paveltashev
By:
paveltashev

NGINX issue, curl work but request from the browser doesn't

November 1, 2015 17.4k views
Nginx

Hello,

I purchased a droplet yesterday with Ubuntu 14.04x64. Here is what I have installed:

I opened my /etc/nginx/nginx.conf file and and changed its configuration like this:

user www-data;
worker_processes 1;
pid /run/nginx.pid;

events {
        worker_connections 1024;
        multi_accept on;
}

http {

        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;

        #keepalive_timeout 65;
        types_hash_max_size 2048;
        # server_tokens off;

        server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # Additional settings
        ##
        client_body_buffer_size 10K;
        client_header_buffer_size 1k;
        client_max_body_size 8m;
        large_client_header_buffers 2 1k;

        client_body_timeout 12;
        client_header_timeout 12;
        keepalive_timeout 15;
        send_timeout 10;

        open_file_cache max=5000 inactive=20s;
        open_file_cache_valid 30s;
        open_file_cache_min_uses 2;

        open_file_cache_errors on;

        ##
        # Logging Settings
        ##
        access_log /var/log/nginx/access.log;
        #access_log off;
        error_log /var/log/nginx/error.log;
        #error_log /var/log/nginx/error.log crit;

        ##
        # Gzip Settings
        ##

        gzip on;
        gzip_disable "msie6";

        # gzip_vary on;
        # gzip_proxied any;
        gzip_proxied     expired no-cache no-store private auth;
        gzip_comp_level 2;
        gzip_min_length  1000;
        gzip_buffers 4 32k;

        # gzip_http_version 1.1;
        gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

        ##
        # nginx-naxsi config
        ##
        # Uncomment it if you installed nginx-naxsi
        ##

        #include /etc/nginx/naxsi_core.rules;

        ##
        # nginx-passenger config
        ##
        # Uncomment it if you installed nginx-passenger
        ##

        #passenger_root /usr;
        #passenger_ruby /usr/bin/ruby;

        ##
        # Virtual Host Configs
        ##


        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}


#mail {
#       # See sample authentication script at:
#       # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
#       # auth_http localhost/auth.php;
#       # pop3_capabilities "TOP" "USER";
#       # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
#       server {
#               listen     localhost:110;
#               protocol   pop3;
#               proxy      on;
#       }
#
#       server {
#               listen     localhost:143;
#               protocol   imap;

#               proxy      on;
#       }
#}

I also opened /sites-available and i created two files: web1 and web2. The content of we1 is:

server {
        listen 80 default_server;
        listen [::]:80 ipv6only=on default_server;

        root /var/www/web1;
        index index.php index.html index.htm;

        server_name web1.com;

        location / {
                try_files $uri $uri/ /index.php?$query_string;
        }

        location ~ \.php$ {
                try_files $uri /index.php =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
        }
}

The content of web2 is:

server {
        listen 80;
        listen [::]:80;

        root /var/www/web2;
        index index.php index.html index.htm;

        server_name web2.com;

        location / {
                try_files $uri $uri/ /index.php?$query_string;
        }

        location ~ \.php$ {
                try_files $uri /index.php =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
        }
}

Also, the directories: /var/www/web1 and /var/www/web2 have index.html files. The domains web1.com and web2.com have DNS records to the servers of Digital Ocean and also they have A records pointing to the droplet.

Also I have created soft link to /etc/nginx/sites-enabled. Here are they:

web1 -> /etc/nginx/sites-available/web1
web2 -> /etc/nginx/sites-available/web2

I restarted nginx: service nginx reload

And here is the issue:

  • When I try to access web1.com from my web browser it returns my a message "This webpage is not available".
  • When I execute a curl request from another server:
curl web1.com

I get the expected content which is in the index.html file.

I searched a lot in Google and I can't anyone with identical issue. Can anyone help me please?

Ou, and before I forget, I checked port 80

netstat -tulpn | grep :80

and here is what I get:

tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      6001/nginx
tcp6       0      0 :::80                   :::*                    LISTEN      6001/nginx
Log In to Comment
2 Answers
jtittle1 November 2, 2015

@paveltashev - The issue is most likely one associated with permissions, or lack thereof. You'll want to verify that the files & directories that you're trying to access from the browser have proper permissions and that the user associated with the files & directories has proper permissions as well.

For each file and directory, there's a user:group association (which, ideally, should not be root:root - it should be a user:group that is restricted from global access, such as www-data - which would look like www-data:www-data).

Since NGINX is already, from the above configuration, setup to use www-data as well, ensuring that the files and directories are owned by www-data as well should allow you to view & access them, though if not, you may want to check the actual permissions.

To change ownership, you'll need to use the chown command and to prevent you from having to do a file-by-file or directory-by-directory chown, you'll want to use the -R option (a capital R), which means recursive - as in the command will recursively change the owned of all files and directories in the path provided.

Using /var/www/web2 as an example:

chown -R www-data:www-data /var/www/web2

The above command will set web2 and all files + sub-directories to be owned by www-data, while leaving /var/www alone.

--

You'll also need to check to see what user PHP is running as. Change your directory over to /etc/php5/fpm/pool.d/:

cd /etc/php5/fpm/pool.d/

.. and find the configuration file associated with your domain. By default, www.conf is the only one that exists. If you've not created additional configuration files, simply edit this one using nano or the editor of your choice:

nano www.conf

You'll want to search for user = and group = and ensure that they are set to www-data. If you're using a socket connection instead of TCP, you'll also want to make sure that listen.owner and listen.group are set to www-data as well.

A socket connection can be identified by the listen = directive being set to a path ending with file.sock (i.e. /var/php5/php.sock) while a TCP connection will be in the format of IPADDR:PORT (i.e. 127.0.0.1:9000).

Reply
paveltashev November 2, 2015

@jtittle and everyone who is going to read the current post. The reason for the issue was quite stupid and it is my fault that I haven't noticed this option. It's called...DNS. I changed the DNS of the domains a day before I notice the issue...and even more then a day. Then according to who.is the DNS's were changed I thought that this shouldn't the reason for the issue, but here we are. Sometimes this propagation may take much longer and that was my case. Now everything works just fine.

So, I close the issue.

@jtittle, thank you for you response. Even the fact that you have wrote a reply is helpful. By the way, the directories rights are configured correctly and PHP is running.

Thanks!
Pavel

Reply
  • jtittle1 November 2, 2015

    @paveltashev - No problem at all, always happy to help where I can -- glad to hear that the issue is resolved and that it was only an issue of DNS propagation as opposed to permissions :-).

Have another answer? Share your knowledge.

Related Questions