Nginx nginx/php reinstall issue

i upgraded my nginx to latest version and php to 7.0, then back down to 5.6

---

now one of my sites are showing some php issues like cache issues & "Access denied."

I am not sure where this error is coming from PHP.. Nginx or PHP? I've reinstalled PHP, same shit happens.

 

I am on stable not BETA. No, forums and a general site (it seems like only index works)

Unable to open primary script: /home/nginx/domains/octolus.net/public/cloudflare-resolver.php (Permission denied)" while reading response header from upstream, client: 95.34.26.101, server: octolus.net, request: "GET /cloudflare-resolver HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "octolus.net", referrer: "OctolusNET - Home"

PS. The file exists there. Could it be like Selinux? I have not touched it, i just initalized git and updated base.

 

Running:
Centmin Mod 1.2.3-eva2000.08 - CentminMod.com LEMP Fully Optimized Nginx web stack for CentOS

Nvm, selinux was disabled..

---------------------------------------------
Disabling SELinux...
setenforce: SELinux is disabled

---------------------------------------------
checking /etc/selinux/config
SELINUX=disabled
---------------------------------------------

[root@ns3009754 centminmod]# ./centmin.sh

Opening /proc/modules: No such file or directory

 

Please note:
I have never touched any of those files, i reinstalled PHP and Nginx that's it. I did this from the latest git branch, or whatever it's called. Once i did that, the entire server started acting weird, i reinstalled it third time and my forums seems fine. However now my non-forum seems to be messed up, returning Access Denied.

 

Ah okay.

This must've happen after re-installing nginx then?

The installer is not setting permissions or so?

 

I set it now, however even the index.php returns access denied now

 

I've never had this issue before uploading with sFTP. However even now it doesnt work, after chown

 

2016/04/03 19:20:16 [error] 2846#2846: *276410 FastCGI sent in stderr: "PHP message: PHP Warning: Unknown: open_basedir restriction in effect. File(/home/nginx/domains/octolus.net/public/index.php) is not within the allowed path(s): (/home/nginx/domains/paragonmodding.com/public/:/usr/local/lib/php/:/tmp/) in Unknown on line 0
PHP message: PHP Warning: Unknown: failed to open stream: Operation not permitted in Unknown on line 0
Unable to open primary script: /home/nginx/domains/octolus.net/public/index.php (Permission denied)" while reading response header from upstream, client: 95.34.26.101, server: octolus.net, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "octolus.net"

 

I have no shell_exec in that file, or any other files so that's weird.

Edit: Seems to be working fine, for now. I changed a old php conf to new one, since i had two php.conf and one was outdated. Restarted PHP + Nginx and seems to be fine now.

 

Code:

location ~ \.php$ {
    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_pass   127.0.0.1:9000;
    #fastcgi_pass   unix:/tmp/php5-fpm.sock;
    fastcgi_index  index.php;
    #fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    fastcgi_param  SCRIPT_FILENAME    $request_filename;
    #fastcgi_param PHP_ADMIN_VALUE open_basedir=$document_root/:/usr/local/lib/php/:/tmp/;

# might shave 200+ ms off PHP requests
# which don't pass on a content length header
# slightly faster page response time at the
# expense of throughput / scalability
#sendfile on;
#tcp_nopush off;
#keepalive_requests 0;

fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 512k;
fastcgi_buffers 512 16k;
fastcgi_busy_buffers_size 1m;
fastcgi_temp_file_write_size 4m;
fastcgi_max_temp_file_size 4m;
fastcgi_intercept_errors on;

# next 3 lines when uncommented / enabled
# allow Nginx to handle uploads which then
# passes back the completed upload to PHP
#fastcgi_pass_request_body off;
#client_body_in_file_only clean;
#fastcgi_param  REQUEST_BODY_FILE  $request_body_file;

#new .04+ map method
fastcgi_param HTTPS $server_https;

# comment out PATH_TRANSLATED line if /usr/local/lib/php.ini sets following:
# cgi.fix_pathinfo=0
# as of centminmod v1.2.3-eva2000.01 default is set to cgi.fix_pathinfo=1

fastcgi_param  PATH_INFO          $fastcgi_path_info;
fastcgi_param  PATH_TRANSLATED    $document_root$fastcgi_path_info;

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REQUEST_SCHEME     $scheme;
fastcgi_param  HTTPS              $https if_not_empty;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# Set php-fpm geoip variables
fastcgi_param GEOIP_COUNTRY_CODE $geoip_country_code;
fastcgi_param GEOIP_COUNTRY_CODE3 $geoip_country_code3;
fastcgi_param GEOIP_COUNTRY_NAME $geoip_country_name;
fastcgi_param GEOIP_CITY_COUNTRY_CODE $geoip_city_country_code;
fastcgi_param GEOIP_CITY_COUNTRY_CODE3 $geoip_city_country_code3;
fastcgi_param GEOIP_CITY_COUNTRY_NAME $geoip_city_country_name;
fastcgi_param GEOIP_REGION $geoip_region;
fastcgi_param GEOIP_CITY $geoip_city;
fastcgi_param GEOIP_POSTAL_CODE $geoip_postal_code;
fastcgi_param GEOIP_CITY_CONTINENT_CODE $geoip_city_continent_code;
fastcgi_param GEOIP_LATITUDE $geoip_latitude;
fastcgi_param GEOIP_LONGITUDE $geoip_longitude;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

                   }

drop.conf

Code:

       location = /robots.txt  { access_log off; log_not_found off; }
        location = /favicon.ico { access_log off; log_not_found off; expires 30d; }
        location ~ /\.          { access_log off; log_not_found off; deny all; }
        location ~ ~$           { access_log off; log_not_found off; deny all; }
        location ~ /\.git { access_log off; log_not_found off; deny all; }
        # for security see https://community.centminmod.com/posts/17234/
        location ~* \.(bak|php~|php#|php.save|php.swp|php.swo)$ { return 444; }