This reference provides complete, copy-ready web server configurations for serving Mumara Campaigns with either Apache or Nginx. In both cases the document root must point to the application's public directory — never the app root.
For Apache, you get plain HTTP and SSL virtual host examples with security headers and an HTTP-to-HTTPS redirect, the required modules (rewrite, ssl, headers), and the standard Laravel public/.htaccess (front-controller rewriting plus deny rules for .env, .sql, and .log files — AllowOverride All must be set for it to work). For Nginx, there are basic and SSL server blocks with TLS 1.2/1.3, security headers, gzip, static-file caching, a fastcgi_read_timeout of 300 for long-running scripts, and deny rules for dotfiles and sensitive files, plus a dedicated PHP-FPM pool configuration (pm = dynamic, 512M memory limit, 300s execution time).
Performance recommendations include enabling OPcache (with validate_timestamps=0 in production) and switching cache, sessions, and queues to Redis in .env. Always test before reloading: apachectl configtest for Apache, nginx -t for Nginx, and php-fpm8.4 -t for PHP-FPM. The most common problems are a 502 Bad Gateway caused by a mismatched PHP-FPM socket path in the Nginx config, and permission errors when the web-server user doesn't own the application files.
