Инструкция как в nginx php-fpm bitrix запустить.
Рабочий конфиг. nginx для запуска bitrix.
root@site_loc:/usr/src # cat /usr/local/etc/php-fpm.conf | egrep -v '^$|;' [global] pid = run/php-fpm.pid events.mechanism = kqueue [www] user = use222 group = use222 listen = /tmp/www.sock listen.owner = use222 listen.group = use222 pm = dynamic pm.max_children = 455 pm.start_servers = 18 pm.min_spare_servers = 18 pm.max_spare_servers = 19 pm.max_requests = 4000 security.limit_extensions = .php .php3 .php4 .php5 # Соккет для второго сайт, отдельно будим его обрабатывать. [premiumsmoke] user = use222 group = use222 listen = /tmp/smoke.sock listen.owner = use222 listen.group = use222 pm = dynamic pm.max_children = 355 pm.start_servers = 15 pm.min_spare_servers = 15 pm.max_spare_servers = 17 pm.max_requests = 3500 security.limit_extensions = .php .php3 .php4 .php5 php_admin_value[mbstring.func_overload]=0 php_admin_value[mbstring.internal_encoding]=latin
root@site_loc:/usr/src # cat /usr/local/etc/nginx/nginx.conf
user use222 use222;
worker_processes 8;
timer_resolution 100ms;
worker_rlimit_nofile 8192;
worker_priority -5;
#
error_log /mnt/log/nginx/error.log error;
pid /var/run/nginx.pid;
events {
worker_connections 3048;
use kqueue;
multi_accept on;
}
http {
limit_req_zone $binary_remote_addr zone=one:10m rate=8r/s;
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
#
include /usr/local/etc/nginx/mime.types;
default_type application/octet-stream;
# access_log /mnt/log/nginx/access.log;
access_log off;
log_format compression '$remote_addr - [$time_local] '
'"$request" $status '
'"$http_user_agent"';
#
map $request_method $bad_method {
default 1;
~(?i)(GET|HEAD|POST) 0;
}
# Add here all user agents that are to be blocked.
map $http_user_agent $bad_bot {
default 0;
~(?i)(httrack|WinHTTrack|htmlparser|libwww|Python|perl|urllib|Zeus|scan|Curl|email|PycURL|Pyth|PyQ|WebCollector|WebCopier|WebCopy|webcraw|LWP::simple|Havij)
1;
}
# Bad referers.
map $http_referer $bad_referer {
default 0;
~(?i)(babes|click|forsale|jewelry|nudit|organic|poker|amnesty|poweroversoftware|webcam|zippo|casino|replica) 1;
}
#
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
client_body_timeout 15;
send_timeout 5;
client_max_body_size 30m;
keepalive_timeout 25;
keepalive_requests 100;
reset_timedout_connection on;
fastcgi_buffer_size 156k;
fastcgi_buffers 16 156k;
fastcgi_read_timeout 900;
#
add_header X-Frame-Options SAMEORIGIN;
add_header Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block;";
add_header X-Content-Security-Policy "allow 'self';";
add_header X-WebKit-CSP "allow 'self';";
add_header X-Content-Type-Options nosniff;
#
gzip on;
gzip_disable "MSIE [1-6]\.";
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_comp_level 7;
gzip_http_version 1.1;
gzip_proxied any;
gzip_types text/plain application/xhtml+xml text/css application/xml application/xml+rss text/javascript application/javascript application/x-javascript;
#
include /usr/local/etc/nginx/conf.d/*.conf;
include /usr/local/etc/nginx/sites-enabled_old/*;
}
root@site_loc:/usr/src # cat /usr/local/etc/nginx/sites-enabled_old/site.local
server {
listen 1.1.2.1:80;
root /usr/local/www/default;
}
server {
listen 1.1.2.1:80;
server_name www.site.local;
return 301 http://site.local$request_uri;
}
server {
listen 1.1.2.1:80;
open_file_cache max=430000 inactive=120s;
open_file_cache_valid 360s;
open_file_cache_min_uses 1;
open_file_cache_errors on;
server_name site.local;
access_log /mnt/log/nginx/access_akbpower.log;
root /usr/local/www/site.local;
index index.html index.php;
rewrite ^([^.\?]*[^/])$ $1/ permanent;
if ($request_uri ~ "^(/(?!personal|search).*)index\.(?:php|html)") {
return 301 $1;
}
# Deny access based on HTTP method
if ($bad_method = 1) { return 444; }
# Deny access based on the User-Agent header
if ($bad_bot = 1) { return 403; }
# Deny access based on the Referer header
if ($bad_referer = 1) { return 403; }
location / {
root /usr/local/www/site.local;
index index.php;
error_page 404 = /404.php;
}
location ~ \.php$ {
fastcgi_pass unix:/tmp/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/www/site.local/$fastcgi_script_name;
include fastcgi_params;
if (!-f $request_filename) {
rewrite ^(.*)$ /404.php last;
}
}
location ^~ /bitrix/admin/ {
index index.php;
satisfy any;
allow 4.3.1.9;
deny all;
auth_basic "closed site";
auth_basic_user_file /usr/local/.htpasswd;
location ~ \.php$ {
fastcgi_pass unix:/tmp/www.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_ignore_client_abort off;
}
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* ^/bitrix/components/bitrix/player/mediaplayer/player$ {
add_header Access-Control-Allow-Origin *;
}
location ~* ^/(upload|bitrix/images|bitrix/tmp) {
expires 30d;
access_log off;
}
location = /404.html {
access_log off ;
}
location ~* \.(swf|zip|rar|arj|cab|exe|dll|ico|jpg|jpeg|gif|bmp|png|mp3|avi|mov|mpg|mpeg|txt|amr|mmf|wml|wbmp|mid|midi|3gp)$ {
expires 30d;
charset utf-8;
source_charset utf-8;
access_log off;
}
location ~ (/\.ht|/bitrix/modules|bitrix/managed_cache|bitrix/local_cache|bitrix/stack_cache|/upload/support/not_image|/bitrix/php_interface) {
deny all;
access_log off;
}
location ~* ^/upload/1c_[^/]+/ { deny all; }
#location ~* /\.\./ { deny all; }
location ~* ^/bitrix/html_pages/\.config\.php { deny all; }
location ~* ^/bitrix/html_pages/\.enabled { deny all; }
location ^~ /upload/support/not_image { internal; }
#location ~* ^/bitrix/cache { deny all; }
#location ~* .*$ { deny all; }
location ~ /.svn/ {
deny all;
access_log off;
}
location ~ /\.ht {
deny all;
access_log off;
}
}
Тут можно посмотреть какие редиректы можно добавить к конфигу nginx редиректы nginx.
Вот и вся инструкция по переводу с apache на nginx php-fpm bitrix.