I have a VPS on digitalocean that works great with five subdomains. But when I decided to add 6th (RC), it doesn't work. In order not to make mistakes, I made the following:
duplicated existing (working) /var/www folder and renamed into rc
changed rights to this folder sudo chmod -R www-data:www-data rc
duplicated working config in etc/nginx/sites-available and renamed it to rc
changed server_name and root rooting there. So, it looks like so:
server {
listen 80;
listen [::]:80;
charset UTF-8;
server_name rc.myserver.com;
root /var/www/rc;
index index.html;
location ~ /\. {
deny all;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
}
}
created symlink with ln -s /etc/nginx/sites-available/rc /etc/nginx/sites-enabled/rc
restarted nginx: sudo service nginx restart
Now my /etc/nginx/sites-enabled/ folder looks so:
lrwxrwxrwx 1 root root 31 Jul 21 2019 html -> /etc/nginx/sites-available/html
lrwxrwxrwx 1 root root 31 Jul 19 2019 hunt -> /etc/nginx/sites-available/hunt
lrwxrwxrwx 1 root root 32 Dec 2 16:43 monit -> /etc/nginx/sites-available/monit
lrwxrwxrwx 1 root root 29 Feb 1 13:57 rc -> /etc/nginx/sites-available/rc
lrwxrwxrwx 1 root root 31 Jul 21 2019 rent -> /etc/nginx/sites-available/rent
lrwxrwxrwx 1 root root 32 Jul 20 2019 tools -> /etc/nginx/sites-available/tools
sudo netstat -plutn | grep nginx shows:
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 29155/nginx: master
tcp6 0 0 :::80 :::* LISTEN 29155/nginx: master
My nginx.conf has this code lines active:
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
/var/log/nginx/error.log and /var/log/nginx/access.log didn't show any problems.
But when I try to get rc.myserver.com - I get "Failed to open the page" safari message:
Safari can’t open the page “http://rc.myserver.com” because Safari can’t find the server “rc.myserver.com.”
What's the problem can be with?
Did you point your subdomain to the Droplet ip-address ?
first thing you've to do is to point your subdomains to the single ip address via your DNS provider (A, CNAME).
I think that's why you are getting error:
Safari can’t open the page “http://rc.myserver.com” because Safari can’t find the server “rc.myserver.com”.
point rc.yourserver.com to Droplet IP address :)
Related
I've tried since hours with lots of solutions but cannot get rid of this 403 error on serving a static subdomain with NGINX.
I've tried chmod all my permissions in the directory to the static folder and editing the config file over and over.
NGINX serves beautifully my reverse proxied Node app but shuts down all the static subdomains that once were in the server.
Permissions:
dr-xr-xr-x root root /
drwxr-xr-x root root home
drwx--x--x ca****8sh nginx ca****8sh
lrwxrwxrwx ca****8sh ca****8sh www -> public_html
drwxr-x--- ca****8sh ca****8sh public_html
drwxr-xr-x nginx nginx residenza******.******ano.ch;
config file:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name residenza******.******ano.ch;
root /home/ca****8sh/www/residenza******.******ano.ch/;
location / {
#try_files $uri $uri/ =404;
index index.html;
#autoindex on;
#autoindex_exact_size off;
}
[continues with SSL setup]
I've also tried tweaking things around like enabling autoindex but to no avail.
I'm on despair, please help!
Check which user nginx is using in first line of nginx.conf. It should be either nginx or www-data. then run this command. Replace www-data with nginx if the user is nginx
chown -R www-data /home/ca****8sh/www/residenza******.******ano.ch/
If you are using SELinux like CentOS, run these commands too:
sudo setsebool -P httpd_can_network_connect on
chcon -Rt /home/ca****8sh/www/residenza******.******ano.ch/
I have handled by changing the global nginx user to a higher tier user. This is what was causing the permits issue.
I have this configuration:
server {
server_name frontend-ui.something.com;
root /var/www/frontend_ui;
index index.html;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
}
located in /etc/nginx/sites-available and is symlinked in /etc/nginx/sites-enabled. Whenever I try to access it, it falls back to nginx 404 page. Just to be sure that the configuration and nginx are being reached I changed the config to fall back to 500 instead, and it did. So, my conclusion is that the config is reached, but the static files are not served/read.
The static files:
root#my-server:/var/www# ls -l frontend-ui/
total 8
drwxrwxr-x 2 bamboo bamboo 4096 Feb 28 11:59 build
-rw-rw-r-- 1 bamboo bamboo 392 Feb 28 11:59 index.html
The funny thing is that I have one more page being served with the exactly same configuration and permissions, but just with different subdomain name, and it works fine.
I am using nginx with http webdav module to upload files and delete files to server I am able to upload files successfully and delete but the issue I am facing is that files it uploads does not have execute permissions
-rw-rw-rw- 1 nginx nginx 1583670 Apr 19 17:20 startup.jpg
where as the folder it creates have all the permissions
drwxrwxrwx 2 nginx nginx 4096 Apr 19 16:27 s
I tried adding rwx to the nginx config but I get error it works fine with rw but with x it gives error
Apr 19 17:23:20 CDNSTORE nginx[18386]: nginx: [emerg] invalid value "group:rwx" in /etc/nginx/conf.d/webdav.conf:11
Following is my nginx config
server {
listen 80;
server_name localhost;
root /home/webdav/files;
client_body_temp_path /home/webdav/tmp;
location / {
dav_methods PUT DELETE MKCOL COPY MOVE;
# dav_ext_methods PROPFIND OPTIONS;
create_full_put_path on;
dav_access user:rw group:rwx all:rwx;
autoindex on;
client_max_body_size 1G; # File size limit for new files
auth_basic "closed site";
auth_basic_user_file /home/webdav/.htpasswd;
}
}
I want the images files to be accessible from url for that need to set -rwxr-xr-x permissions .
I dont want to use cron and shell to set permission because I need to create folders and subfolder on the fly and folder needs permission so webdav can delete so looking for a solution that nginx set permission when uploading the file
I am trying to use certbot and letsencrypt on my Ubuntu 16.0.4 server, so I can install a mail server.
I am running certbot like this:
sudo /opt/letsencrypt/certbot-auto certonly --agree-tos --webroot -w
/path/to/www/example -d example.com -d www.example.com
I get the following output from certbot (snippet shown below):
Domain: www.example.com
Type: unauthorized
Detail: Invalid response from
http://www.example.com/.well-known/acme-challenge/QEZwFgUGOJqqXHcLmTmkr5z83dbH3QlrIUk1S3JI_cg:
"<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
This is what my directory structure looks like:
root#yourbox:/path/to/www/example$ ls -la
total 12
drwxr-xr-x 3 example root 4096 Nov 1 10:17 .
drwxr-xr-x 5 root webapps 4096 Nov 1 10:13 ..
drwxr-xr-x 2 root root 4096 Nov 1 10:36 .well-known
root#yourbox:/path/to/www/example$
root#yourbox:/path/to/www/example$ cd .well-known/
root#yourbox:/path/to/www/example/.well-known$ ls -la
total 8
drwxr-xr-x 2 root root 4096 Nov 1 10:36 .
drwxr-xr-x 3 example root 4096 Nov 1 10:17 ..
root#yourbox:/path/to/www/example/.well-known$
From above, I can see that the challenge file does not exist - (presumably?) because, it looks like the certbot is unable to write to the folder.
However, I first needed to check that nginx was set up correctly, and that it was serving files from folders starting with a period.
This is the configuration file for nginx for the website (/etc/nginx/sites-available/example):
server {
# Allow access to the letsencrypt ACME Challenge
location ~ /\.well-known\/acme-challenge {
allow all;
}
}
I manually created a testfile (sudo touch /path/to/www/example/fake) and gave it the correct permissions:
root#yourbox:/path/to/www/example/.well-known/acme-challenge$ ls -l
total 0
-rw-r--r-- 1 example webapps 0 Nov 1 10:45 fake
I then tried to access http://www.example.com/.well-known/acme-challenge/fake from a browser - and got a 404 error.
This means I have two errors:
Nginx is not correctly setup to serve files from the .well-known/acme-challenge folder
The file permissions in the /path/to/www/example folder are wrong, so certbot can't write its automatically generated files to the .well-known/acme-challenge folder.
How may I fix these issues?
Your Nginx config file has no config to make your /path/to/www/example/ directory web accessible.
Here's a simple configuration which will put your site live and allow LetsEncyrpt to create a valid certificate. Bare in mind port 80 will need to be accessible.
server {
listen 80;
server_name www.example.co.uk example.co.uk;
root /path/to/www/example;
access_log /var/log/nginx/example.co.uk.log;
error_log /var/log/nginx/example.co.uk.log;
index index.html index.htm index.php;
location ~ /\.well-known\/acme-challenge {
allow all;
}
location / {
try_files $uri $uri/index.html $uri.html =404;
}
}
Change your server_name accordingly, or use your /etc/hosts file to configure a local domain.
I had the same problem which was caused by the following line:
location ~ /\. {
deny all;
}
i added the following ABOVE the line mentioned above this:
location ~ /\.well-known\/acme-challenge {
allow all;
}
I am getting "Access Denied" on index.php file. I created test.php by using touch command on my server and it is working.
I deleted index.php and created index.php by using touch command and c/p index.php source new index.php file and then I checked error.log now the problem is occurred on another php file.
Everything was working and today this problem started. This configuration also was working, there was no change and this problem occurred.
Here is my config files.
/etc/nginx/conf.d/default.conf :
server {
listen 80;
server_name X.X.X.X;
root /var/www/domain.com;
index index.php;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
error_page 404 /404.html;
location = /404.html {
root /var/www/domain.com;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/domain.com;
}
}
/var/www/domain.com/ :
drwxr-xr-x. 8 nginx nginx 4096 Nov 16 16:39 .
drwxr-xr-x. 5 nginx nginx 4096 Oct 30 20:47 ..
-rwxr-xr-x. 1 nginx nginx 146 Jun 1 18:16 CONTRIBUTING.md
drwxr-xr-x. 12 nginx nginx 4096 Oct 30 23:36 app
-rwxr-xr-x. 1 nginx nginx 2452 Jun 1 18:16 artisan
drwxr-xr-x. 2 nginx nginx 4096 Oct 30 23:36 assets
drwxr-xr-x. 2 nginx nginx 4096 Oct 30 23:36 bootstrap
-rwxr-xr-x. 1 nginx nginx 697 Jun 1 18:16 composer.json
-rwxr-xr-x. 1 nginx nginx 58540 Oct 1 00:19 composer.lock
-rwxr-xr-x. 1 nginx nginx 0 Jun 1 18:16 favicon.ico
-rwxr-xr-x. 1 nginx nginx 1580 Oct 31 00:05 index.php
drwxr-xr-x. 2 nginx nginx 4096 Oct 30 23:36 packages
-rwxr-xr-x. 1 nginx nginx 567 Jun 1 18:16 phpunit.xml
drwxr-xr-x. 2 nginx nginx 4096 Oct 30 23:55 public
-rwxr-xr-x. 1 nginx nginx 2051 Jun 1 18:16 readme.md
-rwxr-xr-x. 1 nginx nginx 24 Jun 1 18:16 robots.txt
-rwxr-xr-x. 1 nginx nginx 519 Jun 1 18:16 server.php
-rwxr-xr-x. 1 nginx nginx 41 Nov 16 16:39 test.php
drwxr-xr-x. 20 nginx nginx 4096 Oct 30 23:36 vendor
/etc/nginx/nginx.conf :
user nginx;
/etc/php-fpm.d/www.conf :
user = nginx
group = nginx
/var/log/nginx/error.log :
Unable to open primary script: /var/www/domain.com/index.php (Permission denied)" while reading response header from upstream, client: *, server: *, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "*"
2014/11/16 18:27:54 [error] 5070#0: *21 FastCGI sent in stderr: "PHP message: PHP Warning: Unknown: failed to open stream: Permission denied in Unknown on line 0
After I deleted index.php and created by using touch command same file:
PHP message: PHP Fatal error: require(): Failed opening required '/var/www/domain.com/bootstrap/autoload.php'
I've just spent a whole day on the same problem, eventually finding that selinux was causing it.
I haven't search exactly which setting might be at fault, just disabled the whole thing (SELINUX=disabled in /etc/selinux/config and a restart) and finally php-fpm works as it should.
Thanks for your answer -- this was the same "Access Denied" the problem I encountered and your solution led me down the right path.
Note that instead of disabling SELINUX completely, you can just do this:
$ sudo setsebool -P httpd_read_user_content 1
My current setup is with CentOS 7.7, NGINX 1.17.3, PHP-FPM 7.3.9.