server { listen 8080; server_name shop.server.ank; access_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_shop,nohostname main; error_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_shop_err,nohostname debug; location ~ ^/shop/admin { alias /srv/www/shop/upload/admin; index index.php; location ~ ^/shop/admin/config.php { deny all; } location ~ \.php$ { include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME $request_filename$1; fastcgi_pass 127.0.0.1:9000; } } location ^~ /shop { alias /srv/www/shop/upload; index index.php; #try_files $uri $uri/ index.php$is_args$args; #try_files index.php @opencart; location ~ ^/shop/upload/image/data { autoindex on; } location ~ ^/shop/config.php { deny all; } location ~ ^/shop/admin/config.php { deny all; } # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). # location ~ ^/shop/\. { deny all; access_log off; log_not_found off; } location ~ ^/shop/\.(jpg|jpeg|png|gif|css|js|ico)$ { expires max; log_not_found off; } location ~ \.php$ { include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME $request_filename$1; fastcgi_pass 127.0.0.1:9000; #fastcgi_split_path_info ^(.+\.php)(/.+)$; #fastcgi_split_path_info ^(.+\.php)(.*)$; #fastcgi_index index.php; #try_files $uri /index.php =404; # fastcgi_pass unix:/var/run/php5-fpm.sock; } } location @tribushop { rewrite ^/shop/(.+)$ /shop/index.php?_route_=$1 last; } location /shop/engine { deny all; } location ~ ^/shop/library { deny all; } # Make sure files with the following extensions do not # get loaded by nginx because nginx would display the # source code, and these files can contain PASSWORDS! location ~ ^/shop/\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|.*ini|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ { deny all; } }