I'm trying to setup Nginx as a reverse proxy for Apache, from what I've read, it allows nginx to serve static content and Apache handles the backend PHP stuff, but i cant seem to get Apache to render.
I'm on CentOS7, i installed nginx just using yum install nginx, then i installed PHP7.2 by doing the following;
yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum-config-manager --enable remi-php72
yum install php72 php72-php-fpm php72-php-mysqlnd php72-php-opcache php72-php-xml php72-php-xmlrpc php72-php-gd php72-php-mbstring php72-php-json
running php72 -v gives me
PHP 7.2.13 (cli) (built: Dec 8 2018 10:59:58) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.2.13, Copyright (c) 1999-2018, by Zend
Technologies
I then ran
ln -s /usr/bin/php72 /usr/bin/php
As yum installs the command as php72
I edited nginx.conf and changed the user from nginx to apache and changed the server block to;
server {
listen 80 default;
server_name 108.xxx.xxx.xxx;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
root /var/www/html;
proxy_pass http://127.0.0.1:8080/;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
I also added /etc/nginx/conf.d/proxy.conf with the following;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
I then installed Apache2 via yum install httpd.
I have then edited the Apache2 httpd.conf file;
- Listen 80
+ Listen 127.0.0.1:8080
I also edited /etc/opt/remi/php72/php-fpm.d/www.conf and changed user and group to apache and also
listen = /var/run/php-fpm.sock
listen.owner = apache
listen.group = apache
listen.mode = 0660
These are the only changes I have made.
I added 2 files to /var/www/html, index.html and index.php ... The index.html works perfect, and when i check with browserspy, it says that it is being served by Nginx, excellent. But when I run the index.php file it displays the actual php code and doesn't render it.
I have never really worked with Apache2 before, so i am unsure of how to look for the error. When i loook in Apache2 modules directory i can't find any PHP modules
ls -lah /etc/httpd/modules/ | grep php
returns nothing at all.
Any help would be really greatful, I have been looking for a solution for days.
Thanks
Nginx can definitely execute PHP scripts without the need of proxying back to Apache.
The reason why you're seeing just the PHP code rather than the website, is because your Apache configuration likely does not have the PHP module enabled.
You can do this by running yum --enablerepo=remi install php and running service apache2 restart to restart the server with the new configuration.
Installing the base PHP packages also adds the required modules for PHP files to be executed by Apache.
This should allow your server to start executing the PHP scripts as you expect.
If you'd like to instead run your PHP website via Nginx instead, you'll need to make some slight modifications to your Nginx configuration.
Firstly, you'll need to replace your location block to use the files on your local filesystem and then point any .php file to run using PHP-FPM.
location / {
root /var/www/html;
try_files $uri $uri/ =404;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
Related
Do I need to add any additional configuration to enable keepalive to my PHP-FPM backend?
upstream php_backend {
zone upstreams 64K;
server unix:/var/run/php-fpm.sock max_fails=1 fail_timeout=2s;
keepalive 10;
}
# Pass off php requests to PHP-FPM
location ~* \.php {
try_files $uri =404;
access_log /var/log/php-fpm/example_access.log;
include /usr/local/etc/nginx/php-fpm.conf;
fastcgi_pass php_backend;
}
In the following Nginx guides, when you don't use unix sockets you must add :
proxy_http_version 1.1;
proxy_set_header "Connection" "";
Source :
https://www.nginx.com/blog/avoiding-top-10-nginx-configuration-mistakes/#no-keepalives
https://www.nginx.com/blog/avoiding-top-10-nginx-configuration-mistakes/#upstream-groups
Is there any additional config I need to add when using a unix socket?
You will need to change keepalive_timeout value in nginx.conf.
In linux (Debian) it is located in /etc/nginx/nginx.conf:
And restart your server with: sudo service nginx restart.
You may also restart fpm after any change in config with sudo service php7.4-fpm restart. (It is php7.4-fpm in may case)
To see all available services use systemctl list-units --type=service --all
nginx version: nginx/1.18.0 (Ubuntu 20)
PHP 7.4.3 (cli) (built: Feb 24 2022 14:55:48) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
with Zend OPcache v7.4.3, Copyright (c), by Zend Technologies
I've created a simple page in html, for execute a script in php with a button.
Here my html:
<html>
<head>
</head>
<body>
hello
<form action="path-of-myphp.php" method="post">
<input type="submit" name="backupMySql" value="Backup"/>
</form>
</body>
</html>
and here my php
<?php
echo "Hello";
?>
Here my nginx config
server {
server_name mysite.com;
location / {
proxy_pass https://localhost:5003;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ \.(php)$ {
include /etc/nginx/fastcgi.conf;
try_files $uri =404;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = mysite.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name mysite.com;
listen 80;
return 404; # managed by Certbot
}
I see correctly the button, but when i click on it, i am redirected to another url, and this url is www.mysite.com/path-of-myphp.php
error nginx
I don't undestand why my nginx can't execute this simple php, meanwile by shell i can execute all..
Anyone have tips?
thank very much
The nginx error is a 404 not found error and it means that nginx can't find your file.
Due to your nginx configuration your website root is in /var/www/html, so make sure that your php file is inside this directory:
/var/www/html/path-of-myphp.php
Please take a look also to the permissions of your php file. It has to be readable by www-data user
chown (your user or www-data):www-data /var/www/html/path-of-myphp.php
chmod 755 /var/www/html/path-of-myphp.php
In this way the www-data user has at least read and execution permissions by the group.
I installed nginx 1.10.3 and php 5.5.38 as a development server on macOS 10.12.4
When I try a test php file in my browser the body is empty but the response headers seem ok:
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Wed, 29 Mar 2017 11:35:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.38
There are no errors in php-fpm.log or nginx/error.log
my nginx.conf has:
server {
listen 80;
server_name wordpress.bob;
root /Users/mark/Sites/wordpress;
include /usr/local/etc/nginx/global_restrictions.conf;
include /usr/local/etc/nginx/wordpress.conf;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/usr/local/var/run/php-www.sock;
fastcgi_index index.php;
include fastcgi_params;
}
}
wordpress.bob is a local hostname for testing pointing to 127.0.0.1 in etc/hosts
php-fpm.conf has:
listen = '/usr/local/var/run/php-www.sock'
Any ideas what I'm doing wrong?
It's hard to help without the ability to read all the configuration files.
You just posted one, not the included ones nor php-fpm.conf. This is not a disapproval (a wall of configuration files is not quite appropriate in a question) but it's just to point out that the configuration file we "don't see" may differ depending on installation.
Anyway I see some differences from the configuration file I have on a server for a wordpress site.
Here are some hints considering that as you don't get any errors php-fpm is running and nginx can "communicate" to it via the socket (otherwise you would get a bad gateway error).
At the beginning...
server {
listen 80;
server_name wordpress.bob;
root /Users/mark/Sites/wordpress;
index index.php; # <-- ADD THIS
Make sure in the included wordpress.conf you have
location / {
try_files $uri $uri/ /index.php?$args;
}
The last part...
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_buffer_size 128k;
fastcgi_buffers 256 16k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 512k;
fastcgi_intercept_errors on;
fastcgi_max_temp_file_size 0;
fastcgi_connect_timeout 3s;
fastcgi_send_timeout 5s;
fastcgi_read_timeout 5s;
include fastcgi.conf; # <--- fastcgi.conf, NOT fastcgi_params
fastcgi_pass /usr/local/var/run/php-www.sock;
}
The difference between fastcgi.conf and fastcgi_params (on my installation) is just one line:
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
If this line is missing php code is not able to read $_SERVER['SCRIPT_FILENAME'] and (I think) this may break wordpress code resulting in empty output.
Finally make sure php-fpm worker processes have privileges to access /usr/local/var/run/php-www.sock
Usually the socket has the same owner:group of the workers.
The workers user and group is set in php-fpm.conf:
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = ......
group = ......
To install NGINX with Homebrew :
$ brew install nginx
Run NGINX :
$ sudo nginx
Test the localhost nginx :
http://localhost:8080
NGINX configuration file should be in :
$ /usr/local/etc/nginx/nginx.conf
If you want to change the default port :
$ sudo nginx -s stop
$ vim /usr/local/etc/nginx/nginx.conf
Change the : listen 8080;
To : listen 80;
To save and Conf and start NGINX run :
$ sudo nginx
Then, according to your problem, you might simply be pointing to a an empty PHP file. Try to print a phpinfo() then look for "DOCUMENT_ROOT" to see where it goes.
So we're building a web application in PHP and we're trying to make requests to an external API. Problem is that we're getting a curl error:
cURL error 7: Failed to connect to external.api.com port 443: No route to host
A little bit of background now.
We're making requests using Guzzle.
We're hosting on Apache, which is running on a Linux machine and we're also using SSL.
The API is also using SSL, therefore the port 443 in error message.
The HTTP requests include a certificate for authentication.
I've managed to get it running on two different development environments but not on the production one. I suspect the problem is in the configuration of Apache, as if we haven't made it available to make requests to certain IP or port. I have no idea how to check it. I've read that I might have to change the file /etc/network/interface yet I haven't found any info on what to write there.
I've also read I have to run $ netstat -rn for answers yet I'm not sure what to look there.
EDIT:
Can't even make a simple get request without any parameters and anything.
Yet I can make requests to https://google.com and https://facebook.com. Will write more in a few.
After a lot of debugging and testing all of my code I contacted the service, whose API I was trying to consume.
They were an European service provider and they had whitelisted European IP's. Our production server was in the USA and after they whitelisted our IP, everything worked.
It worked for me for apache (httpd)
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
netstat -aln | grep 443 will show if your webserver is listening on that port.
Depending on which webserver you have installed your configuration file, for the site will be at /etc/nginx/sites-available/default, /etc/nginx/sites-available/yourSite, /etc/nginx/nginx.conf or some other similar paths for apache.
Wherever it is located, your configuration file should contain something like the following:
server {
listen 80;
listen 443 ssl;
server_name yourSite.com;
root "/path/to/yourSite";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /path/to/webserver/youSite.error.log error;
sendfile off;
client_max_body_size 100m;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
}
location ~ /\.ht {
deny all;
}
ssl_certificate /path/to/yourSite.crt;
ssl_certificate_key /path/to/yourSite.key;
}
After changing this file make sure to sudo service nginx reload or sudo service nginx restart (or the relative apache command).
sudo service nginx configtest or sudo nginx -t will help with debugging the config file.
After searching for about a whole day I found that the problem was in the iptables rules.
In my case the solution was to restore the iptables rules as follows:
create a file containing the following text:
*filter
:INPUT ACCEPT [10128:1310789]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [9631:1361545]
COMMIT*
run the command: sudo iptables-restore < /path/to/your/previously/created/file
This will hopefully fix your problem if it is an iptables issue.
today I hava face up the same question, like that
I use curl http://localhost:8080 to check my tomcat can work or not
And it's error Failed to connect to ::1: No route to host
Finally I hava solve it.Obviously, it's the problem of your Apache tomcat.
So you must check your logs firstly. If you found your port was used, find that course and kill it. Then restart your tomcat.
find the course by port: netstan -lnp | grep port
kill course: kill -9 ****
I have a Debian 7.3 installation in a VM that I am practising installing Nginx and php5-fpm on. I got the Nginx working, by assigning it a manual port of :8080 and that points to /var/www/ for data and in that directory is an index.html and info.php file.
The config file for my Nginx is located at /etc/nginx/conf.d/default.conf and looks like this:
server {
listen 8080;
root /var/www;
index index.php index.html index.htm;
server_name localhost;
location / {
try_files $uri $uri/ /index.html;
}
location /doc/ {
alias /usr/share/doc/;
autoindex on;
allow 127.0.0.1;
allow ::1;
deny all;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/www;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
I have tried changing fastcgi_pass both ways:
fastcgi_pass 127.0.0.1:9000;
and also as:
fastcgi_pass unix:/var/run/php5-fpm.sock;
In my /etc/php5/fpm/pool.d/www.conf file I have the following configuration:
[www]
user = www-data
group = www-data
listen = 127.0.0.1:9000
;listen = /var/run/php5-fpm.sock
Here too, I have uncommented the line to match in the Nginx default.conf file.
In my php.ini file I have edited it so that it shows cgi.fix_pathinfo = 0 as required by most of the guides I have seen.
When I try to load nginx, it runs OK. When I try to run php5-fpm this is what happens:
root#debianx86:/# /etc/init.d/php5-fpm status
[FAIL] php5-fpm is not running ... failed!
root#debianx86:/# /etc/init.d/php5-fpm reload
[ ok ] Reloading PHP5 FastCGI Process Manager: php5-fpm.
root#debianx86:/# /etc/init.d/php5-fpm restart
[FAIL] Restarting PHP5 FastCGI Process Manager: php5-fpm failed!
root#debianx86:/# /etc/init.d/php5-fpm start
root#debianx86:/# /etc/init.d/php5-fpm status
[FAIL] php5-fpm is not running ... failed!
root#debianx86:/#
I then open up any of the browsers on my VM and point them to either 127.0.0.1:8080 or localhost:8080 and I get the custom index.html loading that I made and it works! So I then try to load theinfo.php file and I get presented with a 404 Not Found - nginx/1.4.4.
I don't understand what I'm doing wrong. Is there something I'm missing from all this?
I installed nginx from sudo apt-get -y install nginx and sudo apt-get -y install php5-fpm too. Any dependencies they required would have been installed along with that.
Is there a script that I can run on a fresh install of Debian 7.3 that someone has got that will install it properly for me, and make all the modifications so that nginx and php5-fpm are up and running? I've looked over many of the websites with the instructions and I seem to be doing pretty much everything they do, except for the default-sites and enabled-sites, as neither of those folders exist for me, and I don't want to run my virtual hosts like that. I will run them with their own servers listed in the default.conf file.
EDIT: I have even tried following this article at DigitalOcean and it still doesn't work.
EDIT #2: I also did chown -R www-data:www-data /var/www to ensure that the user and group match the information in the www.conf file. I also tried by changing it back to the original root:root specs too. Still nothing.
I think maybe port 9000 is already being used, so php5-fpm can't bind with that port and fails to start.
in the fpm pool settings swap the line of port 9000 with the line with the sock file, then try to start php5-fpm like you were doing, if it works then all you need is to update the nginx configuratuin to proxy pass to the sock file instead of the port.