Nginx refuses to handle my PHP files or even access the directory: 403 forbidden


(Rémy Epke) #1
Hardware information
$ hwinfo --short
cpu:                                                            
                       Pentium(R) Dual-Core CPU       T4400  @ 2.20GHz, 2194 MHz
                       Pentium(R) Dual-Core CPU       T4400  @ 2.20GHz, 2194 MHz
keyboard:
                       Logitech USB Receiver
  /dev/input/event3    AT Translated Set 2 keyboard
mouse:
                       Logitech USB Receiver
  /dev/input/mice      SynPS/2 Synaptics TouchPad
graphics card:
                       Intel Mobile 4 Series Chipset Integrated Graphics Controller
                       Intel Mobile 4 Series Chipset Integrated Graphics Controller
sound:
                       Intel 82801I (ICH9 Family) HD Audio Controller
storage:
                       Intel ICH9M/M-E SATA AHCI Controller
network:
  wlp20s0              Realtek WLAN controller
  enp14s0              Realtek RTL8101E/RTL8102E PCI Express Fast Ethernet controller
network interface:
  lo                   Loopback network interface
  enp14s0              Ethernet network interface
  wlp20s0              Ethernet network interface
disk:
  /dev/sda             KINGSTON SV300S3
partition:
  /dev/sda1            Partition
  /dev/sda2            Partition
  /dev/sda3            Partition
cdrom:
  /dev/sr0             TSSTcorp CDDVDW TS-L633C
usb controller:
                       Intel 82801I (ICH9 Family) USB UHCI Controller #5
                       Intel 82801I (ICH9 Family) USB UHCI Controller #2
                       Intel 82801I (ICH9 Family) USB UHCI Controller #6
                       Intel 82801I (ICH9 Family) USB UHCI Controller #3
                       Intel 82801I (ICH9 Family) USB UHCI Controller #4
                       Intel 82801I (ICH9 Family) USB UHCI Controller #1
                       Intel 82801I (ICH9 Family) USB2 EHCI Controller #2
                       Intel 82801I (ICH9 Family) USB2 EHCI Controller #1
bios:
                       BIOS
bridge:
                       Intel 82801I (ICH9 Family) PCI Express Port 1
                       Intel ICH9M LPC Interface Controller
                       Intel 82801I (ICH9 Family) PCI Express Port 6
                       Intel 82801I (ICH9 Family) PCI Express Port 4
                       Intel 82801 Mobile PCI Bridge
                       Intel Mobile 4 Series Chipset Memory Controller Hub
                       Intel 82801I (ICH9 Family) PCI Express Port 3
hub:
                       Linux 4.18.12-1-CHAKRA uhci_hcd UHCI Host Controller
                       Linux 4.18.12-1-CHAKRA uhci_hcd UHCI Host Controller
                       Linux 4.18.12-1-CHAKRA uhci_hcd UHCI Host Controller
                       Linux 4.18.12-1-CHAKRA uhci_hcd UHCI Host Controller
                       Linux 4.18.12-1-CHAKRA uhci_hcd UHCI Host Controller
                       Linux 4.18.12-1-CHAKRA ehci_hcd EHCI Host Controller
                       Linux 4.18.12-1-CHAKRA uhci_hcd UHCI Host Controller
                       Linux 4.18.12-1-CHAKRA ehci_hcd EHCI Host Controller
memory:
                       Main Memory
unknown:
                       FPU
                       DMA controller
                       PIC
                       Keyboard controller
                       Intel 82801I (ICH9 Family) SMBus Controller
  /dev/input/event10   Suyin USB 2.0 Camera
                       Logitech USB Receiver
$ inxi -Fzc 0
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
        LANGUAGE = "en_GB",
        LC_ALL = (unset),
        LC_MEASUREMENT = "nl_NL.UTF-8",
        LC_PAPER = "en_GB.UTF-8",
        LC_MONETARY = "nl_NL.UTF-8",
        LC_NAME = "en_GB.UTF-8",
        LC_ADDRESS = "en_GB.UTF-8",
        LC_NUMERIC = "en_GB.UTF-8",
        LC_TELEPHONE = "en_GB.UTF-8",
        LC_IDENTIFICATION = "en_GB.UTF-8",
        LC_TIME = "en_GB.UTF-8",
        LANG = "en_GB.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
System:    Host: ReemZ-T0shiba Kernel: 4.18.12-1-CHAKRA x86_64 bits: 64 Desktop: KDE Plasma 5.14.3
           Distro: Chakra
Machine:   Type: Laptop System: TOSHIBA product: Satellite L550 v: PSLW0E-08P03VDU serial: <filter>
           Mobo: TOSHIBA model: KTWAA v: 1.00 serial: <filter> BIOS: TOSHIBA v: 1.90 date: 12/18/2009
Battery:   ID-1: BAT1 charge: 43.5 Wh condition: 45.8/48.6 Wh (94%)
CPU:       Topology: Dual Core model: Pentium T4400 bits: 64 type: MCP L2 cache: 1024 KiB
           Speed: 2194 MHz min/max: 1200/2200 MHz Core speeds (MHz): 1: 2194 2: 2194
Graphics:  Card-1: Intel Mobile 4 Series Integrated Graphics driver: i915 v: kernel
           Display: x11 server: X.Org 1.20.3 driver: intel unloaded: modesetting,vesa resolution: 1600x900~60Hz
           Message: Unable to show advanced data. Required tool glxinfo missing.
Audio:     Card-1: Intel 82801I HD Audio driver: snd_hda_intel
           Sound Server: ALSA v: k4.18.12-1-CHAKRA
Network:   Card-1: Realtek RTL8101E/RTL8102E PCI Express Fast Ethernet driver: r8169
           IF: enp14s0 state: down mac: <filter>
           Card-2: Realtek RTL8191SEvB Wireless LAN driver: rtl8192se
           IF: wlp20s0 state: up mac: <filter>
Drives:    HDD Total Size: 111.79 GiB used: 8.52 GiB (7.6%)
           ID-1: /dev/sda vendor: Kingston model: SV300S37A120G size: 111.79 GiB
Partition: ID-1: / size: 81.36 GiB used: 8.52 GiB (10.5%) fs: ext4 dev: /dev/sda2
           ID-2: swap-1 size: 4.00 GiB used: 0 KiB (0.0%) fs: swap dev: /dev/sda1
Sensors:   System Temperatures: cpu: 45.0 C mobo: N/A
           Fan Speeds (RPM): N/A
Info:      Processes: 134 Uptime: 5m Memory: 3.70 GiB used: 683.8 MiB (18.1%) Shell: bash inxi: 3.0.10
Logs and configs (php.txt is php.ini but the forum doesn't allow that filetype)

pacman.conf (2.3 KB)
pacman.log (602.1 KB)
nginx.conf (2.6 KB)
fastcgi.conf (1.1 KB)
php-fpm.conf (4.3 KB)
www.conf (18.3 KB)
php.txt (69.0 KB)


As I’m having problems with Apache (systemd refuses to start it on both my machines, one stable one testing, but that’s for a different topic), I’ve decided to give nginx a try.
I’ve installed testing/nginx 1.14.1-1 and core/php-fpm 7.1.22-2 (I had already installed core/php 7.1.22-2) as I’m trying this on the testing lappy first, uncommented the FastCGI part in /etc/nginx/nginx.conf, and started both services, apparently succesfully.

Contents of /usr/share/nginx/html/
$ ls /usr/share/nginx/html/
total 20K
drwxr-xr-x  4 root root 4.0K 14.11.2018 06:14 vet-ptss/
drwxr-xr-x 18 root root 4.0K 14.11.2018 06:14 webdev/
-rw-r--r--  1 root root  537 07.11.2018 01:27 50x.html
-rw-r--r--  1 root root  612 07.11.2018 01:27 index.html
-rw-r--r--  1 root root   21 14.11.2018 06:40 index.php

The files 50x.html and index.html came with the install, the two directories and index.php are mine.

Service status for php-fpm and nginx
$ systemctl status php-fpm.service
● php-fpm.service - The PHP FastCGI Process Manager
   Loaded: loaded (/usr/lib/systemd/system/php-fpm.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2018-11-14 07:56:55 CET; 5s ago
 Main PID: 1264 (php-fpm)
   Status: "Ready to handle connections"
    Tasks: 3 (limit: 4530)
   Memory: 16.4M
   CGroup: /system.slice/php-fpm.service
           ├─1264 php-fpm: master process (/etc/php/php-fpm.conf)
           ├─1265 php-fpm: pool www
           └─1266 php-fpm: pool www

Nov 14 07:56:54 ReemZ-T0shiba systemd[1]: Starting The PHP FastCGI Process Manager...
Nov 14 07:56:54 ReemZ-T0shiba php-fpm[1264]: [NOTICE] fpm is running, pid 1264
Nov 14 07:56:55 ReemZ-T0shiba php-fpm[1264]: [NOTICE] ready to handle connections
Nov 14 07:56:55 ReemZ-T0shiba php-fpm[1264]: [NOTICE] systemd monitor interval set to 10000ms
Nov 14 07:56:55 ReemZ-T0shiba systemd[1]: Started The PHP FastCGI Process Manager.
$ systemctl status nginx.service
● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2018-11-14 07:57:15 CET; 3s ago
  Process: 1273 ExecStart=/usr/bin/nginx -g pid /run/nginx.pid; error_log stderr; (code=exited, status=0/SUCCESS)
 Main PID: 1274 (nginx)
    Tasks: 2 (limit: 4530)
   Memory: 3.5M
   CGroup: /system.slice/nginx.service
           ├─1274 nginx: master process /usr/bin/nginx -g pid /run/nginx.pid; error_log stderr;
           └─1275 nginx: worker process

Nov 14 07:57:15 ReemZ-T0shiba systemd[1]: Starting A high performance web server and a reverse proxy server...
Nov 14 07:57:15 ReemZ-T0shiba systemd[1]: Started A high performance web server and a reverse proxy server.

Pointing my browser to localhost shows me the welcome page, leading me to believe nginx is running.
However, trying to open localhost/index.php I’m greeted with a nice little error telling me the page I’m looking for is unavailable, and when trying to open one of the directories (for example localhost/vet-ptss) I get a 403.

Things tried:

  • Pointing browser to 127.0.0.1/… instead of localhost/… URLs
  • In nginx.conf, in the FastCGI part, in the root directive, replaced ‘html’ with the full path /usr/share/nginx/html
  • chowned my directories and index.php in /usr/share/nginx/html to http:http as per this link

Reverted all those as they didn’t solve the problem.

Any idea what I’m overlooking?


(brli) #2

The point is, is there really an index.php file in your vshost root?


(gopona) #3

Since SCRIPT_FILENAME is already defined in fastcgi.conf, I think you can remove this line from nginx.conf:
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;


(Rémy Epke) #4

‘vshost’ means nothing to me, but yes there is an index.php file in the same directory as the index.html that came with nginx, as you can see in the original post. Expand ‘Contents of /usr/share/nginx/html/’ to see it.


(Rémy Epke) #5

Thanks, I’ll give that a try.

Edit: removed swearing


(brli) #6

vhost, my fault…silly autocorrection(?)

have you checked ArchWiki about nginx?


(Rémy Epke) #7

‘vhost’ means nothing to me either.
Obviously I read ArchWiki, as Chakra doesn’t seem to have any info on nginx. Had I not, I wouldn’t have even known to install something like php-fpm as I’ve got no fuckin clue what that does.


(Rémy Epke) #8

No luck.

Edit: removed swearing


(gopona) #9

Based on your www.conf content, php-fpm listens on the socket /run/php-fpm/php-fpm.sock instead of 127.0.0.1:9000. So the fastcgi_pass option in nginx.conf should be:

fastcgi_pass unix:/run/php-fpm/php-fpm.sock;

(Rémy Epke) #10

Still no luck. Any of the changes I mentioned in the OP I should redo as well?