CMSimple on nginx with fastcgi

Running CMSimple on nginx with FastCGI is fairly straightforward. A few details should, however, be considered.

In contrast to the hint on the CMSimple home page, a rewrite rule is not necessary to run CMSimple, except, of course, for clean URLs.

Nginx does not recognize apache/ncsa conformant .htaccess pages. Therefore any protective measures must be taken within the configuration of each vhost in nginx. This is typically done within a separate location statement. It should be noted that nginx uses Perl regular expression syntax.

After some testing i found a solution, even without the need of the rewrite rule given on the cmsimple site. It is already slightly optimized, but i guess there might be room for further improvement. Maybe it is of interest. N.B: the mod_userdir simulation at the end of the code snippet is *not* necessary to run CMSimple

The code snippet below refers to a typical vhost section. It should be noted that passing image files through nginx’ gzip module might lead to truncation of the data. So it is advisable not only for performance to serve these files statically.

    server {
        listen          80;

        location / {
            root        /var/www/;
            index       index.html;
            fastcgi_index index.php;

            include     /etc/nginx/fastcgi_params;
            fastcgi_param SCRIPT_FILENAME /var/www/$fastcgi_script_name;
            fastcgi_param QUERY_STRING    $query_string;
            if (-f $request_filename) {
            # CMSIMPLE specific: don't allow dynamic files in certain directories
            if ( $uri !~ "/(images|downloads)/" ) {

        # CRUCIAL: protect system files from unauthorized access
        location ~ /(cmsimple|templates|content)/ {
            deny        all;

        # serve static files directly
        location ^/.*+.(jpg|jpeg|gif|css|png|js|ico|htm|html)$ {
            root /var/www/;
            access_log        off;
            expires           30d;

        # userdir simulation, not necesseary to run cmsimple
        # it serves

        location ~ /~([a-zA-Z0-9]*)/(.*) {
            # the [a-zA-Z0-9] is for the greedy .
            root        /home/;
            autoindex   on;
            index       index.html;
            rewrite ^/~([a-zA-Z0-9]*)/(.*)$ /$1/public_html/$2 break;

in addition, the following settings have to be added to /etc/nginx/fastcgi_params

## bea ++
fastcgi_pass_header Authorization;
fastcgi_intercept_errors off;
tips_and_tricks/nginx_with_fastcgi.txt · Last modified: 2008/06/01 12:32 by beate_r