stackoom
  简体   繁体   中英

Elastic Beanstalk - Customize Nginx configuration files - PHP Web Application

 原文  2020-08-27 03:27:01       php/ amazon-web-services/ nginx/ amazon-elastic-beanstalk

Question

The beanstalk documentation is not clear on how and what is best way to customize nginx configuration when deploying PHP applications.

I've tried multiple things as include a file /etc/nginx/conf.d/01-security.conf like this:

files:
/etc/nginx/conf.d/01-security.conf:
mode: “000644”
owner: root
group: root
content: |
  add_header X-Frame-Options "SAMEORIGIN" always ;
  add_header X-XSS-Protection "1; mode=block" always;
  add_header X-Content-Type-Options "nosniff" always;
  add_header Referrer-Policy "no-referrer-when-downgrade" always;
  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" 
  always;
  add_header X-Cache-Status $upstream_cache_status;

I've tried other alternatives but none of them seems to be working. I am a bit confused as beanstalk doesn't give any clear direction on how that should be done for PHP? I've seen people using different strategies, some of them back in 2018, 2017...

I can replace the configuration using container_commands and then restart nginx, but there is any way where I can add more configuration files or modify the original one?

1 answers

solution1
 1 ACCPTED  2020-08-27 03:32:43

A possible reason why your /etc/nginx/conf.d/01-security.conf is not working, is because you are using Amazon Linux 2 (AL2). However, the setting file is for old EB platforms based on AL1.

For AL2, the nginx settings should be in .platform/nginx/conf.d/ , not in .ebextentions as shown in the docs .

Therefore, you could have the following .platform/nginx/conf.d/myconfig.conf with content:

add_header X-Frame-Options "SAMEORIGIN" always ;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" 
always;
add_header X-Cache-Status $upstream_cache_status;

The above is an example . I can't verify if the settings will actually work, but it seems to me that you are using AL2, not AL1. In this case, you are ussing wrong folders for the nginx config files.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AWS Elastic Beanstalk + Laravel, Nginx Configuration PHP application deployment with elastic beanstalk Custom nginx config for PHP Elastic Beanstalk environment AWS elastic beanstalk Nginx PHP session lost AWS Elastic Beanstalk Apply configuration file on nginx server How to Install PHP IMAP Extension on AWS Elastic Beanstalk Using Configuration Files (.ebextensions)? Issue with deploying PHP Application to Elastic Beanstalk elastic beanstalk configuration error Deploy php web application on Elastic Beanstalk using Jenkins, git and eb cli SaaS application on Elastic Beanstalk
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM