update.php requires trailing slash or returns 404 with nginx

In order to run update.php, a user must add a trailing slash. Entering update.php without the trailing slash returns 404. Most users will not expect this requirement.

Is this really a valid statement? I can't reproduce that.

Browing to http://d8.dev/update.php works fine for me.

Did you maybe not update .htaccess which used to have a redirect in there for update.php to core/update.php?

Link from status page without trailing slash.

The same update.php = 404, update.php/ = 200

Same problem with beta4, and i use nginx which means .htaccess doesn't work.

Anything i need to do with nginx configuration? Anyone can help me?

Trying to update beta11 to beta12, I hit this issue. Adding trailing slash avoids the problem. Link from /admin/reports/status doesn't have trailing slash.

I use nginx and probably the problem is that everything that ends with .php is passed to PHP5-FPM instead of using /index.php. I tried several solutions including the one in http://wiki.nginx.org/Drupal but without success :

location / {
                try_files $uri @rewrite;
}

location @rewrite {
                rewrite ^ /index.php;
}

location ~ \.php$ {
                fastcgi_pass    127.0.0.1:9000;
                include         fastcgi_params;
                fastcgi_param   SCRIPT_FILENAME $document_root$fastcgi_script_name;
}

#10 is vague. Based on #7, I am retitling this as a nginx-setup issue. I cannot reproduce it on apache.

I believe this is made invalid by #2540416: Move update.php back to a front controller landing in beta 15. We have an actual update.php file again, so there should be no additional requirement or fix for nginx.

Marking wontfix, feel free to update if there are other considerations for this I'm not seeing.

I apologize if this is not entered in the correct place, I believe this is more of an Nginx configuration issue over a Drupal issue, but there's very little information on how to configure Nginx for the requirements D8 is needing to complete the update sequence

On a fresh D8-beta16 the update process returns a 404 ...

Yes there's an update.php file and the behavior is a little different now.

After hitting the continue button on the update.php page, the site is returning a 404 error. The resulting URL it is trying to access is (using example) example.com/update.php/selection

If I go to the status page and view the available updates, select the updates I want to run, set the site into maintenance, and click continue I get the attached screenshot. When reviewing the error via the link on that error box, I get the following in an Update Manager box ...

Notice: Undefined index: log in update_authorize_update_batch_finished() (line 210 of core/modules/update/update.authorize.inc).
Warning: Invalid argument supplied for foreach() in update_authorize_update_batch_finished() (line 210 of core/modules/update/update.authorize.inc).
Notice: Undefined index: log in update_authorize_update_batch_finished() (line 271 of core/modules/update/update.authorize.inc).
Update failed! See the log below for more information. Your site is still in maintenance mode.

The next step shown is to run the database updates which starts the cycle over.

It is usually better to have the version set at 8.0.x and the bug verified on that branch, rather than a beta version, which is behind.

I confirm the bug with nginx. Beta16 can't update to rc1. Looks like a major problem.

No, result of visiting update.php/ is Page not found.

For update.php issue with nginx, you can look for

location ~ \.php$ {...}

then, change it to

location ~ \.php$|^/update.php {...}

For more details, please see my blog: https://insready.com/en/blog/update-your-nginx-config-support-drupal-8

Thank you. Your configuration really works. I think it should be mentioned in the official documentation.

The fix from #23 seemed to work, but now I am locked out of my site. Every page gives me the "site under maintenance" screen

I added this line to my settings.php (doesn't work)
$conf['maintenance_mode'] = FALSE;

Trying to logon via these links doesn't work either.
http://example.com/q?=user

http://example.com/admin
http://example.com/login

I even tried to use the Drush command to set the maintenace mode to 1 ( drush vset maintenance_mode 1 ) but that returns an error that it required Drupal core 6 or 7 and I have not been able to find the equivalent command for Drush 8

OK ... so it turns out I was using the wrong login URL to access the login page.

Mine was ... http://example.com/user

Sorry for adding to the mess, but hopefully this might help someone else too.

... Scott

I spoke too soon ... after updating to the 8.0.0-RC1 I am no getting the same 404 after running the update.php

After upgrading to the latest RC1 release I went straight to the update.php page. Got the 404 that is trying to access /update.php/selection

I flushed all caches as well as cleared the browser cache, logged back in with an admin account, ran update.php again and am getting the same results.

I am using the nginx config from #23 verbatim (except the server name and root paths)

Chalk this up to partial user error, I was working on a copy of the nginx conf file and not the actual one. (slaps forehead)

However, I did run into additional issues with the conf file provided @ #23. Nginx would fail on restart, so I stepped through the addition of each section and found the entries related to the cache and microcache would cause nginx to fail. I will need to look into why, but that's not relevant to this thread.

Here's my config file that worked (update.php worked as expected)

server {	
  server_name example.com;
  root /var/www/example; ## <-- Your only path reference.
  access_log /var/www/example/logs/access.log;
  error_log /var/www/example/logs/error.log;
 
  location = /favicon.ico {
    log_not_found off;
    access_log off;
  }

  location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
  }
  
  # This matters if you use drush
  location = /backup {
    deny all;
  }

  # Very rarely should these ever be accessed outside of your lan
  location ~* \.(txt|log)$ {
    deny all;
  }

  location ~ \..*/.*\.php$ {
    return 403;
  }
  
  ## private files protection
  location ~ ^/sites/.*/private/ {
    access_log off;
    deny all;
  }
  
  location / {
  # This is cool because no php is touched for static content
  	try_files $uri @rewrite;
  }
  
  location @rewrite {
  # Some modules enforce no slash (/) at the end of the URL
  # Else this rewrite block wouldn't be needed (GlobalRedirect)
  	rewrite ^/(.*)$ /index.php?q=$1;
  }

  # Block access to "hidden" files and directories whose names begin with a
  # period. This includes directories used by version control systems such
  # as Subversion or Git to store control files.
  location ~ (^|/)\. {
  	return 403;
  }

  location ~ \.php$|^/update.php {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_intercept_errors on;
    fastcgi_pass unix:/var/run/php5-fpm.sock;      
    
  }

  location ~* ^(?!/system/files).*\.(js|css|png|jpg|jpeg|gif|ico|ttf|svg)$ {
    ## If the image does not exist, maybe it must be generated by drupal (imagecache)
    try_files $uri @rewrite;
    expires 7d;
    log_not_found off;
  }
        
}

Working fully example. Tested on PHP 7 FPM as well.

  location = /favicon.ico {
    log_not_found off;
    access_log off;
  }
  
  location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
  }  
  
  location ~ \..*/.*\.php$ {
    return 403;
  }
  
  location ~ (^|/)\. {
    return 403;
  }
  
  location ~ ^/sites/.*/private/ {
    access_log off;
    deny all;
  }
  
  location / {
    try_files $uri @rewrite;
  }

  location @rewrite {
    rewrite ^ /index.php;
  }
  
  location ~ ^/(index|update)\.php(/|$) {
	fastcgi_pass unix:/var/lib/php5-fpm/web1.sock;
	fastcgi_split_path_info ^(.+\.php)(/.*)$;
	include fastcgi_params;	
	fastcgi_param  SCRIPT_FILENAME  $realpath_root$fastcgi_script_name;
	fastcgi_param DOCUMENT_ROOT $realpath_root;
        fastcgi_intercept_errors on;
  }
  
  location ~ ^/sites/.*/files/imagecache/ {
    try_files $uri @rewrite;
  }
  
  location ~ ^/sites/.*/files/styles/ {
    try_files $uri @rewrite;
  }

  location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
    expires max;
    log_not_found off;
  }

Thanks @ScottProck #28 works on Ubuntu 14.04 with no fuss no muss.

Hi,

I have searched for correct nginx rewrite rules for Drupal 8, and what you posted above works well (#28 and #29) except with Drupal8 image style settings. There have 404 error under Drupal 8.1.1 when I'm using image style function with fileds.

The image file directory has da default field value: [date:custom:Y]-[date:custom:m]
When I upload an image (team.jpg), file has been uploaded into sites/default/files/2016-05/team.jpg, but the directory has not created in sites/default/files/styles/medium/public directory and in the sites/default/files/styles/thumbnail/public, too. Resized image has not displayed on edit page and on the front-end, too. None of them.

In normally under Apache 2.4 the directory created and files uploaded well and displayed correctly.

Error logged on nginx server:

2016/05/27 13:04:59 [error] 30795#0: *49 open() "/var/www/domain.tld/web/sites/default/files/styles/medium/public/2016-05/team.jpg" failed (2: No such file or directory), client: 127.0.0.1, s
erver: domain.tld, request: "GET /sites/default/files/styles/medium/public/2016-05/team.jpg?itok=tAOhNaXA HTTP/1.1", host: "domain.tld", referrer: "http://domain.tld/team/team.jpg"
-------------

Nginx loads files from sites/default/files/2016-05/team.jpg, but from under /sites/default/files/styles does not.

my nginx included custom config:

#=======================================
location ~ \..*/.*\.php$ {
return 403;
}

# Block access to "hidden" files and directories whose names begin with a
# period. This includes directories used by version control systems such
# as Subversion or Git to store control files.
location ~ (^|/)\. {
return 403;
}

location ~ ^/sites/.*/private/ {
return 403;
}

##https://wiki.deimos.fr/Nginx_%2B_Varnish_:_Cache_even_in_HTTPS_by_offloa...
#set_real_ip_from 127.0.0.1;
#real_ip_header X-Forwarded-For;
#real_ip_recursive on;

location / {
#try_files $uri @rewrite;
try_files $uri /index.php?$query_string;
proxy_pass http://127.0.0.1:80;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header X-Secure on;
}

location ~* ^.+\.(?:css|cur|js|js?|jpe?g|gif|htc|ico|png|html|xml|otf|ttf|eot|woff|woff2|svg)$ {
access_log off;
expires 30d;
## No need to bleed constant updates. Send the all shebang in one
## fell swoop.
tcp_nodelay off;
## Set the OS file cache.
open_file_cache max=10000 inactive=30s;
open_file_cache_valid 45s;
open_file_cache_min_uses 2;
open_file_cache_errors off;
}

location @rewrite {
#rewrite ^ /index.php;
rewrite ^/(.*)$ /index.php?q=$1;
}

location ~ \.php$ {
set $no_cache "";
if ($request_method !~ ^(GET|HEAD)$) {
set $no_cache "1";
}

if ($no_cache = "1") {
add_header Set-Cookie "_mcnc=1; Max-Age=2; Path=/";
add_header X-Microcachable "0";
}

if ($http_cookie ~ SESS) {
set $no_cache "1";
}

fastcgi_no_cache $no_cache;
fastcgi_cache_bypass $no_cache;
fastcgi_cache microcache;
fastcgi_cache_key $server_name|$request_uri;
fastcgi_cache_valid 404 30m;
fastcgi_cache_valid 200 1s;
fastcgi_max_temp_file_size 1M;
fastcgi_cache_use_stale updating;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_pass_header Set-Cookie;
fastcgi_pass_header Cookie;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;

fastcgi_index index.php;
include fastcgi_params;
}

#Fighting with ImageCache? This little gem is amazing.
location ~ ^/sites/.*/files/imagecache/ {
try_files $uri @rewrite;
}

# Catch image styles for D8 too.
#https://github.com/sajalsoni/Drupal8-Nginx-Config/blob/master/drupal8.conf

location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}

location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}

location ~* \.(ttf|otf|eot)$ {
add_header Access-Control-Allow-Origin "*";
}

location ~ /\. {
access_log off;
log_not_found off;
deny all;
}

location ~ /\.ht {
deny all;
}
#============================

I'm using varnish vcache server, too.

Varnish 4.1
Nginx 1.10
Druapl 8.1.1

If you have a correct nginx rewrite settings for Drupal 8.1.x.
I'm gladly accept your help.

Regards,
iszabi

Hi @iszabi #31
I have same issue like you, my question was posted on https://serverfault.com/questions/912850/drupal-8-nginx-php-7-image-styl.... Did you solve this problem? please help me.