diff --git a/Documentation/Administration/Installation/SystemRequirements/Apache.rst.txt b/Documentation/Administration/Installation/SystemRequirements/Apache.rst.txt deleted file mode 100644 index 5472f26d1e..0000000000 --- a/Documentation/Administration/Installation/SystemRequirements/Apache.rst.txt +++ /dev/null @@ -1,67 +0,0 @@ - -.. _system-requirements-apache: - -During the initial installation, TYPO3's default :file:`.htaccess` file is copied to the installation root folder. - -.. _htaccess: - -.htaccess -========= - -The :file:`.htaccess` file allows to configure Apache-specific TYPO3-related webserver settings. - -The most important use of the file is to configure `RewriteRules`, security settings, PHP settings and MIME-type -handling. - -TYPO3 ships a boilerplate configuration file (`.htaccess `__), -which is installed on first-time installation and then is assumed to be maintained depending on your project. - -This means, on major TYPO3 updates, you need to ensure possible new TYPO3 adjustments are integrated in your -configuration. If you never update the file manually, copy over the contents of the new file from the -TYPO3 upgrade release. See :ref:`` for details on maintaining the file after a major -version upgrade. - -The TYPO3 environment check (:guilabel:`Admin Tools > Environment > Check Directory Status`) will report whether a :file:`.htaccess` file differs from the default. - -.. _vhost-records: - -Virtual Host Record -=================== - -* `AllowOverride `__ needs to include "Indexes" and "FileInfo" in the Virtual Host record. - -.. _apache-modules: - -Apache Modules -============== - -The following Apache modules are required. The list is based on what is used in -the default TYPO3 -`.htaccess `__. -In some cases, it is not a "hard" requirement, but is strongly recommended for -security or performance reasons, but you can also handle the desired outcome -in a different way with a different module. - -mod_alias: - Block access to vcs directories - -mod_authz_core: - Block access to specific files and directories - -mod_deflate: - Used for compression and performance. - -mod_expires: - Adds HTTP headers for browser caching and performance. - -mod_filter: - Used with mod_deflate. - -mod_headers: - Used in combination with `mod_deflate`. - -mod_rewrite: - Enable human readable urls. - -mod_setenvif: - Also used with `mod_deflate`. diff --git a/Documentation/Administration/Installation/SystemRequirements/Database.rst.txt b/Documentation/Administration/Installation/SystemRequirements/Database.rst.txt deleted file mode 100644 index 973e9f58a2..0000000000 --- a/Documentation/Administration/Installation/SystemRequirements/Database.rst.txt +++ /dev/null @@ -1,40 +0,0 @@ -.. include:: /Includes.rst.txt - - -.. _system-requirements-database: - -Required Database Privileges ----------------------------- - -The database user requires the following privileges on the TYPO3 -database: - -* SELECT, INSERT, UPDATE, DELETE - -* CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES - -It is recommended to also grant the following privileges: - -* CREATE VIEW, SHOW VIEW - -* EXECUTE, CREATE ROUTINE, ALTER ROUTINE - -Some database systems like MySQL and MariaDB allow to configure -SQL language support through a :sql`SQL_MODE` setting. - -TYPO3 strives to be compatible to the DEFAULT `SQL_MODE` settings -of the database engine versions supported by a specific TYPO3 release. - -If you change any setting to a NON-default SQL mode, be prepared to -audit all involved code to be compatible to your server mode choice. -Notably the settings `ANSI` and `ANSI_QUOTES` may cause issues. - -`NO_AUTO_VALUE_ON_ZERO`, `NO_ENGINE_SUBSTITUTION`, `NO_AUTO_CREATE_USER`, -`ERROR_FOR_DIVISION_BY_ZERO`, `ONLY_FULL_GROUP_BY`, `NO_ZERO_DATE`, -`NO_ZERO_IN_DATE`, `STRICT_ALL_TABLES` and `STRICT_TRANS_TABLES` should -work with TYPO3 versions 12 and upwards, as the internal tests are -performed with the `SQL_MODE` set to those keys. - -Custom or third-party extensions need to be evaluated individually. - -Listed as being incompatible is: `NO_BACKSLASH_ESCAPES`. diff --git a/Documentation/Administration/Installation/SystemRequirements/IIS.rst.txt b/Documentation/Administration/Installation/SystemRequirements/IIS.rst.txt deleted file mode 100644 index c58cfd0463..0000000000 --- a/Documentation/Administration/Installation/SystemRequirements/IIS.rst.txt +++ /dev/null @@ -1,12 +0,0 @@ -.. include:: /Includes.rst.txt - - -.. _system-requirements-iis: - -* During the initial installation of TYPO3, the default IIS web config file is - copied to the installation root folder. - -* Default IIS web config file with rewrite rules can be found in - :file:`EXT:install/Resources/Private/FolderStructureTemplateFiles/root-web-config` - -* The `URL Rewrite plugin `__ is required. diff --git a/Documentation/Administration/Installation/SystemRequirements/Index.rst b/Documentation/Administration/Installation/SystemRequirements/Index.rst index 46b1986803..9db3dce41b 100644 --- a/Documentation/Administration/Installation/SystemRequirements/Index.rst +++ b/Documentation/Administration/Installation/SystemRequirements/Index.rst @@ -1,54 +1,387 @@ -.. include:: /Includes.rst.txt +:navigation-title: System Requirements +.. include:: /Includes.rst.txt .. index:: system requirements, apache, nginx, database, mysql, sqlite - .. _system-requirements: -=================== -System Requirements -=================== +===================================== +System requirements for running TYPO3 +===================================== + +TYPO3 requires a web server, PHP, and a supported database system. +Composer is required for Composer-based installations, especially during +development. + +.. contents:: Table of contents + +.. seealso:: + For current and detailed requirements, including concrete versions, visit: + + * https://get.typo3.org/version/#system-requirements + + Related topics: + + * `Installation instructions `_ + * `Deployment `_ + +.. _system-requirements-php: + +PHP requirements and configuration +================================== + +TYPO3 requires PHP with a supported version and specific configuration +values and extensions. + +.. _system-requirements-php-configuration: + +Recommended PHP configuration settings +-------------------------------------- + +The following should be set in your `php.ini` file: + +.. code-block:: ini + :caption: php.ini -TYPO3 requires a web server running PHP and access to a database. + memory_limit = 256M + max_execution_time = 240 + max_input_vars = 1500 + pcre.jit = 1 -Composer is also required for local development. +To support file uploads, configure: -If you want TYPO3 to automatically carry out image processing – for example -scaling or cropping – you will need -`GraphicsMagick (version 1.3 or newer) `__ or -`ImageMagick (version 6 or newer) `__ installed on -the server. (GraphicsMagick is preferable.) +.. code-block:: ini + :caption: php.ini -For up-to-date information about TYPO3's system requirements visit `get.typo3.org -`_. + post_max_size = 10M + upload_max_filesize = 10M -.. include:: PHP.rst.txt +.. _system-requirements-php-extensions: -Web Server -========== +Required and optional PHP extensions +------------------------------------ + +Required extensions: + +* `pdo` +* `session` +* `xml` +* `filter` +* `SPL` +* `standard` +* `tokenizer` +* `mbstring` +* `intl` + +Optional but commonly used: + +* `fileinfo` – for detecting uploaded file types +* `gd` – for image generation and scaling +* `zip` – for language packs and extension archives +* `zlib` – for output compression +* `openssl` – for encrypted SMTP mail delivery + +.. _system-requirements-php-database-extensions: + +Database-specific PHP extensions +-------------------------------- .. tabs:: - .. tab:: Apache + .. tab:: MySQL / MariaDB + + * `pdo_mysql` (recommended) + * or `mysqli` + + MySQL/MariaDB must support the InnoDB engine. + + .. tab:: PostgreSQL + + * `pdo_pgsql` + * `pgsql` + + .. tab:: SQLite + + * `sqlite3` + +.. _system-requirements-image-processing: + +Image processing requirements +============================= + +If you want TYPO3 to automatically process images (e.g. cropping, resizing, +thumbnail generation), install one of the following tools on your server: + +* `GraphicsMagick (≥ 1.3) `__ (recommended) +* `ImageMagick (≥ 6) `__ + +These tools are used by TYPO3 for features such as image rendering in content +elements and backend previews. + +.. _system-requirements-web-server: + +Supported web servers and configuration +======================================= + +TYPO3 supports the following web servers, each requiring specific configuration: + +* :ref:`Apache ` (Linux/macOS/Windows) +* :ref:`NGINX ` (Linux/macOS/Windows) +* :ref:`IIS (Windows) ` (Microsoft Windows only) + +.. _system-requirements-apache: + +Apache web server configuration +------------------------------- + +TYPO3 includes a `.htaccess` file with rewrite and security rules. + +.. _htaccess: + +Apache .htaccess configuration file +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This file configures: + +* URL rewriting +* Security and access control +* PHP directives +* MIME types + +TYPO3 installs this file automatically. On major upgrades, check +for new directives and merge them if needed. + +You can check the `.htaccess` status under: + +:guilabel:`Admin Tools > Environment > Check Directory Status` + +.. _vhost-records: + +Apache virtual host requirements +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Your Apache VirtualHost must include: + +.. code-block:: apache + + AllowOverride Indexes FileInfo + +.. _apache-modules: + +Apache modules required or recommended +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +* `mod_alias` +* `mod_authz_core` +* `mod_deflate` +* `mod_expires` +* `mod_filter` +* `mod_headers` +* `mod_rewrite` +* `mod_setenvif` + +.. _system-requirements-nginx: + +NGINX web server configuration +------------------------------ + +NGINX does not support `.htaccess` files. Configuration must be done +at the system level. + +.. literalinclude:: _codesnippets/_nginx.conf + :language: nginx + :caption: Example: /etc/nginx/conf.d/typo3.conf + +.. _system-requirements-iis: + +IIS (Windows) web server configuration +-------------------------------------- + +TYPO3 includes a default `web.config` file for IIS with rewrite rules. + +Requirements: + +* `URL Rewrite plugin `_ + +File location: + +:file:`EXT:install/Resources/Private/FolderStructureTemplateFiles/root-web-config` + +.. _system-requirements-docker: + +Using TYPO3 with Docker-based environments +========================================== + +TYPO3 runs well in Docker-based environments. You can combine PHP with Apache +or NGINX using official base images. + +Recommended base images: + +* Apache: `php:8.4-apache` +* NGINX: `nginx:stable` + `php:8.4-fpm` + +Install required PHP extensions and set suitable PHP configuration. + +.. tabs:: + + .. tab:: Apache + PHP 8.4 + + .. literalinclude:: _codesnippets/_Dockerfile-apache-php + :language: dockerfile + :caption: Dockerfile for Apache with PHP 8.4 + + .. tab:: NGINX + PHP-FPM 8.4 + + .. literalinclude:: _codesnippets/_Dockerfile-fpm-php + :language: dockerfile + :caption: Dockerfile for PHP 8.4 with FPM (for NGINX) + + See :ref:`system-requirements-nginx` for NGINX configuration. + + This image provides PHP-FPM only and is intended to be used together with a + separate NGINX container. For guidance on configuring NGINX and PHP-FPM + containers to work together, refer to the official Docker documentation: + + https://docs.docker.com/samples/php/#nginx--php-fpm + +The Dockerfiles reference a `php.ini` file with recommended settings: + +.. literalinclude:: _codesnippets/_php.ini + :language: ini + :caption: Custom php.ini used in Dockerfiles + +.. seealso:: + + For official base images, see: + + * PHP images: https://hub.docker.com/_/php + * NGINX images: https://hub.docker.com/_/nginx + + Refer to these pages for available image variants (e.g. Alpine, FPM) and + supported tags for each version. + +.. _system-requirements-docker-database-images: + +Recommended Docker images for TYPO3-compatible databases +-------------------------------------------------------- + +When using TYPO3 in Docker-based environments, the following official +images are commonly used for supported databases: + +* MySQL: `mysql:8.0 `_ +* MariaDB: `mariadb:10.6 `_ +* PostgreSQL: `postgres:15 `_ +* SQLite: Included as an embedded library in PHP; no separate container + needed. + +These images can be used with Docker Compose or similar orchestration tools. +Ensure proper volume mounts and configuration (users, encoding, collation) +for TYPO3 compatibility. + +.. _system-requirements-local-environments: + +Using DDEV for local TYPO3 development +====================================== + +DDEV is a widely used and recommended solution for running TYPO3 projects +locally. It provides a preconfigured Docker-based environment with TYPO3- +compatible PHP, web server, and database services. + +To set up a TYPO3 project with PHP 8.4, run: + +.. code-block:: bash + + ddev config --php-version 8.4 --docroot public --project-type typo3 + +This will generate the necessary configuration and allow you to start the +project using: + +.. code-block:: bash + + ddev start + +DDEV supports Composer-based TYPO3 projects and works on Linux, macOS, and +Windows. It is ideal for teams and reproducible local setups. + +.. seealso:: + + For full DDEV documentation, see: + + * https://ddev.readthedocs.io/en/stable/users/cli-usage/#typo3 + + +.. _system-requirements-database: + +Supported database systems and required permissions +=================================================== + +TYPO3 supports the following relational database systems: + +* MySQL +* MariaDB +* PostgreSQL +* SQLite + +Each system has specific configuration and extension requirements. +See the list of required PHP extensions for supported databases: + +* https://docs.typo3.org/permalink/t3coreapi:system-requirements-php-database-extensions + +The database user must be granted specific privileges to allow TYPO3 to +function correctly. + +.. _system-requirements-database-privileges: + +Required database privileges for TYPO3 +-------------------------------------- + +**Required:** + +* `SELECT`, `INSERT`, `UPDATE`, `DELETE` +* `CREATE`, `DROP`, `INDEX`, `ALTER` +* `CREATE TEMPORARY TABLES`, `LOCK TABLES` + +**Recommended:** + +* `CREATE VIEW`, `SHOW VIEW` +* `EXECUTE`, `CREATE ROUTINE`, `ALTER ROUTINE` + +**SQL mode compatibility** + +TYPO3 expects compatibility with the default `SQL_MODE` settings of +supported databases. + +These SQL modes are tested and supported: + +* `STRICT_ALL_TABLES` +* `STRICT_TRANS_TABLES` +* `ONLY_FULL_GROUP_BY` +* `NO_ENGINE_SUBSTITUTION` +* `ERROR_FOR_DIVISION_BY_ZERO` + +The following mode is known to be incompatible: + +* `NO_BACKSLASH_ESCAPES` - .. include:: Apache.rst.txt +Custom or third-party extensions should be tested individually. - .. tab:: NGINX +.. _system-requirements-web-server-composer: - .. include:: NGINX.rst.txt +Composer usage in TYPO3 projects +================================ - .. tab:: IIS +Composer is required for `Composer-based TYPO3 installations `_ +and is commonly used in modern development workflows. - .. include:: IIS.rst.txt +It is not required for `Classic mode installations `_ +using the source package. -Database -======== +In production environments, Composer is not needed if the project is +deployed using file-based methods (for example +`Rsync `_, +`Deployer `_). -.. include:: Database.rst.txt +.. seealso:: -Composer -======== + For Composer installation and usage instructions, see: -Composer is only required for **local** installations - see -`https://getcomposer.org `_ for further information. -It is recommended to always use the latest available Composer version. -TYPO3 v12 LTS requires at least Composer version 2.1.0. + https://getcomposer.org diff --git a/Documentation/Administration/Installation/SystemRequirements/NGINX.rst.txt b/Documentation/Administration/Installation/SystemRequirements/NGINX.rst.txt deleted file mode 100644 index 0c6f18d7fb..0000000000 --- a/Documentation/Administration/Installation/SystemRequirements/NGINX.rst.txt +++ /dev/null @@ -1,109 +0,0 @@ -.. include:: /Includes.rst.txt - -.. _system-requirements-nginx: - -NGINX does not support static configuration files that are stored in a projects root like Apache and IIS would. Instead, NGINX requires a configuration file -to be created within the applications own configuration directory. - -Example NGINX configuration file: - -.. code-block:: nginx - :caption: /etc/nginx/conf.d/nginx.conf - - # Compressing resource files will save bandwidth and so improve loading speed especially for users - # with slower internet connections. TYPO3 can compress the .js and .css files for you. - # *) Set $GLOBALS['TYPO3_CONF_VARS']['BE']['compressionLevel'] = 9 for the Backend - # *) Set $GLOBALS['TYPO3_CONF_VARS']['FE']['compressionLevel'] = 9 together with the TypoScript properties - # config.compressJs and config.compressCss for GZIP compression of Frontend JS and CSS files. - location ~ \.js\.gzip$ { - add_header Content-Encoding gzip; - gzip off; - types { text/javascript gzip; } - } - location ~ \.css\.gzip$ { - add_header Content-Encoding gzip; - gzip off; - types { text/css gzip; } - } - - # TYPO3 - Rule for versioned static files, configured through: - # - $GLOBALS['TYPO3_CONF_VARS']['BE']['versionNumberInFilename'] - # - $GLOBALS['TYPO3_CONF_VARS']['FE']['versionNumberInFilename'] - if (!-e $request_filename) { - rewrite ^/(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ /$1.$3 last; - } - - # TYPO3 - Block access to composer files - location ~* composer\.(?:json|lock) { - deny all; - } - - # TYPO3 - Block access to flexform files - location ~* flexform[^.]*\.xml { - deny all; - } - - # TYPO3 - Block access to language files - location ~* locallang[^.]*\.(?:xml|xlf)$ { - deny all; - } - - # TYPO3 - Block access to static typoscript files - location ~* ext_conf_template\.txt|ext_typoscript_constants\.txt|ext_typoscript_setup\.txt { - deny all; - } - - # TYPO3 - Block access to miscellaneous protected files - location ~* /.*\.(?:bak|co?nf|cfg|ya?ml|ts|typoscript|tsconfig|dist|fla|in[ci]|log|sh|sql|sqlite)$ { - deny all; - } - - # TYPO3 - Block access to recycler and temporary directories - location ~ _(?:recycler|temp)_/ { - deny all; - } - - # TYPO3 - Block access to configuration files stored in fileadmin - location ~ fileadmin/(?:templates)/.*\.(?:txt|ts|typoscript)$ { - deny all; - } - - # TYPO3 - Block access to libraries, source and temporary compiled data - location ~ ^(?:vendor|typo3_src|typo3temp/var) { - deny all; - } - - # TYPO3 - Block access to protected extension directories - location ~ (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|Documentation|docs?)/ { - deny all; - } - - location / { - try_files $uri $uri/ /index.php$is_args$args; - } - - location = /typo3 { - rewrite ^ /typo3/; - } - - location /typo3/ { - absolute_redirect off; - try_files $uri /index.php$is_args$args; - } - - location ~ [^/]\.php(/|$) { - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - if (!-f $document_root$fastcgi_script_name) { - return 404; - } - fastcgi_buffer_size 32k; - fastcgi_buffers 8 16k; - fastcgi_connect_timeout 240s; - fastcgi_read_timeout 240s; - fastcgi_send_timeout 240s; - - # this is the PHP-FPM upstream - see also: https://www.nginx.com/resources/wiki/start/topics/examples/phpfcgi/#connecting-nginx-to-php-fpm - fastcgi_pass php-fpm:9000; - fastcgi_index index.php; - include fastcgi.conf; - } diff --git a/Documentation/Administration/Installation/SystemRequirements/PHP.rst.txt b/Documentation/Administration/Installation/SystemRequirements/PHP.rst.txt deleted file mode 100644 index e90ff09b31..0000000000 --- a/Documentation/Administration/Installation/SystemRequirements/PHP.rst.txt +++ /dev/null @@ -1,86 +0,0 @@ -.. include:: /Includes.rst.txt - - -.. _system-requirements-php: - -PHP -=== - -.. _system-requirements-php-configuration: - -Configure ---------- - -The following settings need to be set in the installations :file:`php.ini` - -.. code-block:: ini - :caption: php.ini - - ; memory_limit >= 256MB - memory_limit=256M - - ; max_execution_time >= 240 seconds - max_execution_time=240 - - ; max_input_vars >= 1500 - max_input_vars=1500 - - ; PHP JIT compiler must be activated. Needed for proper Fluid parsing - pcre.jit=1 - -The following settings control the maximum upload file size (and should be -adapted if necessary): - -.. code-block:: ini - :caption: php.ini - - ; To allow uploads of a maximum of 10 MB - post_max_size = 10M - upload_max_filesize = 10M - -.. _system-requirements-php-extensions: - -Required Extensions -------------------- - -* **pdo** -* **session** -* **xml** -* **filter** -* **SPL** -* **standard** -* **tokenizer** -* **mbstring** -* **intl** - -Depending on the use case, the following extensions may also be required: - -* **fileinfo** (used to detect file extensions of uploaded files) -* **gd** (GDlib/Freetype is required for building images with text (GIFBUILDER) and is also be used to scale images) -* **zip** (TYPO3 uses zip to extract language archives as well as extracting and archiving extensions) -* **zlib** (TYPO3 uses zlib for output compression) -* **openssl** (OpenSSL is required for sending SMTP mails over an encrypted channel endpoint) - - -.. _system-requirements-php-database-extensions: - -Required Database Extensions ----------------------------- - -.. tabs:: - - .. tab:: MySQL / MariaDB - - * pdo_mysql (recommended) - * OR mysqli - - The InnoDB engine is required for MySQL and MariaDB instances. - - .. tab:: Postgres - - * pdo_pgsql - * postgresql - - .. tab:: SQLite - - * sqlite diff --git a/Documentation/Administration/Installation/SystemRequirements/_codesnippets/_Dockerfile-apache-php b/Documentation/Administration/Installation/SystemRequirements/_codesnippets/_Dockerfile-apache-php new file mode 100644 index 0000000000..2d1b0b75b5 --- /dev/null +++ b/Documentation/Administration/Installation/SystemRequirements/_codesnippets/_Dockerfile-apache-php @@ -0,0 +1,17 @@ +FROM php:8.4-apache + +# Enable Apache mod_rewrite +RUN a2enmod rewrite + +# Install required PHP extensions for TYPO3 +RUN apt-get update && apt-get install -y \ + libzip-dev libpng-dev libxml2-dev libonig-dev libicu-dev unzip git \ + && docker-php-ext-install \ + pdo pdo_mysql mysqli intl xml mbstring tokenizer opcache zip gd \ + && apt-get clean && rm -rf /var/lib/apt/lists/* + +# Set recommended PHP settings +COPY php.ini /usr/local/etc/php/ + +# Document root +WORKDIR /var/www/html diff --git a/Documentation/Administration/Installation/SystemRequirements/_codesnippets/_Dockerfile-fpm-php b/Documentation/Administration/Installation/SystemRequirements/_codesnippets/_Dockerfile-fpm-php new file mode 100644 index 0000000000..18d51e6860 --- /dev/null +++ b/Documentation/Administration/Installation/SystemRequirements/_codesnippets/_Dockerfile-fpm-php @@ -0,0 +1,14 @@ +FROM php:8.4-fpm + +# Install required PHP extensions for TYPO3 +RUN apt-get update && apt-get install -y \ + libzip-dev libpng-dev libxml2-dev libonig-dev libicu-dev unzip git \ + && docker-php-ext-install \ + pdo pdo_mysql mysqli intl xml mbstring tokenizer opcache zip gd \ + && apt-get clean && rm -rf /var/lib/apt/lists/* + +# Set recommended PHP settings +COPY php.ini /usr/local/etc/php/ + +# Document root +WORKDIR /var/www/html diff --git a/Documentation/Administration/Installation/SystemRequirements/_codesnippets/_nginx.conf b/Documentation/Administration/Installation/SystemRequirements/_codesnippets/_nginx.conf new file mode 100644 index 0000000000..cc27f1e30c --- /dev/null +++ b/Documentation/Administration/Installation/SystemRequirements/_codesnippets/_nginx.conf @@ -0,0 +1,63 @@ +# TYPO3 - GZIP support for versioned .js and .css files +location ~ \.js\.gzip$ { + add_header Content-Encoding gzip; + gzip off; + types { text/javascript gzip; } +} +location ~ \.css\.gzip$ { + add_header Content-Encoding gzip; + gzip off; + types { text/css gzip; } +} + +# TYPO3 - Rewrite versioned static resources +if (!-e $request_filename) { + rewrite ^/(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ /$1.$3 last; +} + +# TYPO3 - Deny access to sensitive files and directories +location ~* composer\.(?:json|lock)$ { deny all; } +location ~* flexform[^.]*\.xml$ { deny all; } +location ~* locallang[^.]*\.(?:xml|xlf)$ { deny all; } +location ~* ext_conf_template\.txt$ { deny all; } +location ~* ext_typoscript_.*\.txt$ { deny all; } +location ~* \.(?:bak|co?nf|cfg|ya?ml|ts|typoscript|tsconfig|dist|fla|in[ci]|log|sh|sql|sqlite)$ { + deny all; +} +location ~ _(?:recycler|temp)_/ { deny all; } +location ~ fileadmin/(?:templates)/.*\.(?:txt|ts|typoscript)$ { deny all; } +location ~ ^(?:vendor|typo3_src|typo3temp/var) { deny all; } +location ~ (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|docs?)/ { + deny all; +} + +# TYPO3 - Frontend entry point +location / { + try_files $uri $uri/ /index.php$is_args$args; +} + +# TYPO3 - Backend entry point +location = /typo3 { + rewrite ^ /typo3/; +} +location /typo3/ { + absolute_redirect off; + try_files $uri /index.php$is_args$args; +} + +# TYPO3 - PHP handler via PHP-FPM +location ~ [^/]\.php(/|$) { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_buffer_size 32k; + fastcgi_buffers 8 16k; + fastcgi_connect_timeout 240s; + fastcgi_read_timeout 240s; + fastcgi_send_timeout 240s; + + fastcgi_pass php-fpm:9000; + fastcgi_index index.php; + include fastcgi.conf; +} diff --git a/Documentation/Administration/Installation/SystemRequirements/_codesnippets/_php.ini b/Documentation/Administration/Installation/SystemRequirements/_codesnippets/_php.ini new file mode 100644 index 0000000000..675cc546ae --- /dev/null +++ b/Documentation/Administration/Installation/SystemRequirements/_codesnippets/_php.ini @@ -0,0 +1,6 @@ +memory_limit = 256M +max_execution_time = 240 +max_input_vars = 1500 +post_max_size = 10M +upload_max_filesize = 10M +pcre.jit = 1