[求助] 想在路由上加一个网站,安装 PHP 后出现 403

2014-12-03 23:48:55 +08:00
 MATTHEW728960
极贰上自带Nginx,只需安装PHP,安装后却出现:
进入http://192.168.177.1:8000/index.html会自动转到login_web.html;
其它html和php文件都显示403;
但把某个html文件改名为login_web.html就能显示里面的内容。

[不知道是PHP配置错误,还是Nginx。(想在不丢失路由登陆界面下,新加一个网站)]
[希望有人能帮帮忙,不能解决也感谢你的看了!谢谢!]
[nginx.conf]


user nobody nogroup;
worker_rlimit_nofile 4096;
worker_processes 1;

error_log /tmp/data/www/log/nginx/error.log;
pid /var/run/nginx.pid;

events {
worker_connections 4096;
use epoll;
multi_accept on;
}

http {
server_tokens off;
include mime.types;
default_type application/octet-stream;

access_log off;

sendfile on;
tcp_nopush on;
tcp_nodelay on;

fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;

keepalive_timeout 20;
send_timeout 30;

gzip on;

client_header_buffer_size 8k;
client_max_body_size 8m;
large_client_header_buffers 4 4k;
client_body_buffers 16 4k;
client_body_postpone_size 32k;
ignore_invalid_headers off;

server_names_hash_bucket_size 128;
map_hash_bucket_size 128;

proxy_request_buffering off;
fastcgi_request_buffering off;

proxy_pass_header Date;
proxy_pass_header Server;

lua_package_path '/etc/nginx/?.lua;;';
lua_shared_dict tw_vars 256k;

init_by_lua '
local tw_vars = ngx.shared.tw_vars
local arp = require("arp")
local line = ""

local file = io.open("/etc/nginx/switch")

if file ~= nil then
for line in file:lines() do
local tw_var = arp.split(line, ":")

if #tw_var > 1 and tw_var[1] ~= nil and tw_var[1] ~= "" then
tw_vars:set(tw_var[1], tw_var[2])
end
end

io.close(file)
end

file = io.open("/etc/agreement")

if file ~= nil then
for line in file:lines() do
local tw_var = arp.split(line, ":")

if #tw_var > 1 and tw_var[1] ~= nil and tw_var[1] ~= "" then
tw_vars:set("AGREEMENT_" .. tw_var[1], tw_var[2])
end
end

io.close(file)
end
';

map $http_upgrade $connection_header {
default "";
"~*Upgrade$" upgrade;
"~*close$" close;

}

include dict.*.conf;
include logformat.*.conf;
include upstream.*.conf;
include map.*.conf;
include vh.*.conf;
include wordpress.conf;
}

[wordpress.conf]
server {
listen 8000;
server_name localhost;
root /tmp/storage/mmcblk0p2/www;
index index.html index.htm index.php default.php;
error_page 500 502 503 504 /50x.html;


location = /50x.html {
root html;
}

location ~\.php$ {
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/var/run/fcgi-cgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /tmp/storage/mmcblk0p2/www/$fastcgi_script_name;
include /etc/nginx/fastcgi_params_wp;
}



}

[fastcgi_params_wp]
if ( $request_filename ~* (.*)\.php ) {
set $php_url $1;
}
if (!-e $php_url.php) {
return 403;
}

fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;

fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME /tmp/storage/mmcblk0p2/www/$fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;

fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;

fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;

[php.ini]
[PHP]

zend.ze1_compatibility_mode = Off

; Language Options

engine = On
short_open_tag = On
precision = 12
y2k_compliance = On
output_buffering = Off
;output_handler =
zlib.output_compression = Off
;zlib.output_compression_level = -1
;zlib.output_handler =
implicit_flush = Off
unserialize_callback_func =
serialize_precision = 100

;open_basedir =
disable_functions =
disable_classes =

; Colors for Syntax Highlighting mode. Anything that's acceptable in
; <span style="color: ???????"> would work.
;highlight.string = #DD0000
;highlight.comment = #FF9900
;highlight.keyword = #007700
;highlight.bg = #FFFFFF
;highlight.default = #0000BB
;highlight.html = #000000

;ignore_user_abort = On
;realpath_cache_size = 16k
;realpath_cache_ttl = 120

; Miscellaneous

expose_php = On

; Resource Limits

max_execution_time = 30 ; Maximum execution time of each script, in seconds.
max_input_time = 60 ; Maximum amount of time each script may spend parsing request data.
;max_input_nesting_level = 64
memory_limit = 8M ; Maximum amount of memory a script may consume.

; Error handling and logging

; Error Level Constants:
; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0)
; E_ERROR - fatal run-time errors
; E_RECOVERABLE_ERROR - almost fatal run-time errors
; E_WARNING - run-time warnings (non-fatal errors)
; E_PARSE - compile-time parse errors
; E_NOTICE - run-time notices (these are warnings which often result
; from a bug in your code, but it's possible that it was
; intentional (e.g., using an uninitialized variable and
; relying on the fact it's automatically initialized to an
; empty string)
; E_STRICT - run-time notices, enable to have PHP suggest changes
; to your code which will ensure the best interoperability
; and forward compatibility of your code
; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
; initial startup
; E_COMPILE_ERROR - fatal compile-time errors
; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
; E_USER_ERROR - user-generated error message
; E_USER_WARNING - user-generated warning message
; E_USER_NOTICE - user-generated notice message
; E_DEPRECATED - warn about code that will not work in future versions
; of PHP
; E_USER_DEPRECATED - user-generated deprecation warnings
;
; Common Values:
; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.)
; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices)
; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors)
; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.)
; Default Value: E_ALL & ~E_NOTICE
error_reporting = E_ALL & ~E_NOTICE & ~E_STRICT

display_errors = On
display_startup_errors = Off
log_errors = Off
log_errors_max_len = 1024
ignore_repeated_errors = Off
ignore_repeated_source = Off
report_memleaks = On
;report_zend_debug = 0
track_errors = Off
;html_errors = Off
;docref_root = "/phpmanual/"
;docref_ext = .html
;error_prepend_string = "<font color=#ff0000>"
;error_append_string = "</font>"
; Log errors to specified file.
;error_log = /var/log/php_errors.log
; Log errors to syslog.
;error_log = syslog

; Data Handling

;arg_separator.output = "&amp;"
;arg_separator.input = ";&"
variables_order = "EGPCS"
request_order = "GP"
register_globals = Off
register_long_arrays = Off
register_argc_argv = On
auto_globals_jit = On
post_max_size = 8M
;magic_quotes_gpc = Off
magic_quotes_runtime = Off
magic_quotes_sybase = Off
auto_prepend_file =
auto_append_file =
default_mimetype = "text/html"
;default_charset = "iso-8859-1"
;always_populate_raw_post_data = On

; Paths and Directories

; UNIX: "/path1:/path2"
;include_path = ".:/php/includes"
doc_root = "/tmp/storage/mmcblk0p2/www/"
user_dir =
extension_dir = "/usr/lib/php"
enable_dl = On
;cgi.force_redirect = 1
;cgi.nph = 1
;cgi.redirect_status_env = ;
cgi.fix_pathinfo=1
;fastcgi.impersonate = 1;
;fastcgi.logging = 0
;cgi.rfc2616_headers = 0

; File Uploads

file_uploads = On
upload_tmp_dir = "/tmp"
upload_max_filesize = 2M
max_file_uploads = 20

; Fopen wrappers

allow_url_fopen = On
allow_url_include = Off
;from="john@doe.com"
;user_agent="PHP"
default_socket_timeout = 60
;auto_detect_line_endings = Off

; Dynamic Extensions

extension=ctype.so
extension=curl.so
;extension=dom.so
;extension=exif.so
;extension=ftp.so
extension=gd.so
;extension=gmp.so
;extension=hash.so
;extension=iconv.so
extension=json.so
;extension=ldap.so
extension=mbstring.so
extension=mcrypt.so
extension=mysql.so
;extension=openssl.so
;extension=pcre.so
extension=pdo.so
extension=pdo-mysql.so
;extension=pdo-pgsql.so
;extension=pdo_sqlite.so
;extension=pgsql.so
extension=session.so
;extension=soap.so
extension=sockets.so
;extension=sqlite.so
;extension=sqlite3.so
extension=tokenizer.so
extension=xml.so
;extension=xmlreader.so
;extension=xmlwriter.so

; Module Settings

[APC]
apc.enabled = 1
apc.shm_segments = 1 ;The number of shared memory segments to allocate for the compiler cache.
apc.shm_size = 4M ;The size of each shared memory segment.

[Date]
date.timezone = Asia/Hong_Kong
;date.default_latitude = 31.7667
;date.default_longitude = 35.2333
;date.sunrise_zenith = 90.583333
;date.sunset_zenith = 90.583333

[filter]
;filter.default = unsafe_raw
;filter.default_flags =

[iconv]
;iconv.input_encoding = ISO-8859-1
;iconv.internal_encoding = ISO-8859-1
;iconv.output_encoding = ISO-8859-1

[sqlite]
;sqlite.assoc_case = 0

[sqlite3]
;sqlite3.extension_dir =

[Pdo_mysql]
pdo_mysql.cache_size = 2000
pdo_mysql.default_socket=

[MySQL]
mysql.allow_local_infile = On
mysql.allow_persistent = On
mysql.cache_size = 2000
mysql.max_persistent = -1
mysql.max_links = -1
mysql.default_port =
mysql.default_socket = /var/run/mysqld.sock
mysql.default_host =
mysql.default_user =
mysql.default_password =
mysql.connect_timeout = 60
mysql.trace_mode = Off

[PostgresSQL]
pgsql.allow_persistent = On
pgsql.auto_reset_persistent = Off
pgsql.max_persistent = -1
pgsql.max_links = -1
pgsql.ignore_notice = 0
pgsql.log_notice = 0

[Session]
session.save_handler = files
session.save_path = "/tmp"
session.use_cookies = 1
;session.cookie_secure =
session.use_only_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.cookie_httponly =
session.serialize_handler = php
session.gc_probability = 1
session.gc_divisor = 100
session.gc_maxlifetime = 1440
session.bug_compat_42 = On
session.bug_compat_warn = On
session.referer_check =
session.entropy_length = 0
;session.entropy_file = /dev/urandom
session.entropy_file =
;session.entropy_length = 16
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 0
session.hash_function = 0
session.hash_bits_per_character = 4
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset="

[mbstring]
;mbstring.language = Japanese
;mbstring.internal_encoding = EUC-JP
;mbstring.http_input = auto
;mbstring.http_output = SJIS
;mbstring.encoding_translation = Off
;mbstring.detect_order = auto
;mbstring.substitute_character = none;
;mbstring.func_overload = 0
;mbstring.strict_detection = Off
;mbstring.http_output_conv_mimetype=
;mbstring.script_encoding=

[gd]
;gd.jpeg_ignore_warning = 0

[exif]
;exif.encode_unicode = ISO-8859-15
;exif.decode_unicode_motorola = UCS-2BE
;exif.decode_unicode_intel = UCS-2LE
;exif.encode_jis =
;exif.decode_jis_motorola = JIS
;exif.decode_jis_intel = JIS

[soap]
soap.wsdl_cache_enabled=1
soap.wsdl_cache_dir="/tmp"
soap.wsdl_cache_ttl=86400
soap.wsdl_cache_limit = 5

[sysvshm]
;sysvshm.init_mem = 10000

[ldap]
ldap.max_links = -1

[mcrypt]
;mcrypt.algorithms_dir=
;mcrypt.modes_dir=
4661 次点击
所在节点    PHP
7 条回复
MATTHEW728960
2014-12-03 23:51:18 +08:00
错误log:

2014/12/02 18:34:24 [error] 4280#0: *469 FastCGI sent in stderr: "fcgi-cgi.c:359: couldn't execve '/tmp/storage/mmcblk0p2/www//d.php': Permission denied" while reading response header from upstream, client: 192.168.177.190, server: localhost, request: "GET /d.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/fcgi-cgi.sock:", host: "192.168.177.1:8000"
2014/12/02 18:34:24 [error] 4280#0: *469 upstream prematurely closed FastCGI stdout while reading response header from upstream, client: 192.168.177.190, server: localhost, request: "GET /d.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/fcgi-cgi.sock:", host: "192.168.177.1:8000"
2014/12/02 18:34:24 [error] 4280#0: *469 open() "/usr/html/50x.html" failed (2: No such file or directory), client: 192.168.177.190, server: localhost, request: "GET /d.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/fcgi-cgi.sock", host: "192.168.177.1:8000"
extreme
2014-12-04 00:50:04 +08:00
@MATTHEW728960 应该是权限问题,nouser应该要有对对应PHP所监听的sock文件的读写权限,以及对网站文件的读取权限,PHP的用户也需要有对网站文件的读取权限。
如果对安全要求不高,一般执行:
chmod -R 755 网站根目录
可解决。
PHP要更改对应的pool配置文件,更改sock文件的权限。
MATTHEW728960
2014-12-05 08:53:43 +08:00
@extreme 现在html文件能读取了,但php还是403 Forbidden。
sock文件的权限已改为777,php配置要怎么改呢?谢谢
extreme
2014-12-05 13:18:25 +08:00
@MATTHEW728960 你用的是PHP FPM吧?你自己看看你的pool配置文件放在哪。
MATTHEW728960
2014-12-05 14:19:37 +08:00
@extreme 有一个/etc/config/php5-fastcgi :
config php5-fastcgi
option enabled 1
option port '1026'
是没修改过的,要改的话改哪里呢?
extreme
2014-12-05 23:44:24 +08:00
@MATTHEW728960 如果按照你的配置文件,应该是TCP方式,但你fastcgi_pass却用了Unix Sock。
还有就是不要include fastcgi_params_wp这个文件试试。
MATTHEW728960
2015-01-06 16:43:56 +08:00
已解决,关键就是openwrt的php-cgi会自动加载已安装的所有模块,所以在php. ini中不能写关于载入模块的设置,另一个问题是使用UNIX的话,nginx和PHP的启动用户必须一致。

① ;extension=XXXXX #需要注释掉,不然就会出现重复载入模块

② user nobody nogroup; #php-fastcgi的启动用户必须与nginx.conf中的用户相同,spawn-fcgi不能使用nobody用户开启

③ chmod 777 /XXXXXX/www #把网站目录设置为所有人都能读写的权限,或者是664

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/151340

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX