What's wrong with the config?

M

Mark Rosenthal2015-11-19 22:40:19

Nginx

Mark Rosenthal, 2015-11-19 22:40:19

Hello!
index.html is read, index.php is not. Below is the sites-available config. Nginx.conf did not touch.
Rules rights. php5-fpm is worth it.
What's wrong?

server {
        listen 80 default_server;
        listen [::]:80 default_server ipv6only=on;
        return 301 https://$server_name$request_uri;
        root /var/www/html;
        index index.php index.html;

        # Make site accessible from http://localhost/
        server_name localhost;

        location / {
        try_files $uri $uri/ =404;
                }
        error_page 404 /404.html;
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
        root /var/www/html;
        }
        location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #       deny all;
        #}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
#       listen 8000;
#       listen somename:8080;
#       server_name somename alias another.alias;
#       root html;
#       index index.html index.htm;
#
#       location / {
#               try_files $uri $uri/ =404;
#       }
#}


server {
    listen 443 ssl spdy;

    ssl on;
    ssl_certificate /etc/nginx/ssl/bundle.crt;
    ssl_certificate_key /etc/nginx/ssl/main.key;
    # side note: only use TLS since SSLv2 and SSLv3 have had recent vulnerabilities
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

    # ...

}

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

M

Mark Rosenthal, 2015-11-20
@font

I drew a config from pieces of Internet configs.
Let me remind you that the problem was both with index.php and with SSL: via http gotl to the site, via http - no.

server {
        listen 80 default_server;
        listen [::]:80 default_server ipv6only=on;

        root /usr/share/nginx/html;
        index index.html index.php index.htm;

        # Make site accessible from http://localhost/
        server_name localhost;
  return 301 https://$server_name$request_uri;
        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ /index.html;
                # Uncomment to enable naxsi on this location
                # include /etc/nginx/naxsi.rules
        }
}

server {
    # We also enable the SPDY protocol
    listen 443 ssl spdy;

    # Our SSL certificate
    ssl on;
    ssl_certificate /etc/nginx/ssl/bundle.crt;
    ssl_certificate_key /etc/nginx/ssl/main.key;

    # You can change the default root directory here
    root /usr/share/nginx/html;

    index index.php;

    # Your domain name
    server_name localhost;

    # The maximum body size, useful for file uploads
    client_max_body_size 10M;

    location / {
        try_files $uri $uri/ =404;
    }

    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }

    # PHP-FPM configuration
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi.conf;
    }

    # Deny access to the directory data
    location ~* /data {
            deny all;
            return 404;
    }

    # Deny access to .htaccess
    location ~ /\.ht {
            deny all;
            return 404;
    }
}

I

Igor Alyakimov, 2015-11-19
@kaiten

What is the error when accessing index.php, what's in the php-fpm log?