Question

403 Error - Wordpress, Nginx, 2nd domain on 1 droplet

Posted on February 17, 2017
Nginx WordPress Ubuntu
Asked by Jason Lazerus

I setup a wordpress droplet on Ubuntu and the first site I have on there works fine. I wanted to add a second site to the server so I followed the instructions here. Granted, these are specific to apache and I’m on nginx, they should be pretty close.

When I go to the site, I get a 403 Forbidden and the following error in my nginx error log:

2017/02/17 00:53:04 [error] 29074#29074: *5 directory index of “/var/www/lazerusdesigns/” is forbidden, client: 73.60.85.71, server: www.lazerusdesigns.com, request: “GET / HTTP/1.1”, host: “www.lazerusdesigns.com”

2017/02/17 00:53:04 [error] 29074#29074: *6 open() “/var/www/lazerusdesigns/favicon.ico” failed (2: No such file or directory), client: 73.60.85.71, server: www.lazerusdesigns.com, request: “GET /favicon.ico HTTP/1.1”, host: “www.lazerusdesigns.com”

I tried checking the permissions on the folder and files where the site is stored.

In my wordpress file in sites-available, I added the following:

server { root /var/www/lazerusdesigns; server_name www.lazerusdesigns.com; access_log /var/log/nginx/www.lazerusdesigns.com.access.log; error_log /var/log/nginx/www.lazerusdesigns.com.error.log; location ~.php$ { include snippets/fastcgi-php.conf; fastcgi_pass 127.0.0.1:9000; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } }

I’m at a loss. Any thoughts anyone? BTW, I’m no linux guru so you may have to spell out what you’re thinking lol.

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Jason Lazerus • February 18, 2017

Accepted Answer

Okay, its fixed. I had to open my php.ini file and change the value of cgi.fix_pathinfo from 0 to 1.

Jason Lazerus • February 18, 2017

So I made the changes you suggested but now I’m getting a 403 Forbidden. My other website is still up though so that’s good.

Jason Lazerus • February 18, 2017

This is the error.log now.

2017/02/17 23:20:34 [crit] 9966#9966: *77 connect() to unix:/run/php/php7.0-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 108.162.221.218, server: www.infosecured.org, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock:", host: "www.infosecured.org"
2017/02/17 23:20:37 [crit] 9966#9966: *79 connect() to unix:/run/php/php7.0-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 108.162.219.134, server: www.infosecured.org, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock:", host: "www.infosecured.org"
2017/02/17 23:20:38 [crit] 9966#9966: *81 connect() to unix:/run/php/php7.0-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 141.101.102.44, server: www.infosecured.org, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.0-fpm.sock:", host: "www.infosecured.org"
2017/02/17 23:24:04 [emerg] 10078#10078: invalid number of arguments in "fastcgi_pass" directive in /etc/nginx/sites-enabled/wordpress:26
2017/02/17 23:45:36 [emerg] 10352#10352: unknown directive "locate" in /etc/nginx/sites-enabled/wordpress:30
2017/02/18 00:39:56 [emerg] 11183#11183: invalid number of arguments in "fastcgi_pass" directive in /etc/nginx/sites-enabled/wordpress:26
2017/02/18 01:02:48 [notice] 11484#11484: signal process started
2017/02/18 01:03:55 [notice] 11503#11503: signal process started
2017/02/18 01:35:32 [alert] 11783#11783: *4 open socket #14 left in connection 5
2017/02/18 01:35:32 [alert] 11783#11783: aborting

Jonathan Tittle • February 18, 2017

@jlazerus

In the new server block I provided, replace:

    location ~.php$ {
        include snippets/fastcgi-php.conf;
        fastcgipass 127.0.0.1:9000;
        fastcgiparam SCRIPTFILENAME $documentroot$fastcgiscriptname;
        include fastcgiparams;
    }

… with (i.e use only my configuration, none of the custom configuration you have right now):

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;

        include fastcgi_params;
    }

If you want to change /etc/nginx/fastcgi_params, you can make a backup:

cp /etc/nginx/fastcgi_params /usr/local/src/fastcgi_params

Remove it:

rm -rf /etc/nginx/fastcgi_params

And then create a new one:

nano /etc/nginx/fastcgi_params

… and paste in:

    fastcgi_param  SCRIPT_FILENAME    $request_filename;

    fastcgi_connect_timeout 60;
    fastcgi_send_timeout 180;
    fastcgi_read_timeout 180;
    fastcgi_buffer_size 512k;
    fastcgi_buffers 512 16k;
    fastcgi_busy_buffers_size 1m;
    fastcgi_temp_file_write_size 4m;
    fastcgi_max_temp_file_size 4m;
    fastcgi_intercept_errors off;

    fastcgi_param  PATH_INFO          $fastcgi_path_info;
    fastcgi_param  PATH_TRANSLATED    $document_root$fastcgi_path_info;

    fastcgi_param  QUERY_STRING       $query_string;
    fastcgi_param  REQUEST_METHOD     $request_method;
    fastcgi_param  CONTENT_TYPE       $content_type;
    fastcgi_param  CONTENT_LENGTH     $content_length;

    fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
    fastcgi_param  REQUEST_URI        $request_uri;
    fastcgi_param  DOCUMENT_URI       $document_uri;
    fastcgi_param  DOCUMENT_ROOT      $document_root;
    fastcgi_param  SERVER_PROTOCOL    $server_protocol;
    fastcgi_param  REQUEST_SCHEME     $scheme;
    fastcgi_param  HTTPS              $https if_not_empty;
    fastcgi_param  HTTP_PROXY         "";

    fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
    fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

    fastcgi_param  REMOTE_ADDR        $remote_addr;
    fastcgi_param  REMOTE_PORT        $remote_port;
    fastcgi_param  SERVER_ADDR        $server_addr;
    fastcgi_param  SERVER_PORT        $server_port;
    fastcgi_param  SERVER_NAME        $server_name;

    fastcgi_param  REDIRECT_STATUS    200;

You’d then reload NGINX:

systemctl reload nginx

service nginx reload

The above is, of course, assuming you have PHP-FPM setup to use TCP instead of the default socket.

To check this, you’d need to change to your PHP-FPM directory:

cd /etc/php/*/fpm/pool.d

The above should put you in the correct directory. You’d then edit the file inside and look for the listen directive and make sure it’s set to 127.0.0.1:9000.

Jonathan Tittle • February 18, 2017

@jlazerus

What you should end up with is this:

server {
    listen 80;
    servername lazerusdesigns.com www.lazerusdesigns.com;

    root /var/www/lazerusdesigns;

    accesslog /var/log/nginx/www.lazerusdesigns.com.access.log;
    errorlog /var/log/nginx/www.lazerusdesigns.com.error.log;

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;

        include fastcgi_params;
    }
}

Jason Lazerus • February 18, 2017

Its fixed. I had to edit my php.ini and change the value of cgi.fix_pathinfo from 0 to 1.

Jonathan Tittle • February 18, 2017

@jlazerus

What’s inside the file below?

include snippets/fastcgi-php.conf;

Also, just a quick restructure of your server block, just to keep things a little more organized and add a bit that’s missing.

server {
    listen 80;
    servername lazerusdesigns.com www.lazerusdesigns.com;

    root /var/www/lazerusdesigns;
    
    accesslog /var/log/nginx/www.lazerusdesigns.com.access.log;
    errorlog /var/log/nginx/www.lazerusdesigns.com.error.log;
    
    location ~.php$ {
        include snippets/fastcgi-php.conf;
        fastcgipass 127.0.0.1:9000;
        fastcgiparam SCRIPTFILENAME $documentroot$fastcgiscriptname;
        include fastcgiparams;
    }
}

Jason Lazerus • February 18, 2017

Thanks for the response. My fastcgi-php.conf is below. Thanks too for the tips on fixing the server block. I’ll do that now.

# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+\.php)(/.+)$;

# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;

# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;

fastcgi_index index.php;
include fastcgi.conf;

Jason Lazerus • February 18, 2017

If I add index index.php; to my server block, I get a 502 error again.