Back to limesurvey.org

Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

Plesk Onyx Server Nginx setup

More
6 years 5 months ago #181967 by marcgold
Plesk Onyx Server Nginx setup was created by marcgold
Hi,

Were running a Plesk Onyx 17.8 Server and have switched to Nginx server rather than use the Apache. On the plus side performance is significantly better and generally the setup works really well.

We have had one small issue and not sure if this is a bug or a configuration issue and would appreciate if anyone else can shed some light on this.

Under Survey Responses: the first two Buttons View Survey Response and View as PDF both return a Nginx 404 page not found error

This is my current Nginx.conf file with sensitive details ***

server {
listen **.**.**.**:80;

server_name ****;
server_name ****;
server_name ****;

client_max_body_size 128m;

proxy_read_timeout 3000;

root "/var/www/vhosts/***/***";
access_log "/var/www/vhosts/system/***/logs/proxy_access_log";
error_log "/var/www/vhosts/system/***/logs/proxy_error_log";

#extension letsencrypt begin
location ~ ^/\.well-known/acme-challenge/ {
root /var/www/vhosts/default/htdocs;

types { }
default_type text/plain;

satisfy any;
auth_basic off;
allow all;

location ~ ^/\.well-known/acme-challenge.*/\. {
deny all;
}
}
#extension letsencrypt end

location ~ ^/(plesk-stat|awstats-icon|webstat|webstat-ssl|ftpstat|anon_ftpstat) {
return 301 https://$host$request_uri;
}

location @fallback {
return 404;
}

location ~ ^/(.*\.(ac3|avi|bmp|bz2|css|cue|dat|doc|docx|dts|eot|exe|flv|gif|gz|htm|html|ico|img|iso|jpeg|jpg|js|mkv|mp3|mp4|mpeg|mpg|ogg|pdf|png|ppt|pptx|qt|rar|rm|svg|swf|tar|tgz|ttf|txt|wav|woff|woff2|xls|xlsx|zip))$ {
try_files $uri @fallback;
}

location ~ ^/~(.+?)(/.*?\.php)(/.*)?$ {
alias /var/www/vhosts/****/web_users/$1/$2;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:///var/www/vhosts/system/****/php-fpm.sock";
include /etc/nginx/fastcgi.conf;

}

location ~ \.php(/.*)?$ {
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:///var/www/vhosts/system/****/php-fpm.sock";
include /etc/nginx/fastcgi.conf;

}

location ~ /$ {
index "index.html" "index.cgi" "index.pl" "index.php" "index.xhtml" "index.htm" "index.shtml";
}

add_header X-Powered-By PleskLin;

location / {
index index.php index.htm;
try_files $uri $uri/ /index.php?$args;
}
}
The topic has been locked.
More
6 years 5 months ago #181977 by marcgold
Replied by marcgold on topic Plesk Onyx Server Nginx setup
Just updated the Additional Nginx directives to fully include the rewrite rules so from ...location / {... onwards now reads.

location / {
index index.php index.htm;
try_files $uri $uri/ /index.php?$args;
if (!-e $request_filename){
rewrite ^(.*)$ /index.php;
}
}
location ~ 403 {
rewrite ^(.*)$ ^/(?!\.well-known/)(.*/)?\.+ redirect;
}

location ~ /\.well-known {
}

location ~ ^/(.*/)?\.+ {
return 403;
}

This did not fix things.

But, changing the setting in config.php to showScriptName' => true, (ie turning of clean URLS, then the problem goes away.

So this is definitely something to with the re-write rules.
Can anyone please provide the correct syntax for the nginx.conf to make this work.

Thanks

Marc
The topic has been locked.
More
6 years 5 months ago #181983 by jelo
Replied by jelo on topic Plesk Onyx Server Nginx setup
What version of LimeSurvey is used?
The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
The topic has been locked.
More
6 years 5 months ago #181990 by DenisChenu
Replied by DenisChenu on topic Plesk Onyx Server Nginx setup

marcgold wrote: …

So this is definitely something to with the re-write rules.
Can anyone please provide the correct syntax for the nginx.conf to make this work.

I like to have one ;)
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member. - Professional support - Plugins, theme and development .
I don't answer to private message.
The topic has been locked.
More
6 years 5 months ago #182001 by marcgold
Replied by marcgold on topic Plesk Onyx Server Nginx setup

jelo wrote: What version of LimeSurvey is used?


Hi Jelo,

Current Version 3.16.1+190314

It's the weirdest thing as everything else works really well, its blisteringly fast.
The Production Server is Centos 6.1, I have spun up a Centos 7 with the same version of Plesk but the Apache / Nginx will be later versions so will report back later if this changes anything.

Marc
The topic has been locked.
More
6 years 5 months ago - 6 years 5 months ago #182005 by jelo
Replied by jelo on topic Plesk Onyx Server Nginx setup

marcgold wrote: It's the weirdest thing as everything else works really well, its blisteringly fast.

CentOS7 makes more sense since CentOS6 is near EOL. But it's not causing this issue.
The NGINX+Apache combination in Plesk is not that often tested with LimeSurvey.
LimeSurvey.org uses pure NGINX. Other use Apache or Apache with PHP-FPM.

So we have three different files for rewriting URLs
htaccess (Apache) shipped with LS
.user.ini (PHP-FPM) could be shipped with LS
nginx.conf (NGINX) manual work needed

I'm not using NGINX, so debugging is a bit difficult for me.

You might check your NGINX rules against the current htaccess rules via a converter.
www.winginx.com/en/htaccess

Can you examine the nonfancy URLs these broken buttons are using?
The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
Last edit: 6 years 5 months ago by DenisChenu. Reason: Fix quote
The topic has been locked.
More
6 years 5 months ago #182047 by DenisChenu
Replied by DenisChenu on topic Plesk Onyx Server Nginx setup
@marcgold : there are some in browse response else construction of url is near same … than edit url

Edit url (GET format) : ?r=admin/dataentry/sa/editdata/subaction/edit&surveyid=222725&id=1&browselang=
View url (GET format) : r=admin/responses/sa/view&surveyid=222725&id=1&browselang=

Edit url (PATH without index) : /admin/dataentry/sa/editdata/subaction/edit/surveyid/953474/id/2/browselang
View url (PATH without index) : /admin/responses/sa/view/surveyid/953474/id/2/browselang/

Realy strange if edit work and not view …
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member. - Professional support - Plugins, theme and development .
I don't answer to private message.
The topic has been locked.
More
6 years 5 months ago #182182 by marcgold
Replied by marcgold on topic Plesk Onyx Server Nginx setup

jelo wrote:

marcgold wrote: It's the weirdest thing as everything else works really well, its blisteringly fast.

CentOS7 makes more sense since CentOS6 is near EOL. But it's not causing this issue.
The NGINX+Apache combination in Plesk is not that often tested with LimeSurvey.
LimeSurvey.org uses pure NGINX. Other use Apache or Apache with PHP-FPM.

So we have three different files for rewriting URLs
htaccess (Apache) shipped with LS
.user.ini (PHP-FPM) could be shipped with LS
nginx.conf (NGINX) manual work needed

I'm not using NGINX, so debugging is a bit difficult for me.

You might check your NGINX rules against the current htaccess rules via a converter.
www.winginx.com/en/htaccess

Can you examine the nonfancy URLs these broken buttons are using?


Hi Jelo,

I am unfamiliar with .user.ini so if you have any more info on this file I can troubleshoot from there.
I have already converted the .htaccess rules to Nginx compatible ones and generally these seem to be working properly.

I have examined the non fancy URLs and the results are below but I agree with @DenisChenu this is very weird as the edit URL's are very similar in construct to the view URL's which work without an issue.

View Individual Result:

In Config.php urlManager => URLFormat => “Path” ShowScriptName = True
https://<<DOMAIN NAME>>/index.php/admin/responses/sa/view/surveyid/2723/id/1/browselang/ WORKS

In Config.php urlManager => URLFormat => “Get” ShowScriptName = True
https://<<DOMAIN NAME>>/index.php?r=admin/responses/sa/view&surveyid=2723&id=1&browselang= WORKS

In Config.php urlManager => URLFormat => “Get” ShowScriptName = False
https://<<DOMAIN NAME>>/?r=admin/responses/sa/view&surveyid=2723&id=1&browselang= WORKS

In Config.php urlManager => URLFormat => “Path” ShowScriptName = False
https://<<DOMAIN NAME>>/admin/responses/sa/view/surveyid/2723/id/1/browselang/ NOT WORKING

Edit Individual Response

In Config.php urlManager => URLFormat => “Path” ShowScriptName = False
https://<<DOMAIN NAME>>/admin/dataentry/sa/editdata/subaction/edit/surveyid/2723/id/1/browselang WORKS
The topic has been locked.
More
6 years 5 months ago #182200 by DenisChenu
Replied by DenisChenu on topic Plesk Onyx Server Nginx setup
And delete url can be worst since it send GET and POST value …
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member. - Professional support - Plugins, theme and development .
I don't answer to private message.
The topic has been locked.
More
6 years 5 months ago #182208 by marcgold
Replied by marcgold on topic Plesk Onyx Server Nginx setup

DenisChenu wrote: And delete url can be worst since it send GET and POST value …


Interestingly, Delete actually works without issue.

I have actually deployed a brand new install of the latest release onto a Centos 7 Running plesk, Nginx & PHP7.3 PHP-FPM
The problem still persists :(

However I have just tested this on Limesurvey Professional (Hosted) and it works. I believe @Jelo stated that this is also running on Nginx pure. This works as it should and is definately using URL > Path and ShowScript > False.

Therefore Im pretty convinced this is a config issue and not a bug. Do you have access to this environment and possibly share the Nginx configs responsible for the rewrites needed to make this work.

Marc
The topic has been locked.
More
6 years 5 months ago #182211 by holch
Replied by holch on topic Plesk Onyx Server Nginx setup
Most of us here in the forum are volunteers that help to support the CE edition of Limesurvey, so as far as I know Jelo and Denis don't have access to Limesurvey Pro.

You would need to get in touch with the Limesurvey GmbH via "Support" in the top navigation or hope that someone from their team (cdorin seems to be quite active in the forum lately, haven't seen anyone else in the last weeks) will stumble upon this thread.
Help us to help you!
  • Provide your LS version and where it is installed (own server, uni/employer, SaaS hosting, etc.).
  • Always provide a LSS file (not LSQ or LSG).
Note: I answer at this forum in my spare time, I'm not a LimeSurvey GmbH employee.
The topic has been locked.
More
6 years 5 months ago #182218 by DenisChenu
Replied by DenisChenu on topic Plesk Onyx Server Nginx setup
You can use irc too, cdorin answer and sometimes call Louis Or Markus
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member. - Professional support - Plugins, theme and development .
I don't answer to private message.
The following user(s) said Thank You: marcgold
The topic has been locked.
More
6 years 5 months ago #182251 by marcgold
Replied by marcgold on topic Plesk Onyx Server Nginx setup
Thanks everyone and support for all your help. I have now fixed the issue and am sharing the answers.

This is specifically to Servers running Plesk Onyx 17.8. It may work with other versions and below may help steer others incase they run into similar issues.

Plesk manages its nginx.conf configurations internally. If you attempt to change anything, Plesk will just rewrite the file back.

So firstly The correct place to put this is in the Advance Nginx Directive under the correct webspace in Plesk Onyx.

The syntax that I had in that file was incorrect - you can view it above.

The Correct syntax does not need the location / directive.
Then the important part that handles the rewrites site wide is.

try_files $uri $uri/ /index.php?q=$uri&$args;

But this alone does not fix the problem that the display response & display as PDF links in Show results gives a 404 error. To fix this add the following directly under the try_files directive.

if (!-e $request_filename){
rewrite ^(.*)$ /index.php;
}

So the full syntax adding the additional security elements / converted apache .htaccess reads:

try_files $uri $uri/ /index.php?q=$uri&$args;
if (!-e $request_filename){
rewrite ^(.*)$ /index.php;
}

location ~ ^/(protected|framework|themes/\w+/views) {
deny all;
}

location ~ 403 {
rewrite ^(.*)$ ^/(?!\.well-known/)(.*/)?\.+ redirect;
}

location ~ /\.well-known {
}

location ~ ^/(.*/)?\.+ {
return 403;
}


Marc
Limesurvey 3.16.1, Plesk Onyx 17.8, Nginx
The following user(s) said Thank You: DenisChenu
The topic has been locked.
More
6 years 5 months ago - 6 years 5 months ago #182255 by DenisChenu
Replied by DenisChenu on topic Plesk Onyx Server Nginx setup
Great !

Need an improvment : github.com/LimeSurvey/LimeSurvey/blob/ma...ad/surveys/.htaccess ;)

I try with
Code:
location ~ ^/master/upload/surveys/.*/fu_[a-z0-9]*$ {
                deny all;
        }

Else : protected must be replaced by application for limesurvey.


Since i'm on local (no .well-know needed) in a subdirectory :
This seems to work
Code:
location /master/ {
        index index.html index.htm index.php;
        try_files $uri $uri/ /index.php?r=$uri&amp;$args;
        if (!-e $request_filename){
                rewrite ^(.*)$ /master/index.php;
        }
        location ~ ^/master/(application|framework|themes/\w+/views) {
                deny all;
        }
        location ~ location ~ ^/master/upload/surveys/.*/fu_[a-z0-9]*$ {
                deny all;
        }
        location ~ ^/master/(.*/)?\.+ {
                return 403;
        }
    }
I use r for uri since the default route param is r. It work too with q, didn't know exactly why.
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member. - Professional support - Plugins, theme and development .
I don't answer to private message.
Last edit: 6 years 5 months ago by DenisChenu. Reason: Fix part for fu_ part
The topic has been locked.
More
6 years 5 months ago - 6 years 5 months ago #182259 by DenisChenu
Replied by DenisChenu on topic Plesk Onyx Server Nginx setup
Another fix for autogenerated .htaccess in surveys/
Code:
location /master/ {
        index index.html index.htm index.php;
        try_files $uri $uri/ /index.php?r=$uri&amp;$args;
        if (!-e $request_filename){
                rewrite ^(.*)$ /master/index.php;
        }
        location ~ ^/master/(application|docs|framework|themes/\w+/views) {
                deny all;
        }
        location ~ ^/master/upload/surveys/.*/fu_[a-z0-9]*$ {
                return 444;
        }
        location ~ ^/master/(.*/)?\.+ {
                return 403;
        }
        location ~* /master/upload/.*\.(pl|cgi|py|pyc|pyo|phtml|sh|lua|php|php3|php4|php5|php6|pcgi|pcgi3|pcgi4|pcgi5|pcgi6|icn)$
        {
                return 444;
        }
    }
Since i think it must be disable for all upload type : survey or theme or anything.

Throw a 444 : httpstatusdogs.com/444-no-response ? But can be a 403 too.

Edit : think we muist disable direct access to some third_party tools too
(and personnaly : i think direct acccess to plugins must be disable : plugins must use asset manager).
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member. - Professional support - Plugins, theme and development .
I don't answer to private message.
Last edit: 6 years 5 months ago by DenisChenu.
The following user(s) said Thank You: marcgold
The topic has been locked.
Moderators: holchtpartner

Lime-years ahead

Online-surveys for every purse and purpose

Pricing & Plans
Get started

Legal

About Us

Open Source