I have this nginx vhost file
server { # php/fastcgi
listen 80;
server_name trinityplex.com www.trinity.com;
access_log /home/web/trinity_web/log/access.log;
root /home/web/trinity_web/public;
location / {
index index.html index.htm index.php;
}
}
(for domain trinityplex.com), but if I go to trinityplex.com nginx display me 502 Bad gateway and throws the index file - chrome download index.php like a normal download.
It's ridiculous I have never seen that. If I ask PHP for version it dumps
PHP 5.3.5-0.dotdeb.0 with Suhosin-Patch (cli) (built: Jan 7 2011 00:30:52)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
with Suhosin v0.9.32.1, Copyright (c) 2007-2010, by SektionEins GmbH
Have you any ideas how to fix that?
Here is an nginx cofig file
user root;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server_names_hash_bucket_size 128;
gzip on;
include /usr/local/nginx/sites-enabled/*;
}
You haven't configured PHP in the server section so PHP files will obviously be sent as plain text. How are you planning to run PHP? As FastCGI?
Update: The configuration you have shown here does still not include anything at all about PHP or FastCGI. Try something like this:
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ .php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
}
Related
I am setting up an nginx web server that can run PHP files, particularly for the selfoss rss viewer. For some reason, when I visit my website, it downloads the index.php file instead of executing it on the server. I am running this on a raspberry pi 1B.
Yes, I did restart nginx and clear my web browser cache. It didn't fix anything.
Here is my PHP version:
$ php -v
PHP 7.4.30 (cli) (built: Jul 7 2022 15:51:43) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
with Zend OPcache v7.4.30, Copyright (c), by Zend Technologies
Here is my nginx configuration:
server {
server_name rss.getty.nz;
root /var/www/rss.getty;
access_log /var/www/rss.getty/rss.accesss.log;
error_log /var/www/rss.getty/rss.error.log;
index index.php;
location / {
try_files $uri /public/$uri /index.php$is_args$args =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf ;
include fastcgi_params;
fastcgi_pass unix:/run/php/php7.4-fpm.sock ;
}
location ~* \ (gif|jpg|png) {
expires 30d;
}
location ~ ^/(favicons|thumbnails)/.*$ {
try_files $uri /data/$uri;
}
location ~* ^/(data\/logs|data\/sqlite|config\.ini|\.ht) {
deny all;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/rss.getty.nz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/rss.getty.nz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
access_log /var/www/rss.getty/rss.accesss.log;
error_log /var/www/rss.getty/rss.error.log;
}
server {
if ($host = rss.getty.nz) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name rss.getty.nz;
return 404; # managed by Certbot
}
Here is the contents of /etc/nginx/snippets/fastcgi-php.conf:
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;
# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
include fastcgi.conf;
Thanks to Richard Smith in the comments, I have the answer. It was the =404 in this section:
location / {
try_files $uri /public/$uri /index.php$is_args$args =404;
}
Removing that stops the web browser from downloading.
When adding new dependencies to my composer, everything works perfectly fine locally. However, when pushing it to a Ubuntu (20.04) server, I got the following error.
Composer detected issues in your platform: Your Composer dependencies
require a PHP version ">= 8.0.0".
But I already updated my server version of php to 8.0.12 as well, or at least when I look for the version of php in the Ubuntu server, I find
> # php -v PHP 8.0.12 (cli) (built: Oct 22 2021 12:34:48) ( NTS ) Copyright (c) The PHP Group Zend Engine v4.0.12, Copyright (c) Zend
> Technologies
> with Zend OPcache v8.0.12, Copyright (c), by Zend Technologies
Delving deeper into it, I find in the error log of Nginx the following statement:
Composer detected issues in your platform: Your Composer dependencies require a PHP version ">= 8.0.0". You are running 7.4.3. in /var/www/html/vendor/composer/platform_check.php on line 24" while reading response header from upstream, client: ........, server: _, request: "GET /login HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php7.4-fpm.sock:"
which gives a clear reference to 'php7.4-fpm.sock', so no php8. This is where it gets weird for me, as I have changed the reference in the etc/nginx/sites-available/default file, as shown:
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
# fastcgi_read_timeout 300;
# include fastcgi_params;
}
So somehow it still references to the php version 7.4. I've tried removing the php7.4-fpm files with sudo apt-get autoremove as I got a message saying they were not in use anymore, but then I got a 502 bad gateway error with the following
connect() to unix:/var/run/php/php7.4-fpm.sock failed
Would really like some help with this as I'm stuck with this for a while now.
*Note: I've also tried the suggestion of
composer install --ignore-platform-reqs
but that resulted in a 501 internal error.
** Added the complete code of the sites-available configuration:
server {
listen 80;
server_name _ DOMAIN www.DOMAIN;
root /var/www/html/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
fastcgi_read_timeout 300;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
# fastcgi_read_timeout 300;
# include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
FIX
I finally found a fix after stumbling upon the following tutorial
https://www.vultr.com/docs/upgrade-php-7-4-to-php-8-0-on-ubuntu-20-04-with-nginx
I don't exactly know what it does, but it's definitely Step 4 of the configuration that did it, as I've never seen those steps in other tutorials. It's probably the substituting of the socket that did it, but it still seems weird to me as it was not as if I didn't have the new socket.
Composer must be using PHP 7.4. My suggestion would be to download a fresh copy of composer here:
https://getcomposer.org/download/
And executing composer like this:
php composer.phar install
Since you know php -v version is 8.0.12
I recently installed nginx and php7.0 on my raspberry pi 3 (Raspbian Stretch) and I couldn't configure the server configuration files. Here is information of nginx and php:
$ sudo nginx -v
nginx version: nginx/1.10.3
$ sudo php -v
PHP 7.0.30-0+deb9u1 (cli) (built: Jun 14 2018 13:50:25) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
with Zend OPcache v7.0.30-0+deb9u1, Copyright (c) 1999-2017, by Zend Technologies
Here is my server configuration file:
/etc/nginx/sites-available/example
server {
listen 80;
server_name example.com www.example.com;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
include global/restrictions.conf;
# Root
location / {
root /var/www/root/html;
index index.php index.htm index.html index.nginx-debian.html;
try_files $uri $uri/ =404;
# pass the PHP scripts to FastCGI server
include global/root.conf;
}
# WordPress
location /blog/ {
root /var/www/blog/html;
# pass the PHP scripts to FastCGI server
include global/wordpress.conf;
}
# DokuWiKi
location /wiki/ {
root /var/www/wiki/html;
index index.php index.htm index.html;
try_files $uri $uri/ =404;
# pass the PHP scripts to FastCGI server
include global/wiki.conf;
}
# NextCloud
# location /drive/ {
# root /var/www/drive/html;
# pass the PHP scripts to FastCGI server
# include global/.conf;
# }
}
(nextcloud is not configured yet.)
/etc/nginx/global/root.conf & /etc/nginx/global/wiki.conf
(Those two files have same contents)
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
/etc/nginx/global/wordpress.conf
# WordPress single site rules. Designed to be included in any
# server {} block.
# This order might seem weird - this is attempted to match last if
# rules below fail. http://wiki.nginx.org/HttpCoreModule
location /blog/ {
try_files $uri $uri/ /index.php?$args;
}
# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
# Directives to send expires headers and turn off 404 error
# logging.
location ~*
^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$
{
access_log off; log_not_found off; expires max;
}
# Uncomment one of the lines below for the appropriate caching
#plugin (if used). include global/wordpress-wp-super-cache.conf;
#include global/wordpress-w3-total-cache.conf;
# Pass all .php files onto a php-fpm/php-fcgi server.
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
# This is a robust solution for path info security issue and
# works with "cgi.fix_pathinfo = 1" in /etc/php.ini (default)
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
# fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/php7.0-fpm.sock;
}
# Deny all attempts to access hidden files such as .htaccess,
# .htpasswd, .DS_Store (Mac). Keep logging the requests to parse
# later (or to pass to firewall utilities such as fail2ban)
location ~ /\. {
deny all;
}
# Deny access to any files with a .php extension in the uploads
# directory Works in sub-directory installs and also in multisite
# network Keep logging the requests to parse later (or to pass to
# firewall utilities such as fail2ban)
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
I configured this way because:
A. I can apply different configuration on each subdirectory. (I don't want to show wordpress' 404 page on nextcloud)
B. I can just include overlapping configuration file by including global configuration.conf
The problem is:
A. The server won't even show files in each subdirectory. It's showing nginx welcome page on root (which I removed), and won't show files under subdirectory (e.g. "example.com/wiki" which is in "/var/www/wiki/html" would just show me 404 page)
B. I don't think php is configured correctly.
Thanks in advance.
You need to install php-fpm and it will resolve your issue
Command to install php-fpm version 7.0
sudo apt-get install php7.0-fpm
I have a new fresh CentOS7 installed and running as a VM. I am playing with Nginx since I have being using Apache my whole life and now just for fun and learn I decide to switch to Nginx. I am following this two guides:
How to install LEMP on CentOS7 by Digital Ocean
How to install LEMP on CentOS7 by a blog named IfNotTrueThenFalse
And as part of my previous research before I get out of ideas I did read this which is not helpful at all.
Before continue I should said that I took what I need for each of them because I want to use PHP 7.0.x instead of the default that comes with CentOS 7 repos (5.4 I think).
So, this is how my config files looks like:
/etc/nginx/conf.d/default.conf
server {
listen 80;
server_name centos7.localdomain;
root /var/www/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
/etc/php-fpm.d/www.conf
[www]
; RPM: apache Choosed to be able to access some dir as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx
...
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = nobody
listen.group = nobody
For www.conf other than those values you see in here are the default ones. The full file is shared here
I have created the file /var/www/html/index.php with nothing else than:
<?php
phpinfo();
As soon as I try the URL http://centos7.localdomain/index.php (or without the index.php) the file is downloaded instead of display it content.
Of course after all those changes I have restarted nginx and php-fpm services and check them by runing systemctl status nginx.service and systemctl status php-fpm.service
The permissions for /var/www/html are as follow:
$ ls -la /var/www/html/
total 4
drwxr-xr-x. 2 root root 22 Oct 9 20:53 .
drwxr-xr-x. 3 root root 17 Oct 9 20:24 ..
-rw-r--r--. 1 root root 18 Oct 9 20:53 index.php
This is the PHP version I am running:
$ php -v
PHP 7.0.11 (cli) (built: Sep 14 2016 08:28:52) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies
with Zend OPcache v7.0.11, Copyright (c) 1999-2016, by Zend Technologies
with Xdebug v2.4.1, Copyright (c) 2002-2016, by Derick Rethans
I am missing something here? If so what is it? Or what is wrong on this setup that I am playing with?
Remove "try_files $uri =404" from the last segment. This may solve your problem.
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
I got server setup with nginx+php-fpm and mysql.
I have another server with only installed php-fpm, so wanted to use as load balance.
But when I am using this dedacted server with php-fpm as load balancer, I got error when opening page: "Access denied."
/etc/nginx/nginx.conf
user www-data;
worker_processes 3;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 64;
access_log /var/log/nginx/access.log;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
tcp_nodelay on;
#gzip on;
upstream php {
server dedicatedserverip:9000;
}
include /etc/nginx/sites-enabled/*;
}
/etc/nginx/sites-enabled/site.org.conf
server {
listen 81;
server_name site.org www.site.org;
access_log /var/log/nginx/site.org.log;
error_log /var/log/nginx/site.org.log;
root /home/www/site.org;
index index.php;
location ~ .php$ {
fastcgi_pass php;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /home/www/$fastcgi_script_name;
}
}
Why I got this error? When I change only the fastcgi_pass to 127.0.0.1:9000 - all work fine.
If it's a blank page with "Access denied" on it, it's caused by security.limit_extensions directive that has been added to php-fpm.
If you don't have it in your php-fpm configuration, it defaults to .php and prevents all other file types from being parsed by the PHP interpreter producing "Access denied" when trying to do so.
You received that error because the files PHP-FPM don't exist on the PHP-FPM server.
fastcgi_param SCRIPT_FILENAME /home/www/$fastcgi_script_name;
or (I use this because it's simpler for multiple vhosts)
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
It seems Nginx simply provides the PHP-FPM server with the location of the file, and the PHP-FPM server then renders it. The simplest solution is to rsync the document root to the PHP-FPM server.
This post can explain details: http://code.google.com/p/sna/wiki/NginxWithPHPFPM