* Replaced IF statement by "internal" directive.

* Splitted config for PROD and DEV environments.

Author: phansys

cookbook/configuration/web_server_configuration.rst

@@ -202,25 +202,30 @@ are:
         server_name domain.tld www.domain.tld;
         root /var/www/project/web;
 
-        if ($request_uri ~ "/app\.php(/|$)") {
-            # prevent explicit access and hide front controller
-            # remove this block if you want to allow uri's like
-            # http://domain.tld/app.php/some-path
-            return 404;
-        }
-
         location / {
             # try to serve file directly, fallback to app.php
             try_files $uri /app.php$is_args$args;
         }
-
-        location ~ ^/(app|app_dev|config)\.php(/|$) {
+        # DEV
+        location ~ ^/(app_dev|config)\.php(/|$) {
             fastcgi_pass unix:/var/run/php5-fpm.sock;
             fastcgi_split_path_info ^(.+\.php)(/.*)$;
             include fastcgi_params;
             fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
             fastcgi_param HTTPS off;
         }
+        # PROD
+        location ~ ^/app\.php(/|$) {
+            fastcgi_pass unix:/var/run/php5-fpm.sock;
+            fastcgi_split_path_info ^(.+\.php)(/.*)$;
+            include fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param HTTPS off;
+            # prevent explicit access and hide front controller
+            # remove "internal" directive if you want to allow uri's like
+            # http://domain.tld/app.php/some-path
+            internal;
+        }
 
         error_log /var/log/nginx/project_error.log;
         access_log /var/log/nginx/project_access.log;