Tuesday, April 11, 2017

Nginx reverse proxy to Wordpress with Laravel

I'm currently managing a setup where we're using a Laravel webapp on domain.com and running a Wordpress blog on domain.com/blog.

The domain.com/blog path is proxied to another server where the Wordpress blog resides.

Setup

Server 1

nginx webserver running webapp based on Laravel:

server {
    listen 80;
    server_name default.com;
    return 301 https://www.default.com$request_uri;
}

server {
    listen 443;
    ssl_certificate /etc/letsencrypt/live/www.default.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.default.com/privkey.pem;

    server_name default.com;
    return 301 https://www.default.com$request_uri;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl ipv6only=on;

    root /var/www/html/default/current/public;
    index index.php index.html index.htm;

    server_name www.default.com;

    error_log    /var/log/nginx/www.default.com.error.log debug;

    location / {
         try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        try_files $uri /index.php =404;
        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }

    location /blog/ {
        proxy_pass http://10.2.7.3/blog/;
        proxy_set_header Host $host;
    }

    ssl_certificate /etc/letsencrypt/live/www.default.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.default.com/privkey.pem;
}

Server 2

Apache webserver running Wordpress:

<IfModule mod_ssl.c>
    <VirtualHost _default_:443>
        ServerAdmin webmaster@default.com

        DocumentRoot /var/www/html        

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        SSLEngine on
        SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
    </VirtualHost>
</IfModule>

Directory structure on server 2: /var/www/html /var/www/html/blog <-- here resides the Wordpress blog

Wordpress .htaccess file:

RewriteEngine On
RewriteBase /blog
RedirectMatch 301 ^/blog/author/ https://www.default.com/blog
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /blog/index.php [L]

The issue The blog itself works fine, all pages are visible, but the wp-admin/ redirection to wp-login.php fails.

CURL request to wp-admin/

curl https://www.default.com/blog/wp-admin/
< HTTP/1.1 302 Moved Temporarily
< Server: nginx/1.10.1
< Content-Type: text/html; charset=UTF-8
< Location: https://www.default.com/blog/wp-login.php?redirect_to=https%3A%2F%2Fwww.default.com%2Fblog%2Fblog%2Fwp-admin%2F&reauth=1

Ok, lets follow that redirection

curl -v 'https://www.default.com/blog/wp-login.php?redirect_to=https%3A%2F%2Fwww.default.com%2Fblog%2Fblog%2Fwp-admin%2F&reauth=1'

This call is now handled by the Laravel web app and not the Wordpress blog. That's not what should happen. This is caused by the nginx config:

location / {
     try_files $uri $uri/ /index.php$is_args$args;
}

location ~ \.php$ {
    try_files $uri /index.php =404;
    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
}

Why is that piece of configuration overwriting the proxy_pass?



via Ivo van Beek
Labels: ,

Advertisement