Question

403 Error - Wordpress, Nginx, 2nd domain on 1 droplet

I setup a wordpress droplet on Ubuntu and the first site I have on there works fine. I wanted to add a second site to the server so I followed the instructions here. Granted, these are specific to apache and I’m on nginx, they should be pretty close.

When I go to the site, I get a 403 Forbidden and the following error in my nginx error log:

2017/02/17 00:53:04 [error] 29074#29074: *5 directory index of “/var/www/lazerusdesigns/” is forbidden, client: 73.60.85.71, server: www.lazerusdesigns.com, request: “GET / HTTP/1.1”, host: “www.lazerusdesigns.com

2017/02/17 00:53:04 [error] 29074#29074: *6 open() “/var/www/lazerusdesigns/favicon.ico” failed (2: No such file or directory), client: 73.60.85.71, server: www.lazerusdesigns.com, request: “GET /favicon.ico HTTP/1.1”, host: “www.lazerusdesigns.com

I tried checking the permissions on the folder and files where the site is stored.

In my wordpress file in sites-available, I added the following:

server { root /var/www/lazerusdesigns; server_name www.lazerusdesigns.com; access_log /var/log/nginx/www.lazerusdesigns.com.access.log; error_log /var/log/nginx/www.lazerusdesigns.com.error.log; location ~.php$ { include snippets/fastcgi-php.conf; fastcgi_pass 127.0.0.1:9000; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } }

I’m at a loss. Any thoughts anyone? BTW, I’m no linux guru so you may have to spell out what you’re thinking lol.

Subscribe
Share

So I was able to fix the 403 error but now I’m getting a 503 error. Any thoughts?


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

Okay, its fixed. I had to open my php.ini file and change the value of cgi.fix_pathinfo from 0 to 1.

Its fixed. I had to edit my php.ini and change the value of cgi.fix_pathinfo from 0 to 1.

If I add index index.php; to my server block, I get a 502 error again.

This is the error.log now.

2017/02/17 23:20:34 [crit] 9966#9966: *77 connect() to unix:/run/php/php7.0-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 108.162.221.218, server: www.infosecured.org, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock:", host: "www.infosecured.org"
2017/02/17 23:20:37 [crit] 9966#9966: *79 connect() to unix:/run/php/php7.0-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 108.162.219.134, server: www.infosecured.org, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock:", host: "www.infosecured.org"
2017/02/17 23:20:38 [crit] 9966#9966: *81 connect() to unix:/run/php/php7.0-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 141.101.102.44, server: www.infosecured.org, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock:", host: "www.infosecured.org"
2017/02/17 23:24:04 [emerg] 10078#10078: invalid number of arguments in "fastcgi_pass" directive in /etc/nginx/sites-enabled/wordpress:26
2017/02/17 23:45:36 [emerg] 10352#10352: unknown directive "locate" in /etc/nginx/sites-enabled/wordpress:30
2017/02/18 00:39:56 [emerg] 11183#11183: invalid number of arguments in "fastcgi_pass" directive in /etc/nginx/sites-enabled/wordpress:26
2017/02/18 01:02:48 [notice] 11484#11484: signal process started
2017/02/18 01:03:55 [notice] 11503#11503: signal process started
2017/02/18 01:35:32 [alert] 11783#11783: *4 open socket #14 left in connection 5
2017/02/18 01:35:32 [alert] 11783#11783: aborting

So I made the changes you suggested but now I’m getting a 403 Forbidden. My other website is still up though so that’s good.

@jlazerus

In the new server block I provided, replace:

    location ~.php$ {
        include snippets/fastcgi-php.conf;
        fastcgipass 127.0.0.1:9000;
        fastcgiparam SCRIPTFILENAME $documentroot$fastcgiscriptname;
        include fastcgiparams;
    }

… with (i.e use only my configuration, none of the custom configuration you have right now):

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;

        include fastcgi_params;
    }

If you want to change /etc/nginx/fastcgi_params, you can make a backup:

cp /etc/nginx/fastcgi_params /usr/local/src/fastcgi_params

Remove it:

rm -rf /etc/nginx/fastcgi_params

And then create a new one:

nano /etc/nginx/fastcgi_params

… and paste in:

    fastcgi_param  SCRIPT_FILENAME    $request_filename;

    fastcgi_connect_timeout 60;
    fastcgi_send_timeout 180;
    fastcgi_read_timeout 180;
    fastcgi_buffer_size 512k;
    fastcgi_buffers 512 16k;
    fastcgi_busy_buffers_size 1m;
    fastcgi_temp_file_write_size 4m;
    fastcgi_max_temp_file_size 4m;
    fastcgi_intercept_errors off;

    fastcgi_param  PATH_INFO          $fastcgi_path_info;
    fastcgi_param  PATH_TRANSLATED    $document_root$fastcgi_path_info;

    fastcgi_param  QUERY_STRING       $query_string;
    fastcgi_param  REQUEST_METHOD     $request_method;
    fastcgi_param  CONTENT_TYPE       $content_type;
    fastcgi_param  CONTENT_LENGTH     $content_length;

    fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
    fastcgi_param  REQUEST_URI        $request_uri;
    fastcgi_param  DOCUMENT_URI       $document_uri;
    fastcgi_param  DOCUMENT_ROOT      $document_root;
    fastcgi_param  SERVER_PROTOCOL    $server_protocol;
    fastcgi_param  REQUEST_SCHEME     $scheme;
    fastcgi_param  HTTPS              $https if_not_empty;
    fastcgi_param  HTTP_PROXY         "";

    fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
    fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

    fastcgi_param  REMOTE_ADDR        $remote_addr;
    fastcgi_param  REMOTE_PORT        $remote_port;
    fastcgi_param  SERVER_ADDR        $server_addr;
    fastcgi_param  SERVER_PORT        $server_port;
    fastcgi_param  SERVER_NAME        $server_name;

    fastcgi_param  REDIRECT_STATUS    200;

You’d then reload NGINX:

systemctl reload nginx

or

service nginx reload

The above is, of course, assuming you have PHP-FPM setup to use TCP instead of the default socket.

To check this, you’d need to change to your PHP-FPM directory:

cd /etc/php/*/fpm/pool.d

The above should put you in the correct directory. You’d then edit the file inside and look for the listen directive and make sure it’s set to 127.0.0.1:9000.

@jlazerus

What’s inside the file below?

include snippets/fastcgi-php.conf;

Also, just a quick restructure of your server block, just to keep things a little more organized and add a bit that’s missing.

server {
    listen 80;
    servername lazerusdesigns.com www.lazerusdesigns.com;

    root /var/www/lazerusdesigns;
    
    accesslog /var/log/nginx/www.lazerusdesigns.com.access.log;
    errorlog /var/log/nginx/www.lazerusdesigns.com.error.log;
    
    location ~.php$ {
        include snippets/fastcgi-php.conf;
        fastcgipass 127.0.0.1:9000;
        fastcgiparam SCRIPTFILENAME $documentroot$fastcgiscriptname;
        include fastcgiparams;
    }
}