Common Pitfalls and Best Practices for Configuring Nginx with PHP

Many developers configure Nginx + PHP by copying outdated tutorials, which often contain errors that can cause security and maintenance problems.

The article first explains Nginx's inheritance model, noting that directives defined in outer blocks (e.g., http , server ) are inherited by inner blocks unless overridden.

It points out that placing the index directive inside a location block leads to duplication when multiple locations are added; instead, index should be defined in the server block so all locations inherit it.

The if directive is highlighted as a common source of bugs; the article recommends using try_files for existence checks, e.g., try_files $uri $uri/ /index.php; , because if belongs to the rewrite module and can behave unexpectedly when mixed with other directives.

Two fastcgi configuration files are compared: fastcgi_params and fastcgi.conf . The latter adds a SCRIPT_FILENAME definition ( fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; ) and avoids the need for manual concatenation of $document_root and $fastcgi_script_name .

For security, when PHP's cgi.fix_pathinfo is enabled, the article suggests protecting against unintended script execution by adding try_files $uri =404; inside the PHP location block.

Finally, a revised configuration example is provided, moving index to the server block, replacing the if with try_files , using fastcgi.conf , and adding a try_files $uri =404; check for PHP files.

Although the improved version still has minor incompatibilities (e.g., between try_files and fastcgi_split_path_info ), it demonstrates a cleaner, more maintainable approach.