NginX友好的PHP框架

嘿伙计们,我正在寻找一个PHP框架,如果我很幸运,只需在FastCGI下运行nginx,否则,不需要太多调整.
最佳答案
使用nginx的Symfony 1.4非常棒.我已经完成了调整,这里是我的生产配置的概括,我可以保证适合生产使用.

server {
  listen 80;

  server_name mysite.com;

  root /var/www/mysite.com/web;
  access_log /var/log/nginx/mysite.com.access.log;
  error_log /var/log/nginx/mysite.com.error.log;

  location ~ ^/(index|frontend|frontend_dev|backend|backend_dev)\.php${
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS off;
    fastcgi_pass   127.0.0.1:9000;
  }

  location / {
    index index.php;
    try_files $uri /index.php?$args;
  }
}

server {
  listen 443;

  ssl on;
  ssl_certificate      /etc/ssl/certs/mysite.com.crt;
  ssl_certificate_key  /etc/ssl/private/mysite.com.key;

  server_name mysite.com;

  root /var/www/mysite.com/web;
  access_log /var/log/nginx/mysite.com.access.log;
  error_log /var/log/nginx/mysite.com.error.log;
  location ~ ^/(index|frontend|frontend_dev|backend|backend_dev)\.php${
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS on;
    fastcgi_pass   127.0.0.1:9000;
  }

  location / {
    index index.php;
    try_files $uri /index.php?$args;
  }
}

PHP 5.4注意事项

dotdeb附带的php5-fpm 5.4现在默认使用套接字而不是环回.如果您使用的是PHP 5.4并且使用上述配置时出现错误的网关错误,请尝试使用unix:/var/run/php5-fpm.sock替换127.0.0.1:9000的所有实例.

php-fpm 5.4还新近将可以解析为PHP的文件扩展名限制为security.limit_extensions中指定的文件扩展名.如果您修改了位置正则表达式以包含除.php之外的其他文件扩展名,则可能会感兴趣.以下安全说明仍适用.

安全说明

此配置仅使用PHP解析文件index.php,frontend.php,frontend_dev.php,backend.php和backend_dev.php.

使用php和nginx,不仅仅是使用symfony

location \.php${
  ...
}

导致与使用pathinfo的URL相关的安全漏洞,如:/index.php/foo/bar.

常见的解决方法是在php.ini中设置fix_pathinfo = 0.这打破了pathinfo URL,symfony依赖于它们.这里使用的解决方案是显式指定被解析为php的文件.

有关更多信息,请参阅nginx+php-cgi security alert

平台

这对于使用dotdeb用于nginx和php-fpm软件包的Debian Squeeze系统以及使用ppa / brianmercer用于php-fpm的Ubuntu 10.04 Lucid Lynx系统来说是安全的.它可能或可能不起作用,并且在其他系统上是安全的.

使用说明

要添加另一个PHP文件additionalfile.php以进行解析,请在两个位置块中使用此语法:

location~ ^(index | frontend | frontend_dev | backend | backend_dev | additionalfile).php ${
  …
}

编辑:Symfony 2.0已经发布!这是配置,改编自上面的1.4配置:

server {
  listen 80;

  server_name symfony2;
  root /var/www/symfony2/web;

  error_log /var/log/nginx/symfony2.error.log;
  access_log /var/log/nginx/symfony2.access.log;

  location / {
    index app.php;
    if (-f $request_filename) {
      break;
    }
    rewrite ^(.*)$/app.php last;
  }

  # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  #
  location ~ (app|app_dev).php {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS off;
    fastcgi_pass   127.0.0.1:9000;
  }
}

server {
  listen 443;

  server_name symfony2;
  root /var/www/symfony2/web;

  ssl on;
  ssl_certificate      /etc/ssl/certs/symfony2.crt;
  ssl_certificate_key  /etc/ssl/private/symfony2.key;

  error_log /var/log/nginx/symfony2.error.log;
  access_log /var/log/nginx/symfony2.access.log;

  location / {
    index app.php;
    if (-f $request_filename) {
      break;
    }
    rewrite ^(.*)$/app.php last;
  }

  # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  #
  location ~ (app|app_dev).php {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS off;
    fastcgi_pass   127.0.0.1:9000;
  }
}

转载注明原文:NginX友好的PHP框架 - 代码日志