Nginx Problem During Checkout

[netdrag]

Hello everyone,

 

I have 3 installations of prestashop 1.6.1.4 on 2 different servers running nginx. I implemented the rewrite rules in the official installations and everything works fine except one thing during the 5 step checkout.

 

I put something in the cart, then I move to forward and it asks me to login.

The url is: login?back=https%3A%2F%2mydomain%2Fordine%3Fstep%3D1

After I hit the login button it redirects me to the login page that forwards me to

https://mydomain/index.php?controller=https://mydomain/ordine?step=1

That page isn't found and I get redirected to the home page on https://mydomain/

 

So the checkout is interrupted and users are confused. Someone else had this problem and can post a working nginx config?

 

(I tested the page on apache and it works like expected, but its just too slow)

 

Thank you in advance

[netdrag]

server {

    listen 443;
    ssl on;
    ssl_certificate /etc/ssl/nginx.crt;
    ssl_certificate_key /etc/ssl/nginx.key;
    ssl_session_cache shared:SSL:20m;
    ssl_session_timeout 180m;
    ssl_dhparam /etc/ssl/dhparam.pem;
    add_header Strict-Transport-Security "max-age=31536000" always;

    rewrite_log on;
    server_name www.mydomain.com;
    root "/var/www/";

    index index.php index.html;
    client_max_body_size 10m;

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    if ($http_user_agent ~* (Baiduspider|webalta|nikto|wkito|pikto|scan|acunetix|morfeus|webcollage|youdao) ) {
       return 401;
    }

    if ($http_user_agent ~* (HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) ) {
       return 401;
    }

    location = /favicon.ico {
                log_not_found off;
                access_log off;
    }

    location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
    }

    location ~* \.(js|css|ttf|eot)$ {
        expires max;
 	log_not_found off;
	access_log off;
    }

    location ~* \.(|jpg|jpeg|gif|ico|svg|png)$ {
 	expires max;
 	log_not_found off;
 	access_log off;
 	rewrite ^/([0-9])(-[_a-zA-Z0-9-]*)?/[_a-zA-Z0-9-]*.jpg$ /img/p/$1/$1$2.jpg last;
 	rewrite ^/([0-9])([0-9])(-[_a-zA-Z0-9-]*)?/[_a-zA-Z0-9-]*.jpg$ /img/p/$1/$2/$1$2$3.jpg last;
	rewrite ^/([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?/[_a-zA-Z0-9-]*.jpg$ /img/p/$1/$2/$3/$1$2$3$4.jpg last;
	rewrite ^/([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?/[_a-zA-Z0-9-]*.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5.jpg last;
	rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?/[_a-zA-Z0-9-]*.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6.jpg last;
	rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?/[_a-zA-Z0-9-]*.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7.jpg last;
	rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?/[_a-zA-Z0-9-]*.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8.jpg last;
	rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?/[_a-zA-Z0-9-]*.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9.jpg last;
	rewrite ^/c/([0-9]+)(-[_a-zA-Z0-9-]*)/[_a-zA-Z0-9-]*.jpg$ /img/c/$1$2.jpg last;
	rewrite ^/c/([a-zA-Z-]+)/[a-zA-Z0-9-]+.jpg$ /img/c/$1.jpg last;
	rewrite ^/([0-9]+)(-[_a-zA-Z0-9-]*)/[_a-zA-Z0-9-]*.jpg$ /img/c/$1$2.jpg last;
    }

    location ~* /\.(ht|git|svn) {
		deny  all;
    }

   location / {
	index /index.php;
	rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;
	try_files $uri $uri/ /index.php?$args;
    }

   # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
   location ~ /\. {
            deny all;
            access_log off;
            log_not_found off;
   }

    location ~ \.php$ {
            try_files $uri =404;
            include /etc/nginx/fastcgi_params;
            fastcgi_pass   unix:/var/run/www.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_intercept_errors on;
    }

}

Its the standard configuration like told in the documentation. All I did was moving the image related part to the image location

[Arnaud_69]

You should move your access_log to on, to be able to see what is called !

[netdrag]

I am using the default template. caches turned off, all performance functions turned off. just switching to apache solves the problem.

Seo url's are all standard for italian language.

 

 

I checked the url's I mentioned with firebug. when I am already logged in everything works fie and i get url's like

ordine?step=1

ordine?step=2

ordine?step=3

ordine?step=4

ordine?step=5

I saw some posts mentioing something like oder/step1.html. what's the right version? the log files contain nothing new, just the 200 and 302 codes i see in firebug

 

but the redirection on login does not work. I turned the redirection to cart on login on, but that made no change. 

[netdrag]

I did another test, reactivating apache and trying nginx with friendly url's disabled. Everything works fine on apache, I really don't get it. So the configuration should be fine.

 

On Nginx without friendly url's I have the same problem as with the friendly url's. I get always redirected to the main page... So it doesn't seem to be a rewrite problem.

 

I can't understand where the problem ist... Seems like the dispatcher is not redirecting after login on nginx... But I don't know why this could be happen.

[netdrag]

I've done some further tests.

 

I click on checkout and it asks me to login with the url login?back=https%3A%2F%2mydomain%2Fordine%3Fstep%3D1

on apache:

I click on login and the page gets to login and then redirected to https://mydomain/ordine?step=1

 

on nginx:

I click on login and the page gets to login and then redirected to index.php?controller=https://mydomain/ordine?step=1 and then to the main page

 

where is this translation from back to redirect happening? can anyone tell me the file where to look for? Does anybody know the difference between apache and nginx and why this could happen?

[netdrag]

Ok I found the problem.

I checked Tools.php and Authentication.php....

 

there is a check done in Tools.php in securereferer that compares the servername to url....And since I was using a wild card server name the check failed and the redirection didn't work.

[dusticelli]

Hi netdrag

 

I have exactly the same problem. Could you please explain a little bit more concrete what you did change?

[godlo]

same exact problem... how did you solve it?

[godlo]

I have a multishop installation.

 

in my case the configuration is like this:

server {
	server_name domain1.com domain2.com;
	listen xxx.xxx.xxx.xxx;
	root /home/username/public_html;
	index index.html index.htm index.php;
	access_log /var/log/virtualmin/domain.com_access_log;
	error_log /var/log/virtualmin/domain.com_error_log;
	fastcgi_param GATEWAY_INTERFACE CGI/1.1;
	fastcgi_param SERVER_SOFTWARE nginx;
	fastcgi_param QUERY_STRING $query_string;
	fastcgi_param REQUEST_METHOD $request_method;
	fastcgi_param CONTENT_TYPE $content_type;
	fastcgi_param CONTENT_LENGTH $content_length;
	fastcgi_param SCRIPT_FILENAME /home/username/public_html$fastcgi_script_name;
	fastcgi_param SCRIPT_NAME $fastcgi_script_name;
	fastcgi_param REQUEST_URI $request_uri;
	fastcgi_param DOCUMENT_URI $document_uri;
	fastcgi_param DOCUMENT_ROOT /home/username/public_html;
	fastcgi_param SERVER_PROTOCOL $server_protocol;
	fastcgi_param REMOTE_ADDR $remote_addr;
	fastcgi_param REMOTE_PORT $remote_port;
	fastcgi_param SERVER_ADDR $server_addr;
	fastcgi_param SERVER_PORT $server_port;
	fastcgi_param SERVER_NAME $server_name;
	fastcgi_param HTTPS $https;
	location ~ \.php$ {
		try_files $uri =404;
		fastcgi_pass localhost:8003;
        fastcgi_read_timeout 600;
	}

    ## Regole di rewrite per Prestashop
    location / {
    	index index.php;
  		rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;
  		rewrite ^/([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$1$2.jpg last;
  		rewrite ^/([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$1$2$3.jpg last;
  		rewrite ^/([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$1$2$3$4.jpg last;
  		rewrite ^/([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5.jpg last;
  		rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6.jpg last;
  		rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7.jpg last;
  		rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8.jpg last;
  		rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9.jpg last;
  		rewrite ^/c/([0-9]+)(-[_a-zA-Z0-9-]*)(-[0-9]+)?/.+\.jpg$ /img/c/$1$2.jpg last;
  		rewrite ^/c/([a-zA-Z-]+)(-[0-9]+)?/.+\.jpg$ /img/c/$1.jpg last;
  		rewrite ^/([0-9]+)(-[_a-zA-Z0-9-]*)(-[0-9]+)?/.+\.jpg$ /img/c/$1$2.jpg last;
  		try_files $uri $uri/ /index.php?$args;
	}

}

login during checkout works only for the first of the domain listed under server name: domain1.com

 

if I invert it with domain2.com the problem switches to domain1.com

 

 

[godlo]

I don't know if it's the right solution but I have substituted in 

/home/ttplanet/public_html/classes/Tools.php

the row:

if (preg_match('/^http[s]?:\/\/'.Tools::getServerName().'(:'._PS_SSL_PORT_.')?\/.*$/Ui', $referrer)) {

with

 

if (preg_match('/^http[s]?:\/\/'.Tools::getShopDomain().'(:'._PS_SSL_PORT_.')?\/.*$/Ui', $referrer)) {