OJS3 on nginx + php7.0-fpm

I had a really hard time getting restful URLs working under nginx - and I saw other people did too - so that’s why I’m putting this here in case it helps somebody later on.

This is the important part of my nginx config for the journal:

server {
listen 80;
listen [::]:80; #delete if you don’t have IPv6

    server_name domain.com www.domain.com; #change your domain here
    root /home/ojssite/www; #change the path to your site's root directory, where config.inc.php resides
    index index.php index.html index.htm;
    location / {
        try_files $uri $uri/ /index.php?$args;

location ~ ^(.+.php)(.)$ { #these few lines here make PATH_INFO work, you can’t use try_files in this location
set $path_info $fastcgi_path_info;
fastcgi_split_path_info ^(.+.php)(.
fastcgi_param PATH_INFO $path_info;
fastcgi_param PATH_TRANSLATED $document_root$path_info;

if (!-f $document_root$fastcgi_script_name) {
return 404;

        include fastcgi_params;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
     location ~ /\.ht {
            deny all;
    access_log /var/log/nginx/access-ojssite.log;
    error_log /var/log/nginx/error-ojssite.log;


A word of warning, in location ~ ^(.+.php)(.*)$ {} you cannot use try_files, it will reset the PATH_INFO needed for restful URLs and no matter how I tried it won’t work. This happens on nginx version 1.10.0 and below.

In /etc/php/7.0/fpm/php.ini change to ‘cgi.fix_pathinfo=1’
In your pool file, let’s say /etc/php7.0/fpm/pool.d/ojssite.conf put the line ‘security.limit_extensions = .php .php3 .php4 .php5 .php7’ so you don’t run into trouble with fix_pathinfo being enabled.
I know some people argue that fix_pathinfo is unsafe, but it is perfectly safe if you limit the execution of PHP code to the above extensions.

My full pool configuration file is:

user = ojssite
group = ojssite
listen =
listen.allowed_clients =
listen.owner = www-data
listen.group = www-data
php_admin_value[disable_functions] = eval,exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
php_admin_flag[allow_url_fopen] = off
pm = dynamic
pm.max_children = 12
pm.start_servers = 4
pm.min_spare_servers = 2
pm.max_spare_servers = 6
chdir = /home/ojssite/www/
listen.backlog = 512
security.limit_extensions = .php .php3 .php4 .php5 .php7
catch_workers_output = yes

In ojssite/config.inc.php file you have to change disable_path_info to Off

On PHP7.0+ notices about strict practices became warnings thus making the E_STRICT variable in the php config obsolete, so you can’t get rid of these warnings from your logs.
As a workaround you can add this to the index.php of the journal

set_error_handler(function ($errno, $errstr) {
return strpos($errstr, array(
‘Only variables should be passed by’,
‘Declaration of’,
) ) === 0;

The code works only on PHP7+ and also you can add strings contained in the warnings that you don’t want to see in the logs to the array in the above function.
I’ve seen some people’s comments in other forums that hiding these notices is bad practice, well I don’t agree, it was acceptable in 5.6 and lower and it’s arguably stupid to make them mandatory now as most people have little control over the development of the platforms they use.

That’s about it! All the best!

1 Like

@ Alex_Protopopescu can you help me?

Just posted a reply there. Regards!

1 Like

Some characters from the regexes got lost when I first posted the message, so this:

should actually be:

        location ~ ^(.+\.php)(.*)$ {
            set $path_info $fastcgi_path_info;
            fastcgi_split_path_info ^(.+\.php)(.*)$;
            fastcgi_param   PATH_INFO               $path_info;
            fastcgi_param   PATH_TRANSLATED         $document_root$path_info;

Error 500 or 503 when uploading any file using justboil.me plugin (TinyMCE)

Any solution ?