12.15 Nginx解析php相關配置

時間  2019-12-05
標籤 12.15 nginx 解析 php 相關 配置 欄目 Nginx 简体版
原文   原文鏈接

Nginx解析php相關配置目錄概要

  • 配置以下:
location ~ \.php$
    {
        include fastcgi_params;
        fastcgi_pass unix:/tmp/php-fcgi.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME /data/wwwroot/test.com$fastcgi_script_name;
    }
  • fastcgi_pass 用來指定php-fpm監聽的地址或者socket

Nginx解析php相關配置

  • 添加如下代碼
location ~ \.php$
    {
        include fastcgi_params;
        fastcgi_pass unix:/tmp/php-fcgi.sock;        //寫錯這個路徑,就會顯示502
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME /data/wwwroot/test.com$fastcgi_script_name;
    }
  1. 打開虛擬主機配置文件,由於如今test.com.conf還不能解析php,加代碼添加到配置文件中
[root@hf-01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf 

server
{   
    listen 80;
    server_name test.com test1.com test2.com;
    index index.html index.htm index.php;
    root /data/wwwroot/test.com;
    if ($host != 'test.com' ) {
        rewrite  ^/(.*)$  http://test.com/$1  permanent;
    }
    #location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    #{         #      expires      7d;    #      access_log off;    #}      location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$   
{   
    expires 7d;

    valid_referers none blocked server_names  *.test.com ;
    if ($invalid_referer) {
        return 403;
    }
    access_log off;
}
    location ~ .*\.(js|css)$
    {
          expires      12h;
          access_log off;
    }
    location /admin/
    {
    allow 192.168.74.129;
    allow 127.0.0.1;
    deny all;
    }
    location ~ .*(upload|image)/.*\.php$
    {   
        deny all;
    }
    if ($http_user_agent ~ 'Spider/3.0|YoudaoBot|Tomato')
    {
      return 403;
    }
    location ~ \.php$
    {
        include fastcgi_params;
        fastcgi_pass unix:/tmp/php-fcgi.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME /data/wwwroot/test.com$fastcgi_script_name;
     }
    access_log /tmp/test.com.log combined_realip;
} 
保存退出
  1. 生成作一個php文件,在/data/wwwroot/test.com/目錄下生成3.php
[root@hf-01 ~]# vim /data/wwwroot/test.com/3.php

<?php
phpinfo();

保存退出
  1. 測試訪問3.php,會看到沒法解析3.php文件,顯示出了源碼
[root@hf-01 ~]# curl -x127.0.0.1:80 test.com/3.php
<?php
phpinfo();
[root@hf-01 ~]#
  1. 這時候檢查配置文件語法錯誤,並從新加載配置文件
[root@hf-01 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@hf-01 ~]# /usr/local/nginx/sbin/nginx -s reload
[root@hf-01 ~]#
  1. 這時候再來訪問3.php,會看到能夠正常解析了
[root@hf-01 ~]# curl -x127.0.0.1:80 test.com/3.php
  1. 如果解析php相關配置的 fastcgi_pass unix:/tmp/php-fcgi.sock; 這個路徑被寫錯,會直接顯示502,由於sock文件沒有被找到
  2. 將配置文件改錯後,從新加載後,再來訪問3.php,會看到顯示502狀態碼
[root@hf-01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf 
[root@hf-01 ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@hf-01 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@hf-01 ~]# /usr/local/nginx/sbin/nginx -s reload
[root@hf-01 ~]# curl -x127.0.0.1:80 test.com/3.php
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[root@hf-01 ~]#
  1. 查看訪問日誌cat /usr/local/nginx/logs/nginx_error.log,會看到日誌文件中會說沒有這樣的文件或目錄
[root@hf-01 ~]# cat /usr/local/nginx/logs/nginx_error.log
2018/01/08 06:42:21 [crit] 3392#0: *22 connect() to unix:/tmp/php-afcgi.sock failed (2: No such file or directory) while connecting to upstream, client: 127.0.0.1, server: test.com, request: "GET HTTP://test.com/3.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-afcgi.sock:", host: "test.com"
[root@hf-01 ~]#
  1. 在遇到502的問題時,須要查看你配置的地址是否正確,首先查看錯誤日誌,而後根據錯誤日誌中提示,查看這個文件是否存在,在查看cat /usr/local/php-fpm/etc/php-fpm.conf你定義的sock是什麼,那麼在nginx的配置文件中寫什麼
[root@hf-01 ~]# 
[root@hf-01 ~]# ls /tmp/php-afcgi.sock
ls: 沒法訪問/tmp/php-afcgi.sock: 沒有那個文件或目錄
[root@hf-01 ~]# cat /usr/local/php-fpm/etc/php-fpm.conf
[global]
pid = /usr/local/php-fpm/var/run/php-fpm.pid
error_log = /usr/local/php-fpm/var/log/php-fpm.log
[www]
listen = /tmp/php-fcgi.sock
listen.mode = 666
user = php-fpm
group = php-fpm
pm = dynamic
pm.max_children = 50
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
rlimit_files = 1024
[root@hf-01 ~]#
  1. 這時再去配置文件中更改回來便可,因此只要配置文件中的 fastcgi_pass unix:/tmp/php-fcgi.sock; 地址錯誤,就會顯示502

502的另外一種狀況

  1. 假設這時不監聽sock,而去監聽IP端口
  2. 首先更改配置vim /usr/local/php-fpm/etc/php-fpm.conf
  • 將#listen = /tmp/php-fcgi.sock註釋掉,增長listen = 127.0.0.1:9000
[root@hf-01 ~]# vim /usr/local/php-fpm/etc/php-fpm.conf

[global]
pid = /usr/local/php-fpm/var/run/php-fpm.pid
error_log = /usr/local/php-fpm/var/log/php-fpm.log
[www]
#listen = /tmp/php-fcgi.sock
listen = 127.0.0.1:9000
listen.mode = 666
user = php-fpm
group = php-fpm
pm = dynamic
pm.max_children = 50
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
rlimit_files = 1024
保存退出
  1. 重啓php 命令爲/etc/init.d/php-fpm restart,php重啓也支持reload
[root@hf-01 ~]# /etc/init.d/php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm  done
[root@hf-01 ~]#
  1. 檢查php文件是否存在語法錯誤,從新加載下nginx的配置文件
[root@hf-01 ~]# /usr/local/php-fpm/sbin/php-fpm -t
[08-Jan-2018 07:10:32] NOTICE: configuration file /usr/local/php-fpm/etc/php-fpm.conf test is successful

[root@hf-01 ~]# /usr/local/nginx/sbin/nginx -s reload
[root@hf-01 ~]#
  1. 查看監聽端口是否爲127.0.0.1:9000
[root@hf-01 ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1539/master         
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      3528/php-fpm: maste 
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1218/nginx: master  
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1191/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      1539/master         
tcp6       0      0 :::3306                 :::*                    LISTEN      1566/mysqld         
tcp6       0      0 :::22                   :::*                    LISTEN      1191/sshd           
[root@hf-01 ~]#
  1. 這時在來訪問3.php,會看到顯示爲502
[root@hf-01 ~]# curl -x127.0.0.1:80 test.com/3.php
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[root@hf-01 ~]#
  1. 查看配置文件會提示說文件不存在
  2. 這時候只須要在配置文件中作一個更改,在php配置那一塊,註釋掉unix,添加ip和端口
[root@hf-01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf

在php配置那一塊,註釋掉unix,添加ip和端口
        #fastcgi_pass unix:/tmp/php-fcgi.sock;
        fastcgi_pass 127.0.0.1:9000;
保存退出
  1. 檢查語法錯誤,並從新加載配置文件
[root@hf-01 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@hf-01 ~]# /usr/local/nginx/sbin/nginx -s reload
[root@hf-01 ~]#
  1. 再來訪問3.php文件,會看到正常訪問
[root@hf-01 ~]# curl -x127.0.0.1:80 test.com/3.php -I
HTTP/1.1 200 OK
Server: nginx/1.12.1
Date: Sun, 07 Jan 2018 23:23:11 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.30

[root@hf-01 ~]#
  1. 如果出現502,要檢查下配置文件中的fastcgi_pass 這塊是否nginx與php-fpm中所配置的地址是相匹配的
  • PHP下的listen = /tmp/php-fcgi.sock這段配置很重要,決定了nginx是否能正確解析而不是502
    • 當PHP配置文件 listen 使用sock時,那麼對應的nginx配置文件下就必須使用 fastcgi_pass unix:/tmp/php-fcgi.sock;
    • 當PHP配置文件listen 使用 IP加端口「127.0.0.1:9000」的時候,那麼對應的nginx就要改爲fastcgi_pass 127.0.0.1:9000;
  1. 配置文件中的 fastcgi_param SCRIPT_FILENAME 中的地址路徑/data/wwwroot/test.com$fastcgi_script_name;與配置文件最上方的 root /data/wwwroot/test.com; 相對應起來

502的其餘狀況

  • 在php5.4及之後的其餘版本,有一個特色
  • 更改監聽爲sock,取消監聽IP和端口,註釋掉listen.mode
  1. 更改php-fpm的配置文件,取消註釋listen = /tmp/php-fcgi.sock,註釋掉#listen = 127.0.0.1:9000和#listen.mode = 666
[root@hf-01 ~]# vi /usr/local/php-fpm/etc/php-fpm.conf

[global]
pid = /usr/local/php-fpm/var/run/php-fpm.pid
error_log = /usr/local/php-fpm/var/log/php-fpm.log
[www]
listen = /tmp/php-fcgi.sock
#listen = 127.0.0.1:9000
#listen.mode = 666
user = php-fpm
group = php-fpm
pm = dynamic
pm.max_children = 50
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
rlimit_files = 1024
保存退出
  1. 從新加載php
[root@hf-01 ~]# /etc/init.d/php-fpm reload
Reload service php-fpm  done
  1. 查看sock文件的權限爲660,屬主和屬組爲root
[root@hf-01 ~]# ls -l /tmp/php-fcgi.sock 
srw-rw---- 1 root root 0 1月   8 07:47 /tmp/php-fcgi.sock
  1. 更改nginx虛擬主機配置文件,取消 fastcgi_pass unix:/tmp/php-fcgi.sock; 的註釋,註釋掉#fastcgi_pass 127.0.0.1:9000;
  • fastcgi_pass unix:/tmp/php-fcgi.sock;這一行的配置是爲了nginx去讀sock文件
[root@hf-01 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf
  1. 從新加載nginx配置文件
[root@hf-01 ~]# /usr/local/nginx/sbin/nginx -s reload
  1. 這時候再來訪問3.php,依然仍是顯示502
[root@hf-01 ~]# curl -x127.0.0.1:80 test.com/3.php -I
HTTP/1.1 502 Bad Gateway
Server: nginx/1.12.1
Date: Sun, 07 Jan 2018 23:54:07 GMT
Content-Type: text/html
Content-Length: 173
Connection: keep-alive
  1. 查看訪問日誌文件,顯示訪問文件,權限被拒絕
[root@hf-01 ~]# !tail
tail /usr/local/nginx/logs/nginx_error.log
2018/01/08 06:42:21 [crit] 3392#0: *22 connect() to unix:/tmp/php-afcgi.sock failed (2: No such file or directory) while connecting to upstream, client: 127.0.0.1, server: test.com, request: "GET HTTP://test.com/3.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-afcgi.sock:", host: "test.com"
2018/01/08 07:13:39 [crit] 3518#0: *24 connect() to unix:/tmp/php-fcgi.sock failed (2: No such file or directory) while connecting to upstream, client: 127.0.0.1, server: test.com, request: "GET HTTP://test.com/3.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-fcgi.sock:", host: "test.com"
2018/01/08 07:54:07 [crit] 3790#0: *32 connect() to unix:/tmp/php-fcgi.sock failed (13: Permission denied) while connecting to upstream, client: 127.0.0.1, server: test.com, request: "HEAD HTTP://test.com/3.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-fcgi.sock:", host: "test.com"
[root@hf-01 ~]#
  1. sock文件默認權限使660,root用戶能夠讀,root用戶組也是可讀的,惟獨其餘用戶不能去讀
  2. 看到是由nobody的身份去讀nginx的
[root@hf-01 ~]# ps aux |grep nginx
root      1218  0.0  0.1  21784  1692 ?        Ss   00:11   0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody    3929  0.0  0.3  23664  3692 ?        S    08:18   0:00 nginx: worker process
nobody    3930  0.0  0.3  23664  3692 ?        S    08:18   0:00 nginx: worker process
root      3932  0.0  0.0 112676   984 pts/0    R+   08:18   0:00 grep --color=auto nginx
[root@hf-01 ~]#
  1. 這時臨時改變權限爲nobody
[root@hf-01 ~]# chown nobody /tmp/php-fcgi.sock 
[root@hf-01 ~]#
  1. 這時再去訪問3.php會看到正常訪問
[root@hf-01 ~]# curl -x127.0.0.1:80 test.com/3.php -I
HTTP/1.1 200 OK
Server: nginx/1.12.1
Date: Mon, 08 Jan 2018 00:22:43 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.30

[root@hf-01 ~]#
  1. 這就是由於nobody用戶有讀的權限,因此能夠正常訪問
  2. 在php-fpm的配置文件中定義listen.mode,就是爲了讓任何用戶能夠讀
  3. 再去配置文件中取消listen.mode的註釋
[root@hf-01 ~]# vi /usr/local/php-fpm/etc/php-fpm.conf

listen.mode = 666
  1. 而後重啓php-fpm的配置文件
[root@hf-01 ~]# /etc/init.d/php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm  done
[root@hf-01 ~]#
  1. 查看文件的權限
[root@hf-01 ~]# !ls
ls -l /tmp/php-fcgi.sock 
srw-rw-rw- 1 root root 0 1月   8 08:28 /tmp/php-fcgi.sock
[root@hf-01 ~]#
  1. 訪問3.php會看到正常訪問
[root@hf-01 ~]# curl -x127.0.0.1:80 test.com/3.php -I
HTTP/1.1 200 OK
Server: nginx/1.12.1
Date: Mon, 08 Jan 2018 00:30:04 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.30

[root@hf-01 ~]#

502的另外狀況

  • 就是php-fpm服務,資源耗盡,也會顯示502,這時候就須要去優化了
相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程