问题描述
我正在尝试使用Nginx和php-fpm配置我的Web服务器
我以前已经在本地计算机和开发服务器中成功配置了,但是现在没有在AWS中成功配置.
唯一的区别是我从生产服务器中的源代码安装了Nginx
它在我的/var/log/nginx/error.log中给出了这样的错误
2014/03/11 11:09:19 [error] 11138#0: *1 FastCGI sent in stderr: "Access to the script '/home/ambassador-portal/ambassador-api/web' has been denied (see security.limit_extensions)" while reading response header from upstream, client: 202.62.16.225, server: brandapi.whatiwear.com, request: "GET /app_dev.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "brandapi.whatiwear.com", referrer: "http://brandapi.whatiwear.com/"
虽然php-fpm中的错误日志没有给出错误
这是我的nginx.conf
user root;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip on;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
include /usr/local/nginx/conf/sites-enabled/*.conf;
}
这是我的nginx_host.conf
server {
server_name brandapi.whatiwear.com;
access_log /var/log/nginx/brandapi_access.log;
error_log /var/log/nginx/brandapi_error.log;
root /home/ambassador-portal/ambassador-api/web;
disable_symlinks off;
autoindex on;
location / {
try_files $uri $uri/ /app.php$uri?$args;
}
location ~ \.htaccess {
deny all;
}
location ~ \.php$ {
fastcgi_split_path_info ^((?U).+\.php)(.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include /usr/local/nginx/conf/fastcgi_params;
}
}
这是我的/etc/php5/fpm/conf/www.conf
; Start a new pool named 'www'.
[www]
listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1
user = ec2-user
group = ec2-user
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
security.limit_extensions = .php .php3 .php4 .php5 .html .htm
php_admin_value[error_log] = /var/log/php-fpm/5.5/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M
; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/5.5/session
我已阅读对nginx和php的访问被拒绝,然后尝试到chmod,我已经尝试从所有文件禁止使用Nginx 403的解决方案这是我的结果
dr-xr-xr-x root root /
drwxr-xr-x root root home
drwxr-xr-x ec2-user ec2-user ambassador-portal
drwxr-xr-x ec2-user ec2-user ambassador-api
drwxr-xr-x ec2-user ec2-user web
我打开自动索引只是为了查看我的根目录是否正确,奇怪的是我可以打开除PHP文件以外的所有文件
您可以在 http://brandapi.whatiwear.com/
我的网络服务器出了什么问题??
我从nginx.conf
文件中删除了这两个配置.
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
有效.
I am trying to configure my webserver using Nginx and php-fpm
I have successfully configured before in my local computer and dev server, but not now in AWS.
The only difference is I installed Nginx from a source in production server
It gives an error like these in my /var/log/nginx/error.log
2014/03/11 11:09:19 [error] 11138#0: *1 FastCGI sent in stderr: "Access to the script '/home/ambassador-portal/ambassador-api/web' has been denied (see security.limit_extensions)" while reading response header from upstream, client: 202.62.16.225, server: brandapi.whatiwear.com, request: "GET /app_dev.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "brandapi.whatiwear.com", referrer: "http://brandapi.whatiwear.com/"
While the error log in php-fpm gives no error
Here is my nginx.conf
user root;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip on;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
include /usr/local/nginx/conf/sites-enabled/*.conf;
}
Here is my nginx_host.conf
server {
server_name brandapi.whatiwear.com;
access_log /var/log/nginx/brandapi_access.log;
error_log /var/log/nginx/brandapi_error.log;
root /home/ambassador-portal/ambassador-api/web;
disable_symlinks off;
autoindex on;
location / {
try_files $uri $uri/ /app.php$uri?$args;
}
location ~ \.htaccess {
deny all;
}
location ~ \.php$ {
fastcgi_split_path_info ^((?U).+\.php)(.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include /usr/local/nginx/conf/fastcgi_params;
}
}
Here is my /etc/php5/fpm/conf/www.conf
; Start a new pool named 'www'.
[www]
listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1
user = ec2-user
group = ec2-user
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
security.limit_extensions = .php .php3 .php4 .php5 .html .htm
php_admin_value[error_log] = /var/log/php-fpm/5.5/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M
; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/5.5/session
I've read from access denied on nginx and php and try to chmod and I've tried the solution from Nginx 403 forbidden for all files and here is my result
dr-xr-xr-x root root /
drwxr-xr-x root root home
drwxr-xr-x ec2-user ec2-user ambassador-portal
drwxr-xr-x ec2-user ec2-user ambassador-api
drwxr-xr-x ec2-user ec2-user web
I turned the autoindex on just for seeing if my root directory is right, the weird thing is I can open all files except PHP files
You can see a live example at http://brandapi.whatiwear.com/
What is wrong with my webserver..?
I removed these two configurations from the nginx.conf
file.
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
It works.
这篇关于在stderr中发送的Nginx错误FastCGI:“对脚本[文件夹]的访问已被拒绝(请参阅security.limit_extensions)".的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!