Share

Question

I setup a wordpress droplet on Ubuntu and the first site I have on there works fine. I wanted to add a second site to the server so I followed the instructions here. Granted, these are specific to apache and I'm on nginx, they should be pretty close.

When I go to the site, I get a 403 Forbidden and the following error in my nginx error log:

2017/02/17 00:53:04 [error] 29074#29074: *5 directory index of "/var/www/lazerusdesigns/" is forbidden, client: 73.60.85.71, server: www.lazerusdesigns.com, request: "GET / HTTP/1.1", host: "www.lazerusdesigns.com"

2017/02/17 00:53:04 [error] 29074#29074: *6 open() "/var/www/lazerusdesigns/favicon.ico" failed (2: No such file or directory), client: 73.60.85.71, server: www.lazerusdesigns.com, request: "GET /favicon.ico HTTP/1.1", host: "www.lazerusdesigns.com"

I tried checking the permissions on the folder and files where the site is stored.

In my wordpress file in sites-available, I added the following:

server {
root /var/www/lazerusdesigns;
servername www.lazerusdesigns.com;
accesslog /var/log/nginx/www.lazerusdesigns.com.access.log;
errorlog /var/log/nginx/www.lazerusdesigns.com.error.log;
location ~.php$ {
include snippets/fastcgi-php.conf;
fastcgipass 127.0.0.1:9000;
fastcgiparam SCRIPTFILENAME $documentroot$fastcgiscriptname;
include fastcgiparams;
}
}

I'm at a loss. Any thoughts anyone? BTW, I'm no linux guru so you may have to spell out what you're thinking lol.

Answer 1

jlazerus February 18, 2017

Accepted Answer

Okay, its fixed. I had to open my php.ini file and change the value of cgi.fix_pathinfo from 0 to 1.

Reply

Answer 2

jtittle1 February 18, 2017

@jlazerus

What's inside the file below?

include snippets/fastcgi-php.conf;

Also, just a quick restructure of your server block, just to keep things a little more organized and add a bit that's missing.

server {
    listen 80;
    servername lazerusdesigns.com www.lazerusdesigns.com;

    root /var/www/lazerusdesigns;

    accesslog /var/log/nginx/www.lazerusdesigns.com.access.log;
    errorlog /var/log/nginx/www.lazerusdesigns.com.error.log;

    location ~.php$ {
        include snippets/fastcgi-php.conf;
        fastcgipass 127.0.0.1:9000;
        fastcgiparam SCRIPTFILENAME $documentroot$fastcgiscriptname;
        include fastcgiparams;
    }
}

Reply

jlazerus February 18, 2017

Thanks for the response. My fastcgi-php.conf is below. Thanks too for the tips on fixing the server block. I'll do that now.

# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+\.php)(/.+)$;

# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;

# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;

fastcgi_index index.php;
include fastcgi.conf;

Answer 3

jlazerus February 18, 2017

Thanks for the response. My fastcgi-php.conf is below. Thanks too for the tips on fixing the server block. I'll do that now.

# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+\.php)(/.+)$;

# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;

# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;

fastcgi_index index.php;
include fastcgi.conf;

Answer 4

jtittle1 February 18, 2017

@jlazerus

In the new server block I provided, replace:

    location ~.php$ {
        include snippets/fastcgi-php.conf;
        fastcgipass 127.0.0.1:9000;
        fastcgiparam SCRIPTFILENAME $documentroot$fastcgiscriptname;
        include fastcgiparams;
    }

... with (i.e use only my configuration, none of the custom configuration you have right now):

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;

        include fastcgi_params;
    }

If you want to change /etc/nginx/fastcgi_params, you can make a backup:

cp /etc/nginx/fastcgi_params /usr/local/src/fastcgi_params

Remove it:

rm -rf /etc/nginx/fastcgi_params

And then create a new one:

nano /etc/nginx/fastcgi_params

... and paste in:

    fastcgi_param  SCRIPT_FILENAME    $request_filename;

    fastcgi_connect_timeout 60;
    fastcgi_send_timeout 180;
    fastcgi_read_timeout 180;
    fastcgi_buffer_size 512k;
    fastcgi_buffers 512 16k;
    fastcgi_busy_buffers_size 1m;
    fastcgi_temp_file_write_size 4m;
    fastcgi_max_temp_file_size 4m;
    fastcgi_intercept_errors off;

    fastcgi_param  PATH_INFO          $fastcgi_path_info;
    fastcgi_param  PATH_TRANSLATED    $document_root$fastcgi_path_info;

    fastcgi_param  QUERY_STRING       $query_string;
    fastcgi_param  REQUEST_METHOD     $request_method;
    fastcgi_param  CONTENT_TYPE       $content_type;
    fastcgi_param  CONTENT_LENGTH     $content_length;

    fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
    fastcgi_param  REQUEST_URI        $request_uri;
    fastcgi_param  DOCUMENT_URI       $document_uri;
    fastcgi_param  DOCUMENT_ROOT      $document_root;
    fastcgi_param  SERVER_PROTOCOL    $server_protocol;
    fastcgi_param  REQUEST_SCHEME     $scheme;
    fastcgi_param  HTTPS              $https if_not_empty;
    fastcgi_param  HTTP_PROXY         "";

    fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
    fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

    fastcgi_param  REMOTE_ADDR        $remote_addr;
    fastcgi_param  REMOTE_PORT        $remote_port;
    fastcgi_param  SERVER_ADDR        $server_addr;
    fastcgi_param  SERVER_PORT        $server_port;
    fastcgi_param  SERVER_NAME        $server_name;

    fastcgi_param  REDIRECT_STATUS    200;

You'd then reload NGINX:

systemctl reload nginx

or

service nginx reload

The above is, of course, assuming you have PHP-FPM setup to use TCP instead of the default socket.

To check this, you'd need to change to your PHP-FPM directory:

cd /etc/php/*/fpm/pool.d

The above should put you in the correct directory. You'd then edit the file inside and look for the listen directive and make sure it's set to 127.0.0.1:9000.

Reply

jtittle1 February 18, 2017

@jlazerus

What you should end up with is this:

server {
    listen 80;
    servername lazerusdesigns.com www.lazerusdesigns.com;

    root /var/www/lazerusdesigns;

    accesslog /var/log/nginx/www.lazerusdesigns.com.access.log;
    errorlog /var/log/nginx/www.lazerusdesigns.com.error.log;

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;

        include fastcgi_params;
    }
}

Answer 5

jtittle1 February 18, 2017

@jlazerus

What you should end up with is this:

server {
    listen 80;
    servername lazerusdesigns.com www.lazerusdesigns.com;

    root /var/www/lazerusdesigns;

    accesslog /var/log/nginx/www.lazerusdesigns.com.access.log;
    errorlog /var/log/nginx/www.lazerusdesigns.com.error.log;

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;

        include fastcgi_params;
    }
}

Answer 6

jlazerus February 18, 2017

So I made the changes you suggested but now I'm getting a 403 Forbidden. My other website is still up though so that's good.

Reply

Answer 7

jlazerus February 18, 2017

This is the error.log now.

2017/02/17 23:20:34 [crit] 9966#9966: *77 connect() to unix:/run/php/php7.0-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 108.162.221.218, server: www.infosecured.org, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock:", host: "www.infosecured.org"
2017/02/17 23:20:37 [crit] 9966#9966: *79 connect() to unix:/run/php/php7.0-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 108.162.219.134, server: www.infosecured.org, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock:", host: "www.infosecured.org"
2017/02/17 23:20:38 [crit] 9966#9966: *81 connect() to unix:/run/php/php7.0-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 141.101.102.44, server: www.infosecured.org, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock:", host: "www.infosecured.org"
2017/02/17 23:24:04 [emerg] 10078#10078: invalid number of arguments in "fastcgi_pass" directive in /etc/nginx/sites-enabled/wordpress:26
2017/02/17 23:45:36 [emerg] 10352#10352: unknown directive "locate" in /etc/nginx/sites-enabled/wordpress:30
2017/02/18 00:39:56 [emerg] 11183#11183: invalid number of arguments in "fastcgi_pass" directive in /etc/nginx/sites-enabled/wordpress:26
2017/02/18 01:02:48 [notice] 11484#11484: signal process started
2017/02/18 01:03:55 [notice] 11503#11503: signal process started
2017/02/18 01:35:32 [alert] 11783#11783: *4 open socket #14 left in connection 5
2017/02/18 01:35:32 [alert] 11783#11783: aborting

Reply

Answer 8

jlazerus February 18, 2017

If I add index index.php; to my server block, I get a 502 error again.

Reply

Answer 9

jlazerus February 18, 2017

Its fixed. I had to edit my php.ini and change the value of cgi.fix_pathinfo from 0 to 1.

Reply

403 Error - Wordpress, Nginx, 2nd domain on 1 droplet

Leave a Comment

Share

Share your Question

403 Error - Wordpress, Nginx, 2nd domain on 1 droplet

Leave a Comment

Related Questions

Almost there!

Report a Bug