How do I get Nginx to recognize index.php and not throw a 403 and not serve index.php as a 404?

December 28, 2019 493 views
Nginx PHP

If I drop an index.html file into my web root it is recognized fine. An index.php file is, however, not served and a 403 forbidden is instead served. Unless you explicitly request it in the URI and then it will be served.

But then it is also served as the 404 apparently??? 🤯🤷🏻‍♂️…where any nonsense address or string that would otherwise serve a 404 is serving index.php just fine.

Go figure. As in please, …go help me figure this out. Such a strange matrix of behaviors.

I am using DO’s Nginx configurator, but to be fair have had the same or similar problems on many past Nginx setups. Why setting up sane defaults for index.html and index.php fallbacks is so tedious and invites so much different and often contradictory advice will remain a mystery to me. I’ve seen so many versions now of what a location try_files {} directive “should” look like, I am not sure what to believe.

Any help or hints appreciated.

https://www.digitalocean.com/community/tools/nginx#?0.domain=monogram.dk&0.php=false&0.python&0.index=index.html&0.fallback_html&0.access_log_domain&0.error_log_domain

1 Answer

Hello,

The following Nginx server block usually works well for me:

server {
        listen 80;
        root /var/www/html;
        index index.php index.html index.htm index.nginx-debian.html;
        server_name example.com;

        location / {
                try_files $uri $uri/ =404;
        }

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        }

        location ~ /\.ht {
                deny all;
        }
}

You first need to add the index.php file in the index list and then also have a ~ \.php$ location, so that Nginx would know how to handle the .php requests.

Hope that this helps!
Regards,
Bobby

  • Thanks Bobby. It did. Really appreciate the input. 🙌

    I ended up with an expansion of your basic suggestion incorporating, while also some of the files generated and included from https://www.digitalocean.com/community/tools/nginx in support of SSL, a little better security, etc.

    Seems to be working. Though I am very unclear as to the value, order and importance of basically everything related to php. (the snippets include, the fastcgi_params include, etc.) But as it all seems to work now and is highly performant I will cross fingers and hope for the best.

    # mysite.co Nginx Config
    # Updated Jan 2020
    # Some support + includes from https://www.digitalocean.com/community/tools/nginx
    
    server {
      listen 443 ssl http2;
      listen [::]:443 ssl http2;
    
      server_name mysite.co www.mysite.co;
      root /var/www/mysite.co/public;
    
      # SSL
      ssl_certificate /etc/letsencrypt/live/mysite.co/fullchain.pem;
      ssl_certificate_key /etc/letsencrypt/live/mysite.co/privkey.pem;
      ssl_trusted_certificate /etc/letsencrypt/live/mysite.co/chain.pem;
    
      index index.php index.html index.htm index.nginx-debian.html;
    
      location / {
        try_files $uri $uri/ =404;
      }
    
      # PHP
      location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
        include fastcgi_params;
      }
    
      # Error Handling
      error_page 404 /404.html;
      location = /404.html {
        root /var/www/error/;
        internal;
      }
    
      # Logging
      access_log /var/log/nginx/mysite.co.access.log;
      error_log /var/log/nginx/mysite.co.error.log warn;
    
      # Security
      include nginxconfig.io/security.conf;
    
    }
    
    # HTTP Redirect
    server {
      listen 80;
      listen [::]:80;
      server_name .mysite.co;
    
      include nginxconfig.io/letsencrypt.conf;
    
      location / {
        return 301 https://mysite.co$request_uri;
      }
    }
    
    
    

    I think one thing you didn’t account for that was tripping me up quite a bit was error handling, but I think I have that sorted now. I just want to highlight that for anyone else frustrated with this – the config above is catching both .html and .php 404’s and routing them to a common and custom 404 located in /var/www/error/404.html

    • Hi @kerns,

      No problem at all! Happy to hear that it is working now!

      Also thank you for sharing the additional information here with the community!

      Regards,
      Bobby

Have another answer? Share your knowledge.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!