nginx

nginx

关注
发信
关注(28)粉丝(399)

在stderr中发送的Nginx错误FastCGI:“对脚本[文件夹]的访问已被拒绝(请参阅security.limit_extensions)".

本文介绍了在stderr中发送的Nginx错误FastCGI:“对脚本[文件夹]的访问已被拒绝(请参阅security.limit_extensions)".的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试使用Nginx和php-fpm配置我的Web服务器
我以前已经在本地计算机和开发服务器中成功配置了,但是现在没有在AWS中成功配置.
唯一的区别是我从生产服务器中的源代码安装了Nginx

它在我的/var/log/nginx/error.log中给出了这样的错误

2014/03/11 11:09:19 [error] 11138#0: *1 FastCGI sent in stderr: "Access to the script '/home/ambassador-portal/ambassador-api/web' has been denied (see security.limit_extensions)" while reading response header from upstream, client: 202.62.16.225, server: brandapi.whatiwear.com, request: "GET /app_dev.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "brandapi.whatiwear.com", referrer: "http://brandapi.whatiwear.com/"

虽然php-fpm中的错误日志没有给出错误

这是我的nginx.conf 

user  root;
worker_processes  1;

events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;

    keepalive_timeout  65;

    gzip  on;

    server {
        listen       80;
        server_name  localhost;

        location / {
            root   html;
            index  index.html index.htm;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
        include /usr/local/nginx/conf/sites-enabled/*.conf;
}

这是我的nginx_host.conf 

server {
    server_name brandapi.whatiwear.com;
    access_log /var/log/nginx/brandapi_access.log;
    error_log /var/log/nginx/brandapi_error.log;
    root /home/ambassador-portal/ambassador-api/web;
    disable_symlinks off;
    autoindex on;

    location / {
            try_files $uri $uri/ /app.php$uri?$args;
    }

    location ~ \.htaccess {
            deny all;
    }


    location ~ \.php$ {
            fastcgi_split_path_info ^((?U).+\.php)(.+)$;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            fastcgi_param  PATH_INFO        $fastcgi_path_info;
            fastcgi_param  PATH_TRANSLATED  $document_root$fastcgi_path_info;
            include /usr/local/nginx/conf/fastcgi_params;
    }
}

这是我的/etc/php5/fpm/conf/www.conf 

; Start a new pool named 'www'.
[www]

listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1

user = ec2-user
group = ec2-user

pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35

slowlog = /var/log/php-fpm/www-slow.log

security.limit_extensions = .php .php3 .php4 .php5 .html .htm
php_admin_value[error_log] = /var/log/php-fpm/5.5/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M

; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/5.5/session

我已阅读对nginx和php的访问被拒绝,然后尝试到chmod,我已经尝试从所有文件禁止使用Nginx 403的解决方案这是我的结果

dr-xr-xr-x  root        root  /
drwxr-xr-x root        root  home
drwxr-xr-x ec2-user ec2-user ambassador-portal
drwxr-xr-x ec2-user ec2-user ambassador-api
drwxr-xr-x ec2-user ec2-user web

我打开自动索引只是为了查看我的根目录是否正确,奇怪的是我可以打开除PHP文件以外的所有文件

您可以在 http://brandapi.whatiwear.com/

我的网络服务器出了什么问题??

解决方案

我从nginx.conf文件中删除了这两个配置.

fastcgi_param  PATH_INFO  $fastcgi_path_info;
fastcgi_param  PATH_TRANSLATED  $document_root$fastcgi_path_info;

有效.

I am trying to configure my webserver using Nginx and php-fpm
I have successfully configured before in my local computer and dev server, but not now in AWS.
The only difference is I installed Nginx from a source in production server

It gives an error like these in my /var/log/nginx/error.log 

2014/03/11 11:09:19 [error] 11138#0: *1 FastCGI sent in stderr: "Access to the script '/home/ambassador-portal/ambassador-api/web' has been denied (see security.limit_extensions)" while reading response header from upstream, client: 202.62.16.225, server: brandapi.whatiwear.com, request: "GET /app_dev.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "brandapi.whatiwear.com", referrer: "http://brandapi.whatiwear.com/"

While the error log in php-fpm gives no error

Here is my nginx.conf 

user  root;
worker_processes  1;

events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;

    keepalive_timeout  65;

    gzip  on;

    server {
        listen       80;
        server_name  localhost;

        location / {
            root   html;
            index  index.html index.htm;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
        include /usr/local/nginx/conf/sites-enabled/*.conf;
}

Here is my nginx_host.conf 

server {
    server_name brandapi.whatiwear.com;
    access_log /var/log/nginx/brandapi_access.log;
    error_log /var/log/nginx/brandapi_error.log;
    root /home/ambassador-portal/ambassador-api/web;
    disable_symlinks off;
    autoindex on;

    location / {
            try_files $uri $uri/ /app.php$uri?$args;
    }

    location ~ \.htaccess {
            deny all;
    }


    location ~ \.php$ {
            fastcgi_split_path_info ^((?U).+\.php)(.+)$;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            fastcgi_param  PATH_INFO        $fastcgi_path_info;
            fastcgi_param  PATH_TRANSLATED  $document_root$fastcgi_path_info;
            include /usr/local/nginx/conf/fastcgi_params;
    }
}

Here is my /etc/php5/fpm/conf/www.conf 

; Start a new pool named 'www'.
[www]

listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1

user = ec2-user
group = ec2-user

pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35

slowlog = /var/log/php-fpm/www-slow.log

security.limit_extensions = .php .php3 .php4 .php5 .html .htm
php_admin_value[error_log] = /var/log/php-fpm/5.5/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M

; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/5.5/session

I've read from access denied on nginx and php and try to chmod and I've tried the solution from Nginx 403 forbidden for all files and here is my result

dr-xr-xr-x  root        root  /
drwxr-xr-x root        root  home
drwxr-xr-x ec2-user ec2-user ambassador-portal
drwxr-xr-x ec2-user ec2-user ambassador-api
drwxr-xr-x ec2-user ec2-user web

I turned the autoindex on just for seeing if my root directory is right, the weird thing is I can open all files except PHP files

You can see a live example at http://brandapi.whatiwear.com/

What is wrong with my webserver..?

解决方案

I removed these two configurations from the nginx.conf file.

fastcgi_param  PATH_INFO  $fastcgi_path_info;
fastcgi_param  PATH_TRANSLATED  $document_root$fastcgi_path_info;

It works.

这篇关于在stderr中发送的Nginx错误FastCGI:“对脚本[文件夹]的访问已被拒绝(请参阅security.limit_extensions)".的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

11-03 06:06
Powered by LMLPHP ©2024 nginx 0.008771