0

I am starting to try nginx. To begin i would like to install phpmyadmin, i think it a good exercise.

** Information

  • my server uses ubuntu 14.04
  • my server has got an IPv6 only
  • the url to access to phpmyadmin will be : phpmyadmin.soapoperator.com

***Configuration:

Public html folder:

root@server01:/usr/share/nginx/html# ls -l
total 12
-rw-r--r-- 1 root root 537 Mar 4 2014 50x.html
-rw-r--r-- 1 root root 612 Mar 4 2014 index.html
-rw-r--r-- 1 root root 20 Jan 1 13:21 info.php
lrwxrwxrwx 1 root root 21 Dec 31 18:41 phpmyadmin -> /usr/share/phpmyadmin

Config into sites available:

root@server01:/etc/nginx/sites-available# ls -l
total 8
-rw-r--r-- 1 root root 833 Jan 1 14:19 phpmyadmin.soapoperator.com
-rw-r--r-- 1 root root 2603 Jan 1 13:35 default

Config for the host

server {
listen 80;
#listen [::]:80 ipv6only=on;
server_name phpmyadmin.soapoperator.com;

root /usr/share/nginx/html/phpmyadmin;
index index.php index.html index.htm;

# allow
#allow 82.230.xx.x;
#allow 2a01:e35:2e65:3070:xxx:xxx:c95c:69a;
# drop rest of the world
#deny all;

# Logs
access_log /var/log/phpmyadmin.access_log;
error_log /var/log/phpmyadmin.error_log;

# Default location settings
location / {
charset utf-8;
client_max_body_size 20M;
}

location ~* \.php$ {
# Prevent Zero-day exploit
try_files $uri =404;
# Pass the PHP scripts to FastCGI server
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
fastcgi_param HTTPS off;
}
}

I enabled the site:

root@server01:/etc/nginx/sites-enabled# ls -l
total 0
lrwxrwxrwx 1 root root 46 Jan 1 13:54 phpmyadmin.soapoperator.com -> /etc/nginx/sites-available/phpmyadmin.soapoperator.com
lrwxrwxrwx 1 root root 34 Dec 31 14:28 default -> /etc/nginx/sites-available/default

Unfortunately when i visit the phpmyadmin url, i arrive on the nginx welcome page. So i guess the vhost is not well configured. But why?

I wondering if it was not an issue due to the ipv6 configuration. I try to add to the host configuration:

listen [::]:80 ipv6only=on;

But i get an error:

2016/01/02 11:48:45 [emerg] 12636#0: duplicate listen options for [::]:80 in /etc/nginx/sites-enabled/default:22

Or a php issue because when i try to visit http://[my_ip]/info.php, the file is serving as download instead of excecuting.

Thank you in advance for any help. jb

[[edit]]

nginx.conf

user www-data;
worker_processes 4;
pid /run/nginx.pid;

events {
        worker_connections 768;
        # multi_accept on;
}

http {

        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        server_tokens off;

        # server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        ##
        # Gzip Settings
        ##

        gzip on;
        gzip_disable "msie6";

        # gzip_vary on;
        # gzip_proxied any;
        # gzip_comp_level 6;
        # gzip_buffers 16 8k;
        # gzip_http_version 1.1;
        # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

        ##
        # nginx-naxsi config
        ##
        # Uncomment it if you installed nginx-naxsi
        ##

        #include /etc/nginx/naxsi_core.rules;

        ##
        # nginx-passenger config
        ##
        # Uncomment it if you installed nginx-passenger
        ##

        #passenger_root /usr;
        #passenger_ruby /usr/bin/ruby;

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;

        ##
        # Special for 502 error
        ##

        fastcgi_buffers 8 16k;
        fastcgi_buffer_size 32k;
        fastcgi_connect_timeout 300;
        fastcgi_send_timeout 300;
        fastcgi_read_timeout 300;

        ##
        # Access control
        ##

        include blockips.conf;

}
jbo
  • 129
  • 3
  • 14
  • if I see correctly your default location (location /) is missing a try_files. Something like *try_files $uri $uri/ /index.php;* Also have you tried disabling the default configuration? If it has a "default server" on the listened port it may suck all of your traffic... – LucaApo Jan 02 '16 at 21:36
  • i have try what you suggest. But it doesn't seem to solve the issue. – jbo Jan 08 '16 at 22:31
  • What is in your nginx.conf? How did you installed nginx? – LucaApo Jan 08 '16 at 22:36
  • I install nginx with this kind of tuto http://www.sitepoint.com/setting-up-php-behind-nginx-with-fastcgi/. Finally, the issue is solved. – jbo Jan 08 '16 at 22:44

1 Answers1

1

Finally i solve the problem with editing /etc/php5/fpm/php.ini and make sure cgi.fix_pathinfo is set to 0. On another hand i put listen = /var/run/php5-fpm.sock inside /etc/php5/fpm/pool.d/www.conf

I am not sure which modification really solve the issue.

My research: http://www.sitepoint.com/setting-up-php-behind-nginx-with-fastcgi/ , Nginx serves .php files as downloads, instead of executing them

To conclude, my vhost works as that:

server {
        listen 80;
        listen [::]:80;
        server_name phpmyadmin.soapoperator.com;
        server_name_in_redirect off;

        root /usr/share/nginx/html/phpmyadmin;
        index index.php index.html index.htm;

        # allow
        allow   82.230.xx.x;
        allow   2a01:e35:xxxx:xxxx::/xx;
        # drop rest of the world
        deny    all;

        # Logs
        access_log /var/log/phpmyadmin.access_log;
        error_log /var/log/phpmyadmin.error_log;

        # Default location settings
        location / {
                try_files $uri $uri/ /index.php?$args;
                charset utf-8;
                client_max_body_size 20M;
        }

        # Images and static content is treated different
        location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml)$ {
                access_log        off;
                expires           360d;
        }

        # Deny access to .htaccess files, if Apache's document root
        location ~ /\.ht {
                deny  all;
        }

        location ~ /(libraries|setup/frames|setup/libs) {
                deny all;
                return 404;
        }

        # Pass the PHP scripts to FastCGI server
        location ~* \.php$ {
                # Prevent Zero-day exploit
                try_files $uri =404;
                #
                fastcgi_split_path_info ^(.+?\.php)(/.*)$;
                if (!-f $document_root$fastcgi_script_name) {
                        return 404;
                }
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include /etc/nginx/fastcgi_params;
                fastcgi_param HTTPS off;
        }

        # Redirect server error pages to the static page
        error_page   403  /403.html;
        error_page 404 /404.html;
        error_page   500 502 503 504  /50x.html;

        # Exclude favicon from the logs to avoid bloating when it's not available
        location /favicon.ico {
                log_not_found   off;
                access_log      off;
        }

}
Community
  • 1
  • 1
jbo
  • 129
  • 3
  • 14