我正在尝试使用Nginx和php-fpm配置我的web服务器
我以前在我的本地计算机和开发服务器上成功配置过,但现在在AWS上没有。
唯一的区别是我从生产服务器的源代码中安装了Nginx
在我的/var/log/nginx/error.log
中给出如下错误2014/03/11 11:09:19 [error] 11138#0: *1 FastCGI sent in stderr: "Access to the script '/home/ambassador-portal/ambassador-api/web' has been denied (see security.limit_extensions)" while reading response header from upstream, client: 202.62.16.225, server: brandapi.whatiwear.com, request: "GET /app_dev.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "brandapi.whatiwear.com", referrer: "http://brandapi.whatiwear.com/"
而php-fpm的错误日志没有错误
这是我的nginx.conf
user root;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip on;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
include /usr/local/nginx/conf/sites-enabled/*.conf;
}
这里是我的nginx_host.conf
server {
server_name brandapi.whatiwear.com;
access_log /var/log/nginx/brandapi_access.log;
error_log /var/log/nginx/brandapi_error.log;
root /home/ambassador-portal/ambassador-api/web;
disable_symlinks off;
autoindex on;
location / {
try_files $uri $uri/ /app.php$uri?$args;
}
location ~ '.htaccess {
deny all;
}
location ~ '.php$ {
fastcgi_split_path_info ^((?U).+'.php)(.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include /usr/local/nginx/conf/fastcgi_params;
}
}
我的/etc/php5/fpm/conf/www.conf
; Start a new pool named 'www'.
[www]
listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1
user = ec2-user
group = ec2-user
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
security.limit_extensions = .php .php3 .php4 .php5 .html .htm
php_admin_value[error_log] = /var/log/php-fpm/5.5/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M
; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/5.5/session
我已经从nginx和php上拒绝访问并尝试chmod,我已经尝试了nginx 403禁止所有文件的解决方案,这是我的结果
dr-xr-xr-x root root /
drwxr-xr-x root root home
drwxr-xr-x ec2-user ec2-user ambassador-portal
drwxr-xr-x ec2-user ec2-user ambassador-api
drwxr-xr-x ec2-user ec2-user web
我打开了自动索引看看根目录是否正确,奇怪的是我可以打开所有文件,除了PHP文件
您可以在http://brandapi.whatiwear.com/
看到一个实时示例我的web服务器有什么问题…?
我从nginx.conf
文件中删除了这两个配置。
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
。
问题就在这一行(在你的/etc/php5/fpm/conf/www.conf)
security.limit_extensions = .php .php3 .php4 .php5 .html .htm
在.htm
之后加上扩展名.pl
欢呼。