我在Debian系统上使用nginx和php5-fpm。
我希望我的服务器像这样服务;
ip/index.html为nginx web root ip/somefile.php(或index.php)通过php-fpm提供PHP ip/~user/index.html提供/home/user/public_html ip/~user/somefile.php(或index.php)通过php-fpm提供PHP (其中ip是IPv4或IPv6地址)。
以下是nginx的配置:
server {
listen 80;
listen [::]:80 default_server ipv6only=on;
server_name _;
root /usr/share/nginx/www;
index index.php index.html index.htm;
# Deny access to all dotfiles
location ~ /\. {
deny all;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
try_files $uri = 404; # Prevents exploit
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
}
# Serve user directories
location ~ ^/~(.+?)(/.*)?$ {
alias /home/$1/public_html$2;
autoindex on;
}
}
对于php-fpm:
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[www]
; Per pool prefix
; It only applies on the following directives:
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
; - 'chdir'
; - 'php_values'
; - 'php_admin_values'
; When not set, the global prefix (or /usr) applies instead.
; Note: This directive can also be relative to the global prefix.
; Default Value: none
;prefix = /path/to/pools/$pool
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = www-data
group = www-data
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses on a
; specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php5-fpm.sock
; Set listen(2) backlog.
; Default Value: 128 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 128
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0666
;listen.owner = www-data
;listen.group = www-data
;listen.mode = 0666
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
;listen.allowed_clients = 127.0.0.1
; ... and more that doesn't matter, just defaults
静态文件和PHP都在nginx web root(ip/blah.html或ip/blah.php)中工作,静态文件也可以在用户目录(ip/~user/blah.html)中工作,但PHP在用户目录中提供404。
有人可以帮我修改配置吗?
修改:一些ls -la,这是一个许可问题。
kvanb@pegasus:~$ ls -la
total 32
drwxr-xr-x 3 kvanb sudo 4096 Jan 4 04:04 .
drwxr-xr-x 6 root root 4096 Jan 4 01:36 ..
-rw------- 1 kvanb kvanb 570 Jan 4 02:54 .bash_history
-rw-r--r-- 1 kvanb sudo 220 Jan 4 01:36 .bash_logout
-rw-r--r-- 1 kvanb sudo 3392 Jan 4 01:36 .bashrc
-rw-r--r-- 1 kvanb sudo 675 Jan 4 01:36 .profile
drwxr-xr-x 2 kvanb sudo 4096 Jan 4 03:41 public_html
-rw------- 1 kvanb sudo 3303 Jan 4 04:04 .viminfo
kvanb@pegasus:~/public_html$ ls -la
total 20
drwxr-xr-x 2 kvanb sudo 4096 Jan 4 03:41 .
drwxr-xr-x 3 kvanb sudo 4096 Jan 4 04:04 ..
-rwxr-xr-x 1 kvanb sudo 21 Jan 4 03:40 index.php
-rwxr-xr-x 1 kvanb sudo 20 Jan 4 03:09 info.php
-rw-r--r-- 1 kvanb sudo 4 Jan 4 03:41 test.html
kvanb@pegasus:/usr/share/nginx/www$ ls -la
total 20
drwxr-xr-x 2 root root 4096 Jan 4 03:28 .
drwxr-xr-x 3 root root 4096 Jan 4 01:34 ..
-rw-r--r-- 1 root root 383 Jul 7 2006 50x.html
-rw-r--r-- 1 root root 151 Oct 4 2004 index.html
-rw-r--r-- 1 root root 20 Jan 4 03:28 info.php
答案 0 :(得分:5)
您需要在初始php之前添加此规则:
# Serve user directories php files
location ~ ^/~(.+?)(/.*\.php)$ {
alias /home/$1/public_html;
autoindex on;
include /etc/nginx/fastcgi_params;
try_files $2 = 404; # Prevents exploit
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
}
这个匹配用户目录中的所有php文件,通过php-fpm指导它们。您拥有的php规则匹配所有这些php文件,但试图在错误的目录中找到它们。
答案 1 :(得分:0)
我在尝试解决类似问题时遇到了这个问题。因此,我将添加当我找到它时发现的解决方案。这是在Arch上的,但是与systemd相关。
此解决方案适用于我的开发机器,出于充分的原因,您不应从/ home文件夹中运行公共站点。
我将php-fpm和nginx配置为以我的用户身份运行。编辑以下文件,然后删除ProtectHome = true行
sudo vi /etc/systemd/system/multi-user.target.wants/php-fpm.service
重新加载,然后重新启动所有内容;
systemctl daemon-reload
systemctl restart nginx.service
systemctl restart php-fpm.service