I am trying to configure my webserver using Nginx and php-fpm
I have successfully configured before in my local computer and dev server, but not now in AWS.
The only difference is I installed Nginx from a source in production server
It gives an error like these in my /var/log/nginx/error.log
2014/03/11 11:09:19 [error] 11138#0: *1 FastCGI sent in stderr: "Access to the script '/home/ambassador-portal/ambassador-api/web' has been denied (see security.limit_extensions)" while reading response header from upstream, client: 202.62.16.225, server: brandapi.whatiwear.com, request: "GET /app_dev.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "brandapi.whatiwear.com", referrer: "http://brandapi.whatiwear.com/"
While the error log in php-fpm gives no error
Here is my nginx.conf
user root;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip on;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
include /usr/local/nginx/conf/sites-enabled/*.conf;
}
Here is my nginx_host.conf
server {
server_name brandapi.whatiwear.com;
access_log /var/log/nginx/brandapi_access.log;
error_log /var/log/nginx/brandapi_error.log;
root /home/ambassador-portal/ambassador-api/web;
disable_symlinks off;
autoindex on;
location / {
try_files $uri $uri/ /app.php$uri?$args;
}
location ~ \.htaccess {
deny all;
}
location ~ \.php$ {
fastcgi_split_path_info ^((?U).+\.php)(.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include /usr/local/nginx/conf/fastcgi_params;
}
}
Here is my /etc/php5/fpm/conf/www.conf
; Start a new pool named 'www'.
[www]
listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1
user = ec2-user
group = ec2-user
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
security.limit_extensions = .php .php3 .php4 .php5 .html .htm
php_admin_value[error_log] = /var/log/php-fpm/5.5/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M
; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/5.5/session
I've read from access denied on nginx and php and try to chmod and I've tried the solution from Nginx 403 forbidden for all files and here is my result
dr-xr-xr-x root root /
drwxr-xr-x root root home
drwxr-xr-x ec2-user ec2-user ambassador-portal
drwxr-xr-x ec2-user ec2-user ambassador-api
drwxr-xr-x ec2-user ec2-user web
I turned the autoindex on just for seeing if my root directory is right, the weird thing is I can open all files except PHP files
You can see a live example at http://brandapi.whatiwear.com/
What is wrong with my webserver..?
