Discover Centmin Mod today
Register Now

Wordpress Nginx broke and won't start. Please help.

Discussion in 'Blogs & CMS usage' started by fiftycent, Jun 17, 2022.

  1. fiftycent

    fiftycent New Member

    6
    3
    3
    Jun 16, 2022
    Florida, USA
    Ratings:
    +3
    Local Time:
    6:45 PM
    Nginx 1.21.6
    MariaDB 10.3.35
    • CentOS Version: centOS 7 64bit (DigitalOcean)
    • Centmin Mod Version Installed: 124.00 stable
    • Nginx Version Installed: 1.21.6
    • PHP Version Installed: 8.0.19
    • MariaDB MySQL Version Installed: 10.3.35
    • When was last time updated Centmin Mod code base ? : Few days ago
    • Persistent Config:
      Code (Text):
      MARCH_TARGETNATIVE='n'
      LETSENCRYPT_DETECT='y'
      DUALCERTS='y'
      

      Hello, I'll try to keep this short. I've been building a Wordpress site. Yesterday, nginx was failing to start and kept throwing errors about config files (which I haven't touched). It started randomly so I took down the post. Now it won't start again. I've attached the errors below. Do I have to do a clean install and migrate the data over? I appreciate any help you can provide.
      Starting Nginx:
      Code (Text):
      Starting nginx (via systemctl):  Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
                                                                 [FAILED]
      

      journalctl -xe:
      Code (Text):
      -- 
      -- Unit nginx.service has begun starting up.
      Jun 17 12:52:42 mew nginx[2006]: Starting nginx: nginx: [emerg] duplicate location "/" in /usr/local/nginx/conf/conf.d/mew.com.conf:46
      Jun 17 12:52:42 mew systemd[1]: nginx.service: control process exited, code=exited status=1
      Jun 17 12:52:42 mew nginx[2006]: [FAILED]
      Jun 17 12:52:42 mew systemd[1]: Failed to start SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
      -- Subject: Unit nginx.service has failed
      -- Defined-By: systemd
      -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
      -- 
      -- Unit nginx.service has failed.
      -- 
      -- The result is failed.
      Jun 17 12:52:42 mew systemd[1]: Unit nginx.service entered failed state.
      Jun 17 12:52:42 mew systemd[1]: nginx.service failed.
      Jun 17 12:52:42 mew polkitd[559]: Unregistered Authentication Agent for unix-process:2000:12221 (system bus name :1.22, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
      Jun 17 12:52:42 mew polkitd[559]: Registered Authentication Agent for unix-process:2019:12237 (system bus name :1.23 [/usr/bin/pkttyagent --notify-fd 5 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale 
      Jun 17 12:52:42 mew systemd[1]: Stopping PHP FastCGI Process Manager...
      -- Subject: Unit php-fpm.service has begun shutting down
      -- Defined-By: systemd
      -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
      -- 
      -- Unit php-fpm.service has begun shutting down.
      Jun 17 12:52:42 mew systemd[1]: Stopped PHP FastCGI Process Manager.
      -- Subject: Unit php-fpm.service has finished shutting down
      -- Defined-By: systemd
      -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
      -- 
      -- Unit php-fpm.service has finished shutting down.
      Jun 17 12:52:42 mew systemd[1]: Starting PHP FastCGI Process Manager...
      -- Subject: Unit php-fpm.service has begun start-up
      -- Defined-By: systemd
      -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
      -- 
      -- Unit php-fpm.service has begun starting up.
      Jun 17 12:52:42 mew systemd[1]: Started PHP FastCGI Process Manager.
      -- Subject: Unit php-fpm.service has finished start-up
      -- Defined-By: systemd
      -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
      -- 
      -- Unit php-fpm.service has finished starting up.
      -- 
      -- The start-up result is done.
      Jun 17 12:52:42 mew polkitd[559]: Unregistered Authentication Agent for unix-process:2019:12237 (system bus name :1.23, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
      

      Code (Text):
      Jun 17 13:38:15 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=89.248.165.109 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=42768 PROTO=TCP SPT=40028 DPT=9884 WINDOW=1
      Jun 17 13:38:20 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=45.61.187.156 DST=147.182.253.158 LEN=44 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=TCP SPT=44999 DPT=5555 WINDOW=65
      Jun 17 13:38:39 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=89.248.165.109 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=34739 PROTO=TCP SPT=40028 DPT=8796 WINDOW=1
      Jun 17 13:39:33 mew kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=171.103.125.46 DST=147.182.253.158 LEN=46 TOS=0x00 PREC=0x00 TTL=48 ID=0 DF PROTO=UDP SPT=41689 DPT=8083 LEN=26 
      Jun 17 13:39:39 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=79.124.62.82 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=55058 PROTO=TCP SPT=43343 DPT=4005 WINDOW=102
      Jun 17 13:39:46 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=185.196.220.27 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=TCP SPT=49668 DPT=8443 WINDOW=6
      Jun 17 13:39:46 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=124.220.182.242 DST=147.182.253.158 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=57003 DF PROTO=TCP SPT=56660 DPT=8081 WINDO
      Jun 17 13:39:59 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=5.188.206.18 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=9471 PROTO=TCP SPT=51476 DPT=3538 WINDOW=1024
      Jun 17 13:40:01 mew systemd[1]: Started Session 15 of user root.
      -- Subject: Unit session-15.scope has finished start-up
      -- Defined-By: systemd
      -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
      -- 
      -- Unit session-15.scope has finished starting up.
      -- 
      -- The start-up result is done.
      Jun 17 13:40:01 mew CROND[23237]: (root) CMD (/usr/lib64/sa/sa1 1 1)
      Jun 17 13:40:02 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=89.248.165.109 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=35674 PROTO=TCP SPT=40028 DPT=7197 WINDOW=1
      Jun 17 13:40:13 mew polkitd[559]: Registered Authentication Agent for unix-process:23268:297281 (system bus name :1.101 [/usr/bin/pkttyagent --notify-fd 5 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, loca
      Jun 17 13:40:13 mew systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
      -- Subject: Unit nginx.service has begun start-up
      -- Defined-By: systemd
      -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
      -- 
      -- Unit nginx.service has begun starting up.
      Jun 17 13:40:13 mew nginx[23274]: Starting nginx: nginx: [emerg] duplicate location "/" in /usr/local/nginx/conf/conf.d/mew.com.conf:46
      Jun 17 13:40:13 mew nginx[23274]: [FAILED]
      Jun 17 13:40:13 mew systemd[1]: nginx.service: control process exited, code=exited status=1
      Jun 17 13:40:13 mew systemd[1]: Failed to start SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
      -- Subject: Unit nginx.service has failed
      -- Defined-By: systemd
      -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
      -- 
      -- Unit nginx.service has failed.
      -- 
      -- The result is failed.
      Jun 17 13:40:13 mew systemd[1]: Unit nginx.service entered failed state.
      Jun 17 13:40:13 mew systemd[1]: nginx.service failed.
      Jun 17 13:40:13 mew polkitd[559]: Unregistered Authentication Agent for unix-process:23268:297281 (system bus name :1.101, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
      Jun 17 13:40:18 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=89.248.165.109 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=34663 PROTO=TCP SPT=40028 DPT=3213 WINDOW=1
      Jun 17 13:40:31 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=138.201.62.183 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=33145 PROTO=TCP SPT=55589 DPT=6443 WINDOW=1
      Jun 17 13:40:41 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=193.201.9.235 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=21357 PROTO=TCP SPT=43588 DPT=5545 WINDOW=10
      Jun 17 13:40:54 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=89.248.165.109 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=33700 PROTO=TCP SPT=40028 DPT=9995 WINDOW=1
      Jun 17 13:41:13 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=193.201.9.238 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=9838 PROTO=TCP SPT=43680 DPT=5938 WINDOW=102
      Jun 17 13:41:15 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=45.143.203.95 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=31367 PROTO=TCP SPT=40406 DPT=7890 WINDOW=10
      Jun 17 13:42:07 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=79.124.62.130 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=20727 PROTO=TCP SPT=43345 DPT=17012 WINDOW=1
      Jun 17 13:42:09 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=89.248.165.109 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=32307 PROTO=TCP SPT=40028 DPT=988 WINDOW=10
      Jun 17 13:42:09 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=79.124.62.82 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=19213 PROTO=TCP SPT=43343 DPT=55553 WINDOW=10
      Jun 17 13:42:14 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=79.124.62.82 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=52646 PROTO=TCP SPT=43343 DPT=24000 WINDOW=10
      Jun 17 13:42:14 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=193.201.9.237 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=28277 PROTO=TCP SPT=43637 DPT=5734 WINDOW=10
      Jun 17 13:42:57 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=79.124.62.34 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=20370 PROTO=TCP SPT=53879 DPT=2144 WINDOW=102
      Jun 17 13:43:07 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=192.241.213.164 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=251 ID=54321 PROTO=TCP SPT=60518 DPT=2000 WINDOW=
      Jun 17 13:43:28 mew kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=96:74:d4:e9:84:b4:fe:00:00:00:01:01:08:00 SRC=193.201.9.236 DST=147.182.253.158 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=22796 PROTO=TCP SPT=43605 DPT=5625 WINDOW=10
      

      systemctl status nginx.service:
      Code (Text):
      [12:54][root@mew ~]# systemctl status nginx.service
      ‚óŹ nginx.service - SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server
         Loaded: loaded (/etc/rc.d/init.d/nginx; bad; vendor preset: disabled)
         Active: failed (Result: exit-code) since Fri 2022-06-17 12:52:42 UTC; 2min 19s ago
           Docs: man:systemd-sysv-generator(8)
        Process: 2006 ExecStart=/etc/rc.d/init.d/nginx start (code=exited, status=1/FAILURE)
      
      Jun 17 12:52:42 mew systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
      Jun 17 12:52:42 mew nginx[2006]: Starting nginx: nginx: [emerg] duplicate location "/" in /usr/local/nginx/conf/conf.d/mew.com.conf:46
      Jun 17 12:52:42 mew systemd[1]: nginx.service: control process exited, code=exited status=1
      Jun 17 12:52:42 mew nginx[2006]: [FAILED]
      Jun 17 12:52:42 mew systemd[1]: Failed to start SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
      Jun 17 12:52:42 mew systemd[1]: Unit nginx.service entered failed state.
      Jun 17 12:52:42 mew systemd[1]: nginx.service failed.
      

      nginx -t :
      Code (Text):
      nginx: [emerg] duplicate location "/" in /usr/local/nginx/conf/conf.d/mew.com.conf:46
      nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed
      



      I can't figure out what the issue is. For example, the duplicate location error. I would comment out the code and try again. Then it throws another error, and another one after I fix that. It threw errors about lines in the wpsecure conf file and php-wpsc. I've never touched these files so I don't know how something broke. The only thing I have done that I think could have possibly contributed to this was installing a WP Security plugin. I know that it modified my htaccess file, which I reverted back to the original with no success. Again I appreciate any help you can provide, this is very frustrating.
     
    Last edited: Jun 17, 2022
  2. eva2000

    eva2000 Administrator Staff Member

    48,899
    11,189
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,423
    Local Time:
    8:45 AM
    Nginx 1.21.x
    MariaDB 10.x
    clue is this your nginx vhost /usr/local/nginx/conf/conf.d/mew.com.conf has duplicate location / {} context configurations.

    You should ensure you only have one location / {} context. Centmin Mod nginx vhost created already have one configured so whatever rules you want to add should be added to the existing location / {} context rather than creating a 2nd copy of the location / {} context.
     
  3. eva2000

    eva2000 Administrator Staff Member

    48,899
    11,189
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,423
    Local Time:
    8:45 AM
    Nginx 1.21.x
    MariaDB 10.x
    Now one possible reason for duplication location / {} context that isn't your fault is if on Centmin Mod 123.09beta01 or newer i.e. 124.00stable or 130.00beta01, you may have ran into the new tools/autoprotect.sh cronjob feature outlined at Beta Branch - autoprotect.sh - apache .htaccess check & migration to nginx deny all | Centmin Mod Community Your uploaded scripts may have .htaccess deny from all type files in their directories which may need bypassing autoprotect. In this case you may have a .htaccess in web root of your site i.e. at /home/nginx/domains/yourdomain.com/public/.htaccess. And autoprotect picks that up automatically to add an entry. In that case removing the /home/nginx/domains/yourdomain.com/public/.htaccess file and re-running tools/autoprotect.sh script manually should update that.

    It's a security feature that no other nginx based stack has as far as I know :)

    So instead, all .htaccess 'deny from all' detected directories now get auto generated Nginx equivalent location match and deny all setups except if you want to manually bypass the directory from auto protection via a .autoprotect-bypass file - details below here.

    You can read a few threads below on how autoprotect.sh may have caught some folks web apps falsely and the workarounds or improvements made to autoprotect.sh with the help of users feedback and troubleshooting.
    Check if your nginx vhost at either or both /usr/local/nginx/conf/conf.d/domain.com.conf and/or /usr/local/nginx/conf/conf.d/domain.com.ssl.conf has include file for autoprotect example
    Code (Text):
    include /usr/local/nginx/conf/autoprotect/domain.com/autoprotect-domain.com.conf;
    

    see if your directory for the script which has issues is caught in an autoprotect include entry in /usr/local/nginx/conf/autoprotect/domain.com/autoprotect-domain.com.conf which has a deny all entry
    Code (Text):
    cat /usr/local/nginx/conf/autoprotect/domain.com/autoprotect-domain.com.conf
    

    i.e.
    Code (Text):
    # /home/nginx/domains/domain.com/public/subdirectory/js
    location ~* ^/subdirectory/js/ { allow 127.0.0.1; deny all; }
    

    If caught you can whitelist it by autoprotect bypass .autoprotect-bypass file - details below here. So if problem js file is at domain.com/subdirectory/js/file.js then it is likely /subdirectory/js has a .htaccess with deny all in it - make sure that directory is meant to be publicly accessible by contacting author of script and if so, you can whitelist it and re-run autoprotect script to regenerate your /usr/local/nginx/conf/autoprotect/domain.com/autoprotect-domain.com.conf include file
    Code (Text):
    cd /home/nginx/domains/domain.com/public/subdirectory/js
    touch .autoprotect-bypass
    /usr/local/src/centminmod/tools/autoprotect.sh
    nprestart
    

    it maybe you need to also whitelist /subdirectory then it would be as follows creating bypass files at /home/nginx/domains/domain.com/public/subdirectory/.autoprotect-bypass and /home/nginx/domains/domain.com/public/subdirectory/js/.autoprotect-bypass
    Code (Text):
    cd /home/nginx/domains/domain.com/public/subdirectory/
    touch .autoprotect-bypass
    cd /home/nginx/domains/domain.com/public/subdirectory/js
    touch .autoprotect-bypass
    /usr/local/src/centminmod/tools/autoprotect.sh
    nprestart
    

    then double check to see if updated /usr/local/nginx/conf/autoprotect/domain.com/autoprotect-domain.com.conf include file now doesn't show an entry for /subdirectory/js