Nginx: This site cannot be reached, possible permissions issue?

Question

In the process of setting up nginx on a VPS and am getting the generic ‘site can’t be reached’ error as described in the title. Here’s /etc/nginx/sites-available/domainname.com

server {
        listen 80 default_server;
        listen [::]:80 default_server;

        root /var/www/domainname.com/public;
        index index.php index.html index.htm

        server_name domainname.com;
       location / {
                try_files $uri $uri/ /index.php?$query_string;
        }

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        }

        location ~ /\.ht {
                deny all;
        }
}

This is sym-linked in /etc/nginx/sites-enabled. Both the domain name nor the IP address of the VPS return the same error. I recall a few months ago having a similar problem and ended up needing to alter certain file permissions, and even wrote down what happened, but cannot find my notes on the matter. Still, I suspect permissions to be part of the issue again.

As far as I know, the problem could be permissions on the contents of the nginx directory or of my php directory or the user running the nginx process. To that end, here’s what ls -la returns for /etc/nginx:

 ls -la -R /etc/nginx
/etc/nginx:
total 64
drwxr-xr-x  6 root root 4096 May 29 22:32 .
drwxr-xr-x 98 root root 4096 May 29 22:34 ..
drwxr-xr-x  2 root root 4096 Oct 27  2016 conf.d
-rw-r--r--  1 root root 1077 Apr 26  2016 fastcgi.conf
-rw-r--r--  1 root root 1007 Apr 26  2016 fastcgi_params
-rw-r--r--  1 root root 2837 Apr 26  2016 koi-utf
-rw-r--r--  1 root root 2223 Apr 26  2016 koi-win
-rw-r--r--  1 root root 3957 Apr 26  2016 mime.types
-rw-r--r--  1 root root 1462 Apr 26  2016 nginx.conf
-rw-r--r--  1 root root  180 Apr 26  2016 proxy_params
-rw-r--r--  1 root root  636 Apr 26  2016 scgi_params
drwxr-xr-x  2 root root 4096 May 29 23:25 sites-available
drwxr-xr-x  2 root root 4096 May 29 23:28 sites-enabled
drwxr-xr-x  2 root root 4096 May 29 22:32 snippets
-rw-r--r--  1 root root  664 Apr 26  2016 uwsgi_params
-rw-r--r--  1 root root 3071 Apr 26  2016 win-utf

/etc/nginx/conf.d:
total 8
drwxr-xr-x 2 root root 4096 Oct 27  2016 .
drwxr-xr-x 6 root root 4096 May 29 22:32 ..

/etc/nginx/sites-available:
total 12
drwxr-xr-x 2 root root 4096 May 29 23:25 .
drwxr-xr-x 6 root root 4096 May 29 22:32 ..
-rw-r--r-- 1 root root 2129 May 29 22:57 domainname

/etc/nginx/sites-enabled:
total 8
drwxr-xr-x 2 root root 4096 May 29 23:28 .
drwxr-xr-x 6 root root 4096 May 29 22:32 ..
lrwxrwxrwx 1 root root   34 May 29 22:32 default -> /etc/nginx/sites-available/default
lrwxrwxrwx 1 root root   40 May 29 23:28 domainname -> /etc/nginx/sites-available/domainname

/etc/nginx/snippets:
total 16
drwxr-xr-x 2 root root 4096 May 29 22:32 .
drwxr-xr-x 6 root root 4096 May 29 22:32 ..
-rw-r--r-- 1 root root  422 Apr 26  2016 fastcgi-php.conf
-rw-r--r-- 1 root root  217 Apr 26  2016 snakeoil.conf

And the output for /etc/php:

ls -la -R /etc/php
/etc/php:
total 12
drwxr-xr-x  3 root root 4096 May 29 22:34 .
drwxr-xr-x 98 root root 4096 May 29 22:34 ..
drwxr-xr-x  5 root root 4096 May 29 22:34 7.0

/etc/php/7.0:
total 20
drwxr-xr-x 5 root root 4096 May 29 22:34 .
drwxr-xr-x 3 root root 4096 May 29 22:34 ..
drwxr-xr-x 3 root root 4096 May 29 22:34 cli
drwxr-xr-x 4 root root 4096 May 29 22:40 fpm
drwxr-xr-x 2 root root 4096 May 29 22:34 mods-available

/etc/php/7.0/cli:
total 84
drwxr-xr-x 3 root root  4096 May 29 22:34 .
drwxr-xr-x 5 root root  4096 May 29 22:34 ..
drwxr-xr-x 2 root root  4096 May 29 22:34 conf.d
-rw-r--r-- 1 root root 70655 May 11 23:12 php.ini

/etc/php/7.0/cli/conf.d:
total 8
drwxr-xr-x 2 root root 4096 May 29 22:34 .
drwxr-xr-x 3 root root 4096 May 29 22:34 ..
lrwxrwxrwx 1 root root   39 May 29 22:34 10-opcache.ini -> /etc/php/7.0/mods-available/opcache.ini
lrwxrwxrwx 1 root root   35 May 29 22:34 10-pdo.ini -> /etc/php/7.0/mods-available/pdo.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-calendar.ini -> /etc/php/7.0/mods-available/calendar.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-ctype.ini -> /etc/php/7.0/mods-available/ctype.ini
lrwxrwxrwx 1 root root   36 May 29 22:34 20-exif.ini -> /etc/php/7.0/mods-available/exif.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-fileinfo.ini -> /etc/php/7.0/mods-available/fileinfo.ini
lrwxrwxrwx 1 root root   35 May 29 22:34 20-ftp.ini -> /etc/php/7.0/mods-available/ftp.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-gettext.ini -> /etc/php/7.0/mods-available/gettext.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-iconv.ini -> /etc/php/7.0/mods-available/iconv.ini
lrwxrwxrwx 1 root root   36 May 29 22:34 20-json.ini -> /etc/php/7.0/mods-available/json.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-mbstring.ini -> /etc/php/7.0/mods-available/mbstring.ini
lrwxrwxrwx 1 root root   41 May 29 22:34 20-pdo_pgsql.ini -> /etc/php/7.0/mods-available/pdo_pgsql.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-pgsql.ini -> /etc/php/7.0/mods-available/pgsql.ini
lrwxrwxrwx 1 root root   36 May 29 22:34 20-phar.ini -> /etc/php/7.0/mods-available/phar.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-posix.ini -> /etc/php/7.0/mods-available/posix.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-readline.ini -> /etc/php/7.0/mods-available/readline.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-shmop.ini -> /etc/php/7.0/mods-available/shmop.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sockets.ini -> /etc/php/7.0/mods-available/sockets.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sysvmsg.ini -> /etc/php/7.0/mods-available/sysvmsg.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sysvsem.ini -> /etc/php/7.0/mods-available/sysvsem.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sysvshm.ini -> /etc/php/7.0/mods-available/sysvshm.ini
lrwxrwxrwx 1 root root   41 May 29 22:34 20-tokenizer.ini -> /etc/php/7.0/mods-available/tokenizer.ini

/etc/php/7.0/fpm:
total 96
drwxr-xr-x 4 root root  4096 May 29 22:40 .
drwxr-xr-x 5 root root  4096 May 29 22:34 ..
drwxr-xr-x 2 root root  4096 May 29 22:34 conf.d
-rw-r--r-- 1 root root  4421 May 11 23:12 php-fpm.conf
-rw-r--r-- 1 root root 70997 May 29 22:40 php.ini
drwxr-xr-x 2 root root  4096 May 29 22:34 pool.d

/etc/php/7.0/fpm/conf.d:
total 8
drwxr-xr-x 2 root root 4096 May 29 22:34 .
drwxr-xr-x 4 root root 4096 May 29 22:40 ..
lrwxrwxrwx 1 root root   39 May 29 22:34 10-opcache.ini -> /etc/php/7.0/mods-available/opcache.ini
lrwxrwxrwx 1 root root   35 May 29 22:34 10-pdo.ini -> /etc/php/7.0/mods-available/pdo.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-calendar.ini -> /etc/php/7.0/mods-available/calendar.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-ctype.ini -> /etc/php/7.0/mods-available/ctype.ini
lrwxrwxrwx 1 root root   36 May 29 22:34 20-exif.ini -> /etc/php/7.0/mods-available/exif.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-fileinfo.ini -> /etc/php/7.0/mods-available/fileinfo.ini
lrwxrwxrwx 1 root root   35 May 29 22:34 20-ftp.ini -> /etc/php/7.0/mods-available/ftp.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-gettext.ini -> /etc/php/7.0/mods-available/gettext.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-iconv.ini -> /etc/php/7.0/mods-available/iconv.ini
lrwxrwxrwx 1 root root   36 May 29 22:34 20-json.ini -> /etc/php/7.0/mods-available/json.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-mbstring.ini -> /etc/php/7.0/mods-available/mbstring.ini
lrwxrwxrwx 1 root root   41 May 29 22:34 20-pdo_pgsql.ini -> /etc/php/7.0/mods-available/pdo_pgsql.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-pgsql.ini -> /etc/php/7.0/mods-available/pgsql.ini
lrwxrwxrwx 1 root root   36 May 29 22:34 20-phar.ini -> /etc/php/7.0/mods-available/phar.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-posix.ini -> /etc/php/7.0/mods-available/posix.ini
lrwxrwxrwx 1 root root   40 May 29 22:34 20-readline.ini -> /etc/php/7.0/mods-available/readline.ini
lrwxrwxrwx 1 root root   37 May 29 22:34 20-shmop.ini -> /etc/php/7.0/mods-available/shmop.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sockets.ini -> /etc/php/7.0/mods-available/sockets.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sysvmsg.ini -> /etc/php/7.0/mods-available/sysvmsg.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sysvsem.ini -> /etc/php/7.0/mods-available/sysvsem.ini
lrwxrwxrwx 1 root root   39 May 29 22:34 20-sysvshm.ini -> /etc/php/7.0/mods-available/sysvshm.ini
lrwxrwxrwx 1 root root   41 May 29 22:34 20-tokenizer.ini -> /etc/php/7.0/mods-available/tokenizer.ini

/etc/php/7.0/fpm/pool.d:
total 28
drwxr-xr-x 2 root root  4096 May 29 22:34 .
drwxr-xr-x 4 root root  4096 May 29 22:40 ..
-rw-r--r-- 1 root root 18508 May 11 23:12 www.conf

/etc/php/7.0/mods-available:
total 96
drwxr-xr-x 2 root root 4096 May 29 22:34 .
drwxr-xr-x 5 root root 4096 May 29 22:34 ..
-rw-r--r-- 1 root root   74 May 11 23:12 calendar.ini
-rw-r--r-- 1 root root   71 May 11 23:12 ctype.ini
-rw-r--r-- 1 root root   70 May 11 23:12 exif.ini
-rw-r--r-- 1 root root   74 May 11 23:12 fileinfo.ini
-rw-r--r-- 1 root root   69 May 11 23:12 ftp.ini
-rw-r--r-- 1 root root   73 May 11 23:12 gettext.ini
-rw-r--r-- 1 root root   71 May 11 23:12 iconv.ini
-rw-r--r-- 1 root root   68 May 11 23:12 json.ini
-rw-r--r-- 1 root root   76 May 11 23:12 mbstring.ini
-rw-r--r-- 1 root root   79 May 11 23:12 opcache.ini
-rw-r--r-- 1 root root   69 May 11 23:12 pdo.ini
-rw-r--r-- 1 root root   74 May 11 23:12 pdo_pgsql.ini
-rw-r--r-- 1 root root   70 May 11 23:12 pgsql.ini
-rw-r--r-- 1 root root   70 May 11 23:12 phar.ini
-rw-r--r-- 1 root root   71 May 11 23:12 posix.ini
-rw-r--r-- 1 root root   76 May 11 23:12 readline.ini
-rw-r--r-- 1 root root   71 May 11 23:12 shmop.ini
-rw-r--r-- 1 root root   73 May 11 23:12 sockets.ini
-rw-r--r-- 1 root root   73 May 11 23:12 sysvmsg.ini
-rw-r--r-- 1 root root   73 May 11 23:12 sysvsem.ini
-rw-r--r-- 1 root root   73 May 11 23:12 sysvshm.ini
-rw-r--r-- 1 root root   75 May 11 23:12 tokenizer.ini

Here are the relevant processes from ps aux

root     28217  0.0  2.8 287700 29156 ?        Ss   22:48   0:00 php-fpm: master process (/etc/php/7.0/fpm/php-fpm.conf)
www-data 28221  0.0  0.6 287700  7052 ?        S    22:48   0:00 php-fpm: pool www
www-data 28222  0.0  0.6 287700  7052 ?        S    22:48   0:00 php-fpm: pool www
root     28405  0.0  0.1 124972  1416 ?        Ss   23:00   0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data 28406  0.0  0.3 125308  3148 ?        S    23:00   0:00 nginx: worker process

I have a user created in my name with sudo privileges on which I’m doing the actual work, but I’m not sure if I should be allocating permissions to that user or if I should instead be using www-data?

Jonathan Tittle · Answer

@elem

PHP-FPM runs as the user that’s defined in the pool.d configuration file.

You’ll find the pool configuration file in this directory. It should be www.conf unless you’ve added a new one.

/etc/php/7.0/fpm/pool.d

By default, that user is www-data, so that user and group will need to own the files associated with the site. That said, you should run with this user, or with a non-root user. The root user shouldn’t own your files, or run the process, so to fix that, we can use chown to set proper ownership.

chown -R www-data:www-data /var/www/domainname.com/*

That will recursively change ownership of the files and directories.

…

That said, you also need to add a ; at the end of this line:

index index.php index.html index.htm

So that it looks like:

index index.php index.html index.htm;

…

Depending on the type of site this is, you may also want to change $query_string to $args – this is especially true for WordPress sites.

After making changes to the configuration file, you’ll need to restart NGINX.

service nginx restart

Matthew Spurrier · Answer

There’s a missing ; on index - perhaps NginX is failing to parse your config because of that. You should also run the NginX syntax check by running ‘nginx -t’

Related

Question

Nginx: This site cannot be reached, possible permissions issue?

Related