我有几个WordPress网站,全部具有相同的配置 - 仅与user和不同domain,但仅针对新创建的虚拟主机得到 403:
# cat barelef-art.kiev.ua.conf
server {
server_name barelef-art.kiev.ua;
access_log /var/log/nginx/barelef-art.kiev.ua-access.log;
error_log /var/log/nginx/barelef-art.kiev.ua-error.log;
root /var/www/vhosts/barelef_art/barelef-art.kiev.ua;
location / {
index index.php;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9012;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/vhosts/barelef_art/barelef-art.kiev.ua$fastcgi_script_name;
}
}
还有一些网站的类似 php-fpm 配置:
# cat barelef-art.kiev.ua.conf
[barelef-art.kiev.ua]
listen = 127.0.0.1:9012
listen.allowed_clients = 127.0.0.1
user = barelef_art
group = barelef_art
pm = dynamic
pm.max_children = 20
pm.start_servers = 1
pm.min_spare_servers = 1
pm.max_spare_servers = 1
pm.max_requests = 50
slowlog = /var/log/nginx/barelef-art.kiev.ua-slow.log
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f [email protected]
;php_flag[display_errors] = off
php_admin_value[error_log] = /var/log/nginx/barelef-art.kiev.ua-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M
; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_admin_value[session.save_path] = /var/lib/php/session/barelef_art
用户存在:
# id barelef_art
uid=523(barelef_art) gid=523(barelef_art) groups=523(barelef_art)
并且虚拟主机目录具有正确的所有者:
# ls -l /var/www/vhosts/barelef_art/barelef-art.kiev.ua/
total 192
-rw-r--r-- 1 barelef_art barelef_art 418 Dec 11 18:59 index.php
-rw-r--r-- 1 barelef_art barelef_art 19930 Dec 11 18:59 license.txt
-rw-r--r-- 1 barelef_art barelef_art 10691 Dec 11 18:59 readme.html
-rw-r--r-- 1 barelef_art barelef_art 4951 Dec 11 18:59 wp-activate.php
...
drwxr-xr-x 12 barelef_art barelef_art 4096 Dec 11 18:59 wp-includes
...
# ls -l /var/lib/php/session/
total 328
drwxr-xr-x 2 barelef_art barelef_art 4096 Dec 11 19:06 barelef_art
但是当我尝试打开index.php时 - 我进入日志:
2014/12/11 20:39:18 [error] 13839#0: *133 "/var/www/vhosts/barelef_art/barelef-art.kiev.ua/index.php" is forbidden (13: Permission denied), client: 37.***.***.56, server: barelef-art.kiev.ua, request: "GET / HTTP/1
.1", host: "barelef-art.kiev.ua"
我做错了什么?
再次 - 相同的配置文件用于少数具有相同 CMS 的网站,并且它们可以工作。其中之一是我今天早上添加的。晚上 - 添加了这个新的 - 它不起作用......似乎 - 我错过了一些东西,但是 - 无法理解什么和在哪里。
中央操作系统6.6、nginx1.6.2.
UPD
添加索引.html并直接打开它http://barelef-art.kiev.ua/index.html还返回 403;
ps返回正确的用户PHP-FPM过程:
# ps -eo user:$(cut -d: -f1 /etc/passwd | wc -L),pid,ppid,c,stime,tname,time,cmd | grep "php-fpm.*barelef" | grep -v grep
barelef_art 14883 14868 0 21:33 ? 00:00:00 php-fpm: pool barelef-art.kiev.ua
# lsof -p 14883 | head
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
php-fpm 14883 barelef_art cwd DIR 253,0 4096 2 /
php-fpm 14883 barelef_art rtd DIR 253,0 4096 2 /
php-fpm 14883 barelef_art txt REG 253,0 3309952 1051669 /usr/sbin/php-fpm
php-fpm 14883 barelef_art mem REG 253,0 65928 1709260 /lib64/libnss_files-2.12.so
php-fpm 14883 barelef_art mem REG 253,0 83088 1179907 /usr/lib64/php/modules/zip.so
但似乎更多的是NGINX问题...
答案1
/var/www/vhosts/barelef_art/barelef-art.kiev.ua/检查目录&的权限/var/www/vhosts/barelef_art/。
当 Nginx 或 Apache 中出现禁止错误时,始终值得您备份目录树,以确保 Web 服务器可以在每个级别进行访问。