IDE:TYPO3: Unterschied zwischen den Versionen

Aus ahrensburg.city
Zur Navigation springen Zur Suche springen
← Zum vorherigen Versionsunterschied
VisuellWikitext
Keine Bearbeitungszusammenfassung
Keine Bearbeitungszusammenfassung
 
Zeile 4: Zeile 4:


<pre>
<pre>
# TYPO3 13 LTS – NGINX vhost
# Datei: sudo nano /etc/nginx/conf.d//typo3.conf


server {
server {
    listen 80;
    listen 80;
     server_name example.com www.example.com;
     server_name localhost;
    root /var/www/typo3/public;


    # Composer-Setup: DocumentRoot zeigt auf das "public" Verzeichnis
    root /var/www/typo3/public;
     index index.php index.html;
     index index.php index.html;
    charset utf-8;
    client_max_body_size 32m;
    include /etc/nginx/monitoring.conf;


    index index.php index.htm index.html;
#    include /etc/nginx/conf.d/nginx.conf;


    # Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
    sendfile off;
    error_log /dev/stdout info;
    access_log /var/log/nginx/access.log;
    # Security: Content-Security-Policy
    # =================================
    #
    # Add CSP header for possible vulnerable files stored in fileadmin see:
    # * https://typo3.org/security/advisory/typo3-psa-2019-010
    # * https://docs.typo3.org/m/typo3/reference-coreapi/master/en-us/Security/GuidelinesAdministrators/ContentSecurityPolicy.html
    # * https://github.com/TYPO3/TYPO3.CMS/blob/master/typo3/sysext/install/Resources/Private/FolderStructureTemplateFiles/resources-root-htaccess
    # matching requested *.pdf files only (strict rules block Safari showing PDF documents)
    location ~ /(?:fileadmin|uploads)/.*\.pdf$ {
        add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'; script-src 'none'; object-src 'self'; plugin-types application/pdf;";
    }
    # matching anything else, using negative lookbehind pattern
    location ~ /(?:fileadmin|uploads)/.*(?<!\.pdf)$ {
        add_header Content-Security-Policy "default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';";
        # Deliver media files as WebP if available. The file as WebP must be in
        # the same place (Original: "example.jpg", WebP: "example.jpg.webp").
        try_files $uri$webp_suffix $uri =404;
    }
    # TYPO3 11 Frontend URL rewriting support
    location / {
        absolute_redirect off;
        try_files $uri $uri/ /index.php$is_args$args;
    }
    # TYPO3 11 Backend URL rewriting support
    location = /typo3 {
        rewrite ^ /typo3/;
    }
    # check if /typo3/index.php exists
    set $typo3_index_exists 0;
    if (-f $document_root/typo3/index.php) {
        set $typo3_index_exists 1;
    }
    location /typo3/ {
        absolute_redirect off;
        try_files $uri $typo3_index$is_args$args;
    }
    # pass the PHP scripts to FastCGI server listening on socket
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/run/php-fpm.sock;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param SCRIPT_NAME $fastcgi_script_name;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_intercept_errors off;
        # fastcgi_read_timeout should match max_execution_time in php.ini
        fastcgi_read_timeout 10m;
        fastcgi_param SERVER_NAME $host;
        fastcgi_param HTTPS $fcgi_https;
        # Pass the X-Accel-* headers to facilitate testing.
        fastcgi_pass_header "X-Accel-Buffering";
        fastcgi_pass_header "X-Accel-Charset";
        fastcgi_pass_header "X-Accel-Expires";
        fastcgi_pass_header "X-Accel-Limit-Rate";
        fastcgi_pass_header "X-Accel-Redirect";
    }
    # Compressing resource files will save bandwidth and so improve loading speed especially for users
    # with slower internet connections. TYPO3 can compress the .js and .css files for you.
    # *) Set $GLOBALS['TYPO3_CONF_VARS']['BE']['compressionLevel'] = 9 for the Backend
    # *) Set $GLOBALS['TYPO3_CONF_VARS']['FE']['compressionLevel'] = 9 together with the TypoScript properties
    #    config.compressJs and config.compressCss for GZIP compression of Frontend JS and CSS files.
     location ~ \.js\.gzip$ {
     location ~ \.js\.gzip$ {
         add_header Content-Encoding gzip;
         add_header Content-Encoding gzip;
Zeile 114: Zeile 25:
     }
     }


     # Prevent clients from accessing hidden files (starting with a dot)
     # TYPO3 - Rule for versioned static files, configured through:
     # This is particularly important if you store .htpasswd files in the site hierarchy
     # - $GLOBALS['TYPO3_CONF_VARS']['BE']['versionNumberInFilename']
    # Access to `/.well-known/` is allowed.
     # - $GLOBALS['TYPO3_CONF_VARS']['FE']['versionNumberInFilename']
     # https://www.mnot.net/blog/2010/04/07/well-known
     if (!-e $request_filename) {
     # https://tools.ietf.org/html/rfc5785
         rewrite ^/(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ /$1.$3 last;
    location ~* /\.(?!well-known\/) {
         deny all;
    }
 
    # Prevent clients from accessing to backup/config/source files
    location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ {
        deny all;
    }
 
    location = /favicon.ico {
        log_not_found off;
        access_log off;
     }
     }


Zeile 149: Zeile 48:


     # TYPO3 - Block access to static typoscript files
     # TYPO3 - Block access to static typoscript files
     location ~* ext_conf_template\.txt|ext_typoscript_constants\.(?:txt|typoscript)|ext_typoscript_setup\.(?:txt|typoscript) {
     location ~* ext_conf_template\.txt|ext_typoscript_constants\.txt|ext_typoscript_setup\.txt {
         deny all;
         deny all;
     }
     }


     # TYPO3 - Block access to miscellaneous protected files
     # TYPO3 - Block access to miscellaneous protected files
     location ~* /.*\.(?:bak|co?nf|cfg|ya?ml|ts|typoscript|dist|fla|in[ci]|log|sh|sql)$ {
     location ~* /.*\.(?:bak|co?nf|cfg|ya?ml|ts|typoscript|tsconfig|dist|fla|in[ci]|log|sh|sql|sqlite)$ {
         deny all;
         deny all;
     }
     }
Zeile 168: Zeile 67:
     }
     }


     # TYPO3 - Block access to libaries, source and temporary compiled data
     # TYPO3 - Block access to libraries, source and temporary compiled data
     location ~ ^(?:vendor|typo3_src|typo3temp/var) {
     location ~ ^(?:vendor|typo3_src|typo3temp/var) {
         deny all;
         deny all;
Zeile 178: Zeile 77:
     }
     }


     if (!-e $request_filename) {
     location / {
         rewrite ^/(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ /$1.$3 last;
        try_files $uri $uri/ /index.php$is_args$args;
    }
 
    location = /typo3 {
         rewrite ^ /typo3/;
    }
 
    location /typo3/ {
        absolute_redirect off;
        try_files $uri /typo3/index.php$is_args$args;
    }
 
    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        if (!-f $document_root$fastcgi_script_name) {
            return 404;
        }
        fastcgi_buffer_size 32k;
        fastcgi_buffers 8 16k;
        fastcgi_connect_timeout 240s;
        fastcgi_read_timeout 240s;
        fastcgi_send_timeout 240s;
 
        include              snippets/fastcgi-php.conf;
        fastcgi_pass        unix:/var/run/php/php8.4-fpm.sock;
     }
     }
    include /etc/nginx/common.d/*.conf;
    include /mnt/ddev_config/nginx/*.conf;
}
}
==Dateirechte==


<pre>
<pre>

Aktuelle Version vom 29. Oktober 2025, 03:06 Uhr

composer create-project "typo3/cms-base-distribution:^13.4" /var/www/typo3


server {
    listen 80;
    server_name localhost;
    root /var/www/typo3/public;

    index index.php index.html;

#    include /etc/nginx/conf.d/nginx.conf;

    location ~ \.js\.gzip$ {
        add_header Content-Encoding gzip;
        gzip off;
        types { text/javascript gzip; }
    }
    location ~ \.css\.gzip$ {
        add_header Content-Encoding gzip;
        gzip off;
        types { text/css gzip; }
    }

    # TYPO3 - Rule for versioned static files, configured through:
    # - $GLOBALS['TYPO3_CONF_VARS']['BE']['versionNumberInFilename']
    # - $GLOBALS['TYPO3_CONF_VARS']['FE']['versionNumberInFilename']
    if (!-e $request_filename) {
        rewrite ^/(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ /$1.$3 last;
    }

    # TYPO3 - Block access to composer files
    location ~* composer\.(?:json|lock) {
        deny all;
    }

    # TYPO3 - Block access to flexform files
    location ~* flexform[^.]*\.xml {
        deny all;
    }

    # TYPO3 - Block access to language files
    location ~* locallang[^.]*\.(?:xml|xlf)$ {
        deny all;
    }

    # TYPO3 - Block access to static typoscript files
    location ~* ext_conf_template\.txt|ext_typoscript_constants\.txt|ext_typoscript_setup\.txt {
        deny all;
    }

    # TYPO3 - Block access to miscellaneous protected files
    location ~* /.*\.(?:bak|co?nf|cfg|ya?ml|ts|typoscript|tsconfig|dist|fla|in[ci]|log|sh|sql|sqlite)$ {
        deny all;
    }

    # TYPO3 - Block access to recycler and temporary directories
    location ~ _(?:recycler|temp)_/ {
        deny all;
    }

    # TYPO3 - Block access to configuration files stored in fileadmin
    location ~ fileadmin/(?:templates)/.*\.(?:txt|ts|typoscript)$ {
        deny all;
    }

    # TYPO3 - Block access to libraries, source and temporary compiled data
    location ~ ^(?:vendor|typo3_src|typo3temp/var) {
        deny all;
    }

    # TYPO3 - Block access to protected extension directories
    location ~ (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|Documentation|docs?)/ {
        deny all;
    }

    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }

    location = /typo3 {
        rewrite ^ /typo3/;
    }

    location /typo3/ {
        absolute_redirect off;
        try_files $uri /typo3/index.php$is_args$args;
    }

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        if (!-f $document_root$fastcgi_script_name) {
            return 404;
        }
        fastcgi_buffer_size 32k;
        fastcgi_buffers 8 16k;
        fastcgi_connect_timeout 240s;
        fastcgi_read_timeout 240s;
        fastcgi_send_timeout 240s;

        include              snippets/fastcgi-php.conf;
        fastcgi_pass         unix:/var/run/php/php8.4-fpm.sock;
    }
}

<pre>

sudo chown -R www-data:www-data /var/www/typo3
sudo chmod -R 775 /var/www/typo3

sudo chown www-data:www-data /var/www/typo3/public/typo3/install.php sudo chmod 644 /var/www/typo3/public/typo3/install.php

Abgerufen von „https://ahrensburg.city/index.php?title=IDE:TYPO3&oldid=811