Using nginx web server and php. nginx is working, I see 'Welcome to nginx!' but I get 'access denied' when trying to access a php page. I also installed php-fastcgi.
Here is my nginx default conf:
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /usr/share/nginx/html;
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php5-fpm.sock;
include fastcgi_params;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
I activited security.limit_extensions = .php .php3 .php4 .php5 .html
and listen = /var/run/php5-fpm.sock
in /etc/php-fpm.d/www.conf and cgi.fix_pathinfo = 0
in /etc/php5/fpm/php.ini
I restarted nginx and php5-fpm.
Thanks for helping.
Do like this where you have your secondary location
location / {
try_files $uri $uri/ =404;
root /path/to/your/www;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
These 2 parameters are the magic sauce:
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
I know some possible scenarios when nginx and php cannot access files:
Most likely php-fpm
process is run by user that does not have read permission on corresponding .php files.
This gives plain error Access denied.
nginx
process does not have read and traverse permissions on root
directory containing the sites files.
This gives 403 Forbidden
error.
php-fpm
process cannot traverse the absolute path to root
directory.
This gives File not found
error.
Since author mentions, that problem appears only when accessing php files, I would say that first scenario applies here.
I believe the case is that nginx
is run as one user and php-fpm
as another, only the php-fpm
user has been forgotten to give read access.
Please check your fastcgi_params file and change it accordingly to this post
https://askubuntu.com/questions/164627/nginx-php-fpm-access-denied-error
I solved my problem by using the above method.
In the event that you are trying to use NGINX to parse HTML as PHP and you are getting an Access denied
error, you need to change a PHP configuration setting.
On Ubuntu 16, the file you need to update is in /etc/php/7.0/fpm/pool.d/www.conf
.
Go to the line where it says ;security.limit_extensions = .php .php3 .php4 .php5 .php7
Replace that with this security.limit_extensions = .php .html
. Notice that the leading semi-colon has been removed.
Then restart PHP sudo systemctl restart php7.0-fpm
. The issue should be fixed.
For more information please see this more detailed guide: Fix "access denied" error when parsing HTML as PHP with Nginx