Deployed openemr-6.0.0 on Nginx web server instead of apache2.
Modules > manage modules
loading page for 1 second as I can see message “loading manage modules…” and page goes “Nginx 404 Not found”. attached screen-shots on same.
hi @Dhayananda_T, does this help? looks like the dockers use this block, a lot of the rest of this configuration file is specific to a crazy testing environment
@stephenwaite, I have seen same reference link for nginx and still not familiar what to do and how to enable same. Below are the nginx config(default) file.
server {
listen 80 ;
listen 443 ssl ;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name abc.xxxx.com; # managed by Certbot
# location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# # With php7.0-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php7.0-fpm:
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
Nginx works differently from apache. There is no equivalency in the lines. For starters, this block is required:
if (!-e $request_filename) {
# Needed for zend to work
rewrite ^(.*/zend_modules/public)(.*) $1/index.php?$is_args$args last;
# Needed for patient portal to work
rewrite ^(.*/portal/patient)(.*) $1/index.php?_REWRITE_COMMAND=$1$2 last;
# Needed for REST API/FHIR to work
rewrite ^(.*/apis/)(.*) $1/dispatch.php?_REWRITE_COMMAND=$2 last;
# Needed for OAuth2 to work
rewrite ^(.*/oauth2/)(.*) $1/authorize.php?_REWRITE_COMMAND=$2 last;
}
You are missing the following line which tells nginx to serve all static content:
location / {
try_files $uri $uri/ /index.php;
}
Finally, here you are passing the php scripts to the php-fpm:
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php7.0-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# With php7.0-fpm:
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
This is very basic and extremely insecure.
In a production environment I would forward all requests coming in on port 80 to port 443.
I was facing same issue, I have added this block to /etc/nginx/openemr.conf,
if (!-e $request_filename) {
# Needed for zend to work
rewrite ^(.*/zend_modules/public)(.*) $1/index.php?$is_args$args last;
# Needed for patient portal to work
rewrite ^(.*/portal/patient)(.*) $1/index.php?_REWRITE_COMMAND=$1$2 last;
# Needed for REST API/FHIR to work
rewrite ^(.*/apis/)(.*) $1/dispatch.php?_REWRITE_COMMAND=$2 last;
# Needed for OAuth2 to work
rewrite ^(.*/oauth2/)(.*) $1/authorize.php?_REWRITE_COMMAND=$2 last;
}
My complete openemr.conf is as follows
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name openemr.example.com;
access_log /var/log/nginx/openemr.access.log;
error_log /var/log/nginx/openemr.error.log;
# SSL
ssl_certificate /etc/letsencrypt/live/openemr.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/openemr.example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/openemr.example.com/chain.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
ssl_stapling on;
ssl_stapling_verify on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
# use https://blog.cloudflare.com/announcing-1111 Cloudfare+Apnic labs, It is free and secure
resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001] valid=300s;
root /var/www/html/openemr;
index index.php;
location / {
try_files $uri $uri/ /index.php;
}
# Pass PHP Scripts To FastCGI Server
location ~* \.php$ {
try_files $uri =404;
fastcgi_index index.php;
fastcgi_pass unix:/run/php/php8.2-fpm.sock; # Depends On The PHP Version
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
include fastcgi_params;
}
# deny access to writable files/directories
location ~* ^/sites/*/(documents|edi|era) {
deny all;
return 404;
}
# deny access to certain directories
location ~* ^/(contrib|tests) {
deny all;
return 404;
}
# Alternatively all access to these files can be denied
location ~* ^/(admin|setup|acl_setup|acl_upgrade|sl_convert|sql_upgrade|gacl/setup|ippf_upgrade|sql_patch)\.php {
deny all;
return 404;
}
#enable rewrite
if (!-e $request_filename) {
# Needed for zend to work
rewrite ^(.*/zend_modules/public)(.*) $1/index.php?$is_args$args last;
# Needed for patient portal to work
rewrite ^(.*/portal/patient)(.*) $1/index.php?_REWRITE_COMMAND=$1$2 last;
# Needed for REST API/FHIR to work
rewrite ^(.*/apis/)(.*) $1/dispatch.php?_REWRITE_COMMAND=$2 last;
# Needed for OAuth2 to work
rewrite ^(.*/oauth2/)(.*) $1/authorize.php?_REWRITE_COMMAND=$2 last;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
log_not_found off;
access_log off;
}
location ~ /\. {
deny all;
}
}
# enforce HTTPS
server {
listen 80;
listen [::]:80;
server_name openemr.example.com;
return 301 https://$host$request_uri;
}
It is needed to set server_name to your domain, so please replace to your domain.
openemr.example.com
Also, there is need to update root folder, in this example it is
/var/www/html/openemr
Thanks to everyone who helped to solve this issue.
