Apache and Nginx configurations

From Yii reference

Jump to: navigation, search


Yii is ready to work with a default Apache web server configuration. The .htaccess files in yii framework and application folders restrict access to the restricted resources. To hide the bootstrap file (usually index.php) in your URLs you can add mod_rewrite instructons to the .htaccess file in your document root or to the virtual host configuration:

RewriteEngine on

# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# otherwise forward it to index.php
RewriteRule . index.php


You can use Yii with Nginx and PHP with FPM SAPI. Here is a sample host configuration. It defines the bootstrap file and makes yii catch all requests to unexisting files, which allows us to have nice-looking URLs.

Remember to set cgi.fix_pathinfo=0 in php.ini to avoid a serious security issue and many stat() system calls.

server {
    set $host_path "/www/mysite";
    access_log  /www/mysite/log/access.log  main;

    server_name  mysite;
    root   $host_path/htdocs;
    set $yii_bootstrap "index.php";

    charset utf-8;

    location / {
        index  index.html $yii_bootstrap;
        try_files $uri $uri/ /$yii_bootstrap?$args;

    location ~ ^/(protected|framework|themes/\w+/views) {
        deny  all;

    #avoid processing of calls to unexisting static files by yii
    location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar|txt)$ {
        try_files $uri =404;
        #For production servers you can set expires header with a long period
        #expires 3M;

    # pass the PHP scripts to FastCGI server listening on
    location ~ \.php {
        fastcgi_split_path_info  ^(.+\.php)(.*)$;

        #let yii catch the calls to unexising PHP files
        set $fsn /$yii_bootstrap;
        if (-f $document_root$fastcgi_script_name){
            set $fsn $fastcgi_script_name;

        include fastcgi_params;

        fastcgi_param  SCRIPT_FILENAME  $document_root$fsn;

        #PATH_INFO and PATH_TRANSLATED can be omitted, but RFC 3875 specifies them for CGI
        fastcgi_param  PATH_INFO        $fastcgi_path_info;
        fastcgi_param  PATH_TRANSLATED  $document_root$fsn;

    location ~ /\.(ht|svn) {
        deny  all;
Personal tools