Appologies in advance, this is rather a long description, skip to the Problem peice below for my actual problem, also see the config files
I'm setting up an set of internal web sites for where I work, I decided to use nginx as the main app I use (GitLab) uses it underneath. Although I now think that maybe that wasn't so sensible !).
I can get GitLab to function just fine. I have temporarily 'turned it off' so as I can get the entry point to the pages up an running.
Background
The plan.
To run a single page for entry, and then have the various 'apps' running on sub domains.
So out main server is called reslab and then we will have the gitlab.reslab running on a subdomain, and then any other items we need on other subdomains.
So we we plan to put all our documentation into a mediawiki, so that will live on wiki.reslab
Also we expect to run a test version of the units web site, which will reside on testweb.reslab. Eventually I expect more things to end up on here, such as sub sites for specific projects.
As the main site is running on WordPress, I decided that I would use wordpress as the principle development option for the all the pages that may be created.
The problem
Whenever I open a link that is a php file, the file will be downloaded, rather than being executed.
At first I realised that the files in the document root weren't executable, but that didn't help.
I've checked the php config for the location of the socket file, which is as it appears in the config files below.
I had originally wanted to split the config file into smaller peices, but I got persistent errors when testing the config with nginx -t.
Have I included my files in the wrong place ? should they all be in the nginx.conf file (and not sitting in the relab.conf file?) ~ although placing them into the nginx.conf file just gave errors about items being double declared, and as they where for the worpress site it made sense in my mind to leave them within the site specific config file.
Is there a way to output the details of the files that are being included, so as I can be sure that I have missed a config file.
The system is running debian : Linux reslab 5.10.0-8-amd64 #1 SMP Debian 5.10.46-5 (2021-09-23) x86_64 GNU/Linux
I have installed php and nginx, and both are running
php :
sudo service php7.4-fpm status
● php7.4-fpm.service - The PHP 7.4 FastCGI Process Manager
Loaded: loaded (/lib/systemd/system/php7.4-fpm.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2021-10-04 13:34:06 CEST; 7s ago
Docs: man:php-fpm7.4(8)
Process: 434953 ExecStartPost=/usr/lib/php/php-fpm-socket-helper install /run/php/php-fpm.sock /etc/php/7.4/fpm/pool.d/www.conf 74 (code=exited, status=0/SUCCESS)
Main PID: 434950 (php-fpm7.4)
Status: "Ready to handle connections"
Tasks: 3 (limit: 43238)
Memory: 9.8M
CPU: 56ms
CGroup: /system.slice/php7.4-fpm.service
├─434950 php-fpm: master process (/etc/php/7.4/fpm/php-fpm.conf)
├─434951 php-fpm: pool www
└─434952 php-fpm: pool www
nginx :
sudo service nginx status
[sudo] password for davem:
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2021-10-04 12:08:34 CEST; 1h 51min ago
Docs: man:nginx(8)
Process: 425978 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 425979 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 425980 (nginx)
Tasks: 13 (limit: 43238)
Memory: 11.7M
CPU: 73ms
CGroup: /system.slice/nginx.service
├─425980 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
├─425981 nginx: worker process
├─425982 nginx: worker process
├─425983 nginx: worker process
├─425984 nginx: worker process
├─425985 nginx: worker process
├─425986 nginx: worker process
├─425987 nginx: worker process
├─425988 nginx: worker process
├─425989 nginx: worker process
├─425990 nginx: worker process
├─425991 nginx: worker process
└─425992 nginx: worker process
Setup
I intend for the main site to be named as for the server, this is its nginx config.
/etc/nginx/nginx.conf
sudo more nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
#######################################################
### Config for Wordpress multi sites ########
#######################################################
worker_cpu_affinity auto; #worpress
##
# For Virtual Host Configs
##
# include /etc/nginx/conf.d/*.conf;
# include /etc/nginx/sites-enabled/*.conf; # I do this later on ...
events {
worker_connections 1024;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
# it may be internal, but I want to set up good practice
# internal pages using a self signed certificate
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
#error log levels are : warn, error crit, alert, and emerg
# just add one to the end of the below line before the ';'
# eg error_log /var/log/nginx/error.log warn;
error_log /var/log/nginx/error.log debug;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
#for the inclusion of other sites config files
include /etc/nginx/sites-enabled/*.conf;
# for wordpress to use php
# Upstream to abstract backend connection(s) for PHP.
upstream php {
#this should match value of "listen" directive in php-fpm pool
server unix:/var/run/php/php7.4-fpm.sock;
server 127.0.0.1:9000;
}
# below is for gitlab config that cannot be in the main server section.
upstream gitlab-workhorse {
server unix://var/opt/gitlab/gitlab-workhorse/sockets/socket fail_timeout=0;
}
}
sites-enabled
/etc/nginx/sites-enabled/reslab.conf :
# This will be our default landing page configuration
# All the sub sites, and this one, are using wordpress
# the exception is the gitlab subdomain
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
## Strong SSL Security
## see https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & https://cipherli.st/
# ssl on; # this line is deprecated and replaced by the listen 0.0.0.0:443 directive above (just after the start of the server section)
ssl_certificate /etc/nginx/ssl/reslab.crt;
ssl_certificate_key /etc/nginx/ssl/reslab.key;
#Some extra ssl wordpress stuff
# Set caches, protocols, and accepted ciphers. This config will merit an A+ SSL Labs score as of Sept 2015.
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5';
# Enable HSTS. This forces SSL on clients that respect it, most modern browsers. The includeSubDomains flag is optional.
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
#document root for the main langing page
root /var/www/reslab/wordpress;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html index.php;
#ensure that all the sub server are considered equally using the '.reslab'
server_name 10.69.60.18 reslab .reslab *.reslab;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
#add specific logging for this server.
access_log /var/log/nginx/reslab_access.log;
#set to debug whilst troubleshooting php problems
error_log /var/log/nginx/reslab_error.log debug;
}
#set the mapping of this site to its relevant blog pages
# this needs to be outside of the server block (but in the http block)
map $http_host $blogid {
default -999;
#Ref: https://wordpress.org/extend/plugins/nginx-helper/
#include /var/www/wordpress/wp-content/plugins/nginx-helper/map.conf ;
}
#here is the wordpress specific stuff, that should be copied into most subdomains.
#remember to modify as required the server root if you have just made a simple copy of this file
server {
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?rt=$uri&$args;
}
# load the nginx php / fastCGI support module
include /etc/nginx/fcgiwrap.conf;
# this is required to tell nginx to run php files on the server not as a downloadable file !
location ~ \.php$ {
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
try_files $uri /index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# lots of the lines below can be included in the following file(s)
include fastcgi.conf;
include snippets/fastcgi-php.conf;
fastcgi_intercept_errors on;
# the fastci_index is included via the snippets/fastcgi_php.conf file so is not needed here
# the line is left here for reference
#fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
# can run php through a file socket or via an ip
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
#WPMU Files
location ~ ^/files/(.*)$ {
try_files /wp-content/blogs.dir/$blogid/$uri /wp-includes/ms-files.php?file=$1 ;
access_log off; log_not_found off; expires max;
}
#WPMU x-sendfile to avoid php readfile()
location ^~ /blogs.dir {
internal;
alias /var/www/example.com/htdocs/wp-content/blogs.dir;
access_log off; log_not_found off; expires max;
}
# ensure that no one is able to write directly to the server from the web page.
location ~ /\.ht {
deny all;
}
#add some rules for static content expiry-headers here
}
/etc/nginx/fastcgi.conf
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
/etc/nginx/fastcgi_params (which is exactly the same as fastcgi.conf ? do I need both ?)
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
/etc/nginx/snippets/fastcgi-php.conf
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
# Check that the PHP script exists before passing it
# we do this in the sites config file, so no need for duplication
#try_files $fastcgi_script_name =404;
# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
#this looks back at the earlier file, does this circular reference cause a problem ?
include fastcgi.conf;
/etc/php/7.4/fpm/php.ini has not been modified from the installed version, and as its rather large, with the exception of the line
cgi.fix_pathinfo = 1
where some guides suggest this should be 0 (zero) and nginx suggest 1, I've tried both values ... and no difference.
Does nginx need a special module to run php to function ?
the file will be downloaded, it makes no difference if I access it from localhost or via its IP address.
Is there something obvious that I am missing ?
I can run the a simpl phpinfo() call from the cli, and I get the expected output.
need more config details... feel free to ask.
thanks in advance
Dave
edit 1
So I've tried all the variations of listen and server_name within the server block that has the php details within it.
I have turned on debug logging in the error file for this site, looking through it states http script var: "/wp-admin/install.php" which seems like it is seeing it as a php script, and demonstrates that it is clearly capturing the correct file. I have also tried with a basic info.php file... here is a section of the log ...
try files handler
2021/10/04 16:21:17 [debug] 452491#452491: *3 http script var: "/info.php"
2021/10/04 16:21:17 [debug] 452491#452491: *3 trying to use file: "/info.php" "/var/www/reslab/wordpress/info.php"
2021/10/04 16:21:17 [debug] 452491#452491: *3 try file uri: "/info.php"
2021/10/04 16:21:17 [debug] 452491#452491: *3 generic phase: 13
2021/10/04 16:21:17 [debug] 452491#452491: *3 content phase: 14
2021/10/04 16:21:17 [debug] 452491#452491: *3 content phase: 15
2021/10/04 16:21:17 [debug] 452491#452491: *3 content phase: 16
2021/10/04 16:21:17 [debug] 452491#452491: *3 content phase: 17
2021/10/04 16:21:17 [debug] 452491#452491: *3 content phase: 18
2021/10/04 16:21:17 [debug] 452491#452491: *3 http filename: "/var/www/reslab/wordpress/info.php"
I feel there should be some clue in here with the server telling me it is recognised as an http script rather than a fastcgi script ?
edit 2
So I just logged onto the server, and ran firefox locally. As I expected it attempts to download the file. However it wants to 'open' it in firefox ... when I do this, it just re-downloads ....
However, when I select the 'other' option from the download list the next windows has a message of :
no applications fournd for application/octet-stream files.
which strikes me as firefox trying to tell me that this is an 'application', or am I missunderstanding FFXs message ?
Also when I do the same thing on my remote pc, I still get the 'open with geany' option.
edit 3
So it occured to me this may be a permissions issue. So I ran the info.php script from the terminal as the www-data (user and group) :
sudo su -s /bin/bash -c "php info.php" -g www-data www-data
and I got the expected output.
note when I did this logged in via ssh to the server.
My other feeling is that the includes aren't correct in some way ? is there a way to debug the files that are being inlcuded (something like nginx -t but with a more verbose output ?)
First off, this is far too much config to trouble shoot for a simple problem, it would be far easier to whittle it down to a minimal config that works and then add in other site, caching, whatever.
But on a quick scan, the server block that does the fastcgi_pass has no listen directive, so there would be no way to hit that config.
Also:
Q: "Does nginx need a special module to run php to function ?"
A: No, not specifically for php. FastCGI is the module your using to contact php via standard protocol.
I do not know why do you change nginx.conf, I usually don't do that. I edit configs in sites available:
Maybe you should try my nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
Then in sites_available place the config from my blog:
server {
# https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-on-ubuntu-20-04
listen 80;
server_name wordpress.darius;
root /home/darius/Private/Projects/wordpress;
index index.html index.htm index.php;
location / {
# https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-lemp-on-ubuntu-20-04#prerequisites
try_files $uri $uri/ /index.php$is_args$args;
# end https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-lemp-on-ubuntu-20-04#prerequisites
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
# end https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-on-ubuntu-20-04
# https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-lemp-on-ubuntu-20-04#prerequisites
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; allow all; }
location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
expires max;
log_not_found off;
}
#end https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-lemp-on-ubuntu-20-04#prerequisites
}
In fastcgi.conf the difference I see that in your file there is
fastcgi_param REMOTE_USER $remote_user;
but in my there is no such line. Same with /etc/nginx/fastcgi_params
There are little differences from your in fastcgi-php.conf, my file looks like this:
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;
# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
include fastcgi.conf;
Also I am not changing this file ever I think.
cgi.fix_pathinfo in my case is On.
Not sure if there can be problem with the order of includes, since I do not modify those configs, besides ones in sites-available dir.
So try with my configs. And then if that works, make changes little by little to match your needs. Then you should find exactly which part makes it not work.
As you can see I use php 8 so I reccomend it to you also, or change values in my configs examples.
Related
I'm trying to setup a wordpress server, but before that I need to get PHP working. Currently I have installed and configured nginx and php 7.3, but the php is not rendering, it is just showing text.
Main Issue:
[root#a-knapsack-sav ~]# cat /usr/share/nginx/html/info.php
<?php
phpinfo();
?>
[root#a-knapsack-sav ~]# curl http://localhost/info.php
<?php
phpinfo();
?>
Obviously I should expect to see some content from the above, but I'm not. The following is all of the setup that I've done. Hopefully someone can see this and point out my likely omission.
What OS are you using?
[root#a-knapsack-sav nginx]# rpm -q centos-release
centos-release-7-6.1810.2.el7.centos.x86_64
Is nginx even installed?
[root#a-knapsack-sav nginx]# nginx -v
nginx version: nginx/1.15.12
Is php even installed?
[root#a-knapsack-sav nginx]# php -v
PHP 7.3.5 (cli) (built: Apr 30 2019 08:37:17) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.3.5, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.3.5, Copyright (c) 1999-2018, by Zend Technologies
Where is nginx installed?
[root#a-knapsack-sav nginx]# pwd
/etc/nginx
[root#a-knapsack-sav nginx]# ls
conf.d fastcgi_params koi-utf koi-win mime.types modules nginx.conf scgi_params sites-available sites-enabled uwsgi_params win-utf
Is php-fpm even running?
[root#a-knapsack-sav nginx]# systemctl status php-fpm
● php-fpm.service - The PHP FastCGI Process Manager
Loaded: loaded (/usr/lib/systemd/system/php-fpm.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2019-05-03 10:42:25 CDT; 7h ago
Main PID: 2772 (php-fpm)
Status: "Processes active: 0, idle: 5, Requests: 0, slow: 0, Traffic: 0req/sec"
CGroup: /system.slice/php-fpm.service
├─2772 php-fpm: master process (/etc/php-fpm.conf)
├─2773 php-fpm: pool www
├─2774 php-fpm: pool www
├─2775 php-fpm: pool www
├─2776 php-fpm: pool www
└─2777 php-fpm: pool www
Is nginx even running?
[root#a-knapsack-sav nginx]# systemctl status nginx
● nginx.service - nginx - high performance web server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2019-05-03 17:19:55 CDT; 31min ago
Docs: http://nginx.org/en/docs/
Process: 4299 ExecStop=/bin/kill -s TERM $MAINPID (code=exited, status=0/SUCCESS)
Process: 4302 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=0/SUCCESS)
Main PID: 4303 (nginx)
CGroup: /system.slice/nginx.service
├─4303 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
└─4304 nginx: worker process
Did you edit you php.ini?
Only the cgi.fix_pathinfo for security.
[root#a-knapsack-sav nginx]# cat /etc/php.ini | grep cgi.fix
; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's
; http://php.net/cgi.fix-pathinfo
cgi.fix_pathinfo=0
Did you update php's conf settings to for nginx?
I think so.
[root#a-knapsack-sav ~]# cat /etc/php-fpm.d/www.conf | grep listen
; - 'listen' (unixsocket)
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; 'port' - to listen on a TCP socket to all addresses
; '/path/to/unix/socket' - to listen on a unix socket.
listen = /var/run/php-fpm/php-fpm.sock
; Set listen(2) backlog.
;listen.backlog = 511
listen.owner = nobody
listen.group = nobody
;listen.mode = 0660
; When set, listen.owner and listen.group are ignored
;listen.acl_users = apache,nginx
;listen.acl_groups =
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
listen.allowed_clients = 127.0.0.1
; listen queue - the number of request in the queue of pending
; connections (see backlog in listen(2));
; max listen queue - the maximum number of requests in the queue
; listen queue len - the size of the socket queue of pending connections;
; listen queue: 0
; max listen queue: 1
; listen queue len: 42
[root#a-knapsack-sav ~]# cat /etc/php-fpm.d/www.conf | grep nginx
user = nginx
group = nginx
;listen.acl_users = apache,nginx
Did you update nginx's conf properly?
As far as I know to....
[root#a-knapsack-sav ~]# cat /etc/nginx/conf.d/default.conf
server {
listen 80;
# listen [::]:80;
server_name A.B.C.D;
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~* \.php$ {
try_files $uri =404;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
# location ~ /.ht {
# deny all;
# }
}
Do you have your info.php file in the correct place?
Yezzir.
[root#a-knapsack-sav ~]# ls /usr/share/nginx/html
50x.html index.html info.php
What about your nginx.conf?
[root#a-knapsack-sav ~]# cat /etc/nginx/nginx.conf
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*.conf;
server_names_hash_bucket_size 64;
}
What about your sites-available conf?
I don't know if this is needed but I tried it anways.
[root#a-knapsack-sav ~]# cat /etc/nginx/sites-available/default.conf
server {
listen 80;
server_name A.B.C.D;
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ .php$ {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# location ~ /.ht {
# deny all;
# }
}
Did you forget to link sites-enabled and sites-available?
Nope :)
[root#a-knapsack-sav ~]# ls -lrt /etc/nginx/sites-enabled
total 0
lrwxrwxrwx. 1 root root 39 May 3 12:40 default.conf -> /etc/nginx/sites-available/default.conf
I hope this is everything. I think this is everything I've done. The index.html loads when I curl http://localhost but as shown above the info.php is not rendered when called. I think, I've set this up almost correct, but I'm pretty sure I missed something. Please let me know if something seems off. I tried to follow https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-on-centos-7 (mysql is on another server). Also if there is any configuration that I need to change so that curl http://A.B.C.D doesn't hang and returns like curl http://localhost, I'd appreciate it. Thanks :)
Edit:
What is your entire config?
[root#a-knapsack-sav ~]# nginx -T
nginx: [warn] conflicting server name "A.B.C.D" on 0.0.0.0:80, ignored
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*.conf;
server_names_hash_bucket_size 64;
}
# configuration file /etc/nginx/mime.types:
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
# configuration file /etc/nginx/conf.d/default.conf:
server {
listen 80;
# listen [::]:80;
server_name A.B.C.D;
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~* \.php$ {
try_files $uri =404;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
# location ~ /.ht {
# deny all;
# }
}
# configuration file /etc/nginx/fastcgi_params:
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
# configuration file /etc/nginx/conf.d/default_original.conf:
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# configuration file /etc/nginx/sites-enabled/default.conf:
server {
listen 80;
server_name A.B.C.D;
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ .php$ {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# location ~ /.ht {
# deny all;
# }
}
Following Richard Smith's question, nginx -T showed that I had another conf active that was interfering with my config, /etc/nginx/conf.d/default_original.conf. So I did mv /etc/nginx/conf.d/default_original.conf /etc/nginx/conf.d/default.conf.original to get it to no longer load and I changed the include /etc/nginx/fastcgi_params; to include fastcgi_params; in /etc/nginx/sites-available/default.conf. After doing this I restarted nginx (systemctl restart nginx) and curl http://localhost return an expected output of html tables.
You will have to bear with me here while I try and explain this the best I can.
I am working with a nginx server that I did not set up, I have very little knowledge of nginx. I have set up a new wordpress website which lives under the following url structure subsubdomain.subdomain.domain.com/website/ it is important that the full wordpress website is functional within the /website/ directory.
I have the site set up and the home page works perfectly when I navigate to subsubdomain.subdomain.domain.com/website/, but when I navigate to a subpage subsubdomain.subdomain.domain.com/website/resources/ the server throws File not found.
From my little knowledge of nginx I think this is a file permissions issue, I have logged into the server and run the following command sudo chmod 777 -R /path/to/website and also done sudo chown www:www -R /path/to/website to try and give full access. Unfortunately this has not worked either.
When checking the website access_log and error_log, they are empty. I then checked the nginx main log file and found the following error:
2018/05/31 04:07:42 [crit] 32426#0: *120 open() "/usr/share/nginx//var/www/sites-running/subsubdomain.subdomain.website.com/logs/nginx.access.log" failed (2: No such file or directory) while logging request, client: **.***.***.***, server: *.subdomain.domain.com, request: "GET /website/resources/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "subsubdomain.subdomain.domain.com", referrer: "http://subsubdomain.subdomain.domain.com/website/"
I'll be honest with you guys, this means nothing to me. All I can see is that it looks like the path to the log file is bad. So I went to my website nginx-vhost.conf file to see how it is defined and I have the following code:
access_log /var/www/sites-running/subsubdomain.subdomain.website.com/logs/nginx.access.log
Which looks all good to me.
So now I am stuck, I have no idea how to fix this so if anyone can make some sense of this and can help me out that would be amazing.
Cheers,
Luke.
UPDATE
I have just run nginx -V and noticed that there is a value called prefix, here is the value:
--prefix=/usr/share/nginx
It looks like this could be my problem but I have no idea what this is, how it is used and do not know the damage i could cause if I change it.
UPDATE
Here is my website nginx-vhost.conf file.
# Nginx configuration for Website
# This is for development purposes
server{
listen 80;
server_name subsubdomain.subdomain.domain.com;
set $site_root "/var/www/sites-available/$host";
set $public_html "$site_root/public_html";
set $logs_dir "$site_root/logs";
set $nginx_root "$site_root/webapps/ROOT";
root $nginx_root;
error_log /var/www/sites-available/subsubdomain.subdomain.domain.com/logs/nginx.error.log;
access_log /var/www/sites-available/subsubdomain.subdomain.domain.com/logs/nginx.access.log main;
index index.php;
#default_type text/html;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
#add_header 'Access-Control-Allow-Origin' "*";
# ------------------------------------------------------
#
# static resources routing for version control on assets
#
# ------------------------------------------------------
#location ~ ^/static/([^/]+)/(content|resources)/(.*)$ {
# alias $public_html/$2/$3;
#}
#location ~ ^/content/(.*)$ {
# alias $public_html/content/$1;
#}
location / {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?$args;
}
location /wp-admin {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /wp-admin/index.php?$args;
}
# ----------------------------------------
#
# PHP
#
# ----------------------------------------
location ~ \.php {
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include /etc/nginx/fastcgi_params;
fastcgi_intercept_errors off;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SERVER_NAME $host;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param CONTENT_ROOT $public_html/content;
fastcgi_param CONTENT_UPLOAD_DIR $public_html/content;
fastcgi_param LOGS_ROOT $logs_dir;
fastcgi_param app.profile staging;
fastcgi_param APP_MODE staging;
fastcgi_param DB_NAME **********;
fastcgi_param DB_USER **********;
fastcgi_param DB_PASS **********;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}
Here is my main nginx.conf file
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
server_names_hash_bucket_size 128;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
client_max_body_size 100m;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
index index.html index.htm;
server {
listen 80 default_server;
server_name _;
root /usr/share/nginx/html;
#root /var/www/sites-running/nginx-default;
#index index.html index.htm;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
}
# redirect server error pages to the static page /40x.html
#
error_page 404 /404.html;
location = /40x.html {
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# root html;
# location / {
# }
#}
# HTTPS server
#
#server {
# listen 443;
# server_name localhost;
# root html;
# ssl on;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_timeout 5m;
# ssl_protocols SSLv2 SSLv3 TLSv1;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# }
#}
}
Thanks to everyone for their help. I have finally managed to figure out what was going wrong. I needed to update my conf file to have a second location statement which looked inside of the /website/ folder.
like so:
location /website/ {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/website/ /website/index.php?$args;
}
Here is my full nginx-vhost.conf file:
# Nginx configuration for Website
# This is for development purposes
server{
listen 80;
server_name subsubdomain.subdomain.domain.com;
set $site_root "/var/www/sites-available/$host";
set $public_html "$site_root/public_html";
set $logs_dir "$site_root/logs";
set $nginx_root "$site_root/webapps/ROOT";
root $nginx_root;
error_log /var/www/sites-available/subsubdomain.subdomain.domain.com/logs/nginx.error.log;
access_log /var/www/sites-available/subsubdomain.subdomain.domain.com/logs/nginx.access.log main;
index index.php;
#default_type text/html;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
#add_header 'Access-Control-Allow-Origin' "*";
# ------------------------------------------------------
#
# static resources routing for version control on assets
#
# ------------------------------------------------------
#location ~ ^/static/([^/]+)/(content|resources)/(.*)$ {
# alias $public_html/$2/$3;
#}
#location ~ ^/content/(.*)$ {
# alias $public_html/content/$1;
#}
location /website/ {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/website/ /website/index.php?$args;
}
location / {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?$args;
}
location /wp-admin {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /wp-admin/index.php?$args;
}
# ----------------------------------------
#
# PHP
#
# ----------------------------------------
location ~ \.php {
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include /etc/nginx/fastcgi_params;
fastcgi_intercept_errors off;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SERVER_NAME $host;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param CONTENT_ROOT $public_html/content;
fastcgi_param CONTENT_UPLOAD_DIR $public_html/content;
fastcgi_param LOGS_ROOT $logs_dir;
fastcgi_param app.profile staging;
fastcgi_param APP_MODE staging;
fastcgi_param DB_NAME **********;
fastcgi_param DB_USER **********;;
fastcgi_param DB_PASS **********;;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}
I was able to set up nginx server blocks as per tutorials. When I try to access the sites through the respective domain names I am directed to the same site.
I have been trying to multiple the subsite of /site1 under localhost in windows.
nginx.conf
#user nobody;
# worker_processes 1;
worker_processes auto;
# error_log logs/error.log;
# error_log logs/error.log notice;
# error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root H:\www\html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root H:\www\html;
}
# this is the default server
location = /site1 {
return 301 /site1/;
}
location ^~ /site1/ {
root H:\www\html\drupal-8.1.10;
index index.php;
}
location ~ /site1/\.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9123;
fastcgi_index index.php;
include fastcgi_params;
}
}
}
www directory:
H:\www\html>tree /f
Folder PATH listing for volume 975
Volume serial number is 0000-043C
H:.
│ 50x.html
│ index.html
│ drupal.tar.gz
│
└───drupal-8.1.10
index.php
The potential URL should be:
localhost
localhost/site1
Thanks
In Windows use:
nginx path on the same drive e.g:
H:/nginx
pid full absolute path e.g:
pid H:/nginx/logs/nginx.pid;
error logs enable e.g (uncoment):
error_log logs/error.log;
error_log logs/error.log notice;
error_log logs/error.log info;
set|enable output log format
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
correct root into server block is (in double ""):
server{
location /{
root "H:/nginx/www/html";
}
}
correct php fastCGI params e.g:
server{
location ~ /site1/\.php$ {
root www/html/site1
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME C:/nginx/www/html/site1$fastcgi_script_name;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
include fastcgi_params;
}
}
Well I think that's it.
All root settings must be enclosed in double quotes and normal bar (/) do not forget to see the log of errors ... it says a lot :)
My sample configuration:
init.bat (to start|close service)[can not serve you]
#ECHO OFF
TITLE LOCALHOST SERVICE
REM GO TO NGINX DIR
CD C:/nginx
TASKLIST /FI "IMAGENAME eq nginx.exe" | FIND /I "nginx.exe" > NUL && (GOTO STOP) || (GOTO START)
:START
ECHO.
ECHO ---------------------------- STARTING NGINX SERVER ----------------------------
ECHO.
REM START NGINX SERVICE
START/MIN nginx.exe
ECHO.
ECHO ----------------------------- STARTER PHP SERVICE -----------------------------
ECHO.
REM START PHP SERVICE (FOR NGINX)
php/php-cgi.exe -b 127.0.0.1:9000 -c C:/nginx/php/php.ini
REM GO TO "END" BLOCK FOR DON'T EXECUTE "STOP" BLOCK ¬¬
GOTO END
:STOP
REM QUIT|STOP NGINX SERVICE
REM OLD-COMMAND: START nginx.exe -s quit
TASKKILL /F /IM nginx.exe > NUL
REM STOP PHP SERVICE
TASKKILL /F /IM php-cgi.exe > NUL
GOTO END
:END
Ok the init.bat file lets you start or stop nginx and php with just a double-click simple.
You can add it there someone icon and place it in such work area.
Assuming php run in a subdirectory nginx would have the following structure:
// System hard drive (in my case)
---C:
| // nginx path
|--------nginx
|
|---nginx.exe //executable
|
|---conf // configurations path
|
|---logs // logs path
|
|---pid // path to pid your proccess
|
|---html // path to your server (or blocks)
|
|---mime.types // archive list mime types
|
|---init.bat // optinal
A good practice is to use server-blocks even if they do not use subdomains.
For this create a folder in "C:/nginx/conf" called "sites-enabled" and make a "backup" of your nginx configuration file "C:/nginx/conf/nginx.conf" for such "nginx.conf.bk".
The new configuration file would look like this:
nginx.conf (modified)
# Configuration File - Nginx Server Configs
# http://nginx.org/en/docs/dirindex.html
# Run as a unique, less privileged user for security reasons.
# user www www;
# Sets the worker threads to the number of CPU cores available in the system for best performance.
# Should be > the number of CPU cores.
# Maximum number of connections = worker_processes * worker_connections
worker_processes auto;
# Maximum number of open files per worker process.
# Should be > worker_connections.
worker_rlimit_nofile 8192;
events {
# If you need more connections than this, you start optimizing your OS.
# That's probably the point at which you hire people who are smarter than you as this is *a lot* of requests.
# Should be < worker_rlimit_nofile.
worker_connections 8000;
}
# Log errors and warnings to this file
# This is only used when you don't override it on a server{} level
error_log logs/error.log warn;
# The file storing the process ID of the main process
pid C:/nginx/pids/nginx.pid;
http {
# Hide nginx version information.
server_tokens off;
# Specify MIME types for files.
include mime.types;
default_type application/octet-stream;
# Update charset_types to match updated mime.types.
# text/html is always included by charset module.
charset_types text/css text/plain text/vnd.wap.wml application/javascript application/json application/rss+xml application/xml;
# Include $http_x_forwarded_for within default format used in log files
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# Log access to this file
# This is only used when you don't override it on a server{} level
access_log logs/access.log main;
# How long to allow each connection to stay idle.
# Longer values are better for each individual client, particularly for SSL,
# but means that worker connections are tied up longer.
keepalive_timeout 20s;
# Speed up file transfers by using sendfile() to copy directly
# between descriptors rather than using read()/write().
# For performance reasons, on FreeBSD systems w/ ZFS
# this option should be disabled as ZFS's ARC caches
# frequently used files in RAM by default.
sendfile on;
# Don't send out partial frames; this increases throughput
# since TCP frames are filled up before being sent out.
tcp_nopush on;
# Enable gzip compression.
gzip on;
# Compression level (1-9).
# 5 is a perfect compromise between size and CPU usage, offering about
# 75% reduction for most ASCII files (almost identical to level 9).
gzip_comp_level 5;
# Don't compress anything that's already small and unlikely to shrink much
# if at all (the default is 20 bytes, which is bad as that usually leads to
# larger files after gzipping).
gzip_min_length 256;
# Compress data even for clients that are connecting to us via proxies,
# identified by the "Via" header (required for CloudFront).
gzip_proxied any;
# Tell proxies to cache both the gzipped and regular version of a resource
# whenever the client's Accept-Encoding capabilities header varies;
# Avoids the issue where a non-gzip capable client (which is extremely rare
# today) would display gibberish if their proxy gave them the gzipped version.
gzip_vary on;
# Compress all output labeled with one of the following MIME-types.
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
# text/html is always compressed by gzip module
# This should be turned on if you are going to have pre-compressed copies (.gz) of
# static files available. If not it should be left off as it will cause extra I/O
# for the check. It is best if you enable this in a location{} block for
# a specific directory, or on an individual server{} level.
# gzip_static on;
# Include files in the sites-enabled folder. server{} configuration files should be
# placed in the sites-available folder, and then the configuration should be enabled
# by creating a symlink to it in the sites-enabled folder.
# See doc/sites-enabled.md for more info.
include C:/nginx/conf/sites-enabled/*.conf;
}
Note that the end of this example we "including" all files ".conf" of "sites-enabled" folder.
If you do not use server-blocks you can simply create a file "default.conf" that will have your server settings.
Something like this:
default.conf (example)
server {
listen 80;
keepalive_timeout 300s;
# define path to this project
root "C:/nginx/html/your_path_here";
# Specify a charset
charset utf-8;
# define your server name
server_name localhost;
index index.php index.html;
autoindex off;
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 ------------------------------
#
location ~ \.php$ {
# root for PHP FASTCGI MAPING
root html/your_path_here;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME C:/nginx/html/your_path_here$fastcgi_script_name;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
include fastcgi_params;
}
# Prevent clients from accessing hidden files (starting with a dot) -------------------
# This is particularly important if you store .htpasswd files in the site hierarchy
# Access to `/.well-known/` is allowed.
# https://www.mnot.net/blog/2010/04/07/well-known
# https://tools.ietf.org/html/rfc5785
location ~* /\.(?!well-known\/) {
deny all;
}
# Prevent clients from accessing to backup/config/source files ------------------------
location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ {
deny all;
}
# Expire rules for static content -----------------------------------------------------
# No default expire rule. This config mirrors that of apache as outlined in the
# html5-boilerplate .htaccess file. However, nginx applies rules by location,
# the apache rules are defined by type. A consequence of this difference is that
# if you use no file extension in the url and serve html, with apache you get an
# expire time of 0s, with nginx you'd get an expire header of one month in the
# future (if the default expire rule is 1 month). Therefore, do not use a
# default expire rule with nginx unless your site is completely static
# cache.appcache, your document html and data -----------------------------------------
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
expires -1;
access_log logs/static.log;
}
# Feed --------------------------------------------------------------------------------
location ~* \.(?:rss|atom)$ {
expires 1h;
add_header Cache-Control "public";
}
# Media: images, icons, video, audio, HTC ---------------------------------------------
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
# CSS and Javascript ------------------------------------------------------------------
location ~* \.(?:css|js)$ {
expires 1y;
access_log off;
add_header Cache-Control "public";
}
# WebFonts ----------------------------------------------------------------------------
# If you are NOT using cross-domain-fonts.conf, uncomment the following directive
# location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$ {
# expires 1M;
# access_log off;
# add_header Cache-Control "public";
# }
}
For local development is a good choice to set cache negatito (-1) to always update to load the page.
Note that the configuration shown here is just an example and you may (or may not) use them.
Also note that by defining a root directory I put "your_path_here" replace as your real directory name.
This directory must be inside the folder "html" in "C:/nginx/html/".
To create a server-block to "site1" create a new configuration file in "sites-enabled" with any name and point to the corresponding root directory, this assuming your hosts file ("C:/Windows/System32/drives/etc/") has "site1" to "127.0.0.1" or subdomain is set to localhost (127.0.0.1 site1.localhost)
i Use
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME C:/nginx-0.7.60/html$fastcgi_script_name; #this is the one line for edition
include fastcgi_params;
}
C:\PHP5\php-cgi.exe -b 127.0.0.1:9000
I have problem with setting up my docker environment on remote machine.
I prepared local docker machines. Problem is with nginx + php-fpm.
Nginx act as nginx user, php-fpm act as www-data user. Files on host machine (application files) are owned by user1. chmods are default for symfony2 application.
When I access my webserver it returns 404 error or just simple "file not found".
For a while exact same configuration works on my local Ubuntu 16.04, but fails on Debian Jessie on server. Right now it doesn't work on both. I tried everything, asked on sysops groups and googled for hours. Do you hve any idea?
Here is my vhost configuration
server {
listen 80;
server_name dev.xxxxx.co xxxxx.dev;
root /usr/share/www/co.xxxxx.dev/web;
index app_dev.php;
client_max_body_size 100M;
fastcgi_read_timeout 1800;
location / {
# try to serve file directly, fallback to app.php
try_files $uri $uri/ /app.php$is_args$args;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
access_log off;
}
location ~ ^/(app_dev|config)\.php(/|$) {
fastcgi_pass php-fpm:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
}
location ~ ^/app\.php(/|$) {
fastcgi_pass php-fpm:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/app.php/some-path
# Remove the internal directive to allow URIs like this
internal;
}
location ~ \.php$ {
return 404;
}
}
nginx configuration
user root;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
And my docker compose
version: '2'
services:
nginx:
image: nginx
ports:
- 8082:80
volumes:
- /home/konrad/Workspace:/usr/share/www:ro
- ./conf/nginx.conf:/etc/nginx/nginx.conf:ro
- ./sites:/etc/nginx/conf.d:ro
php-fpm:
image: php:fpm
ports:
- 9000:9000
volumes:
- /home/konrad/Workspace:/usr/share/www
- ./conf/www.conf:/etc/php/7.0/fpm/pool.d/www.conf
- ./conf/php.ini:/usr/local/etc/php/conf.d/90-php.ini:ro
On remote server files are accesible, visible as property of 1001:1001
I've been banging my head against the wall with this one for some time now with no success.
I'm loosely following Ars' Web Served series of articles to install Nginx, PHP and MariaDB on OS X. Everything has been working fine until Wordpress. I've installed Wordpress on Apache plenty of times without incident so I'm sure it's some Nginx concept I haven't grasped.
My site is called "garden". I can run garden:8080/phpinfo.php no worries and it shows PHP is working, and that it is talking to the homebrew version of PHP in /usr/local/ that I want it to be talking to rather than the one that comes with OS X.
I can also run garden:8080/sqlbuddy/ and SQL buddy runs and talks to the database no worries.
I currently have the WordPress files in the webroot ('garden'), but have them in a sub-directory as well with no success.
If I try garden:8080/wp-admin/install.php or any other WP file I get a 502 with the following error in the Nginx log:
2016/01/10 13:33:47 [error] 2170#0: *484 upstream prematurely closed connection while reading response header from upstream, client: 127.0.0.1, server: garden, request: "GET /wp-admin/install.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "garden:8080"
Interestingly I can go to garden:8080/index.php and I get a WP page telling me that wp-config.php cannot be found. I tried adding a wp-config.php to appease it but now I get a Safari redirect loop error.
So given all of that and following every Nginx 502 troubleshooting guide I can find I think it's some form of error with my location and/or try files configs in Nginx rather than a PHP-fpm issue. But happy to be proven wrong.
Apologies for state of conf files, but they've seen a bit of work.
nginx.conf
#user nobody;
worker_processes 2;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 768;
}
http {
include mime.types;
include sites-enabled/*; #load virtuals config
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
client_max_body_size 4096k;
client_header_timeout 10;
client_body_timeout 10;
#keepalive_timeout 0;
keepalive_timeout 10 10;
send_timeout 10;
#php-fpm params
fastcgi_buffers 4 16k;
fastcgi_buffer_size 16k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
gzip on;
gzip_disable "msie6";
gzip_min_length 1100;
gzip_vary on;
gzip_proxied any;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/json application/x-javascript
text/xml application/xml application/rss+xml text/javascript
image/svg+xml application/x-font-ttf font/opentype
application/vnd.ms-fontobject;
server_tokens off;
server {
listen 8080;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html/garden;
index index.html index.htm index.php;
try_files $uri $uri/ /index.php?$args;
}
# configure *.PHP requests
# location ~ \.php$ {
# root html/garden;
# try_files $uri $uri/ /index.php?$args ;
# index index.html index.htm index.php;
# fastcgi_param PATH_INFO $fastcgi_path_info;
# fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_split_path_info ^(.+\.php)(/.+)$;
# fastcgi_intercept_errors on;
# include fastcgi_params;
# }
location ~ /\. { access_log off; log_not_found off; deny all; }
location ~ ~$ { access_log off; log_not_found off; deny all; }
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
include servers/*;
}
Garden (website conf. file.)
server {
listen *:8080;
server_name garden;
#access_log /Users/{username}/{webfolder}/{hostfile}/log/access.log;
# error_log /html/garden/log/error.log;
root html/garden;
index index.html index.htm index.php ;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri $uri/ /index.php?$args ;
#commented out this block troubleshooting earlier
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_intercept_errors on;
include fastcgi_params;
#This block is direct from Ars Web Served Part 3
# try_files $uri =404;
# include fastcgi_params;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_intercept_errors on;
}
#location /blog/ {
# try_files $uri $uri/ /blog/index.php?$args;
#allow 192.168.1.0/24;
# allow 127.0.0.1;
# deny all;
#}
#location ~ /blog/.*\.php$ {
# allow 192.168.1.0/24;
# allow 127.0.0.1;
# deny all;
# try_files $uri =404;
# include fastcgi_params;
# fastcgi_index index.php;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_param PATH_INFO $fastcgi_path_info;
# fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_split_path_info ^(.+\.php)(/.+)$;
# fastcgi_intercept_errors on;
#}
}
fastcgi-params
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
php-fpm.conf relevant bit. I tried changing the user and group to match the same user and group that Nginx is running as but no success.
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
; Multiple pools of child processes may be started with different listening
; ports and different management options. The name of the pool will be
; used in logs and stats. There is no limitation on the number of pools which
; FPM can handle. Your system will tell you anyway :)
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[www]
; Per pool prefix
; It only applies on the following directives:
; - 'access.log'
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
; - 'chdir'
; - 'php_values'
; - 'php_admin_values'
; When not set, the global prefix (or /usr/local/Cellar/php56/5.6.16) applies instead.
; Note: This directive can also be relative to the global prefix.
; Default Value: none
;prefix = /path/to/pools/$pool
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = _www
group = _www
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all IPv4 addresses on a
; specific port;
; '[::]:port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = 127.0.0.1:9000
; Set listen(2) backlog.
; Default Value: 65535 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 65535
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
;listen.owner = _www
;listen.group = _www
listen.mode = 666
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a TCP listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any IP address.
; Default Value: any
;listen.allowed_clients = 127.0.0.1
; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; process.priority = -19
; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes is set dynamically based on the
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter is used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = dynamic
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI. The below defaults are based on a server without many resources. Don't
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 10
Many for any and all help.