Nginx proxy PHP-FPM + Lighttpd 405 not allowed symfony

Question

Hello I am trying to serve a php web application using Nginx PHP-FPM using a tcp socket on a remote host and a lighttd to serve static content on a remote server.

I succeed to link those three blocks but I have an issue to manage the interactions.

Here my Nginx proxy configuration

upstream xxxx-staging {
    server xxxxx.com:81 fail_timeout=0;
}

server {
    listen       80;
    server_name  xxxxxxx.com;
    return       301 https://xxxxx.com$request_uri;
}

server {
    listen 443 ssl;
    server_name  xxxxxx.com;
    root         /xxxxxx/public;


    ssl_certificate /etc/nginx/ssl/xxx.com.pem;
    ssl_certificate_key /etc/nginx/ssl/xxx.com.key;

    access_log /var/log/nginx/xxx.access.log;
    error_log /var/log/nginx/xxx.error.log error;

    client_max_body_size 256m;
        proxy_intercept_errors on; 
        error_page 404 = /index.php;
        error_page 405 = 200$uri;   


    location = / {index index.php;} 

    location / {
    proxy_pass http://xxxxx-staging;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        auth_basic           "Please authenticate";
        auth_basic_user_file /etc/nginx/passwords/xxxxxxx.com.passwdfile;

    }

    location ~ ^/index\.php$(/|$) {
        fastcgi_pass xxxxx.com:9000;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_intercept_errors on;
    }
}

When I removed error_page 405 = 200$uri; symfony is returning me a method post not allowed and when I put it nginx is returning me a 405.

I clearly missunderstand how the communication are established but don't know where I am wrong.

Answer 1

You are using auth_basic and auth_basic_user_file in the location / block. Am I right that you don't get a prompt to enter a password when you navigate to the side and get instead directly the 405 error?

I interpret the error to mean that an authentication is expected but doesn't happen. I would suggest to move auth_basic and auth_basic_user_file up one level in the server block. That way everything is covered and not only the one location block and you should get the password prompt.

upstream xxxx-staging {
    server xxxxx.com:81 fail_timeout=0;
}

server {
    listen       80;
    server_name  xxxxxxx.com;
    return       301 https://xxxxx.com$request_uri;
}

server {
    listen 443 ssl;
    server_name  xxxxxx.com;
    root         /xxxxxx/public;

    auth_basic           "Please authenticate";
    auth_basic_user_file /etc/nginx/passwords/xxxxxxx.com.passwdfile;

    ssl_certificate /etc/nginx/ssl/xxx.com.pem;
    ssl_certificate_key /etc/nginx/ssl/xxx.com.key;

    access_log /var/log/nginx/xxx.access.log;
    error_log /var/log/nginx/xxx.error.log error;

    client_max_body_size 256m;
        proxy_intercept_errors on; 
        error_page 404 = /index.php;
        error_page 405 = 200$uri;   


    location = / {index index.php;} 

    location / {
        proxy_pass http://xxxxx-staging;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    location ~ ^/index\.php$(/|$) {
        fastcgi_pass xxxxx.com:9000;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_intercept_errors on;
    }
}

I hope that helps you.