search

directus / v8-archive

Directus Database API — Wraps Custom SQL Databases with a REST/GraphQL API
https://docs.directus.io/api/reference.html
505 stars 204 forks source link

Plesk/Nginx config? #1929

Open cliqer opened 4 years ago

cliqer commented 4 years ago

How to make it work correctly with nginx in plesk? I add the following additional directives from the Docs:

add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
client_max_body_size 256M;

location ~ / {
    try_files $uri $uri/ /index.php?$args;
}

location /admin {
    try_files $uri $uri/ /admin/index.html?$args;
}

location /thumbnail {
    try_files $uri $uri/ /thumbnail/index.php?$args;
}

# Deny direct access to php files in extensions
location /extensions/.+\.php$ {
    deny all;
}

# All uploads files (originals) cached for a year
location ~* /uploads/([^/]+)/originals/(.*) {
    add_header Cache-Control "max-age=31536000";
}

# Serve php, html and cgi files as text file
location ~* /uploads/.*\.(php|phps|php5|htm|shtml|xhtml|cgi.+)?$ {
    add_header Content-Type text/plain;
}

# Deny access to any file starting with .ht,
# including .htaccess and .htpasswd
location ~ /\.ht {
    deny all;
}

but keep getting access errors:

{
  "error": {
    "code": 3,
    "message": "Unauthorized request",
    "class": "Directus\\Exception\\UnauthorizedException",
    "file": "/var/www/vhosts/domain.eu/api.domain.eu/src/helpers/app.php",
    "line": 287
  }
}

image

When I turn it back to apache it works so there's must be some directives that's been missing and only available through .htaccess.

rijkvanzanten commented 4 years ago

What's the domain / folder structure? What's the document root?

cliqer commented 4 years ago

├── bin ├── cache │   └── cache ├── config ├── logs ├── migrations │   ├── install │   └── upgrades ├── public │   ├── admin │   ├── cgi-bin │   ├── downloads │   ├── extensions │   └── uploads ├── src │   ├── core │   ├── endpoints │   ├── helpers │   ├── mail │   └── services └── vendor ├── akrabat ├── bin ├── cache ├── char0n ├── cocur ├── composer ├── directus ├── doctrine ├── firebase ├── guzzlehttp ├── intervention ├── league ├── monolog ├── nikic ├── paragonie ├── pimple ├── pragmarx ├── psr ├── ralouphie ├── ramsey ├── robmorgan ├── slim ├── swiftmailer ├── symfony ├── twig ├── webonyx └── zendframework

48 directories

and the document root is public.

Enabling nginx while already being logged in and directly browsing previous links works (api still throws 'Unauthorized request') but if I log out, delete all cookies within a new browser I get the above 404 and can't access back-end anymore.

image

The error I get in nginx logs is:

2020/06/13 03:55:39 [error] 1481#0: *5614554 FastCGI sent in stderr: "PHP message: PHP Warning:  Use of undefined constant Origin - assumed 'Origin' (this will throw an Error in a future version of PHP) in /var/www/vhosts/konpoli.eu/api2.konpoli.eu/config/api.php on line 123PHP message: PHP Warning:  Use of undefined constant X - assumed 'X' (this will throw an Error in a future version of PHP) in /var/www/vhosts/konpoli.eu/api2.konpoli.eu/config/api.php on line 123PHP message: PHP Warning:  Use of undefined constant Requested - assumed 'Requested' (this will throw an Error in a future version of PHP) in /var/www/vhosts/konpoli.eu/api2.konpoli.eu/config/api.php on line 123PHP message: PHP Warning:  A non-numeric value encountered in /var/www/vhosts/konpoli.eu/api2.konpoli.eu/config/api.php on line 123PHP message: PHP Warning:  A non-numeric value encountered in /var/www/vhosts/konpoli.eu/api2.konpoli.eu/config/api.php on line 123PHP message: PHP Warning:  Use of undefined constant With - assumed 'With' (this will throw an Error in a future version of PHP) in /var/www/vhosts/konpoli.eu/api2.konpoli.eu/config/api.php on line 123PHP message: PHP Warning:  A non-numeric value encountered in /var/www/vhosts/konpoli.eu/api2.konpoli.eu/config/api.php on line 123PHP message: PHP Warning:  Use of undefined constant Content - assumed 'Content' (this will throw an Error in a future version of PHP) in /var/www/vhosts/konpoli.eu/api2.konpoli.eu/config/api.php on line 123PHP message: PHP Warning:  Use of undefined constant Type - assumed 'Type' (this will throw an Error in a future version of PHP) in /var/www/vhosts/konpoli.eu/api2.konpoli.eu/config/api.php on line 123PHP message: PHP Warning:  A non-numeric value encountered in /var/www/vhosts/konpoli.eu/api2.konpoli.eu/config/api.php on line 123PHP message: PHP Warning:  A non-numeric value encountered in /var/www/vhosts/konpoli.eu/api2.konpoli.eu/config/api.php on line 123PHP message: PHP Warning:  Use of undefined constant Accept - assumed 'Accept' (this will throw an Err