Hi ALL
I encounter a problem on an application developped prestashop 1.6
When I try to connect via the application, I get: "16: 34: 19: 82 HTTP connection request result :: HTTP / 1.1 405 Not Allowed <\ r> <\ n> Server: nginx centminmod <\ r> <\ n> Date: Wed, 15 Jul 2015 2:34:20 p.m. GMT <\ r> <\ n> Content-Type: text / html; charset = utf-8 <\ r> <\ n> Content- length: 166 <\ r> <\ n> Connection: keep-alive <\ r> <\ n> <\ r> <\ n> "
Apparently, the application call a .php file in the directory modules
When I utlise URL to test POST ie (path : /modules/xx/xx.php) https://xx.php?email=xxxxx&password=xxxxx it does not execute the file, it asks to download: - /
path : /modules/xx/xx.php
I have enabled the management of https in the application.
I contacted the developer and he asked me to check the configuration nginx
Some ideas to contact me?
Thank you all
vhost nginx :
# redirect from non-www to www
# uncomment, save file and restart Nginx to enable
server {
listen 80;
server_name xx.xx.fr;
#rewrite ^ https://$host$request_uri? permanent;
return 302 https://$server_name$request_uri;
}
server {
listen 443 ssl spdy;
server_name xx.xx.fr;
ssl_dhparam /usr/local/nginx/conf/ssl/xx/dhparam.pem;
ssl_certificate /usr/local/nginx/conf/ssl/xx/x.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/xx/x.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA;
ssl_prefer_server_ciphers on;
add_header Alternate-Protocol 443:npn-spdy/3;
add_header Strict-Transport-Security "max-age=31536000";
# enable ocsp stapling
resolver 8.8.8.8;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /usr/local/nginx/conf/ssl/xx.fr/ssl-trusted.crt;
index index.html index.htm index.php;
rewrite ^/([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$1$2$3.jpg last;
rewrite ^/([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$1$2$3$4.jpg last;
rewrite ^/([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$1$2$3$4$5.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg last;
rewrite ^/c/([0-9]+)(-[_a-zA-Z0-9-]*)/[_a-zA-Z0-9-]*.jpg$ /img/c/$1$2.jpg last;
rewrite ^/c/([a-zA-Z-]+)/[a-zA-Z0-9-]+.jpg$ /img/c/$1.jpg last;
rewrite ^/([0-9]+)(-[_a-zA-Z0-9-]*)/[_a-zA-Z0-9-]*.jpg$ /img/c/$1$2.jpg last;
rewrite ^/order$ /index.php?controller=order last;
if (!-e $request_filename){
rewrite ^(.*)$ /index.php last;
}
# Redirect needed to "hide" index.php
# ngx_pagespeed & ngx_pagespeed handler
include /usr/local/nginx/conf/pagespeed.conf;
include /usr/local/nginx/conf/pagespeedhandler.conf;
include /usr/local/nginx/conf/pagespeedstatslog.conf;
# limit_conn limit_per_ip 16;
# ssi on;
access_log /home/nginx/domains/xx.fr/log/access.log combined buffer=32k;
error_log /home/nginx/domains/xx.fr/log/error.log;
root /home/nginx/domains/xx.fr/public;
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
error_page 405 = $uri;
# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;
# Enables directory listings when index file not found
#autoindex on;
# Shows file listing times as local time
#autoindex_localtime on;
# Enable for vBulletin usage WITHOUT vbSEO installed
#try_files $uri $uri/ /index.php;
}
location /c {
rewrite ^/c/([0-9]+)(\-[\.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+\.jpg$ /img/p/$1$2$3.jpg last;
rewrite ^/c/([a-zA-Z_-]+)(-[0-9]+)?/.+\.jpg$ /img/p/$1$2.jpg last;
}
location /p {
rewrite ^/p/([0-9]+)(\-[\.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+\.jpg$ /img/p/$1$2$3.jpg last;
rewrite ^/p/([a-zA-Z_-]+)(-[0-9]+)?/.+\.jpg$ /img/p/$1$2.jpg last;
}
location /images_ie {
rewrite ^/images_ie/?([^/]+)\.(jpe?g|png|gif)$ /js/jquery/plugins/fancybox/images/$1.$2 last;
}
# Don't log robots.txt or favicon.ico files
location ~* ^/(favicon.ico|robots.txt)$ {
access_log off;
log_not_found off;
}
# Custom 404 page
error_page 404 /index.php?controller=404;
location ~* ^.+.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css|mp3|swf|ico|flv|xml) {
access_log off;
expires 30d;
}
# Deny access to .htaccess
location ~ /\.ht {
deny all;
}
include /usr/local/nginx/conf/staticfiles.conf;
include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/drop.conf;
#include /usr/local/nginx/conf/errorpage.conf;
}
I encounter a problem on an application developped prestashop 1.6
When I try to connect via the application, I get: "16: 34: 19: 82 HTTP connection request result :: HTTP / 1.1 405 Not Allowed <\ r> <\ n> Server: nginx centminmod <\ r> <\ n> Date: Wed, 15 Jul 2015 2:34:20 p.m. GMT <\ r> <\ n> Content-Type: text / html; charset = utf-8 <\ r> <\ n> Content- length: 166 <\ r> <\ n> Connection: keep-alive <\ r> <\ n> <\ r> <\ n> "
Apparently, the application call a .php file in the directory modules
When I utlise URL to test POST ie (path : /modules/xx/xx.php) https://xx.php?email=xxxxx&password=xxxxx it does not execute the file, it asks to download: - /
path : /modules/xx/xx.php
I have enabled the management of https in the application.
I contacted the developer and he asked me to check the configuration nginx
Some ideas to contact me?
Thank you all
vhost nginx :
# redirect from non-www to www
# uncomment, save file and restart Nginx to enable
server {
listen 80;
server_name xx.xx.fr;
#rewrite ^ https://$host$request_uri? permanent;
return 302 https://$server_name$request_uri;
}
server {
listen 443 ssl spdy;
server_name xx.xx.fr;
ssl_dhparam /usr/local/nginx/conf/ssl/xx/dhparam.pem;
ssl_certificate /usr/local/nginx/conf/ssl/xx/x.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/xx/x.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA;
ssl_prefer_server_ciphers on;
add_header Alternate-Protocol 443:npn-spdy/3;
add_header Strict-Transport-Security "max-age=31536000";
# enable ocsp stapling
resolver 8.8.8.8;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /usr/local/nginx/conf/ssl/xx.fr/ssl-trusted.crt;
index index.html index.htm index.php;
rewrite ^/([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$1$2$3.jpg last;
rewrite ^/([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$1$2$3$4.jpg last;
rewrite ^/([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$1$2$3$4$5.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg last;
rewrite ^/c/([0-9]+)(-[_a-zA-Z0-9-]*)/[_a-zA-Z0-9-]*.jpg$ /img/c/$1$2.jpg last;
rewrite ^/c/([a-zA-Z-]+)/[a-zA-Z0-9-]+.jpg$ /img/c/$1.jpg last;
rewrite ^/([0-9]+)(-[_a-zA-Z0-9-]*)/[_a-zA-Z0-9-]*.jpg$ /img/c/$1$2.jpg last;
rewrite ^/order$ /index.php?controller=order last;
if (!-e $request_filename){
rewrite ^(.*)$ /index.php last;
}
# Redirect needed to "hide" index.php
# ngx_pagespeed & ngx_pagespeed handler
include /usr/local/nginx/conf/pagespeed.conf;
include /usr/local/nginx/conf/pagespeedhandler.conf;
include /usr/local/nginx/conf/pagespeedstatslog.conf;
# limit_conn limit_per_ip 16;
# ssi on;
access_log /home/nginx/domains/xx.fr/log/access.log combined buffer=32k;
error_log /home/nginx/domains/xx.fr/log/error.log;
root /home/nginx/domains/xx.fr/public;
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
error_page 405 = $uri;
# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;
# Enables directory listings when index file not found
#autoindex on;
# Shows file listing times as local time
#autoindex_localtime on;
# Enable for vBulletin usage WITHOUT vbSEO installed
#try_files $uri $uri/ /index.php;
}
location /c {
rewrite ^/c/([0-9]+)(\-[\.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+\.jpg$ /img/p/$1$2$3.jpg last;
rewrite ^/c/([a-zA-Z_-]+)(-[0-9]+)?/.+\.jpg$ /img/p/$1$2.jpg last;
}
location /p {
rewrite ^/p/([0-9]+)(\-[\.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+\.jpg$ /img/p/$1$2$3.jpg last;
rewrite ^/p/([a-zA-Z_-]+)(-[0-9]+)?/.+\.jpg$ /img/p/$1$2.jpg last;
}
location /images_ie {
rewrite ^/images_ie/?([^/]+)\.(jpe?g|png|gif)$ /js/jquery/plugins/fancybox/images/$1.$2 last;
}
# Don't log robots.txt or favicon.ico files
location ~* ^/(favicon.ico|robots.txt)$ {
access_log off;
log_not_found off;
}
# Custom 404 page
error_page 404 /index.php?controller=404;
location ~* ^.+.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css|mp3|swf|ico|flv|xml) {
access_log off;
expires 30d;
}
# Deny access to .htaccess
location ~ /\.ht {
deny all;
}
include /usr/local/nginx/conf/staticfiles.conf;
include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/drop.conf;
#include /usr/local/nginx/conf/errorpage.conf;
}