So we're building a web application in PHP and we're trying to make requests to an external API. Problem is that we're getting a curl error:
cURL error 7: Failed to connect to external.api.com port 443: No route to host
A little bit of background now.
We're making requests using Guzzle.
We're hosting on Apache, which is running on a Linux machine and we're also using SSL.
The API is also using SSL, therefore the port 443 in error message.
The HTTP requests include a certificate for authentication.
I've managed to get it running on two different development environments but not on the production one. I suspect the problem is in the configuration of Apache, as if we haven't made it available to make requests to certain IP or port. I have no idea how to check it. I've read that I might have to change the file /etc/network/interface yet I haven't found any info on what to write there.
I've also read I have to run $ netstat -rn for answers yet I'm not sure what to look there.
EDIT:
Can't even make a simple get request without any parameters and anything.
Yet I can make requests to https://google.com and https://facebook.com. Will write more in a few.
After a lot of debugging and testing all of my code I contacted the service, whose API I was trying to consume.
They were an European service provider and they had whitelisted European IP's. Our production server was in the USA and after they whitelisted our IP, everything worked.
It worked for me for apache (httpd)
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
netstat -aln | grep 443 will show if your webserver is listening on that port.
Depending on which webserver you have installed your configuration file, for the site will be at /etc/nginx/sites-available/default, /etc/nginx/sites-available/yourSite, /etc/nginx/nginx.conf or some other similar paths for apache.
Wherever it is located, your configuration file should contain something like the following:
server {
listen 80;
listen 443 ssl;
server_name yourSite.com;
root "/path/to/yourSite";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /path/to/webserver/youSite.error.log error;
sendfile off;
client_max_body_size 100m;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
}
location ~ /\.ht {
deny all;
}
ssl_certificate /path/to/yourSite.crt;
ssl_certificate_key /path/to/yourSite.key;
}
After changing this file make sure to sudo service nginx reload or sudo service nginx restart (or the relative apache command).
sudo service nginx configtest or sudo nginx -t will help with debugging the config file.
After searching for about a whole day I found that the problem was in the iptables rules.
In my case the solution was to restore the iptables rules as follows:
create a file containing the following text:
*filter
:INPUT ACCEPT [10128:1310789]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [9631:1361545]
COMMIT*
run the command: sudo iptables-restore < /path/to/your/previously/created/file
This will hopefully fix your problem if it is an iptables issue.
today I hava face up the same question, like that
I use curl http://localhost:8080 to check my tomcat can work or not
And it's error Failed to connect to ::1: No route to host
Finally I hava solve it.Obviously, it's the problem of your Apache tomcat.
So you must check your logs firstly. If you found your port was used, find that course and kill it. Then restart your tomcat.
find the course by port: netstan -lnp | grep port
kill course: kill -9 ****
Related
I currently get a warning on Wordpress saying I am on an insecure version of PHP (7.3.3).
I've been trying to follow the instructions on the following page to update the version to PHP 8.1.
https://www.cloudbooklet.com/how-to-install-or-upgrade-php-8-1-on-ubuntu-20-04/
I was able to install and enable php8.1 but stuck with the remaining steps. The article tells me to update a few lines in the location block of a conf file but I can't find it.
I looked at files like wordpress_https conf but could only find lines like this:
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
Any pointers on where I need to update the reference to php8.1? It's nginx server on Obuntu 20.04. It's for a Wordpress application installed on Vultr. Thanks.
Try this in your site' nginx config file. Comment out everything in your file or just backup the file and try this.
upstream php {
server unix:/tmp/php-cgi.socket;
server php:9000;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl;
server_name example.test www.example.test;
ssl_certificate /etc/nginx/ssl/example.test.pem;
ssl_certificate_key /etc/nginx/ssl/example.test-key.pem;
root /var/www/html;
index index.php;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include fastcgi.conf;
fastcgi_intercept_errors on;
fastcgi_pass php;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}
#The only job of this block is to redirect http to https
server {
listen 80;
listen [::]:80;
server_name example.test www.example.test;
return 301 https://$server_name$request_uri;
}
Depending on your OS, the nginx config file for your website will either be in /etc/nginx/conf.d or in /etc/nginx/sites-available/ .
The above configuration was taken from this WordPress docker dev env.
After making the edits in the correct conf file, test nginx:
sudo nginx -t
If all is well in the conf file restart nginx based on your system i.e :
sudo service nginx restart
If this works for you, ensure you search for more security details you can add in your configuration to improve it. If it does not work for you, you can generate WP specifc Nginx configurations using DigitalOcean.
I was running Ubuntu server 20.04 quite successfully with Ired mail and 2 websites, one of them with WordPress.
I wanted to install Nextcloud, to do that I had to reinstall php-fpm to generate php7.4-fpm.sock. After this Nextcloud worked, but my other websites stopped working with error '502 Bad Gateway'.
So to say the least, I'm very confused!
I followed this article to install Nextcloud and set up the sites-enabled .conf file as per instructions: https://www.linuxbabe.com/ubuntu/install-nextcloud-ubuntu-20-04-nginx-lemp-stack/amp
I think I understand that the .conf file used to listen on 127.0.0.1:XXXX and now listens on php7.4-fpm.sock?
Here is the .conf file that I have put together for my website after re-installing php-fpm:
#
# Note: This file must be loaded before other virtual host config files,
#
# HTTPS
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name SOMEWEBSITE www.SOMEWEBSITE;
error_log /var/log/nginx/localhost.error_log info;
root /var/www/SOMEWEBSITE/html;
index index.php index.html;
include /etc/nginx/templates/misc.tmpl;
include /etc/nginx/templates/ssl.tmpl;
include /etc/nginx/templates/iredadmin.tmpl;
include /etc/nginx/templates/roundcube.tmpl;
include /etc/nginx/templates/sogo.tmpl;
include /etc/nginx/templates/netdata.tmpl;
include /etc/nginx/templates/php-catchall.tmpl;
include /etc/nginx/templates/stub_status.tmpl;
location / {
try_files $uri $uri/ /index.php?q=$uri$args;
}
# PHP handling
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
ssl_certificate /etc/letsencrypt/live/SOMEWEBSITE/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/SOMEWEBSITE/privkey.pem; # managed by Certbot
}
# Redirect http to https
server {
listen 80;
listen [::]:80;
server_name SOMEWEBSITE www.SOMEWEBSITE;
return 301 https://$host$request_uri;
}
I have checked the file permissions for php7.4-fpm.sock
ll /var/run/php/ | grep php
-rw-r--r-- 1 root root 3 May 22 21:13 php7.4-fpm.pid
srw-rw---- 1 www-data www-data 0 May 22 21:13 php7.4-fpm.sock=
lrwxrwxrwx 1 root root 30 May 22 21:13 php-fpm.sock -> /etc/alternatives/php-fpm.sock=
and I think it looks ok.
here is the log file:
2021/05/23 20:32:52 [error] 43596#43596: *305 connect() failed (111: Connection refused) while connecting to upstream, client: xx.xx.xxx.xxx, server: SOMEWEBSITE, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9999", host: "SOMEWEBSITE"
2021/05/23 20:32:53 [info] 43596#43596: *305 client xx.xx.xxx.xxx closed keepalive connection
Any Ideas? Need any more information? Thank you in advance for looking.
PHP-FPM can listen using two method for accepting fastcgi request. using TCP Socket or with Unix Socket.
You can sepecify it in php-fpm configuration, In Ubuntu the configuration is in /etc/php/7.4/fpm/pool.d/www.conf and check listen configuration.
If you want to use unix socket, use configuration below.
listen = /run/php/php7.4-fpm.sock
For TCP Socket.
listen = 127.0.0.1:9000
Next in nginx you can specify fastcgi_pass based on fpm configuration. If you using Unix socket, all your website, include Nextcloud must be using Unix Socket.
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
If you using TCP Socket, you must change the nginx configuration for Nextcloud to pass from TCP Socket.
fastcgi_pass 127.0.0.1:9000;
I have faced this issue as well. the problem is php-fpm didnt listen port 9999 (In my case i use port 9999). To make /mail/ work. u need to change below config file. change ip:port change to socket
/etc/php/fpm/pool.d/www.conf
listen = /var/run/php/php7.2-fpm.sock
/etc/nginx/templates/fastcgi_php.tmpl
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
I was trying to install and configure nginx to execute php files, i installed php and everything went well and working except now my node app gives me EADDRINUSE port: 443 error saying the port for my node server that I was using before is now busy.
I tried to log the services (i guess these are services) that are using the port 443 with lsof -i tcp:443 and this is the result:
I tried to kill them with kill -9 PID but then they just come back, if i reload the site they become more.
so my question is what these actually are and how can i stop this madness?
my nginx configuration:
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name 45.76.***.10;
root /srv/main/site;
index index.html index.php;
ssl_certificate /etc/ssl/certs/mysite.com.pem;
ssl_certificate_key /etc/ssl/private/mysite.com.pem;
ssl_client_certificate /etc/ssl/certs/origin-pull-ca.pem;
ssl_verify_client on;
client_max_body_size 100M;
autoindex off;
location / {
index index.html index.php;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php7.0-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# With php7.0-fpm:
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
}
Kill the running task using the below commands -
sudo kill -9 $(sudo lsof -t -i:443)
You can also use -
sudo fuser -k 443/tcp
Hope this helps.
I installed nginx 1.10.3 and php 5.5.38 as a development server on macOS 10.12.4
When I try a test php file in my browser the body is empty but the response headers seem ok:
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Wed, 29 Mar 2017 11:35:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.38
There are no errors in php-fpm.log or nginx/error.log
my nginx.conf has:
server {
listen 80;
server_name wordpress.bob;
root /Users/mark/Sites/wordpress;
include /usr/local/etc/nginx/global_restrictions.conf;
include /usr/local/etc/nginx/wordpress.conf;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/usr/local/var/run/php-www.sock;
fastcgi_index index.php;
include fastcgi_params;
}
}
wordpress.bob is a local hostname for testing pointing to 127.0.0.1 in etc/hosts
php-fpm.conf has:
listen = '/usr/local/var/run/php-www.sock'
Any ideas what I'm doing wrong?
It's hard to help without the ability to read all the configuration files.
You just posted one, not the included ones nor php-fpm.conf. This is not a disapproval (a wall of configuration files is not quite appropriate in a question) but it's just to point out that the configuration file we "don't see" may differ depending on installation.
Anyway I see some differences from the configuration file I have on a server for a wordpress site.
Here are some hints considering that as you don't get any errors php-fpm is running and nginx can "communicate" to it via the socket (otherwise you would get a bad gateway error).
At the beginning...
server {
listen 80;
server_name wordpress.bob;
root /Users/mark/Sites/wordpress;
index index.php; # <-- ADD THIS
Make sure in the included wordpress.conf you have
location / {
try_files $uri $uri/ /index.php?$args;
}
The last part...
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_buffer_size 128k;
fastcgi_buffers 256 16k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 512k;
fastcgi_intercept_errors on;
fastcgi_max_temp_file_size 0;
fastcgi_connect_timeout 3s;
fastcgi_send_timeout 5s;
fastcgi_read_timeout 5s;
include fastcgi.conf; # <--- fastcgi.conf, NOT fastcgi_params
fastcgi_pass /usr/local/var/run/php-www.sock;
}
The difference between fastcgi.conf and fastcgi_params (on my installation) is just one line:
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
If this line is missing php code is not able to read $_SERVER['SCRIPT_FILENAME'] and (I think) this may break wordpress code resulting in empty output.
Finally make sure php-fpm worker processes have privileges to access /usr/local/var/run/php-www.sock
Usually the socket has the same owner:group of the workers.
The workers user and group is set in php-fpm.conf:
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = ......
group = ......
To install NGINX with Homebrew :
$ brew install nginx
Run NGINX :
$ sudo nginx
Test the localhost nginx :
http://localhost:8080
NGINX configuration file should be in :
$ /usr/local/etc/nginx/nginx.conf
If you want to change the default port :
$ sudo nginx -s stop
$ vim /usr/local/etc/nginx/nginx.conf
Change the : listen 8080;
To : listen 80;
To save and Conf and start NGINX run :
$ sudo nginx
Then, according to your problem, you might simply be pointing to a an empty PHP file. Try to print a phpinfo() then look for "DOCUMENT_ROOT" to see where it goes.
Is it possible to run multiple NGINX on a single Dedicated server?
I have a dedicated server with 256gb of ram, and I am running multiple PHP scripts on it but it's getting hangs because of memory used with PHP.
when I check
free -m
it's not even using 1% of memory.
So, I am guessing its has some to do with NGINX.
Can I install multiple NGINX on this server and use them like
5.5.5.5:8080, 5.5.5.5:8081, 5.5.5.5:8082
I have already allocated 20 GB memory to PHP, but still not working Properly.
Reason :- NGINX gives 504 Gateway Time-out
Either PHP or NGINX is misconfigured
You may run multiple instances of nginx on the same server provided that some conditions are met. But this is not the solution you should look for (also this may not solve your problem at all).
I got my Ubuntu / PHP / Nginx server set this way (it actually also runs some Node.js servers in parallel). Here is a configuration example which works fine on a AWS EC2 medium instance (m3).
upstream xxx {
# server unix:/var/run/php5-fpm.sock;
server 127.0.0.1:9000 max_fails=0 fail_timeout=10s weight=1;
ip_hash;
keepalive 512;
}
server {
listen 80;
listen 8080;
listen 443 ssl;
#listen [::]:80 ipv6only=on;
server_name xxx.mydomain.io yyy.mydomain.io;
if ( $http_x_forwarded_proto = 'http' ) {
return 301 https://$server_name$request_uri;
}
root /home/ubuntu/www/xxxroot;
index index.php;
location / {
try_files $uri $uri/ /index.php;
}
location ~ ^/(status|ping)$ {
access_log off;
allow 127.0.0.1;
#allow 1.2.3.4#your-ip;
#deny all;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass adn;
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME /xxxroot/$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $request_filename;
#fastcgi_param DOCUMENT_ROOT /home/ubuntu/www/xxxroot;
# send bad requests to 404
#fastcgi_intercept_errors on;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
Hope it helps,
I think you are running into a timeout. Your PHP-Scripts seams to run to long.
Check following:
max_execution_time in your php.ini
request_terminate_timeout in www.conf of your PHP-FPM configuration
fastcgi_read_timeout in http section or location section of your nginx configuration.
Nginx is designed more to be used as a reverse proxy or load balancer than to control application logic and run php scripts. Running multiple instances of nginx that each execute php isn't really playing to the server application's strengths. As an alternative, I'd recommend using nginx to proxy between one or more apache instances, which are better suited to executing heavy php scripts. http://kbeezie.com/apache-with-nginx/ contains information on getting apache and nginx to play nicely together.