View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions Trying LEMP w. vBulletin, slightly stuck with try_files
Log in to Ask a Question

Trying LEMP w. vBulletin, slightly stuck with try_files

development

I was running a vBulletin site under a standard LAMP stack.

I spun up a new Linode to try LEMP instead, to see if it offered better performance.

I'm running into trouble trying to get the recommended "security enhancement" installed.

here's my php location block:

location ~ \.php$ {
                try_files $uri  =404;

                include /etc/nginx/fastcgi_params;
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME /home/mouseowners-test/public_html$fastcgi_script_name;

        }

If I leave this as-is, every single PHP page I try and load (so, any of the vBulletin stuff) returns a 404. If I comment out the try_files line, everything seems to be working.

Any clues?

9 Replies

Can I see your entire vhost configuration?

Here's the entire file from sites-enabled:

# You may add here your
# server {
#       ...
# }
# statements for each of your virtual hosts

server {
        listen   80 default;
        server_name  mouseowners-test.com www.mouseoweners-test.com;

        access_log  /var/log/nginx/mouseowners-test.com.access.log;

        location / {
                root   /home/mouseowners-test/public_html;
                index  index.html index.htm index.php;
        }

        #error_page  404  /404.html;

        # redirect server error pages to the static page /50x.html
        #
        #error_page   500 502 503 504  /50x.html;
        #location = /50x.html {
        #       root   /var/www/nginx-default;
        #}

        # proxy the PHP scripts to Apache listening on 127.0.0.1:81
        #
        #location ~ \.php$ {
                #proxy_pass   http://127.0.0.1:81;
                #proxy_set_header Host $http_host;
                #proxy_set_header X-Real-IP $remote_addr;
                #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        location ~ \.php$ {
                try_files $uri  =404;

                include /etc/nginx/fastcgi_params;
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME /home/mouseowners-test/public_html$fastcgi_script_name;

        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
                #deny  all;
        #}
}

and here's nginx.conf:

user www-data;
worker_processes  1;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
    # multi_accept on;
}

http {
    include       /etc/nginx/mime.types;

    access_log  /var/log/nginx/access.log;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;
    tcp_nodelay        on;

    gzip  on;
    gzip_disable "MSIE [1-6]\.(?!.*SV1)";

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

Thanks for looking!

Hey,

Sorry for the late response. Took some time off to recharge my batteriers.

Anyways. I don't see anything that stands out as an issue but I could make some guesses…

Have you tried using a home directory name without a dash in your path?

fastcgi_param SCRIPT_FILENAME /home/mouseowners-test/public_html$fastcgi_script_name;

This line right here may or may not be problematic with try files. All my paths don't have dashes in them…

Also I am curious as to what version of Nginx you are using so I can try to reproduce the problem. I am also curious… Did you disable the default vhost?

Also I believe nginx -t checks your configuration. Did you try running that?

[snip] Some rubbish deleted! [/snip]

NB: Must engage brain

I was using it to prevent this security hole:

https://nealpoole.com/blog/2011/04/sett … iguration/">https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/

I'm still getting the error.

Sigh. Maybe I'll try varnish in front of apache.

@ericholtman:

I was using it to prevent this security hole:

https://nealpoole.com/blog/2011/04/sett … iguration/">https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/

I'm still getting the error.

Sigh. Maybe I'll try varnish in front of apache. I'm being a dolt. I was trying to simplify the problem and making stupid assumptions. I should pay more attention.

I can only see 1 root declaration, namely inside your try_files[} block. Try either to move it out of there to give it a greater scope, or duplicate it inside your php block.

@mjruschak:

Have you tried using a home directory name without a dash in your path?

Everything works if I just comment out the "try_files", so I don't think the path is the problem

> Also I am curious as to what version of Nginx you are using so I can try to reproduce the problem. I am also curious… Did you disable the default vhost?

0.7.65, and mouseowners-test.com is the only file in sites-enabled.

> Also I believe nginx -t checks your configuration. Did you try running that?

That comes up clean.

Try moving root out of location / and to the server scope under access_log.

I don't use vbulletin, but this might serve:

server {
  listen   80 default;
  server_name  mouseowners-test.com www.mouseoweners-test.com;

  access_log  /var/log/nginx/mouseowners-test.com.access.log; 
  root   /home/mouseowners-test/public_html;
  index  index.html index.htm index.php; 

  location / {
    try_files $uri $uri/ index.php;
  }

  # deny access to .htaccess files, .git, .svn, etc
  location ~ /\. {
    deny  all;
  }

  location ~ ^.+\.(jpg|jpeg|gif|png|ico|css|js)$ {
    access_log      off;
    expires         45d;
  }

  location ~ \.php$ {
    try_files $uri  =404;

    include /etc/nginx/fastcgi_params;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME /home/mouseowners-test/public_html$fastcgi_script_name;

  }
}

If you use fancier urls that don't include the php file then you'll need rewrites. vbseo.php probably requires something different, as well.

@brianmercer:

Try moving root out of location / and to the server scope under access_log.

Hey, that works, thanks!

Now I'll have to see if nginx + fast_cgi is better than varnish + apache.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct