Get the most out of your Centmin Mod LEMP stack
Become a Member

Letsencrypt SSL Where is Nginx vhost stored?

Discussion in 'Domains, DNS, Email & SSL Certificates' started by elargento, Apr 3, 2017.

  1. elargento

    elargento Member

    284
    16
    18
    Jan 4, 2016
    Ratings:
    +37
    Local Time:
    1:30 AM
    10
    Hi everybody,

    I already run 2 and then 22 in order to create a Wordpress site. However I noticed I can't use Letsencrypt since acmetool.sh already creates a Nginx vhost. I think the next step would be to delete the Nginx vhost in order to run acmetool.sh so where is it being stored?

    Thank you
     
  2. eva2000

    eva2000 Administrator Staff Member

    29,016
    6,585
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,775
    Local Time:
    2:30 PM
    Nginx 1.13.x
    MariaDB 5.5
    Config layout Centmin Mod Configuration Files - CentminMod.com LEMP Nginx web stack for CentOS

    and read Nginx Vhost & NSD DNS Setup - CentminMod.com LEMP Nginx web stack for CentOS

    what are you trying to ? use acmetool.sh for existing vhost ? if so see 1st post linked guide at https://centminmod.com/acmetool for migrating to HTTPS with existing nginx vhost

     
  3. elargento

    elargento Member

    284
    16
    18
    Jan 4, 2016
    Ratings:
    +37
    Local Time:
    1:30 AM
    10
    No idea what I'm doing wrong. I just want to enable https using letsencrypt. My site loads fine but on http, if I try to enter to https I get the following error:
    NET::ERR_CERT_AUTHORITY_INVALID

    I've done the steps in Migrating Existing Nginx Vhost From HTTP to HTTP/2 based HTTPS With Letsencrypt SSL Certificates but still not working.
     
  4. eva2000

    eva2000 Administrator Staff Member

    29,016
    6,585
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,775
    Local Time:
    2:30 PM
    Nginx 1.13.x
    MariaDB 5.5
    contents of your /usr/local/nginx/conf/conf.d/yourdomain.com.ssl.conf nginx vhost ?

    for posting code you might want to use CODE tags for code How to use forum BBCODE code tags :)
     
  5. elargento

    elargento Member

    284
    16
    18
    Jan 4, 2016
    Ratings:
    +37
    Local Time:
    1:30 AM
    10
    Here you have:
    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    # For SPDY SSL Setup
    # read http://centminmod.com/nginx_configure_https_ssl_spdy.html
    
    # redirect from www to non-www  forced SSL
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    # server {
    #   server_name domain.com www.domain.com;
    #    return 302 https://$server_name$request_uri;
    # }
    
    server {
      listen 443 ssl http2;
      server_name domain.com www.domain.com;
    
      ssl_dhparam /usr/local/nginx/conf/ssl/domain.com/dhparam.pem;
      ssl_certificate      /usr/local/nginx/conf/ssl/domain.com/domain.com-acme.cer;
      ssl_certificate_key  /usr/local/nginx/conf/ssl/domain.com/domain.com-acme.key;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      http2_max_field_size 16k;
      http2_max_header_size 32k;
      # mozilla recommended
      ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+ECDSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+SHA384:EECDH+AES128:!aNULL:!eNULL:!LOW:!3D$
      ssl_prefer_server_ciphers   on;
      #add_header Alternate-Protocol  443:npn-spdy/3;
    
      # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header X-Frame-Options SAMEORIGIN;
      #add_header X-Xss-Protection "1; mode=block" always;
      #add_header X-Content-Type-Options "nosniff" always;
      #spdy_headers_comp 5;
      ssl_buffer_size 1369;
      ssl_session_tickets on;
    
      # enable ocsp stapling
      #resolver 8.8.8.8 8.8.4.4 valid=10m;
      #resolver_timeout 10s;
      #ssl_stapling on;
      #ssl_stapling_verify on;
     ssl_trusted_certificate /usr/local/nginx/conf/ssl/domain.com/domain.com-acme.cer;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    # mozilla recommended
      ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+ECDSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+SHA384:EECDH+AES128:!aNULL:!eNULL:!LOW:!3D$
      ssl_prefer_server_ciphers   on;
      #add_header Alternate-Protocol  443:npn-spdy/3;
    
      # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header X-Frame-Options SAMEORIGIN;
      #add_header X-Xss-Protection "1; mode=block" always;
      #add_header X-Content-Type-Options "nosniff" always;
      #spdy_headers_comp 5;
      ssl_buffer_size 1369;
      ssl_session_tickets on;
    
      # enable ocsp stapling
      #resolver 8.8.8.8 8.8.4.4 valid=10m;
      #resolver_timeout 10s;
      #ssl_stapling on;
      #ssl_stapling_verify on;
     ssl_trusted_certificate /usr/local/nginx/conf/ssl/domain.com/domain.com-acme.cer;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      #add_header X-Frame-Options SAMEORIGIN;
      #add_header X-Xss-Protection "1; mode=block" always;
      #add_header X-Content-Type-Options "nosniff" always;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/domain.com/log/access.log main_ext buffer=256k flush=60m;
      error_log /home/nginx/domains/domain.com/log/error.log;
    
      include /usr/local/nginx/conf/autoprotect/domain.com/autoprotect-domain.com.conf;
      root /home/nginx/domains/domain.com/public;
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
      include /usr/local/nginx/conf/503include-main.conf;
    
      include /usr/local/nginx/conf/wpincludes/domain.com/wpcacheenabler_domain.com.conf;
      #include /usr/local/nginx/conf/wpincludes/domain.com/wpsupercache_domain.com.conf;
      # https://community.centminmod.com/posts/18828/
      #include /usr/local/nginx/conf/wpincludes/domain.com/rediscache_domain.com.conf;
    
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      #add_header X-Frame-Options SAMEORIGIN;
      #add_header X-Xss-Protection "1; mode=block" always;
      #add_header X-Content-Type-Options "nosniff" always;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/domain.com/log/access.log main_ext buffer=256k flush=60m;
      error_log /home/nginx/domains/domain.com/log/error.log;
    
      include /usr/local/nginx/conf/autoprotect/domain.com/autoprotect-domain.com.conf;
      root /home/nginx/domains/domain.com/public;
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
      include /usr/local/nginx/conf/503include-main.conf;
    
      include /usr/local/nginx/conf/wpincludes/domain.com/wpcacheenabler_domain.com.conf;
      #include /usr/local/nginx/conf/wpincludes/domain.com/wpsupercache_domain.com.conf;
      # https://community.centminmod.com/posts/18828/
      #include /usr/local/nginx/conf/wpincludes/domain.com/rediscache_domain.com.conf;
    
      location / {
      include /usr/local/nginx/conf/503include-only.conf;
    
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # for wordpress super cache plugin
      #try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args;
    
      # for wp cache enabler plugin
      try_files $cache_enabler_uri $uri $uri/ $custom_subdir/index.php?$args;
    
      # Wordpress Permalinks
      #try_files $uri $uri/ /index.php?q=$uri&$args;
    
      # Nginx level redis Wordpress
      # https://community.centminmod.com/posts/18828/
      #try_files $uri $uri/ /index.php?$args;
    
      }
    
    location ~* /(wp-login\.php) {
      location / {
      include /usr/local/nginx/conf/503include-only.conf;
    
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # for wordpress super cache plugin
      #try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args;
    
      # for wp cache enabler plugin
      try_files $cache_enabler_uri $uri $uri/ $custom_subdir/index.php?$args;
    
      # Wordpress Permalinks
      #try_files $uri $uri/ /index.php?q=$uri&$args;
    
      # Nginx level redis Wordpress
      # https://community.centminmod.com/posts/18828/
      #try_files $uri $uri/ /index.php?$args;
    
      }
    
    location ~* /(wp-login\.php) {
        limit_req zone=xwplogin burst=1 nodelay;
        #limit_conn xwpconlimit 30;
        auth_basic "Private";
        auth_basic_user_file /home/nginx/domains/domain.com/htpasswd_wplogin;
        include /usr/local/nginx/conf/php-wpsc.conf;
        # https://community.centminmod.com/posts/18828/
        #include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
    location ~* /(xmlrpc\.php) {
        limit_req zone=xwprpc burst=45 nodelay;
        #limit_conn xwpconlimit 30;
        include /usr/local/nginx/conf/php-wpsc.conf;
        # https://community.centminmod.com/posts/18828/
        #include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
      include /usr/local/nginx/conf/wpincludes/domain.com/wpsecure_domain.com.conf;
      include /usr/local/nginx/conf/php-wpsc.conf;
      # https://community.centminmod.com/posts/18828/
      #include /usr/local/nginx/conf/php-rediscache.conf;
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
        #limit_conn xwpconlimit 30;
        auth_basic "Private";
        auth_basic_user_file /home/nginx/domains/domain.com/htpasswd_wplogin;
        include /usr/local/nginx/conf/php-wpsc.conf;
        # https://community.centminmod.com/posts/18828/
        #include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
    location ~* /(xmlrpc\.php) {
        limit_req zone=xwprpc burst=45 nodelay;
        #limit_conn xwpconlimit 30;
        include /usr/local/nginx/conf/php-wpsc.conf;
        # https://community.centminmod.com/posts/18828/
        #include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
      include /usr/local/nginx/conf/wpincludes/domain.com/wpsecure_domain.com.conf;
      include /usr/local/nginx/conf/php-wpsc.conf;
      # https://community.centminmod.com/posts/18828/
      #include /usr/local/nginx/conf/php-rediscache.conf;
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    
    
    Thanks for your help :)
     
  6. eva2000

    eva2000 Administrator Staff Member

    29,016
    6,585
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,775
    Local Time:
    2:30 PM
    Nginx 1.13.x
    MariaDB 5.5
    you totally messed up a duplicated sections of your domain.com.ssl.conf vhost file

    use vhost generator at Generate Centmin Mod Nginx Vhost - CentminMod.com LEMP Nginx web stack for CentOS select https with wordpress basic config to get an idea of the placement

    something like
    Code (Text):
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    # For SPDY SSL Setup
    # read http://centminmod.com/nginx_configure_https_ssl_spdy.html
    
    # redirect from www to non-www  forced SSL
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    # server {
    #   server_name domain.com www.domain.com;
    #    return 302 https://$server_name$request_uri;
    # }
    
    server {
      listen 443 ssl http2;
      server_name domain.com www.domain.com;
    
      ssl_dhparam /usr/local/nginx/conf/ssl/domain.com/dhparam.pem;
      ssl_certificate      /usr/local/nginx/conf/ssl/domain.com/domain.com-acme.cer;
      ssl_certificate_key  /usr/local/nginx/conf/ssl/domain.com/domain.com-acme.key;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      http2_max_field_size 16k;
      http2_max_header_size 32k;
      # mozilla recommended
      ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+ECDSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+SHA384:EECDH+AES128:!aNULL:!eNULL:!LOW:!3D$
      ssl_prefer_server_ciphers   on;
      #add_header Alternate-Protocol  443:npn-spdy/3;
    
      # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header X-Frame-Options SAMEORIGIN;
      #add_header X-Xss-Protection "1; mode=block" always;
      #add_header X-Content-Type-Options "nosniff" always;
      #spdy_headers_comp 5;
      ssl_buffer_size 1369;
      ssl_session_tickets on;
    
      # enable ocsp stapling
      #resolver 8.8.8.8 8.8.4.4 valid=10m;
      #resolver_timeout 10s;
      #ssl_stapling on;
      #ssl_stapling_verify on;
     ssl_trusted_certificate /usr/local/nginx/conf/ssl/domain.com/domain.com-acme.cer;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/domain.com/log/access.log main_ext buffer=256k flush=60m;
      error_log /home/nginx/domains/domain.com/log/error.log;
    
      include /usr/local/nginx/conf/autoprotect/domain.com/autoprotect-domain.com.conf;
      root /home/nginx/domains/domain.com/public;
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
      include /usr/local/nginx/conf/503include-main.conf;
    
      include /usr/local/nginx/conf/wpincludes/domain.com/wpcacheenabler_domain.com.conf;
      #include /usr/local/nginx/conf/wpincludes/domain.com/wpsupercache_domain.com.conf;
      # https://community.centminmod.com/posts/18828/
      #include /usr/local/nginx/conf/wpincludes/domain.com/rediscache_domain.com.conf;
    
      location / {
      include /usr/local/nginx/conf/503include-only.conf;
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # for wordpress super cache plugin
      #try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args;
    
      # for wp cache enabler plugin
      try_files $cache_enabler_uri $uri $uri/ $custom_subdir/index.php?$args;
    
      # Wordpress Permalinks
      #try_files $uri $uri/ /index.php?q=$uri&$args;
    
      # Nginx level redis Wordpress
      # https://community.centminmod.com/posts/18828/
      #try_files $uri $uri/ /index.php?$args;
    
      }
    
    location ~* /(wp-login\.php) {
        limit_req zone=xwplogin burst=1 nodelay;
        #limit_conn xwpconlimit 30;
        auth_basic "Private";
        auth_basic_user_file /home/nginx/domains/domain.com/htpasswd_wplogin;
        include /usr/local/nginx/conf/php-wpsc.conf;
        # https://community.centminmod.com/posts/18828/
        #include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
    location ~* /(xmlrpc\.php) {
        limit_req zone=xwprpc burst=45 nodelay;
        #limit_conn xwpconlimit 30;
        include /usr/local/nginx/conf/php-wpsc.conf;
        # https://community.centminmod.com/posts/18828/
        #include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
      include /usr/local/nginx/conf/wpincludes/domain.com/wpsecure_domain.com.conf;
      include /usr/local/nginx/conf/php-wpsc.conf;
      # https://community.centminmod.com/posts/18828/
      #include /usr/local/nginx/conf/php-rediscache.conf;
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    
    }
    


    compared messed up one with above one i posted to get an idea what's what
     
  7. elargento

    elargento Member

    284
    16
    18
    Jan 4, 2016
    Ratings:
    +37
    Local Time:
    1:30 AM
    10
    My God..I got confused with too many steps. HTTPS is working fine now, thank you!
     
    • Like Like x 1
  8. elargento

    elargento Member

    284
    16
    18
    Jan 4, 2016
    Ratings:
    +37
    Local Time:
    1:30 AM
    10
    Just received an email saying Restarting nginx (via systemctl): Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.

    This is the output of journalctl -xe:
    Code:
    Apr 03 16:04:28 hostname.domain.com systemd[1]: Failed to start SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    -- Subject: Unit nginx.service has failed
    -- Defined-By: systemd
    -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
    --
    -- Unit nginx.service has failed.
    --
    -- The result is failed.
    Apr 03 16:04:28 hostname.domain.com systemd[1]: Unit nginx.service entered failed state.
    Apr 03 16:04:28 hostname.domain.com systemd[1]: nginx.service failed.
    Apr 03 16:04:29 hostname.domain.com postfix/pickup[26408]: B084D5F885: uid=0 from=<lu9fcb@gmail.com>
    Apr 03 16:04:29 hostname.domain.com postfix/cleanup[27113]: B084D5F885: message-id=<58e2728d.GHIPiL5GqyP42h78%lu9fcb@gmail.com>
    Apr 03 16:04:29 hostname.domain.com postfix/qmgr[25937]: B084D5F885: from=<lu9fcb@gmail.com>, size=1571, nrcpt=1 (queue active)
    Apr 03 16:04:29 hostname.domain.com postfix/smtp[27115]: connect to gmail-smtp-in.l.google.com[2607:f8b0:4001:c02::1a]:25: Network is unreachable
    Apr 03 16:04:30 hostname.domain.com postfix/smtp[27115]: Trusted TLS connection established to gmail-smtp-in.l.google.com[74.125.70.26]:25: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (
    Apr 03 16:04:30 hostname.domain.com postfix/smtp[27115]: B084D5F885: to=<lu9fcb@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.70.26]:25, delay=0.92, delays=0.02/0.03/0.58/0.29, dsn=2.
    Apr 03 16:04:30 hostname.domain.com postfix/qmgr[25937]: B084D5F885: removed
    Apr 03 16:05:01 hostname.domain.com systemd[1]: Started Session 1518 of user root.
    -- Subject: Unit session-1518.scope has finished start-up
    -- Defined-By: systemd
    -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
    --
    -- Unit session-1518.scope has finished starting up.
    --
    -- The start-up result is done.
    Apr 03 16:05:01 hostname.domain.com systemd[1]: Starting Session 1518 of user root.
    -- Subject: Unit session-1518.scope has begun start-up
    -- Defined-By: systemd
    -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
    --
    -- Unit session-1518.scope has begun starting up.
    Apr 03 16:05:01 hostname.domain.com CROND[27117]: (root) CMD (/usr/lib64/sa/sa1 1 1)
    Apr 03 16:08:44 hostname.domain.com kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=fa:16:3e:de:64:5d:96:17:c9:e4:f6:9c:08:00 SRC=69.94.157.5 DST=158.69.215.142 LEN=40 TOS=0x00 PREC=0x0
    Apr 03 16:09:17 hostname.domain.com kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=fa:16:3e:de:64:5d:96:17:c9:e4:f6:9c:08:00 SRC=216.218.206.97 DST=158.69.215.142 LEN=40 TOS=0x00 PREC=
    Apr 03 16:09:56 hostname.domain.com kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=fa:16:3e:de:64:5d:96:17:c9:e4:f6:9c:08:00 SRC=151.242.156.153 DST=158.69.215.142 LEN=40 TOS=0x00 PREC
    Apr 03 16:10:01 hostname.domain.com systemd[1]: Started Session 1519 of user root.
    -- Subject: Unit session-1519.scope has finished start-up
    -- Defined-By: systemd
    -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
    --
    -- Unit session-1519.scope has finished starting up.
    --
    -- The start-up result is done.
    Apr 03 16:10:01 hostname.domain.com systemd[1]: Starting Session 1519 of user root.
    -- Subject: Unit session-1519.scope has begun start-up
    -- Defined-By: systemd
    -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
    --
    -- Unit session-1519.scope has begun starting up.
    Apr 03 16:10:01 hostname.domain.com CROND[27140]: (root) CMD (/usr/lib64/sa/sa1 1 1)
    Apr 03 16:10:08 hostname.domain.com kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=fa:16:3e:de:64:5d:96:17:c9:e4:f6:9c:08:00 SRC=121.22.19.213 DST=158.69.215.142 LEN=40 TOS=0x00 PREC=0
    lines 2210-2260/2260 (END)
    
     
  9. elargento

    elargento Member

    284
    16
    18
    Jan 4, 2016
    Ratings:
    +37
    Local Time:
    1:30 AM
    10
    Humm now the entire site is down, no way to load it. Any suggestion?
     
  10. eva2000

    eva2000 Administrator Staff Member

    29,016
    6,585
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,775
    Local Time:
    2:30 PM
    Nginx 1.13.x
    MariaDB 5.5
    output for
    Code (Text):
    nginx -t
    

    and
    Code (Text):
    journalctl -u nginx --no-pager
    

    See FAQ items 40 & 41 for details and clues to see if your own ISP ip is being blocked i.e. first check to see if your ISP ip is being blocked
    Code (Text):
    csf -g IPADDRESS
    
     
  11. elargento

    elargento Member

    284
    16
    18
    Jan 4, 2016
    Ratings:
    +37
    Local Time:
    1:30 AM
    10
    Code:
    [04:49][root@hostname.domain.com conf]# nginx -t
    nginx: [warn] conflicting server name "http2.domain.com" on 0.0.0.0:80, ignored
    nginx: [warn] conflicting server name "www.http2.domain.com" on 0.0.0.0:80, ignored
    nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
    
    Code:
    [04:55][root@hostname.domain.com conf]# journalctl -u nginx --no-pager
    -- Logs begin at Sun 2017-03-26 16:04:15 UTC, end at Tue 2017-04-04 04:55:01 UTC. --
    Mar 26 19:09:03 vps123912.vps.ovh.ca systemd[1]: Unit nginx.service cannot be reloaded because it is inactive.
    Mar 26 19:10:59 vps123912.vps.ovh.ca systemd[1]: Unit nginx.service cannot be reloaded because it is inactive.
    Mar 26 19:12:21 vps123912.vps.ovh.ca systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Mar 26 19:12:21 vps123912.vps.ovh.ca nginx[26966]: Starting nginx: [  OK  ]
    Mar 26 19:12:21 vps123912.vps.ovh.ca systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Mar 26 19:51:12 hostname.domain.com systemd[1]: Stopping SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Mar 26 19:51:12 hostname.domain.com nginx[29788]: Stopping nginx: [  OK  ]
    Mar 26 19:51:12 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Mar 26 19:51:12 hostname.domain.com nginx[29797]: Starting nginx: nginx: [emerg] open() "/usr/local/nginx/conf/autoprotect/domain/autoprotect-domain.conf" failed (2: No such file or directory) in /usr/local/nginx/conf/conf.d/domain.conf:32
    Mar 26 19:51:12 hostname.domain.com nginx[29797]: [FAILED]
    Mar 26 19:51:12 hostname.domain.com systemd[1]: nginx.service: control process exited, code=exited status=1
    Mar 26 19:51:12 hostname.domain.com systemd[1]: Failed to start SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Mar 26 19:51:12 hostname.domain.com systemd[1]: Unit nginx.service entered failed state.
    Mar 26 19:51:12 hostname.domain.com systemd[1]: nginx.service failed.
    Mar 26 19:51:16 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Mar 26 19:51:16 hostname.domain.com nginx[29838]: Starting nginx: [  OK  ]
    Mar 26 19:51:16 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Mar 26 19:51:16 hostname.domain.com nginx[29870]: nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    Mar 26 19:51:16 hostname.domain.com nginx[29870]: nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
    Mar 26 19:51:17 hostname.domain.com systemd[1]: Reloaded SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Mar 26 19:51:17 hostname.domain.com nginx[29870]: Reloading nginx: [  OK  ]
    Mar 26 23:11:05 hostname.domain.com systemd[1]: Stopping SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Mar 26 23:11:05 hostname.domain.com nginx[31368]: Stopping nginx: [  OK  ]
    Mar 26 23:11:05 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Mar 26 23:11:05 hostname.domain.com nginx[31377]: Starting nginx: [  OK  ]
    Mar 26 23:11:05 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Mar 27 01:47:39 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Mar 27 01:47:39 hostname.domain.com nginx[13899]: Starting nginx: [  OK  ]
    Mar 27 01:47:39 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Mar 27 01:55:26 hostname.domain.com systemd[1]: Stopping SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Mar 27 01:55:26 hostname.domain.com nginx[15170]: Stopping nginx: [  OK  ]
    Mar 27 01:55:26 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Mar 27 01:55:26 hostname.domain.com nginx[15179]: Starting nginx: nginx: [emerg] open() "/usr/local/nginx/conf/autoprotect/domain.com/autoprotect-domain.com.conf" failed (2: No such file or directory) in /usr/local/nginx/conf/conf.d/domain.com.conf:32
    Mar 27 01:55:26 hostname.domain.com nginx[15179]: [FAILED]
    Mar 27 01:55:26 hostname.domain.com systemd[1]: nginx.service: control process exited, code=exited status=1
    Mar 27 01:55:26 hostname.domain.com systemd[1]: Failed to start SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Mar 27 01:55:26 hostname.domain.com systemd[1]: Unit nginx.service entered failed state.
    Mar 27 01:55:26 hostname.domain.com systemd[1]: nginx.service failed.
    Mar 27 01:55:30 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Mar 27 01:55:31 hostname.domain.com nginx[15242]: Starting nginx: [  OK  ]
    Mar 27 01:55:31 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Mar 27 01:55:31 hostname.domain.com nginx[15274]: nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    Mar 27 01:55:31 hostname.domain.com nginx[15274]: nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
    Mar 27 01:55:31 hostname.domain.com nginx[15274]: Reloading nginx: [  OK  ]
    Mar 27 01:55:31 hostname.domain.com systemd[1]: Reloaded SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 02 22:10:25 hostname.domain.com systemd[1]: Stopping SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 02 22:10:25 hostname.domain.com nginx[5151]: Stopping nginx: [  OK  ]
    Apr 02 22:10:25 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 02 22:10:26 hostname.domain.com nginx[5160]: Starting nginx: [  OK  ]
    Apr 02 22:10:26 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 02 23:55:54 hostname.domain.com systemd[1]: Stopping SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 02 23:55:54 hostname.domain.com nginx[6602]: Stopping nginx: [  OK  ]
    Apr 02 23:55:54 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 02 23:55:54 hostname.domain.com nginx[6610]: Starting nginx: nginx: [emerg] open() "/usr/local/nginx/conf/autoprotect/argentinosenaustralia.com/autoprotect-argentinosenaustralia.com.conf" failed (2: No such file or directory) in /usr/local/nginx/conf/conf.d/argentinosenaustralia.com.conf:32
    Apr 02 23:55:54 hostname.domain.com nginx[6610]: [FAILED]
    Apr 02 23:55:54 hostname.domain.com systemd[1]: nginx.service: control process exited, code=exited status=1
    Apr 02 23:55:54 hostname.domain.com systemd[1]: Failed to start SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 02 23:55:54 hostname.domain.com systemd[1]: Unit nginx.service entered failed state.
    Apr 02 23:55:54 hostname.domain.com systemd[1]: nginx.service failed.
    Apr 02 23:55:58 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 02 23:55:58 hostname.domain.com nginx[6699]: Starting nginx: [  OK  ]
    Apr 02 23:55:58 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 02 23:55:59 hostname.domain.com nginx[6731]: nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    Apr 02 23:55:59 hostname.domain.com nginx[6731]: nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
    Apr 02 23:55:59 hostname.domain.com systemd[1]: Reloaded SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 02 23:55:59 hostname.domain.com nginx[6731]: Reloading nginx: [  OK  ]
    Apr 03 00:04:28 hostname.domain.com systemd[1]: Stopping SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 00:04:28 hostname.domain.com nginx[7046]: Stopping nginx: [  OK  ]
    Apr 03 00:04:28 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 00:04:28 hostname.domain.com nginx[7055]: Starting nginx: [  OK  ]
    Apr 03 00:04:28 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 03 00:11:05 hostname.domain.com systemd[1]: Stopping SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 00:11:05 hostname.domain.com nginx[8527]: Stopping nginx: [  OK  ]
    Apr 03 00:11:05 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 00:11:06 hostname.domain.com nginx[8536]: Starting nginx: [  OK  ]
    Apr 03 00:11:06 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 03 01:14:01 hostname.domain.com systemd[1]: Stopping SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 01:14:01 hostname.domain.com nginx[6125]: Stopping nginx: [  OK  ]
    Apr 03 01:14:01 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 01:14:01 hostname.domain.com nginx[6134]: Starting nginx: [  OK  ]
    Apr 03 01:14:01 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 03 01:19:15 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 01:19:16 hostname.domain.com nginx[14516]: Starting nginx: [  OK  ]
    Apr 03 01:19:16 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 03 01:41:08 hostname.domain.com systemd[1]: Stopping SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 01:41:08 hostname.domain.com nginx[15674]: Stopping nginx: [  OK  ]
    Apr 03 01:41:08 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 01:41:08 hostname.domain.com nginx[15683]: Starting nginx: nginx: [emerg] open() "/usr/local/nginx/conf/autoprotect/http2.argentinosenaustralia.com/autoprotect-http2.argentinosenaustralia.com.conf" failed (2: No such file or directory) in /usr/local/nginx/conf/conf.d/http2.argentinosenaustralia.com.conf:32
    Apr 03 01:41:08 hostname.domain.com nginx[15683]: [FAILED]
    Apr 03 01:41:08 hostname.domain.com systemd[1]: nginx.service: control process exited, code=exited status=1
    Apr 03 01:41:08 hostname.domain.com systemd[1]: Failed to start SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 03 01:41:08 hostname.domain.com systemd[1]: Unit nginx.service entered failed state.
    Apr 03 01:41:08 hostname.domain.com systemd[1]: nginx.service failed.
    Apr 03 01:41:13 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 01:41:13 hostname.domain.com nginx[15865]: Starting nginx: nginx: [warn] conflicting server name "http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 01:41:13 hostname.domain.com nginx[15865]: nginx: [warn] conflicting server name "www.http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 01:41:13 hostname.domain.com nginx[15865]: [  OK  ]
    Apr 03 01:41:13 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 03 01:41:13 hostname.domain.com systemd[1]: Stopping SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 01:41:13 hostname.domain.com nginx[15897]: Stopping nginx: [  OK  ]
    Apr 03 01:41:13 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 01:41:13 hostname.domain.com nginx[15906]: Starting nginx: nginx: [warn] conflicting server name "http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 01:41:13 hostname.domain.com nginx[15906]: nginx: [warn] conflicting server name "www.http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 01:41:13 hostname.domain.com nginx[15906]: [  OK  ]
    Apr 03 01:41:13 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 03 01:41:13 hostname.domain.com systemd[1]: Stopping SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 01:41:13 hostname.domain.com nginx[15997]: Stopping nginx: [  OK  ]
    Apr 03 01:41:13 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 01:41:13 hostname.domain.com nginx[16006]: Starting nginx: nginx: [warn] conflicting server name "http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 01:41:13 hostname.domain.com nginx[16006]: nginx: [warn] conflicting server name "www.http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 01:41:13 hostname.domain.com nginx[16006]: [  OK  ]
    Apr 03 01:41:13 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 03 01:41:16 hostname.domain.com nginx[16229]: nginx: [warn] conflicting server name "http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 01:41:16 hostname.domain.com nginx[16229]: nginx: [warn] conflicting server name "www.http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 01:41:16 hostname.domain.com nginx[16229]: nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    Apr 03 01:41:16 hostname.domain.com nginx[16229]: nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
    Apr 03 01:41:16 hostname.domain.com nginx[16229]: Reloading nginx: [  OK  ]
    Apr 03 01:41:16 hostname.domain.com systemd[1]: Reloaded SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 03 01:41:16 hostname.domain.com nginx[16267]: nginx: [warn] conflicting server name "http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 01:41:16 hostname.domain.com nginx[16267]: nginx: [warn] conflicting server name "www.http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 01:41:16 hostname.domain.com nginx[16267]: nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    Apr 03 01:41:16 hostname.domain.com nginx[16267]: nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
    Apr 03 01:41:16 hostname.domain.com systemd[1]: Reloaded SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 03 01:41:16 hostname.domain.com nginx[16267]: Reloading nginx: [  OK  ]
    Apr 03 02:22:35 hostname.domain.com nginx[21570]: nginx: [warn] conflicting server name "http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 02:22:35 hostname.domain.com nginx[21570]: nginx: [warn] conflicting server name "www.http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 02:22:35 hostname.domain.com nginx[21570]: nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    Apr 03 02:22:35 hostname.domain.com nginx[21570]: nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
    Apr 03 02:22:35 hostname.domain.com systemd[1]: Reloaded SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 03 02:22:35 hostname.domain.com nginx[21570]: Reloading nginx: [  OK  ]
    Apr 03 08:04:27 hostname.domain.com systemd[1]: Stopping SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 08:04:27 hostname.domain.com nginx[23873]: Stopping nginx: [  OK  ]
    Apr 03 08:04:27 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 08:04:27 hostname.domain.com nginx[23882]: Starting nginx: nginx: [warn] conflicting server name "http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 08:04:27 hostname.domain.com nginx[23882]: nginx: [warn] conflicting server name "www.http2.argentinosenaustralia.com" on 0.0.0.0:80, ignored
    Apr 03 08:04:27 hostname.domain.com nginx[23882]: [  OK  ]
    Apr 03 08:04:27 hostname.domain.com systemd[1]: Started SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 03 16:04:28 hostname.domain.com systemd[1]: Stopping SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 16:04:28 hostname.domain.com nginx[27064]: Stopping nginx: [  OK  ]
    Apr 03 16:04:28 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 03 16:04:28 hostname.domain.com nginx[27073]: Starting nginx: nginx: [emerg] unknown directive "~*" in /usr/local/nginx/conf/wpsecure.conf:1
    Apr 03 16:04:28 hostname.domain.com nginx[27073]: [FAILED]
    Apr 03 16:04:28 hostname.domain.com systemd[1]: nginx.service: control process exited, code=exited status=1
    Apr 03 16:04:28 hostname.domain.com systemd[1]: Failed to start SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 03 16:04:28 hostname.domain.com systemd[1]: Unit nginx.service entered failed state.
    Apr 03 16:04:28 hostname.domain.com systemd[1]: nginx.service failed.
    Apr 04 00:04:27 hostname.domain.com systemd[1]: Starting SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server...
    Apr 04 00:04:27 hostname.domain.com nginx[32382]: Starting nginx: nginx: [emerg] unknown directive "~*" in /usr/local/nginx/conf/wpsecure.conf:1
    Apr 04 00:04:27 hostname.domain.com nginx[32382]: [FAILED]
    Apr 04 00:04:27 hostname.domain.com systemd[1]: nginx.service: control process exited, code=exited status=1
    Apr 04 00:04:27 hostname.domain.com systemd[1]: Failed to start SYSV: Nginx is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server.
    Apr 04 00:04:27 hostname.domain.com systemd[1]: Unit nginx.service entered failed state.
    Apr 04 00:04:27 hostname.domain.com systemd[1]: nginx.service failed.
    
     
  12. eva2000

    eva2000 Administrator Staff Member

    29,016
    6,585
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,775
    Local Time:
    2:30 PM
    Nginx 1.13.x
    MariaDB 5.5
    rogue syntax in /usr/local/nginx/conf/wpsecure.conf it seems .. which vhost references /usr/local/nginx/conf/wpsecure.conf ? there shouldn't be a /usr/local/nginx/conf/wpsecure.conf in 123.09beta01 created wordpress installs it would be something like /usr/local/nginx/conf/wpincludes/yourdomain.com/wpsecure_yourdomain.com.conf

    find out with command
    Code (Text):
    grep -rn 'wpsecure.conf' /usr/local/nginx/conf
    

    and correct the syntax in /usr/local/nginx/conf/wpsecure.conf
     
  13. elargento

    elargento Member

    284
    16
    18
    Jan 4, 2016
    Ratings:
    +37
    Local Time:
    1:30 AM
    10
    Do you mean I have to change this line in /usr/local/nginx/conf/conf.d/domain.com.ssl.conf?
    Code:
      location / {
        # Wordpress Permalinks
        try_files $uri $uri/ /wordpress/index.php?q=$request_uri;
    
        include /usr/local/nginx/conf/wpsecure.conf;
        include /usr/local/nginx/conf/wpnocache.conf;
      }
    
     
  14. elargento

    elargento Member

    284
    16
    18
    Jan 4, 2016
    Ratings:
    +37
    Local Time:
    1:30 AM
    10
    In Generate Centmin Mod Nginx Vhost - CentminMod.com LEMP Nginx web stack for CentOS it says:
    and then the instructions say domain.com.ssl.conf must have
    include /usr/local/nginx/conf/wpsecure.conf;

    So are the instructions wrong? I'm quite lost here and will appreciate some help
     
  15. eva2000

    eva2000 Administrator Staff Member

    29,016
    6,585
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,775
    Local Time:
    2:30 PM
    Nginx 1.13.x
    MariaDB 5.5
    yes because vhost generator is for 123.08stable not 123.09beta01. If you used 123.09beta01's centmin.sh menu option 22 installer, it would have proper include file paths.
     
  16. elargento

    elargento Member

    284
    16
    18
    Jan 4, 2016
    Ratings:
    +37
    Local Time:
    1:30 AM
    10
    Why didn't you said it before? :D
    Output of
    Code:
    grep -rn 'wpsecure.conf' /usr/local/nginx/conf
    
    :
    Code:
    04:51][root@hostname.domain.com conf.d]# grep -rn 'wpsecure.conf' /usr/local/nginx/conf
    /usr/local/nginx/conf/conf.d/domain.com.ssl.conf:61:    include /usr/local/nginx/conf/wpsecure.conf;
    
    I don't understand which path I have to set instead of /usr/local/nginx/conf/wpsecure.conf.
     
  17. eva2000

    eva2000 Administrator Staff Member

    29,016
    6,585
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,775
    Local Time:
    2:30 PM
    Nginx 1.13.x
    MariaDB 5.5
    either paths should work. It's just the syntaxt in yours is incorrect and hence the error on line 1 of /usr/local/nginx/conf/wpsecure.conf
    Code (Text):
    Apr 04 00:04:27 hostname.domain.com nginx[32382]: Starting nginx: nginx: [emerg] unknown directive "~*" in /usr/local/nginx/conf/wpsecure.conf:1
    Apr 04 00:04:27 hostname.domain.com nginx[32382]: [FAILED]
    
     
  18. elargento

    elargento Member

    284
    16
    18
    Jan 4, 2016
    Ratings:
    +37
    Local Time:
    1:30 AM
    10
    I copied the same as in Generate Centmin Mod Nginx Vhost - CentminMod.com LEMP Nginx web stack for CentOS:
    Code:
    Create file named wpsecure.conf at /usr/local/nginx/conf/wpsecure.conf and add following lines.
    
    # Deny access to any files with a .php extension in the uploads directory
    # Works in sub-directory installs and also in multisite network
    location ~* /(?:uploads|files)/.*\.php$ {
            deny all;
    }
    Line 1 is the same line as in vhost.php
     
  19. eva2000

    eva2000 Administrator Staff Member

    29,016
    6,585
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,775
    Local Time:
    2:30 PM
    Nginx 1.13.x
    MariaDB 5.5
    output for command
    Code (Text):
    cat /usr/local/nginx/conf/wpsecure.conf
    
     
  20. elargento

    elargento Member

    284
    16
    18
    Jan 4, 2016
    Ratings:
    +37
    Local Time:
    1:30 AM
    10
    Code:
    [05:16][root@hostname.domain.com conf.d]# cat /usr/local/nginx/conf/wpsecure.conf
    # Deny access to any files with a .php extension in the uploads directory
    # Works in sub-directory installs and also in multisite network
    location ~* /(?:uploads|files)/.*\.php$ {
            deny all;
    }
    
    # Make sure files with the following extensions do not get loaded by nginx because nginx would display the source code, and these files can contain PASSWORDS!
    location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_
    {
            return 444;
    }
    
    #nocgi
    location ~* \.(pl|cgi|py|sh|lua)$ {
            return 444;
    }
    
    #disallow
        location ~* (roundcube|webdav|smtp|http\:|soap|w00tw00t) {
            return 444;
    }
    
    location ~ /(\.|wp-config\.php|readme\.html|license\.txt) { deny all; }
    
     
    Last edited: Apr 5, 2017