;}

disable_symlinks if_not_owner from=/home/idefix/public_html;

location /.well-known/acme-challenge {
default_type "text/plain";
alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
}
}

Thanks a lot for the help !

In your configuration, you have:

Code: [Select]

location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return  404;
}
(...)

So, you have a parameter to $document_root$fastcgi_script_name, but these are checked as a filenames:

Code: [Select]

if (!-f $document_root$fastcgi_script_name) {

So, try to check your logfiles in '/usr/local/apache/domlogs/idefix.com.error.log' and '/var/log/nginx/error.log', because you may some installation problem, seeking for a path that doesn't exist.

Regards,
Netino

Thanks for the help.
I checked the files.

Apache Error log only list issues in regards to missing files from the page migration (looking for directories which are not there anymore but nothing to do with the shop).

Nginx error log is empty

May you have just overrided that configuration in somewhere..??

Try to change the severity of error_log to "warn" and check, in:

Code: [Select]

error_log               /var/log/nginx/error.log crit;

and change it to:

Code: [Select]

error_log               /var/log/nginx/error.log warn;

Check another conf files included in configuration too:
/etc/nginx/cloudflare.inc;
/etc/nginx/conf.d/*.conf;
/etc/nginx/fastcgi_params;