Get alerted when assets are down, slow, or vulnerable to SSL attacks—all free for a month. Learn more

Question

Nginx: This site cannot be reached, possible permissions issue?

In the process of setting up nginx on a VPS and am getting the generic ‘site can’t be reached’ error as described in the title. Here’s /etc/nginx/sites-available/domainname.com

server {
        listen 80 default_server;
        listen [::]:80 default_server;

        root /var/www/domainname.com/public;
        index index.php index.html index.htm

        server_name domainname.com;
       location / {
                try_files $uri $uri/ /index.php?$query_string;
        }

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        }

        location ~ /\.ht {
                deny all;
        }
}

This is sym-linked in /etc/nginx/sites-enabled. Both the domain name nor the IP address of the VPS return the same error. I recall a few months ago having a similar problem and ended up needing to alter certain file permissions, and even wrote down what happened, but cannot find my notes on the matter. Still, I suspect permissions to be part of the issue again.

As far as I know, the problem could be permissions on the contents of the nginx directory or of my php directory or the user running the nginx process. To that end, here’s what ls -la returns for /etc/nginx:

 ls -la -R /etc/nginx
/etc/nginx:
total 64
drwxr-xr-x  6 root root 4096 May 29 22:32 .
drwxr-xr-x 98 root root 4096 May 29 22:34 ..
drwxr-xr-x  2 root root 4096 Oct 27  2016 conf.d
-rw-r--r--  1 root root 1077 Apr 26  2016 fastcgi.conf
-rw-r--r--  1 root root 1007 Apr 26  2016 fastcgi_params
-rw-r--r--  1 root root 2837 Apr 26  2016 koi-utf
-rw-r--r--  1 root root 2223 Apr 26  2016 koi-win
-rw-r--r--  1 root root 3957 Apr 26  2016 mime.types
-rw-r--r--  1 root root 1462 Apr 26  2016 nginx.conf
-rw-r--r--  1 root root  180 Apr 26  2016 proxy_params
-rw-r--r--  1 root root  636 Apr 26  2016 scgi_params
drwxr-xr-x  2 root root 4096 May 29 23:25 sites-available
drwxr-xr-x  2 root root 4096 May 29 23:28 sites-enabled
drwxr-xr-x  2 root root 4096 May 29 22:32 snippets
-rw-r--r--  1 root root  664 Apr 26  2016 uwsgi_params
-rw-r--r--  1 root root 3071 Apr 26  2016 win-utf

/etc/nginx/conf.d:
total 8
drwxr-xr-x 2 root root 4096 Oct 27  2016 .
drwxr-xr-x 6 root root 4096 May 29 22:32 ..

/etc/nginx/sites-available:
total 12
drwxr-xr-x 2 root root 4096 May 29 23:25 .
drwxr-xr-x 6 root root 4096 May 29 22:32 ..
-rw-r--r-- 1 root root 2129 May 29 22:57 domainname

/etc/nginx/sites-enabled:
total 8
drwxr-xr-x 2 root root 4096 May 29 23:28 .
drwxr-xr-x 6 root root 4096 May 29 22:32 ..
lrwxrwxrwx 1 root root   34 May 29 22:32 default -> /etc/nginx/sites-available/default
lrwxrwxrwx 1 root root   40 May 29 23:28 domainname -> /etc/nginx/sites-available/domainname

/etc/nginx/snippets:
total 16
drwxr-xr-x 2 root root 4096 May 29 22:32 .
drwxr-xr-x 6 root root 4096 May 29 22:32 ..
-rw-r--r-- 1 root root  422 Apr 26  2016 fastcgi-php.conf
-rw-r--r-- 1 root root  217 Apr 26  2016 snakeoil.conf

And the output for /etc/php:

ls -la -R /etc/php
/etc/php:
total 12
drwxr-xr-x  3 root root 4096 May 29 22:34 .
drwxr-xr-x 98 root root 4096 May 29 22:34 ..
drwxr-xr-x  5 root root 4096 May 29 22:34 7.0

/etc/php/7.0:
total 20
drwxr-xr-x 5 root root 4096 May 29 22:34 .
drwxr-xr-x 3 root root 4096 May 29 22:34 ..
drwxr-xr-x 3 root root 4096 May 29 22:34 cli
drwxr-xr-x 4 root root 4096 May 29 22:40 fpm
drwxr-xr-x 2 root root 4096 May 29 22:34 mods-available

/etc/php/7.0/cli:
total 84
drwxr-xr-x 3 root root  4096 May 29 22:34 .
drwxr-xr-x 5 root root  4096 May 29 22:34 ..
drwxr-xr-x 2 root root  4096 May 29 22:34 conf.d
-rw-r--r-- 1 root root 70655 May 11 23:12 php.ini

/etc/php/7.0/cli/conf.d:
total 8
drwxr-xr-x 2 root root 4096 May 29 22:34 .
drwxr-xr-x 3 root root 4096 May 29 22:34 ..
lrwxrwxrwx 1 root root   39 May 29 22:34 10-opcache.ini -> /etc/php/7.0/mods-available/opcache.ini
lrwxrwxrwx 1 root root   35 May 29 22:34 10-pdo.ini -> /etc/php/7.0/mods-available/pdo.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-calendar.ini -> /etc/php/7.0/mods-available/calendar.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-ctype.ini -> /etc/php/7.0/mods-available/ctype.ini
lrwxrwxrwx 1 root root   36 May 29 22:34 20-exif.ini -> /etc/php/7.0/mods-available/exif.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-fileinfo.ini -> /etc/php/7.0/mods-available/fileinfo.ini
lrwxrwxrwx 1 root root   35 May 29 22:34 20-ftp.ini -> /etc/php/7.0/mods-available/ftp.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-gettext.ini -> /etc/php/7.0/mods-available/gettext.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-iconv.ini -> /etc/php/7.0/mods-available/iconv.ini
lrwxrwxrwx 1 root root   36 May 29 22:34 20-json.ini -> /etc/php/7.0/mods-available/json.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-mbstring.ini -> /etc/php/7.0/mods-available/mbstring.ini
lrwxrwxrwx 1 root root   41 May 29 22:34 20-pdo_pgsql.ini -> /etc/php/7.0/mods-available/pdo_pgsql.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-pgsql.ini -> /etc/php/7.0/mods-available/pgsql.ini
lrwxrwxrwx 1 root root   36 May 29 22:34 20-phar.ini -> /etc/php/7.0/mods-available/phar.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-posix.ini -> /etc/php/7.0/mods-available/posix.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-readline.ini -> /etc/php/7.0/mods-available/readline.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-shmop.ini -> /etc/php/7.0/mods-available/shmop.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sockets.ini -> /etc/php/7.0/mods-available/sockets.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sysvmsg.ini -> /etc/php/7.0/mods-available/sysvmsg.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sysvsem.ini -> /etc/php/7.0/mods-available/sysvsem.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sysvshm.ini -> /etc/php/7.0/mods-available/sysvshm.ini
lrwxrwxrwx 1 root root   41 May 29 22:34 20-tokenizer.ini -> /etc/php/7.0/mods-available/tokenizer.ini

/etc/php/7.0/fpm:
total 96
drwxr-xr-x 4 root root  4096 May 29 22:40 .
drwxr-xr-x 5 root root  4096 May 29 22:34 ..
drwxr-xr-x 2 root root  4096 May 29 22:34 conf.d
-rw-r--r-- 1 root root  4421 May 11 23:12 php-fpm.conf
-rw-r--r-- 1 root root 70997 May 29 22:40 php.ini
drwxr-xr-x 2 root root  4096 May 29 22:34 pool.d

/etc/php/7.0/fpm/conf.d:
total 8
drwxr-xr-x 2 root root 4096 May 29 22:34 .
drwxr-xr-x 4 root root 4096 May 29 22:40 ..
lrwxrwxrwx 1 root root   39 May 29 22:34 10-opcache.ini -> /etc/php/7.0/mods-available/opcache.ini
lrwxrwxrwx 1 root root   35 May 29 22:34 10-pdo.ini -> /etc/php/7.0/mods-available/pdo.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-calendar.ini -> /etc/php/7.0/mods-available/calendar.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-ctype.ini -> /etc/php/7.0/mods-available/ctype.ini
lrwxrwxrwx 1 root root   36 May 29 22:34 20-exif.ini -> /etc/php/7.0/mods-available/exif.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-fileinfo.ini -> /etc/php/7.0/mods-available/fileinfo.ini
lrwxrwxrwx 1 root root   35 May 29 22:34 20-ftp.ini -> /etc/php/7.0/mods-available/ftp.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-gettext.ini -> /etc/php/7.0/mods-available/gettext.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-iconv.ini -> /etc/php/7.0/mods-available/iconv.ini
lrwxrwxrwx 1 root root   36 May 29 22:34 20-json.ini -> /etc/php/7.0/mods-available/json.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-mbstring.ini -> /etc/php/7.0/mods-available/mbstring.ini
lrwxrwxrwx 1 root root   41 May 29 22:34 20-pdo_pgsql.ini -> /etc/php/7.0/mods-available/pdo_pgsql.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-pgsql.ini -> /etc/php/7.0/mods-available/pgsql.ini
lrwxrwxrwx 1 root root   36 May 29 22:34 20-phar.ini -> /etc/php/7.0/mods-available/phar.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-posix.ini -> /etc/php/7.0/mods-available/posix.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-readline.ini -> /etc/php/7.0/mods-available/readline.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-shmop.ini -> /etc/php/7.0/mods-available/shmop.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sockets.ini -> /etc/php/7.0/mods-available/sockets.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sysvmsg.ini -> /etc/php/7.0/mods-available/sysvmsg.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sysvsem.ini -> /etc/php/7.0/mods-available/sysvsem.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sysvshm.ini -> /etc/php/7.0/mods-available/sysvshm.ini
lrwxrwxrwx 1 root root   41 May 29 22:34 20-tokenizer.ini -> /etc/php/7.0/mods-available/tokenizer.ini

/etc/php/7.0/fpm/pool.d:
total 28
drwxr-xr-x 2 root root  4096 May 29 22:34 .
drwxr-xr-x 4 root root  4096 May 29 22:40 ..
-rw-r--r-- 1 root root 18508 May 11 23:12 www.conf

/etc/php/7.0/mods-available:
total 96
drwxr-xr-x 2 root root 4096 May 29 22:34 .
drwxr-xr-x 5 root root 4096 May 29 22:34 ..
-rw-r--r-- 1 root root   74 May 11 23:12 calendar.ini
-rw-r--r-- 1 root root   71 May 11 23:12 ctype.ini
-rw-r--r-- 1 root root   70 May 11 23:12 exif.ini
-rw-r--r-- 1 root root   74 May 11 23:12 fileinfo.ini
-rw-r--r-- 1 root root   69 May 11 23:12 ftp.ini
-rw-r--r-- 1 root root   73 May 11 23:12 gettext.ini
-rw-r--r-- 1 root root   71 May 11 23:12 iconv.ini
-rw-r--r-- 1 root root   68 May 11 23:12 json.ini
-rw-r--r-- 1 root root   76 May 11 23:12 mbstring.ini
-rw-r--r-- 1 root root   79 May 11 23:12 opcache.ini
-rw-r--r-- 1 root root   69 May 11 23:12 pdo.ini
-rw-r--r-- 1 root root   74 May 11 23:12 pdo_pgsql.ini
-rw-r--r-- 1 root root   70 May 11 23:12 pgsql.ini
-rw-r--r-- 1 root root   70 May 11 23:12 phar.ini
-rw-r--r-- 1 root root   71 May 11 23:12 posix.ini
-rw-r--r-- 1 root root   76 May 11 23:12 readline.ini
-rw-r--r-- 1 root root   71 May 11 23:12 shmop.ini
-rw-r--r-- 1 root root   73 May 11 23:12 sockets.ini
-rw-r--r-- 1 root root   73 May 11 23:12 sysvmsg.ini
-rw-r--r-- 1 root root   73 May 11 23:12 sysvsem.ini
-rw-r--r-- 1 root root   73 May 11 23:12 sysvshm.ini
-rw-r--r-- 1 root root   75 May 11 23:12 tokenizer.ini

Here are the relevant processes from ps aux

root     28217  0.0  2.8 287700 29156 ?        Ss   22:48   0:00 php-fpm: master process (/etc/php/7.0/fpm/php-fpm.conf)
www-data 28221  0.0  0.6 287700  7052 ?        S    22:48   0:00 php-fpm: pool www
www-data 28222  0.0  0.6 287700  7052 ?        S    22:48   0:00 php-fpm: pool www
root     28405  0.0  0.1 124972  1416 ?        Ss   23:00   0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data 28406  0.0  0.3 125308  3148 ?        S    23:00   0:00 nginx: worker process

I have a user created in my name with sudo privileges on which I’m doing the actual work, but I’m not sure if I should be allocating permissions to that user or if I should instead be using www-data?

Show comments
Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Jonathan TittleMay 30, 2017

@elem

PHP-FPM runs as the user that’s defined in the pool.d configuration file.

You’ll find the pool configuration file in this directory. It should be www.conf unless you’ve added a new one.

/etc/php/7.0/fpm/pool.d

By default, that user is www-data, so that user and group will need to own the files associated with the site. That said, you should run with this user, or with a non-root user. The root user shouldn’t own your files, or run the process, so to fix that, we can use chown to set proper ownership.

chown -R www-data:www-data /var/www/domainname.com/*

That will recursively change ownership of the files and directories.

That said, you also need to add a ; at the end of this line:

index index.php index.html index.htm

So that it looks like:

index index.php index.html index.htm;

Depending on the type of site this is, you may also want to change $query_string to $args – this is especially true for WordPress sites.

After making changes to the configuration file, you’ll need to restart NGINX.

service nginx restart
Matthew SpurrierMay 30, 2017

There’s a missing ; on index - perhaps NginX is failing to parse your config because of that.

You should also run the NginX syntax check by running ‘nginx -t’

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up