Halo, kalau kamu merasa tulisan saya ngebantu kamu, kamu bisa ucapkan terima kasih lewat saweria .
If you feel this website help you, you can donate at saweria .
It was all came from my experiences when I have problem with load balancer setup with nginx.
I think I should write all problem that I encounter when setup Laravel. Hopefully it will make easier for other to solve their problem by just seeing this page.
Notes: This page will still be updated, as long as I have to work with Laravel.
Basic Problem
Laravel Permission on Server
For proper explanation, you can check this gist, setting up proper permissions to a laravel directory
sudo chown -R $USER:www-data .
sudo find . -type f -exec chmod 664 {} \;
sudo find . -type d -exec chmod 775 {} \;
sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache
Warning Composer Install “Source directory …. has uncommitted changes”
#add composer_discard_changes before composer install
COMPOSER_DISCARD_CHANGES=true composer install --no-dev --prefer-source --no-interaction --no-progress --optimize-autoloader
Namespace declaration statement has to be the very first statement or after any declare call in the script
In my case the error not because bad code, it because file encodings.
Check that your IDE create UTF-8 files (with NO BOM) UTF-8 BOM. For example, in phpStorm Settings / Editor / File Encodings -> Create UTF-8 files: with NO BOM.
Source solution laravel error : Namespace declaration statement has to be the very first statement or after any declare call in the script
Logrotate on Laravel
Your app log will get bigger and it will use your hardware (CPU & memory) because it need to write on big file. So you need to config some logrotate conf, create new file on /etc/logrotate.d/laravel
/var/www/html/laravel/storage/logs/*.log {
daily
missingok
rotate 7
compress
notifempty
su your-user www-data
create 660 your-user www-data
}
To test this logrotate conf (using dry-run test), run sudo logrotate -d /etc/logrotate.d/laravel to force this logrotate to run sudo logrotate -f /etc/logrotate.d/laravel
File Not Found
In my case it was because the directory permission.
If your app located at /var/www/html or /home/yourname/app, make sure the directory root (/home or /var) got 755 permission
The "" file does not exist or is not readable
This error came when user trying to upload on our app.
The solution, you need to some value in change php.ini files
# it was located at /etc/php/php-version/fpm/php.ini
# change 10M to your preference
upload_max_filesize = 10M
Then you have to change/add value in your nginx config
# put in on server {
client_max_body_size 5M;
Error composer.json requires php but your php version does not satisfy that requirement.
This error came because your laravel need higher version of php, here is the full error- Root composer.json requires php ^8.1 but your php version (8.0.30) does not satisfy that requirement.
In my case, just install php8.1 apt install php8.1 and use it php8.1 composer install
Your requirements could not be resolved to an installable set of packages.
It got a lot error that cause by composer version
Problem 1
- Installation request for laravel/framework v10.22.0 -> satisfiable by laravel/framework[v10.22.0].
- laravel/framework v10.22.0 requires composer-runtime-api ^2.2 -> no matching package found.
In my case, I need to find the right composer version (tried to upgrade/downgrade it).
After find the one who work, you can use specific composer version
#i use v2.4.4 & make it executable
wget https://getcomposer.org/download/2.4.4/composer.phar && chmod +x composer.phar
#dont forget to add composer.phar to .gitignore
Laravel + Nginx List Problem
Basic Nginx Conf
You can check that config at laravel documentation
server {
listen 80;
listen [::]:80;
server_name example.com;
root /srv/example.com/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
Serve Laravel in Subpath (Not Using Root Domain)
Instead using ipang.my.id, I want to serve my laravel app at ipang.my.id/laravel.
There was a lot of great tutorial, please check this laravel in subdirectory nginx example gist github for better explanation
But this one was working flawlessy for me (no 404 error, all assets loaded normally)
server {
.
.
.
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ^~ /laravel {
alias /home/ipang/laravel/public;
try_files $uri $uri/ @subpath;
location ~ \.php$ {
fastcgi_param SCRIPT_FILENAME /home/ipang/laravel/public/index.php;
fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
include fastcgi_params;
}
}
location @subpath {
rewrite /laravel/(.*)$ /laravel/index.php?/$1 last;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
.
.
.
Nginx Error Too Many Open Files Error And Solution
You can solve this error by following
-
cyberciti.biz - Nginx 24: Too Many Open Files Error And Solution
-
infiniroot.com - Nginx socket() failed (24: Too many open files
Note: They got better explanation
Load Balancer Laravel Nginx List Problem
HTTP & HTTPS Mix Assets
You still got http & https mix error even
-
When you force https on web server
-
Try to force it too using Cloudflare (force HTTPS)
Solution:
Add this line to app/Providers/AppServiceProvider.php
public function boot()
{
# add this line to force https on laravel
if (config('app.env') === 'production') {
URL::forceScheme('https');
}
Unconsistent Session (Session Expired, etc)
It because default setup laravel will save session on file (check your .env, SESSION_DRIVER=file).
You must centralized your session. The most easiest setup was using redis
- Got to
config/session.php
# 'driver' => env('SESSION_DRIVER', 'file'),
#change it with
'driver' => env('SESSION_DRIVER', 'redis'),
'connection' => 'session',
- Then
config/database.php
'cache' => [
'url' => env('REDIS_URL'),
'host' => env('REDIS_HOST', '127.0.0.1'),
'password' => env('REDIS_PASSWORD', null),
'port' => env('REDIS_PORT', '6379'),
'database' => env('REDIS_CACHE_DB', '1'),
],
#add this line
'session' => [
'host' => env('REDIS_HOST', 'localhost'),
'password' => env('REDIS_PASSWORD', null),
'port' => env('REDIS_PORT', 6379),
'database' => 1,
],
- Then change some .env value
SESSION_DRIVER=redis
REDIS_HOST=localhost
REDIS_PASSWORD=passwordRedis
REDIS_PORT=6379
Assets (Image, CSS, Icon, etc ) Not Found 404 Error
The solution was simple, you need to add your laravel project at your nginx load balancer
upstream laravel_proxy {
server 192.168.1.2:80;
server 192.168.1.3 weight=3;
}
server {
server_name laravel.ipang.my.id
#YOU JUST NEED TO ADD THIS LINE
root /var/www/html/laravel/public;
#ONLY ABOVE LINE
location / {
proxy_pass http://laravel_proxy;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto https;
}
Browser Tell Form Will Send in HTTP (Send to Unsecure Connectin)
Solution (same as mix HTTP & HTTPS) problem :
Add this line to app/Providers/AppServiceProvider.php
public function boot()
{
# add this line to force https on laravel
if (config('app.env') === 'production') {
URL::forceScheme('https');
}
Laravel Error error:0A000086
Full error was “STARTTLS: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:\nerror:0A000086:SSL routines::certificate verify failed”
This error happen when you setup email on your laravel, then try to use/setup mail on app (for sign up, reset password, etc) but it can’t send mail because this error.
Solution: in my case it happen because mail server SSL certificate was expired, I just need to renew the certificate
Laravel OWASP
For Laravel OWASP information, you can check Laravel - OWASP Cheat Sheet
Security & Performance Analysis Tools
Enlightn
enlightn can give you performance & security analysis.
They documentation was great, their solution was to the point & easy to understand
-
Install enlightn
composer require enlightn/enlightn -
Then run
# it will show report in your current session php artisan enlightn # to write report on file use this php artisan enlightn > /tmp/enlightn-output.txt
They Will Give You Analysis & Solution
Local PHP Security Checker
To check security vulnerabilities on your Laravel packages, you can use Local PHP Security Checker
Enlightn got a same tools, it call enlightn/security-checker
But I prefer Local PHP Security Checker for its portability & it can be used for your other PHP frameworks
-
Download & install
curl -sL https://github.com/fabpot/local-php-security-checker/releases/download/v2.0.6/local-php-security-checker_2.0.6_linux_amd64 --output /tmp/local-php-security-checker chmod +x /tmp/local-php-security-checker sudo mv /tmp/local-php-security-checker /usr/bin/ -
Then run
local-php-security-checker --no-dev
Check Packages Vulnerabilities