V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
MATTHEW728960
V2EX  ›  PHP

[求助] 想在路由上加一个网站,安装 PHP 后出现 403

  •  
  •   MATTHEW728960 · 2014-12-03 23:48:55 +08:00 · 4665 次点击
    这是一个创建于 3642 天前的主题,其中的信息可能已经有所发展或是发生改变。
    极贰上自带Nginx,只需安装PHP,安装后却出现:
    进入http://192.168.177.1:8000/index.html会自动转到login_web.html;
    其它html和php文件都显示403;
    但把某个html文件改名为login_web.html就能显示里面的内容。

    [不知道是PHP配置错误,还是Nginx。(想在不丢失路由登陆界面下,新加一个网站)]
    [希望有人能帮帮忙,不能解决也感谢你的看了!谢谢!]
    [nginx.conf]


    user nobody nogroup;
    worker_rlimit_nofile 4096;
    worker_processes 1;

    error_log /tmp/data/www/log/nginx/error.log;
    pid /var/run/nginx.pid;

    events {
    worker_connections 4096;
    use epoll;
    multi_accept on;
    }

    http {
    server_tokens off;
    include mime.types;
    default_type application/octet-stream;

    access_log off;

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;

    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 4 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 128k;

    keepalive_timeout 20;
    send_timeout 30;

    gzip on;

    client_header_buffer_size 8k;
    client_max_body_size 8m;
    large_client_header_buffers 4 4k;
    client_body_buffers 16 4k;
    client_body_postpone_size 32k;
    ignore_invalid_headers off;

    server_names_hash_bucket_size 128;
    map_hash_bucket_size 128;

    proxy_request_buffering off;
    fastcgi_request_buffering off;

    proxy_pass_header Date;
    proxy_pass_header Server;

    lua_package_path '/etc/nginx/?.lua;;';
    lua_shared_dict tw_vars 256k;

    init_by_lua '
    local tw_vars = ngx.shared.tw_vars
    local arp = require("arp")
    local line = ""

    local file = io.open("/etc/nginx/switch")

    if file ~= nil then
    for line in file:lines() do
    local tw_var = arp.split(line, ":")

    if #tw_var > 1 and tw_var[1] ~= nil and tw_var[1] ~= "" then
    tw_vars:set(tw_var[1], tw_var[2])
    end
    end

    io.close(file)
    end

    file = io.open("/etc/agreement")

    if file ~= nil then
    for line in file:lines() do
    local tw_var = arp.split(line, ":")

    if #tw_var > 1 and tw_var[1] ~= nil and tw_var[1] ~= "" then
    tw_vars:set("AGREEMENT_" .. tw_var[1], tw_var[2])
    end
    end

    io.close(file)
    end
    ';

    map $http_upgrade $connection_header {
    default "";
    "~*Upgrade$" upgrade;
    "~*close$" close;

    }

    include dict.*.conf;
    include logformat.*.conf;
    include upstream.*.conf;
    include map.*.conf;
    include vh.*.conf;
    include wordpress.conf;
    }

    [wordpress.conf]
    server {
    listen 8000;
    server_name localhost;
    root /tmp/storage/mmcblk0p2/www;
    index index.html index.htm index.php default.php;
    error_page 500 502 503 504 /50x.html;


    location = /50x.html {
    root html;
    }

    location ~\.php$ {
    #fastcgi_pass 127.0.0.1:9000;
    fastcgi_pass unix:/var/run/fcgi-cgi.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME /tmp/storage/mmcblk0p2/www/$fastcgi_script_name;
    include /etc/nginx/fastcgi_params_wp;
    }



    }

    [fastcgi_params_wp]
    if ( $request_filename ~* (.*)\.php ) {
    set $php_url $1;
    }
    if (!-e $php_url.php) {
    return 403;
    }

    fastcgi_param QUERY_STRING $query_string;
    fastcgi_param REQUEST_METHOD $request_method;
    fastcgi_param CONTENT_TYPE $content_type;
    fastcgi_param CONTENT_LENGTH $content_length;

    fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    fastcgi_param SCRIPT_FILENAME /tmp/storage/mmcblk0p2/www/$fastcgi_script_name;
    fastcgi_param REQUEST_URI $request_uri;
    fastcgi_param DOCUMENT_URI $document_uri;
    fastcgi_param DOCUMENT_ROOT $document_root;
    fastcgi_param SERVER_PROTOCOL $server_protocol;

    fastcgi_param GATEWAY_INTERFACE CGI/1.1;
    fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;

    fastcgi_param REMOTE_ADDR $remote_addr;
    fastcgi_param REMOTE_PORT $remote_port;
    fastcgi_param SERVER_ADDR $server_addr;
    fastcgi_param SERVER_PORT $server_port;
    fastcgi_param SERVER_NAME $server_name;

    # PHP only, required if PHP was built with --enable-force-cgi-redirect
    fastcgi_param REDIRECT_STATUS 200;

    [php.ini]
    [PHP]

    zend.ze1_compatibility_mode = Off

    ; Language Options

    engine = On
    short_open_tag = On
    precision = 12
    y2k_compliance = On
    output_buffering = Off
    ;output_handler =
    zlib.output_compression = Off
    ;zlib.output_compression_level = -1
    ;zlib.output_handler =
    implicit_flush = Off
    unserialize_callback_func =
    serialize_precision = 100

    ;open_basedir =
    disable_functions =
    disable_classes =

    ; Colors for Syntax Highlighting mode. Anything that's acceptable in
    ; <span style="color: ???????"> would work.
    ;highlight.string = #DD0000
    ;highlight.comment = #FF9900
    ;highlight.keyword = #007700
    ;highlight.bg = #FFFFFF
    ;highlight.default = #0000BB
    ;highlight.html = #000000

    ;ignore_user_abort = On
    ;realpath_cache_size = 16k
    ;realpath_cache_ttl = 120

    ; Miscellaneous

    expose_php = On

    ; Resource Limits

    max_execution_time = 30 ; Maximum execution time of each script, in seconds.
    max_input_time = 60 ; Maximum amount of time each script may spend parsing request data.
    ;max_input_nesting_level = 64
    memory_limit = 8M ; Maximum amount of memory a script may consume.

    ; Error handling and logging

    ; Error Level Constants:
    ; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0)
    ; E_ERROR - fatal run-time errors
    ; E_RECOVERABLE_ERROR - almost fatal run-time errors
    ; E_WARNING - run-time warnings (non-fatal errors)
    ; E_PARSE - compile-time parse errors
    ; E_NOTICE - run-time notices (these are warnings which often result
    ; from a bug in your code, but it's possible that it was
    ; intentional (e.g., using an uninitialized variable and
    ; relying on the fact it's automatically initialized to an
    ; empty string)
    ; E_STRICT - run-time notices, enable to have PHP suggest changes
    ; to your code which will ensure the best interoperability
    ; and forward compatibility of your code
    ; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
    ; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
    ; initial startup
    ; E_COMPILE_ERROR - fatal compile-time errors
    ; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
    ; E_USER_ERROR - user-generated error message
    ; E_USER_WARNING - user-generated warning message
    ; E_USER_NOTICE - user-generated notice message
    ; E_DEPRECATED - warn about code that will not work in future versions
    ; of PHP
    ; E_USER_DEPRECATED - user-generated deprecation warnings
    ;
    ; Common Values:
    ; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.)
    ; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices)
    ; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors)
    ; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.)
    ; Default Value: E_ALL & ~E_NOTICE
    error_reporting = E_ALL & ~E_NOTICE & ~E_STRICT

    display_errors = On
    display_startup_errors = Off
    log_errors = Off
    log_errors_max_len = 1024
    ignore_repeated_errors = Off
    ignore_repeated_source = Off
    report_memleaks = On
    ;report_zend_debug = 0
    track_errors = Off
    ;html_errors = Off
    ;docref_root = "/phpmanual/"
    ;docref_ext = .html
    ;error_prepend_string = "<font color=#ff0000>"
    ;error_append_string = "</font>"
    ; Log errors to specified file.
    ;error_log = /var/log/php_errors.log
    ; Log errors to syslog.
    ;error_log = syslog

    ; Data Handling

    ;arg_separator.output = "&"
    ;arg_separator.input = ";&"
    variables_order = "EGPCS"
    request_order = "GP"
    register_globals = Off
    register_long_arrays = Off
    register_argc_argv = On
    auto_globals_jit = On
    post_max_size = 8M
    ;magic_quotes_gpc = Off
    magic_quotes_runtime = Off
    magic_quotes_sybase = Off
    auto_prepend_file =
    auto_append_file =
    default_mimetype = "text/html"
    ;default_charset = "iso-8859-1"
    ;always_populate_raw_post_data = On

    ; Paths and Directories

    ; UNIX: "/path1:/path2"
    ;include_path = ".:/php/includes"
    doc_root = "/tmp/storage/mmcblk0p2/www/"
    user_dir =
    extension_dir = "/usr/lib/php"
    enable_dl = On
    ;cgi.force_redirect = 1
    ;cgi.nph = 1
    ;cgi.redirect_status_env = ;
    cgi.fix_pathinfo=1
    ;fastcgi.impersonate = 1;
    ;fastcgi.logging = 0
    ;cgi.rfc2616_headers = 0

    ; File Uploads

    file_uploads = On
    upload_tmp_dir = "/tmp"
    upload_max_filesize = 2M
    max_file_uploads = 20

    ; Fopen wrappers

    allow_url_fopen = On
    allow_url_include = Off
    ;from="[email protected]";
    ;user_agent="PHP"
    default_socket_timeout = 60
    ;auto_detect_line_endings = Off

    ; Dynamic Extensions

    extension=ctype.so
    extension=curl.so
    ;extension=dom.so
    ;extension=exif.so
    ;extension=ftp.so
    extension=gd.so
    ;extension=gmp.so
    ;extension=hash.so
    ;extension=iconv.so
    extension=json.so
    ;extension=ldap.so
    extension=mbstring.so
    extension=mcrypt.so
    extension=mysql.so
    ;extension=openssl.so
    ;extension=pcre.so
    extension=pdo.so
    extension=pdo-mysql.so
    ;extension=pdo-pgsql.so
    ;extension=pdo_sqlite.so
    ;extension=pgsql.so
    extension=session.so
    ;extension=soap.so
    extension=sockets.so
    ;extension=sqlite.so
    ;extension=sqlite3.so
    extension=tokenizer.so
    extension=xml.so
    ;extension=xmlreader.so
    ;extension=xmlwriter.so

    ; Module Settings

    [APC]
    apc.enabled = 1
    apc.shm_segments = 1 ;The number of shared memory segments to allocate for the compiler cache.
    apc.shm_size = 4M ;The size of each shared memory segment.

    [Date]
    date.timezone = Asia/Hong_Kong
    ;date.default_latitude = 31.7667
    ;date.default_longitude = 35.2333
    ;date.sunrise_zenith = 90.583333
    ;date.sunset_zenith = 90.583333

    [filter]
    ;filter.default = unsafe_raw
    ;filter.default_flags =

    [iconv]
    ;iconv.input_encoding = ISO-8859-1
    ;iconv.internal_encoding = ISO-8859-1
    ;iconv.output_encoding = ISO-8859-1

    [sqlite]
    ;sqlite.assoc_case = 0

    [sqlite3]
    ;sqlite3.extension_dir =

    [Pdo_mysql]
    pdo_mysql.cache_size = 2000
    pdo_mysql.default_socket=

    [MySQL]
    mysql.allow_local_infile = On
    mysql.allow_persistent = On
    mysql.cache_size = 2000
    mysql.max_persistent = -1
    mysql.max_links = -1
    mysql.default_port =
    mysql.default_socket = /var/run/mysqld.sock
    mysql.default_host =
    mysql.default_user =
    mysql.default_password =
    mysql.connect_timeout = 60
    mysql.trace_mode = Off

    [PostgresSQL]
    pgsql.allow_persistent = On
    pgsql.auto_reset_persistent = Off
    pgsql.max_persistent = -1
    pgsql.max_links = -1
    pgsql.ignore_notice = 0
    pgsql.log_notice = 0

    [Session]
    session.save_handler = files
    session.save_path = "/tmp"
    session.use_cookies = 1
    ;session.cookie_secure =
    session.use_only_cookies = 1
    session.name = PHPSESSID
    session.auto_start = 0
    session.cookie_lifetime = 0
    session.cookie_path = /
    session.cookie_domain =
    session.cookie_httponly =
    session.serialize_handler = php
    session.gc_probability = 1
    session.gc_divisor = 100
    session.gc_maxlifetime = 1440
    session.bug_compat_42 = On
    session.bug_compat_warn = On
    session.referer_check =
    session.entropy_length = 0
    ;session.entropy_file = /dev/urandom
    session.entropy_file =
    ;session.entropy_length = 16
    session.cache_limiter = nocache
    session.cache_expire = 180
    session.use_trans_sid = 0
    session.hash_function = 0
    session.hash_bits_per_character = 4
    url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset="

    [mbstring]
    ;mbstring.language = Japanese
    ;mbstring.internal_encoding = EUC-JP
    ;mbstring.http_input = auto
    ;mbstring.http_output = SJIS
    ;mbstring.encoding_translation = Off
    ;mbstring.detect_order = auto
    ;mbstring.substitute_character = none;
    ;mbstring.func_overload = 0
    ;mbstring.strict_detection = Off
    ;mbstring.http_output_conv_mimetype=
    ;mbstring.script_encoding=

    [gd]
    ;gd.jpeg_ignore_warning = 0

    [exif]
    ;exif.encode_unicode = ISO-8859-15
    ;exif.decode_unicode_motorola = UCS-2BE
    ;exif.decode_unicode_intel = UCS-2LE
    ;exif.encode_jis =
    ;exif.decode_jis_motorola = JIS
    ;exif.decode_jis_intel = JIS

    [soap]
    soap.wsdl_cache_enabled=1
    soap.wsdl_cache_dir="/tmp"
    soap.wsdl_cache_ttl=86400
    soap.wsdl_cache_limit = 5

    [sysvshm]
    ;sysvshm.init_mem = 10000

    [ldap]
    ldap.max_links = -1

    [mcrypt]
    ;mcrypt.algorithms_dir=
    ;mcrypt.modes_dir=
    7 条回复    2015-01-06 16:43:56 +08:00
    MATTHEW728960
        1
    MATTHEW728960  
    OP
       2014-12-03 23:51:18 +08:00
    错误log:

    2014/12/02 18:34:24 [error] 4280#0: *469 FastCGI sent in stderr: "fcgi-cgi.c:359: couldn't execve '/tmp/storage/mmcblk0p2/www//d.php': Permission denied" while reading response header from upstream, client: 192.168.177.190, server: localhost, request: "GET /d.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/fcgi-cgi.sock:", host: "192.168.177.1:8000"
    2014/12/02 18:34:24 [error] 4280#0: *469 upstream prematurely closed FastCGI stdout while reading response header from upstream, client: 192.168.177.190, server: localhost, request: "GET /d.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/fcgi-cgi.sock:", host: "192.168.177.1:8000"
    2014/12/02 18:34:24 [error] 4280#0: *469 open() "/usr/html/50x.html" failed (2: No such file or directory), client: 192.168.177.190, server: localhost, request: "GET /d.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/fcgi-cgi.sock", host: "192.168.177.1:8000"
    extreme
        2
    extreme  
       2014-12-04 00:50:04 +08:00   ❤️ 1
    @MATTHEW728960 应该是权限问题,nouser应该要有对对应PHP所监听的sock文件的读写权限,以及对网站文件的读取权限,PHP的用户也需要有对网站文件的读取权限。
    如果对安全要求不高,一般执行:
    chmod -R 755 网站根目录
    可解决。
    PHP要更改对应的pool配置文件,更改sock文件的权限。
    MATTHEW728960
        3
    MATTHEW728960  
    OP
       2014-12-05 08:53:43 +08:00
    @extreme 现在html文件能读取了,但php还是403 Forbidden。
    sock文件的权限已改为777,php配置要怎么改呢?谢谢
    extreme
        4
    extreme  
       2014-12-05 13:18:25 +08:00
    @MATTHEW728960 你用的是PHP FPM吧?你自己看看你的pool配置文件放在哪。
    MATTHEW728960
        5
    MATTHEW728960  
    OP
       2014-12-05 14:19:37 +08:00
    @extreme 有一个/etc/config/php5-fastcgi :
    config php5-fastcgi
    option enabled 1
    option port '1026'
    是没修改过的,要改的话改哪里呢?
    extreme
        6
    extreme  
       2014-12-05 23:44:24 +08:00
    @MATTHEW728960 如果按照你的配置文件,应该是TCP方式,但你fastcgi_pass却用了Unix Sock。
    还有就是不要include fastcgi_params_wp这个文件试试。
    MATTHEW728960
        7
    MATTHEW728960  
    OP
       2015-01-06 16:43:56 +08:00
    已解决,关键就是openwrt的php-cgi会自动加载已安装的所有模块,所以在php. ini中不能写关于载入模块的设置,另一个问题是使用UNIX的话,nginx和PHP的启动用户必须一致。

    ① ;extension=XXXXX #需要注释掉,不然就会出现重复载入模块

    ② user nobody nogroup; #php-fastcgi的启动用户必须与nginx.conf中的用户相同,spawn-fcgi不能使用nobody用户开启

    ③ chmod 777 /XXXXXX/www #把网站目录设置为所有人都能读写的权限,或者是664
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   1751 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 24ms · UTC 16:37 · PVG 00:37 · LAX 08:37 · JFK 11:37
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.