nginx - full support for nginx.conf
In Plesk (Onyx) you can use "Additional nginx directives". Its said: "Your directives will override the server-wide nginx configuration."
That quote is not right, because in nginx.conf plesk write:
location ~ ^/(.*.(ac3|avi|bmp|bz2|css|cue|dat|doc|docx|dts|eot|exe|flv|gif|gz|htm|html|ico|img|iso|jpeg|jpg|js|mkv|mp3|mp4|mpeg|mpg|ogg|pdf|png|ppt|pptx|qt|rar|rm|svg|swf|tar|tgz|ttf|txt|wav|woff|woff2|xls|xlsx|zip))$ {
tryfiles $uri @fallback;
}
include "/var/www/vhosts/system/cdn.example.com/conf/vhostnginx.conf";
That means that every setting for static files is not working. Example: I set in "Additional nginx directives" this line
location ~* /myfolder1/(a|b|c)/ { .... }
and destination is a static file, this code will never execute. EXCEPT for static files with uppercase file-types like "image.PNG" because here is a issue in nginx.conf, that catch only lowercased files, because plesk use "~" instead of "~*" (means case-insensitive regular expression match).
So a nested new "include" in location is necessary. Shorted example:
location ~* ^/(.*.(ac3|avi|bmp|..........|xls|xlsx|zip))$ {
tryfiles $uri @fallback;
include "/var/www/vhosts/system/cdn.example.com/conf/vhostnginxstaticfiles.conf";
}
include "/var/www/vhosts/system/cdn.example.com/conf/vhostnginx.conf";
Azurel
shared this idea
-
Azurel
commented
This can be removed... the solution for this is here https://talk.plesk.com/threads/security-risk-with-nginx-in-plesk.343909/ Plesk only missing a "hint" in GUI.