Just ealry, I install a Nginx, PHP-fpm environment. But soon I found it's not support .htaccess, and the converter on internet can't convert all of them. So I just do it by myself...
It's already tested, if you got any problem, welcome to below reply.
The protect rules:
# Protect files and directories from prying eyes. <FilesMatch "\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$"> Order allow,deny </FilesMatch>
On nginx rewrite:
# Protect files and directories from prying eyes.
if ($document_uri ~ \.(?:engine|inc|info|install|make|module|profile|test|po|sh|sql|theme|tpl.php|tpl|xtmpl|svn-base)$) {
return 403;
}
if ($document_uri ~ (?:code\-style\.pl|Repository|Root|Tag|Template|all\-wcprops|entries|format)$) {
return 403;
}
if ($document_uri ~ Entries\.) {
return 403;
}
if ($document_uri ~ /\.) {
return 403;
}
If you need protect private file directory (Remember check the directory path.):
# Protect private files
if ($document_uri ~* ^/sites/default/privates/) {
return 403;
}
Set gzip header for css and javascript:
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
<FilesMatch "(\.js\.gz|\.css\.gz)$">
# Serve correct encoding type.
Header set Content-Encoding gzip
# Force proxies to cache gzipped & non-gzipped css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
On nginx rewrite:
# Serve correct content types, and prevent mod_deflate double gzip.
# Serve correct encoding type.
# Force proxies to cache gzipped & non-gzipped css/js files separately.
location ~ \.css\.gz$ {
gzip off;
default_type text/css;
charset utf-8;
add_header Vary "Accept-Encoding";
add_header Pragma "public";
add_header Content-Encoding "gzip";
# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
if (!-e $request_filename) {
rewrite ^/(.*)$ /index.php last;
}
}
location ~ \.js\.gz$ {
gzip off;
default_type text/javascript;
charset utf-8;
add_header Vary "Accept-Encoding";
add_header Pragma "public";
add_header Content-Encoding "gzip";
# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
if (!-e $request_filename) {
rewrite ^/(.*)$ /index.php last;
}
}
Rewrite to index.php and rewrite css and js to gzip:
# Pass all requests not referring directly to files in the filesystem to
# index.php. Clean URLs are handled in drupal_environment_initialize().
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^ index.php [L]
# Rules to correctly serve gzip compressed CSS and JS files.
# Requires both mod_rewrite and mod_headers to be enabled.
<IfModule mod_headers.c>
# Serve gzip compressed CSS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.css $1\.css\.gz [QSA]
# Serve gzip compressed JS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
</IfModule>
On nginx rewrite:
location / {
# Rules to correctly serve gzip compressed CSS and JS files.
# Requires both mod_rewrite and mod_headers to be enabled.
if (-f $request_filename.gz) {
# Serve gzip compressed CSS files if they exist and the client accepts gzip.
rewrite ^(.*)\.css$ $1.css.gz last;
# Serve gzip compressed JS files if they exist and the client accepts gzip.
rewrite ^(.*)\.js$ $1.js.gz last;
}
# Pass all requests not referring directly to files in the filesystem to
# index.php. Clean URLs are handled in drupal_environment_initialize().
if (!-e $request_filename) {
set $tester "F";
}
if ($document_uri !~* /favicon.ico) {
set $tester "${tester}F";
}
if ($tester = "FF") {
rewrite ^/(.*)$ /index.php last;
}
}
That's the drupal basic rewrites, maybe there are better version, if so, please let me know, thanks.
Don't forget test it, and make it affect:
nginx -t /etc/init.d/nginx reload
Hope this can help you.
2013/7/16 updated:
I got a good information about drupal with nginx: https://github.com/perusio/drupal-with-nginx
The settings for high performance, better for nginx. But convert from drupal .htaccess.
2013/7/16 updated 2:
I found part of protect files and directories on rewrite start has issue.
I only check the uri, didn't check the file exists or not.
So.......if path include keyword, it will return forbidden.
# Protect files and directories from prying eyes.
if (-e $request_filename) {
set $tester "F";
}
if ($document_uri ~* \.(?:engine|inc|info|install|make|module|profile|test|po|sh|sql|theme|tpl.php|tpl|xtmpl|svn-base|bak)$) {
set $tester "${tester}M";
}
if ($document_uri ~* (?:code\-style\.pl|Repository|Root|Tag|Template|all\-wcprops|entries|format)$) {
set $tester "${tester}M";
}
if ($document_uri ~* Entries\.) {
set $tester "${tester}M";
}
if ($document_uri ~* /\.) {
set $tester "${tester}M";
}
if ($tester ~ ^FM) {
return 403;
}
set $tester "";
# Protect private files
if ($document_uri ~* ^/files\-private/) {
return 403;
}
Here is the new code, I add the file exists check.