I want to setup phppgadmin, postgresql is already - done by following this article
but I have nginx,
I did so far these configs:
ln -s /usr/share/phppgadmin /var/www
and
/etc/nginx/sites-available/phppgadmin:
server{
listen 85;
server_name pgadmin.mypage.com;
root /var/www/phppgadmin;
index index.html index.html index.php;
access_log /var/log/phppgadmin/access.log;
error_log /var/log/phppgadmin/error.log;
location / {
allow my_page_IP;
deny all;
}
location ~ /\.ht {
deny all;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/phppgadmin$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}
and
ln -s /etc/nginx/sites-available/phppgadmin /etc/nginx/sites-enabled/
and
service nginx restart
but I am getting:
403 Forbidden
the error.log says:
2015/03/21 18:06:14 [error] 16916#0: *1 access forbidden by rule, client: 188.194.97.247, server: pgadmin.mypage.com, request: "GET / HTTP/1.1", host: "my_page_IP:85"
I did:
chmod -R 775 phppgadmin/
chown -R www-data:www-data phppgadmin/
but still the same 403 message. what am I doing wrong?
Access forbidden by rule mean that the access of the desired page was dropped by rule you have put in your configuration.
Just try to remove rule on each location to see which is cause problem.
Related
I am using the default config with Nginx installed on my manjaro machine. I just added some simple configurations down below.
nginx.conf:
user http;
worker_processes auto;
worker_cpu_affinity auto;
.....
http{
.....
server {
listen 9000;
server_name localhost;
root /usr/share/nginx/html/exam;
location / {
index index.php index.html index.htm;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
if (!-e $request_filename){
rewrite ^/(.+)$ /index.php?url=$1 break;
}
}
location /. {
return 404;
}
location ~ \.php$ {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
include /etc/nginx/fastcgi.conf;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_intercept_errors on;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_read_timeout 864000;
}
location ~ /\.ht {
deny all;
}
}
....
}
since the user for Nginx is http, I also changed the ownership of the folder, subfolders and files as HTTP with:
chmod -R http:http exam/
it looks like this:
1838248 lrwxrwxrwx 1 http http 42 Eyl 13 17:42 exam
but still gives 403 Forbidden on browser with this error:
2021/09/13 17:49:22 [error] 493923#493923: *4 open() "/usr/share/nginx/html/exam/index.php" failed (13: Permission denied), client: 127.0.0.1, server: localhost, request: "GET /exam HTTP/1.1", host: "localhost:9000"
I have tried every solution I found, but it did not work.
I also tried simple PHP files that runs like "phpinfo();" even they are not working.
I moved the project file under /srv/http and redirect the root in the conf file to it. Now it is working.
Im learning NGINX, so any help is really appreciated.
I have the frontend of a website running as the root of mysite.com, and now I want to run wordpress from mysite.com/blog.
My file structure is:
/srv/mysite/frontend
/srv/mysite/wordpress
this is the error i've been getting from the nginx logs
2020/03/29 00:09:03 [error] 23049#23049: *39 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: XXXXXXX, server: www.mysite.com, request: "GET /api HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.2-fpm.sock:", host: "mysite.com"
and this is my nginx config file so far
listen 80 default_server;
server_name www.mysite.com mysite.com;
charset utf-8;
location ^~ /blog {
root /srv/mysite/wordpress;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
location / {
root /srv/mysite/frontend/dist;
try_files $uri /index.html;
}
}
This error message shows either the wrong path of the sock file or the permissions. Make sure the php sock file exists in the path /run/php/php7.2-fpm.sock and change the permissions of the file.
For Debian
chown -R wwww-data:www-data /run/php/php7.2-fpm.sock
For Rhel
chown -R nginx:nginx /run/php/php7.2-fpm.sock
Also, you can try this config.
location /blog {
root /srv/mysite/wordpress;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
Config :
macOS Mojave
Debian 9.9.0 64bits on virtualbox 6.0.8, on port 192.168.56.50
php fpm 7.2 on debian
nginx/stable,now 1.16.0-1~stretch on debian
Nginx and php fpm have www-data as user.
Dirs :
lrwxrwxrwx www-data www-data /var/www/all -> /media/sf_web
drwxrwx--- www-data www-data /var/www
Config nginx :
/etc/nginx/conf.d/default.conf
server {
listen 80;
server_name _;
charset utf-8;
location / {
root /var/www/all/;
try_files $uri /index.html index.php;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
When i do this command : sudo ls -l /var/www/all/ , i get :
drwxrwx--- 1 root vboxsf temp_converter
drwxrwx--- 1 root vboxsf myproject
I want to show projects folders under /media/sf_web using Firefox (or another web browser) but it doesn't work.
When i try to connect on this ip , nginx show "File not found" and in error log i see "Primary script unknow".
e.j :
http://192.168.56.50
http://192.168.56.50/myproject/index.php
You haven't set a global root statement, so Nginx will look for PHP files in the default root. You need to move the root statement from inside the location / block into server block scope.
The try_files statement is completely wrong.
Try:
root /var/www/all/;
location / {
try_files $uri $uri/ /index.php;
}
...
location ~ \.php$ {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
I am getting 403 forbidden error when I try to access a domain using nginx. The nginx logs I get are:
[error] 13656#0: *4 "/var/www/example.com/www/index.php" is forbidden (13: Permission denied), client: 31.179.107.194, server: example.com, request: "GET / HTTP/1.1", host: "example.com"
/var/www/ has recursive 777 permissions. Sites-available config is:
#HTTP serve
#
server {
listen 80;
root /var/www/example.com/www/;
index index.php index.html index.htm;
server_name example.com;
access_log /var/log/nginx/example.com.access.log combined buffer=1024k;
error_log /var/log/nginx/example.com.error.log;
client_max_body_size 128M;
if (!-e $request_filename) {
rewrite ^/([a-zA-Z0-9]+)/([a-zA-Z0-9]+)/$ /index.php?controller=$1&action=$2 last;
}
location ~ \.php$ {
if (!-f $document_root/$fastcgi_script_name){
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
proxy_connect_timeout 600s;
proxy_read_timeout 600s;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
nginx.conf contains user root; directive.
What's wrong?
One possible cause is that you are using SELinux. See Why does Nginx return a 403 even though all permissions are set properly?.
Also, setting user root is a security risk and is not recommended. Using an unprivileged user like 'www-data' or `nobody' is recommended, along with permissions that allow that user to access the minimal amount of data necessary.
Okay so there have been some previous posting of this yet no solution fixes my problem.
I have site configured which is just straight up HTML, CSS & JS and I'm trying to add a wordpress site. My config for the wordpress site is as follows.
#######################
server {
listen 80;
root /usr/share/nginx/threadtheatre/wordpress;
index index.php;
server_name threadtheatre.co.uk;
access_log /var/log/nginx/thread.access.log;
error_log /var/log/nginx/thread.error.log;
location / {
# try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php?q=$uri&$args;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
}
This is the error thats in my logs
"/usr/share/nginx/threadtheatre/wordpress/index.php" failed (13: Permission denied), client: 109.155.53.189, server: threadtheatre.co.uk, request: "GET / HTTP/1.1", host: "threadtheatre.co.uk"
nginx is using the nginx user and likewise for php-fpm. The nginx directory and all its sub directories have the following permissions.
drwxrwxr-x. 3 root nginx 4096 Feb 8 18:23 ..
If I browse to threadtheatre.co.uk on the web i get 404.
hope someone can help with this.
Lee.
Do you still have this problem? This explanation worked for me:
https://serverfault.com/a/170263/140684
basically nginx needs to have execution rights on every dir on the path to your app. Hope this helps.
for me this is because selinux enabled, check with
selinuxenabled && echo enabled || echo disabled
if enabled try to disable
nano /etc/sysconfig/selinux
SELINUX=disabled
then
reboot
If nginx is hosted on Fedora or RedHat , change the SELinux policy and allow nginx to serve from the path /home/path/site
chcon -R -t httpd_sys_content_t /home/path/site