Question
Stuck on nginx multisite Wordpress (LEMP)
- Posted May 24, 2017
- WordPressNginxNetworkingUbuntu 16.04
Hi! I have read a lot about this, but I can’t figure it out why is not working for me. The idea is the following: I want to host several websites on a single droplet. The scheme is like this:
wargostudio.com -> stuck oncativosa.wargostudio.com -> working fine jalisco.wargostudio.com -> working fine
example2.com sub1.example2.com … etc
when I go to wargostudio.com, I get a blank page. In the error log, the server is trying to access /usr/share/nginx/html/ but** I have specified another path.** Whats going on?
Thanks very much, and sorry for the length of the question.
So my first domain is: wargostudio.com and the config file:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/wargostudio;
index index.php index.html index.htm index.nginx-debian.html;
# include snippets/wp-supercache.conf;
server_name wargostudio.com www.wargostudio.com;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
server {
# SSL configuration
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
include snippets/ssl-wargostudio.com.conf;
include snippets/ssl-params.conf;
}
And one subdomain (oncativosa.wargostudo.com) is like this:
server {
listen 80;
listen [::]:80;
root /var/www/oncativosa;
index index.php index.html index.htm index.nginx-debian.html;
server_name oncativosa.wargostudio.com;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
And finally jalisco.wargostudio.com
server {
listen 80;
listen [::]:80;
root /var/www/jaliscopaletas;
index index.php index.html index.htm index.nginx-debian.html;
include snippets/wp-supercache.conf;
server_name jalisco.wargostudio.com;
# location / {
# try_files $uri $uri/ /index.php?$args;
# }
# Caching of media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm)$ {
expires 2M;
add_header Cache-Control "public";
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
# CSS and Javascript
location ~* \.(?:css|js)$ {
expires 1d;
add_header Cache-Control "public";
}
location ~ /\.ht {
deny all;
}
}
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Try DigitalOcean for free
Click below to sign up and get $100 of credit to try our products over 60 days!
Thanks so much to everyone!!
@francarranza
I’ve actually never seen that error to be honest, though there is one more thing we can try and it doesn’t require too many changes.
Instead of using sockets, we can use TCP.
In each of the
./pool.dfiles we modified, find thelisten =directive. We’ll set PHP-FPM to listen on a specific port instead of using a socket. You’ll increment the port for each site, starting with port 9000./etc/php/7.0/fpm/pool.d/wargostudio.conf
/etc/php/7.0/fpm/pool.d/oncativosa.conf
/etc/php/7.0/fpm/pool.d/jaliscopaletas.conf
No other changes should need to be made as long as you’ve made the previous changes, so let’s go ahead and restart PHP-FPM:
Now we need to modify each NGINX server block to match the new TCP connections.
wargostudio
oncativosa
jaliscopaletas
You’d now restart NGINX:
Now, I can’t tell what’s in
snippets/fastcgi-php.conf, so if you can post that to a code block using the </> icon, we can see if there’s anything there that may be causing some issues too.Hi, thanks for the answer. I’m having now this issue: Connection refused (111), your cache admin is root. It seems to have a problem with the permissions for the new users.
@francarranza
When it comes to PHP-FPM, it’s best to setup a new user for each site, and in turn, a separate config file for each.
Side Note – Take your time on this, it’s lengthy and easy to overlook a step.
The default configuration should be located in:
In that directory, you should see a file (if you’ve not changed the name) named
www.conf. That’s the base configuration file that’ll help you get started.…
To get started, what I would do is create three users:
What these commands do is create a new user, which we’ll use to setup individual PHP-FPM pools. The
-ddefines the home directory for the user.…
Now, with our new users, we’ll create our individual pool files by copying the current pool.
Now, we can simply remove
www.confunless you want to keep it (you can always copy one of the others to a new file using the same command, so it’s not really needed):Now, inside of each of those files, you’ll want to modify the fourth line, which should be:
Change that to
[wargostudio],[oncativosa], or[jaliscopaletas]depending on the file.Now you’ll want to find:
Change that to:
Now you’ll want to find:
And change that to:
As above, the line corresponds to the user we created. This helps us to keep things separated.
Now, finally, in each of the files, find:
And, much like we did with the previous, change that to:
That’s all we need to change in the PHP-FPM configuration files. We then need to make sure that we set our NGINX server block up to reflect the new sockets.
Find each instance of:
And change the path to the socket so that it corresponds with the new user / socket.
The reason for doing all this extra work is to ensure that we have actual separation. It’s not just extra work, rather, it’s adding a layer of security. It separates each user by process as well as prevents one user form modifying the files of another – that’s not possible if every site uses
www-data.Now, we need to make sure permissions are correct. Since we setup new users, we need to make sure our directories and files are owned by these users.
…
At this point, you need to restart PHP-FPM and NGINX:
…
With proper separation and proper permissions, if there are any errors that pop up, they should be more specific.
It’s not recommended to run every site under the same user (i.e.
www-data), which is the point of doing all this – and it should be done for each site, ideally.Beyond the above, I would start with the most basic NGINX configuration possible until you’re up and running 100%. Then add extras to tighten security, work with SSL, etc.
So what I would do is reduce those server blocks down to:
I’ve already modified the socket line in the above for you, so you should be able to just copy and paste.
Make Sure you backup the others first, just in case you need them for reference. The above should work, but it’s nice to have something to fall back to.