Question

Fresh WordPress install Showing WSOD (White Screen of Death)

I am running Debian Buster with Nginx, PHP 7.3 and the latest WP v. 5.3.2.

Everything works as it should in my local test env. When I push things to my DO droplet it gets wonky. My site works in full – and I can login to my WP admin and make some changes to certain things (select a new theme, change the name of the site).

But many or most functions do not work, do not load, and just hang on a white page that never renders (the WSOD). Trying to create a new page, or load anything in Gutenberg, or even to do a health check – all of these things just hang and never render or complete loading.

I have a feeling it’s something to do with how php is or is not configured.

My nginx php block looks like this.

  # PHP
  location ~ \.php$ {
    include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
    include fastcgi_params;
  }

Any help or pointers would be appreciated. I enabled the debug setting in wp-config but don’t know where this should be showing up. And further when I tail what I think should be my php log in /var/log/ I can’t see anything being written.


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

*** SOLVED ***

I discovered (belatedly) that the pages were actually loading, just unable to render. Found Content-Security-Policy errors and traced it back to this line in my nginx config for this site.

add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;

Removing this line fixes everything.

I would love to know if this should just be eliminated completely or if it should be modified to accommodate WP in a way that is still more secure. 🙏.

FWIW this was part of a larger block of security policies I originally setup here using this tool hosted by DO.

https://www.digitalocean.com/community/tools/nginx

I didn’t plan on hosting a WP site at the time, but it seems like the security policy for content headers you would have generated is exactly the same even when you do ✅ WordPress.

Something to be aware of if things are mostly working but failing to render in the last mile!

Also, check your browsers dev tools. 🙄 By making an early assumption about where the errors would be (php or nginx logs) I missed early and obvious clues that would eventually point me in the right direction within a matter of seconds.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

And I have double-checked all permissions on files are as they should be. I even did this when WP couldn’t write the wp-config…and it still couldn’t write it. Very strange.

I included the wrong block – this is the one I wanted to include. I have it a few lines up from the PHP block disclosed above.

  location / {
   # try_files $uri $uri/ =404;
    try_files $uri $uri/ /index.php?$args;
  }

Some other clues…

  • The wp-config could not be written by WP, I had to edit it manually.

  • “WordPress Events and News” widget doesn’t load, thinks the network is down

  • Site health similarly hangs, never starts or completes.

  • All previously mentioned functions with Gutenberg, editing or creating a new page fail in a similar way.

And yet the site works! PHP is working.