nginx - cURL retrieves PHP files but accessing via web browser gives source code

Question

I'm having some trouble with nginx. I setup nginx on a Raspberry Pi B+ (Raspbian Jessie) and PHP with FastCGI. When I try using cURL to retrieve pages, it returns the PHP-generated HTML.

nginx server block that serves fastcgi requests

server {
    listen 80 default_server;
    listen [::]:80 ipv6only=on default_server;

    # SSL configuration
    #
    # listen 443 ssl default_server;
    # listen [::]:443 ssl default_server;
    #
    # Self signed certs generated by the ssl-cert package
    # Don't use them in a production server!
    #
    # include snippets/snakeoil.conf;

    root /usr/share/nginx/html;

    # Add index.php to the list if you are using PHP
    index index.php index.html index.htm index.nginx-debian.html;

    server_name _;

    location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            try_files $uri $uri/ =404;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
    #       include snippets/fastcgi-php.conf;
            include fastcgi_params;
            try_files $uri =404;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;

    #
    #       # With php5-cgi alone:
    #       fastcgi_pass 127.0.0.1:9000;
            # With php5-fpm:
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

    }


    # deny access to .htaccess files, if Apache's document root
    #oncurs with nginx's one
    #
    #location ~ /\.ht {
    #       deny all;
    #}
}

PHP FILE

<?php
echo "PHP Test";
?>

Browser Response: Either downloads it (chrome) or displays it as source code (other browsers)

cURL:

• Hostname was NOT found in DNS cache
• Trying ::1...
• Connected to localhost (::1) port 80 (#0)

  GET /test_2.php HTTP/1.1 User-Agent: curl/7.38.0 Host: localhost Accept: /

  < HTTP/1.1 200 OK

• Server nginx is not blacklisted < Server: nginx < Date: Fri, 12 May 2017 04:21:20 GMT < Content-Type: text/html; charset=UTF-8 < Transfer-Encoding: chunked < Connection: keep-alive < PHP Test
• Connection #0 to host localhost left intact

nginx access.log

::1 - - [12/May/2017:12:21:20 +0800] "GET /test_2.php HTTP/1.1" 20019 "-" "curl/7.38.0"
192.168.0.132 - - [12/May/2017:12:26:28 +0800] "GET /test_2.php HTTP/1.1" 200 28 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393"

nginx error.log

2017/05/12 11:50:41 [error] 21715#0: *64 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.0.132, server: ~., request: "GET /favicon.ico HTTP/1.1", host: "192.168.0.113"
2017/05/12 11:53:02 [error] 21715#0: *66 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.0.132, server: ~., request: "GET /favicon.ico HTTP/1.1", host: "192.168.0.113"
2017/05/12 11:54:18 [notice] 21737#0: signal process started
2017/05/12 11:54:22 [notice] 21747#0: signal process started

EDIT: After Tim's comment below, I ran curl forcing IPv4 and it indeed returned the source code.

Answer 1

I think I know why this is so. My second server block which is resolving all names with the RegEx ~. is set to listen on port 80 which is IPv4, and it has no CGI handler. However, the default server block is set to listen on port 80 for IPv6. Since nginx fallbacks to the default server only after testing the other servers, the proxy server block has nothing to handle PHP, so it returns it as source code. On IPv6, nginx cannot use the proxy server block to handle the request, so it passes it to the default server which runs the FastCGI server, thus it can return the phpinfo().

Solution

I should put the location /git/ proxy pass block in the default server block.