Configuring NGINX with mod_cfm

I think that I have a successful install of Lucee 5.1…

I can go to http://myip:8888 and receive the Congratulations page…

However, when I try to setup a website with an index.cfm as my root doc…
I get a 502 Bad Gateway.

It would seem that the .cfm files are not be processed by Lucee…

My installation is on Ubuntu 14.04, Nginx system.

Any help would be much appreciated.


the installer doesn’t set up your web server AFAIK. you need to
configure nginx to forward the .cfm requests to Lucee by defining an
upstream and forwarding the requests with the proxy_pass directive.

Igal Sapir
Lucee Core Developer

We’ll need to know what’s in lucee.conf.


Thanks for the response. Can you provide some instruction as to how to do
this. My website config file points to a lucee config file… is there
more to do? Below is an example of a test config file. If the root
document is index.html it works fine. However, index.cfm triggers the 502
bad gate way error…

server {
  listen 307;
  root /web/;

  # Mod_cfml (Lucee) specific: add a unique ID for this server block.
  # For more info, see
  set $lucee_context "";

  include lucee.conf;

One more question:

I’m I right in understanding that if mod_cfm is installed properly then the
necessary entries in Tomcat server.xml are made automatically?

Here’s my lucee.conf

location ~* /lucee/ {
    deny all;
    include lucee-proxy.conf;

location ~* /lucee-server {
    return 404;

#block/ignore CFIDE requests
location ~* /CFIDE {
    return 404;

#block requests for Application.cfc/cfm
location ~*[mc]$ {
    return 404;

#match cfm or cfc files and proxy them off to tomcat
#if you do not need SES urls like index.cfm/foo/bar
#then use: (\.cfm|\.cfc)$ instead
location ~* (\.cfm(\/|$)|\.cfc$) {
  include lucee-proxy.conf;

#set the default document to index.html or index.cfm
index index.html index.cfm;

No. Mod_cfml doesn’t touch the server.xml file. The server.xml file adds your contexts to Tomcat during Tomcat’s bootup, where mod_cfml adds contexts to Tomcat on-the-fly.–
Kind regards,
Jordan Michaels
Vivio Technologies

And lucee-proxy.conf?

Hi Joseph,

I’ve had some progress. I’ve included the config files for a site
( Although still get 502 Bad Gateway it appears that Lucee has
created the WEB-INF folder in the root.

Thanks for any help that you might provide.


lucee-proxy.conf (1.28 KB) (354 Bytes)

server.xml (7.97 KB)

Didn’t you say your lucee install was on 8888? If so, your
lucee-proxy.conf should have, not 8080. (Which is also what
I’m seeing in your server.xml. The 8080 connector is commented out)


I changed my lucee-proxy.conf to and uncommented the block
in the server.xml that has the 8080 reference… now I get the error message

Tomcat Mod_CFML error

mod_cfml request authentication failed!

I’m going to take this as progress…


Now, time to hand off to someone who uses mod_cfml :slight_smile:

My expectation is you have some proxy headers to set in lucee-proxy.

There’s an example on, and I feel like the mod_cfml valve in
Tomcat might need a password or header or something.

But I guess the first question is, do you actually need mod_cfml? Do you
have multiple vhosts on your server or do you need multiple web contexts?
If not, going without mod_cfml is possible.

Here’s some documentation:

An example of the specific header you need to fix that error can be found in this example NGINX config:

The shared key is a key that authorizes your web server (whether it’s NGINX, Apache, IIS, or whatever) to send new contexts to the mod_cfml Tomcat valve. This shared key must match the shared key you have in your server.xml file. In your C:\lucee\tomcat\conf\server.xml file, there will be an entry like this:

<!-- visit for details on mod_cfml configuration options -->
<Valve className="mod_cfml.core"

Note the “sharedKey” value. The shared key in your NGINX config and the shared key in your server.xml config must match.

Hope this helps!–
Kind regards,
Jordan Michaels
Vivio Technologies