NGINX + PHP7 + FastCGI Not Executing PHP Files and Downloading PHP file to client

Question

The title says it all... follows are my config files.

There have to be many others looking for an updated solution to the FastCGI configuration woes.

Merci!

I enabled log_level debug for php-fpm and follows is the output.

[29-Mar-2017 09:29:45.978844] DEBUG: pid 18992, fpm_pctl_perform_idle_server_maintenance(), line 379: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1
[29-Mar-2017 09:29:46.979937] DEBUG: pid 18992, fpm_pctl_perform_idle_server_maintenance(), line 379: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1
[29-Mar-2017 09:29:47.981031] DEBUG: pid 18992, fpm_pctl_perform_idle_server_maintenance(), line 379: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1
[29-Mar-2017 09:29:48.443352] DEBUG: pid 18992, fpm_got_signal(), line 85: received SIGTERM
[29-Mar-2017 09:29:48.443381] NOTICE: pid 18992, fpm_got_signal(), line 86: Terminating ...
[29-Mar-2017 09:29:48.443404] DEBUG: pid 18992, fpm_pctl(), line 231: switching to 'terminating' state
[29-Mar-2017 09:29:48.443414] DEBUG: pid 18992, fpm_pctl_kill_all(), line 159: [pool www] sending signal 15 SIGTERM to child 18994
[29-Mar-2017 09:29:48.443421] DEBUG: pid 18992, fpm_pctl_kill_all(), line 159: [pool www] sending signal 15 SIGTERM to child 18993
[29-Mar-2017 09:29:48.443425] DEBUG: pid 18992, fpm_pctl_kill_all(), line 168: 2 child(ren) still alive
[29-Mar-2017 09:29:48.443433] DEBUG: pid 18992, fpm_event_loop(), line 419: event module triggered 1 events
[29-Mar-2017 09:29:48.443440] DEBUG: pid 18992, fpm_pctl_kill_all(), line 159: [pool www] sending signal 9 SIGKILL to child 18994
[29-Mar-2017 09:29:48.443445] DEBUG: pid 18992, fpm_pctl_kill_all(), line 159: [pool www] sending signal 9 SIGKILL to child 18993
[29-Mar-2017 09:29:48.443450] DEBUG: pid 18992, fpm_pctl_kill_all(), line 168: 2 child(ren) still alive
[29-Mar-2017 09:29:48.444010] DEBUG: pid 18992, fpm_got_signal(), line 76: received SIGCHLD
[29-Mar-2017 09:29:48.444034] DEBUG: pid 18992, fpm_children_bury(), line 252: [pool www] child 18993 exited on signal 15 (SIGTERM) after 198.667599 seconds from start
[29-Mar-2017 09:29:48.444051] DEBUG: pid 18992, fpm_children_bury(), line 252: [pool www] child 18994 exited on signal 15 (SIGTERM) after 198.667194 seconds from start
[29-Mar-2017 09:29:48.444058] NOTICE: pid 18992, fpm_pctl_exit(), line 70: exiting, bye-bye!
[29-Mar-2017 09:29:48.501376] DEBUG: pid 19048, fpm_scoreboard_init_main(), line 40: got clock tick '100'
[29-Mar-2017 09:29:48.501543] DEBUG: pid 19048, fpm_event_init_main(), line 337: event module is epoll and 1 fds have been reserved
[29-Mar-2017 09:29:48.501597] NOTICE: pid 19048, fpm_init(), line 85: fpm is running, pid 19048
[29-Mar-2017 09:29:48.502089] DEBUG: pid 19048, fpm_children_make(), line 421: [pool www] child 19049 started
[29-Mar-2017 09:29:48.502530] DEBUG: pid 19048, fpm_children_make(), line 421: [pool www] child 19050 started
[29-Mar-2017 09:29:48.502556] DEBUG: pid 19048, fpm_event_loop(), line 366: 6000 bytes have been reserved in SHM
[29-Mar-2017 09:29:48.502562] NOTICE: pid 19048, fpm_event_loop(), line 367: ready to handle connections
[29-Mar-2017 09:29:48.502614] DEBUG: pid 19048, fpm_systemd_heartbeat(), line 68: have notify start to systemd
[29-Mar-2017 09:29:48.502631] NOTICE: pid 19048, fpm_systemd_heartbeat(), line 75: systemd monitor interval set to 10000ms
[29-Mar-2017 09:29:49.503709] DEBUG: pid 19048, fpm_pctl_perform_idle_server_maintenance(), line 379: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1
[29-Mar-2017 09:29:50.504808] DEBUG: pid 19048, fpm_pctl_perform_idle_server_maintenance(), line 379: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1
[29-Mar-2017 09:29:51.505900] DEBUG: pid 19048, fpm_pctl_perform_idle_server_maintenance(), line 379: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1
[29-Mar-2017 09:29:52.506994] DEBUG: pid 19048, fpm_pctl_perform_idle_server_maintenance(), line 379: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1
[29-Mar-2017 09:29:53.508089] DEBUG: pid 19048, fpm_pctl_perform_idle_server_maintenance(), line 379: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1
[29-Mar-2017 09:29:54.509183] DEBUG: pid 19048, fpm_pctl_perform_idle_server_maintenance(), line 379: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1

curl -i http://ipaddress

HTTP/1.1 200 OK
Server: nginx/1.10.2
Date: Tue, 28 Mar 2017 21:18:20 GMT
Content-Type: application/octet-stream
Content-Length: 1780
Last-Modified: Thu, 15 Dec 2016 15:20:08 GMT
Connection: keep-alive
ETag: "5852b4a8-6f4"
Accept-Ranges: bytes

nginx/php-fpm generated no errors in logs

nginx access log generated the following.

192.88.135.5 - - [28/Mar/2017:13:18:38 -0400] "GET / HTTP/1.1" 200 1780 "-""Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 OPR/43.0.2442.1144"

The files that show in the .sock path are:

-rw-r--r--. 1 root  root  5 Mar 28 18:45 php-fpm.pid
srw-rw-rw-. 1 nginx nginx 0 Mar 28 18:45 website.com.sock

nginx version: nginx/1.10.2 PHP 7.0.16 (fpm-fcgi) (built: Feb 18 2017 10:26:54)

nginx.conf

user  nginx nginx;
worker_processes  4;

error_log  /var/log/nginx/error.log;
error_log  /var/log/nginx/error.log  notice;
error_log  /var/log/nginx/error.log  info;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
     keepalive_timeout  65;

    upstream php {
    server unix:/var/run/php-fpm/website.com.sock;
    }

    server {
    include /etc/nginx/conf.d/default.conf;
    include /etc/nginx/sites-available/*.conf;
    }
}

default.conf

include /etc/nginx/security;
#expires max;

#Uploads configuration
client_max_body_size 32m;

site-available/site.conf

listen [::]:80;
server_name *.website.com;
root /some/directory/website/;

access_log  /var/log/nginx/www.access.log;
error_log  /var/log/nginx/www.error.log notice;

#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;

#Index targets
index index.php index.html index.htm;

location / {

    # redirect admin/auth
    #rewrite ^/(admin|auth)(.*) https://$host$request_uri?;

    # try_files $uri =404;
    # #fastcgi_split_path_info ^(.+\.php)(/.+)$;
    try_files $uri $uri/ /index.php$is_args$args;

}

# if the file being requested ends in ".php", it's something
#    that PHP-FPM should process, so hand it to upstream server

location ~ \.php$ {
    fastcgi_pass php;
}

php-fpm/www.conf

; Start a new pool named 'www'.
[www]

ping./var/run/php-fpm/website.com.sock = /ping
listen = /var/run/php-fpm/website.com.sock;
pm = dynamic
pm.status_/var/run/php-fpm/website.com.sock = /status

user = nginx
group = nginx

listen.owner = nginx
listen.group = nginx
listen.mode = 0666

pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

fastcgi.conf

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

#  To use NGINX + Virtual Host + PHP you should ommit the SCRIPT_NAME     variable in order for 
#   PHP to choose the correct DOCUMENT_ROOT.
#fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
#

fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REQUEST_SCHEME     $scheme;
fastcgi_param  HTTPS              $https if_not_empty;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

Thanks for providing all config files, very helpful. Can you please show a curl with response headers (curl -i) or similar, plus the matching nginx access log, nginx error log, and PHP logs? Also an "ls -l" of the directory your PHP socket is pointing at. — Tim, Mar 28 '17 at 20:27
I asked you for four pieces of information. Please edit your question to include them, formatted properly, it's difficult to read logs in comments. Please also expand your question to include all relevant information about the environment - I see you have something called "Sucuri/Cloudproxy" which could potentially be relevant. Don't go via a proxy during testing. — Tim, Mar 28 '17 at 21:08
I moved up into the question body; my apology. I also replaced the curl request with the header from the ip request. This problem isn't unique to the firewall, but I did test that as well as run a complete reboot of the server. — Gus Quelle, Mar 28 '17 at 21:21
Please better explain your problem at the top of the question, and you should add additional detailed information at the bottom of your question when editing. You haven't provided "ls -l /var/run/php-fpm/". Problem is that PHP isn't executing, could be permissions, could be wrong directories specified, could be PHP incorrectly configured. — Tim, Mar 28 '17 at 21:28
"ls -pipe" = ls -| and that was the response I got from the command. that path redirects to /run/php-fpm and contains one pid and .sock. I will add those two to the question body. — Gus Quelle, Mar 28 '17 at 21:39
I'm looking for the sock file permissions. I'm not particularly willing to help if you can't make sure the information you provided is accurate, ie the config files you supplied match the server that has the problem. — Tim, Mar 28 '17 at 21:48
Permissions on the sock file are 770. Yea, if I was perfect, I wouldn't be asking for help because I would never need help. Unfortunately for me, I am not perfect and require help from time to time. As mentioned earlier, merci and my apology! — Gus Quelle, Mar 28 '17 at 21:55
I don't just want the number, I want to see group and owner and whether that matches the PHP configuration. Please provide the information requested as an edit to the question, not just parts of it in comments. — Tim, Mar 28 '17 at 22:02
The likely answer is in your latest edit and my last comment. You still haven't provided the information requested, you've provided what you think I need, which is not what I need. Voting to close because you seem to be trying to make this difficult. — Tim, Mar 28 '17 at 22:21
I now see/understand that you were asking for "L" instead of "Pipe" and have updated. What I don't understand upon noticing this is "why" it is being assigned user:root and group: root when the www.conf file assigns otherwise. That's what I need help understanding. thanks! — Gus Quelle, Mar 28 '17 at 22:26
Try moving the inclusion of FastCGI parameters to the top of `location \.php$` block. If that doesn't help, you need to enable PHP-FPM logging and see if it receives the request in the first place. — Tero Kilkanen, Mar 29 '17 at 05:50

Tim · Answer 1 · 2017-03-28T23:31:24.230

0

Your PHP socket has permissions of root:root and 644. Nginx is running as nginx. It's likely that PHP can't access the socket to run PHP, as Nginx won't be a member of the root group.

I would change permissions of the socket. This is one way, but you might decide to do it differently based on the multitude of tutorials that no doubt exist online and can be found via Google.

chown nginx:nginx /var/run/php-fpm/website.sock

NB: old answer was regarding socket path, but this didn't turn out to be the answer as the question was inaccurate.

edited Mar 28 '17 at 23:31

answered Mar 28 '17 at 21:30

Tim

31,888
7
52
78

thanks for looking and spotting that, I verified that the live files match, so that's not the problem. – Gus Quelle Mar 28 '17 at 21:38
I uncommented the listen.owner and listen.group which assigned the socket to nginx with permission 0666. I restarted nginx/php-fpm and rebooted the server with the same outcome: file download instead of read. – Gus Quelle Mar 29 '17 at 00:12
Darn. Look more in your various logs, see if you can spot anything. Hopefully someone else can help, otherwise you may have to hire a consultant. It's probably something really simple, once you spot it. – Tim Mar 29 '17 at 00:27

score 0 · Answer 2 · answered Mar 29 '17 at 16:29

0

The problem turned out to be PHP 5.4.16 was installed on server as opposed to PHP7.1 on local instance. The application requires PHP 5.5+ to successfully run requests through kernel. This is why I was not generating any errors for NGINX with my configuration. I discovered the solution by installing and configuring Apache as the server instead of NGINX only to receive the white screen on client. Thanks for all comments and eyeballs contributed!

answered Mar 29 '17 at 16:29

Gus Quelle

11
1
3

Good to hear you solved it. That's two things in your question that were incorrect. Please ensure that if you ask for help again you ensure you properly describe the environment and the problem. – Tim Mar 29 '17 at 18:00

NGINX + PHP7 + FastCGI Not Executing PHP Files and Downloading PHP file to client

2 Answers2