Nginx WHMCS 500 errors

Robust · Dec 12, 2015

Getting WHMCS 500 errors, wonder if you guys can help.

php config:
display_errors = On
error_reporting = E_ALL

shows no errors, still just a plain blank page on Firefox & Safari, on Chrome it shows its custom 500 error page. Nothing in PHP or nginx error logs. Access logs don't show request. No firewall blocking requests. Other software on same VPS works fine, XenForo, WordPress, custom Laravel install, but WHMCS doesn't. PHP version is 5.6, also supported by WHMCS v6.

Matt Williams · Dec 12, 2015

Did you install the required Centmin Mod Addons - CentminMod.com LEMP Nginx web stack for CentOS ?
IonCube PHP Extension

Robust · Dec 12, 2015

Matt Williams said: ↑

Which php version are you using?
Click to expand...

Robust said: ↑

PHP version is 5.6
Click to expand...

And I do have the ioncube for PHP 5.6 installed, yeah

Matt Williams · Dec 12, 2015

can you try and do:

nprestart
Click to expand...

Robust · Dec 12, 2015

Matt Williams said: ↑

can you try and do:
Click to expand...

Restarting doesn't help, sadly :/

Matt Williams · Dec 12, 2015

you have the lastest WHMCS installed?

Robust · Dec 12, 2015

Matt Williams said: ↑

you have the lastest WHMCS installed?
Click to expand...

Matt Williams · Dec 12, 2015

did you check all permissions and make sure they were set correctly?

Robust · Dec 12, 2015

Matt Williams said: ↑

did you check all permissions and make sure they were set correctly?
Click to expand...

chown'd to web user

Matt Williams · Dec 12, 2015

what do your:

tail -10 /var/log/php-fpm/www-error.log
Click to expand...

say?

eva2000 · Dec 12, 2015

Robust said: ↑

still just a plain blank page on Firefox & Safari, on Chrome it shows its custom 500 error page.
Click to expand...

Centmin Mod Nginx doesn't enable custom error pages out of the box. What's your full WHMCS vhost conf file look like ?

if you have alot of disk space and can enable debug nginx, you can enable and compile a nginx debug build of nginx via centmin.sh option NGINX_DEBUG=y centminmod/centmin.sh at 123.08stable · centminmod/centminmod · GitHub You can place the option in persistent config /etc/centminmod/custom_config.inc outlined at centminmod.com/upgrade.html#persistent so place in file /etc/centminmod/custom_config.inc
Code:
NGINX_DEBUG=y
then recompile nginx via centmin.sh menu option 4 and then in your nginx error_log directive add debug option A debugging log and restart nginx and check logs

They will be very very very verbose and lot alot to disk so ensure you have alot of disk free space.

You can minimise this by limiting it to specific ip based client connections too

Debugging log for selected clients

It is also possible to enable the debugging log for selected client addresses only:

error_log /path/to/log;

events {
debug_connection 192.168.1.1;
debug_connection 192.168.10.0/24;
}
Click to expand...

After debugging is done, reverse the debug now by setting NGINX_DEBUG=n and recompile Nginx again

Robust · Dec 12, 2015

yeh, it's not like my custom 500 error, it's a:
[IMG]

Code:

server {
            listen   80;
            server_name domain;
            return 301 https://domain$request_uri;
       }

server {
  listen 443 ssl;
  server_name domain;

# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;

ssl on;
ssl_certificate /usr/local/nginx/conf/ssl/domain.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/domain.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK;
ssl_prefer_server_ciphers on;
#ssl_session_cache shared:SSL:10m;
#ssl_session_timeout 10m;

  # limit_conn limit_per_ip 16;
  # ssi  on;

  access_log /path/to/domain/log/access.log combined buffer=32k;
  error_log /path/to/domain/log/error.log;

  root /path/to/domain/public;
  index index.php;

  location / {
try_files $uri $uri/ $uri.php;
# Announcements
#rewrite ^/announcements/([0-9]+)/[a-zA-Z0-9-]+\.html$ /./announcements.php?id=$1 last;
#rewrite ^/announcements$ /./announcements.php last;
# Downloads
#rewrite ^/downloads/([0-9]+)/([^/]*)$ /./downloads.php?action=displaycat&catid=$1 last;
#rewrite ^/downloads$ /./downloads.php last;
#Knowledgebase
#rewrite ^/knowledgebase/([0-9]+)/[a-zA-Z0-9-]+\.html$ /./knowledgebase.php?action=displayarticle&id=$1 last;
#rewrite ^/knowledgebase/([0-9]+)/([^/]*)$ /./knowledgebase.php?action=displaycat&catid=$1 last;
#rewrite ^/knowledgebase$ /./knowledgebase.php last;

# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;
  }

  include /usr/local/nginx/conf/php.conf;
#  include /usr/local/nginx/conf/drop.conf;
}

Robust · Dec 12, 2015

Matt Williams said: ↑

what do your: say?
Click to expand...

php logs show nothing

eva2000 · Dec 13, 2015

nothing in that vhost file looks out of place besides missing http2 based ssl directive and ocsp stapling if you have a paid commercial ssl certificate
Code:
php --ini
Configuration File (php.ini) Path: /usr/local/lib
Loaded Configuration File:         /usr/local/lib/php.ini
Scan for additional .ini files in: /etc/centminmod/php.d
Additional .ini files parsed:      /etc/centminmod/php.d/a_customphp.ini,
/etc/centminmod/php.d/curlcainfo.ini,
/etc/centminmod/php.d/geoip.ini,
/etc/centminmod/php.d/imagick.ini,
/etc/centminmod/php.d/memcached.ini,
/etc/centminmod/php.d/zendopcache.ini
Common Troubleshooting Tips - WHMCS Documentation

Internal 500 Server Error
An internal server error can be a lot of things but it's always a server issue - not WHMCS. It could be that ioncube is incorrectly installed or there are some settings in a .htaccess file causing an error. Here are a few broad areas for you to check in order to resolve the issue:

An error in one of the PHP Files - Try enabling the display errors option.

File Permissions & Ownership - All files should have a permission level of 644, folders should be 755.

PHP Memory & Process limitations - Try increasing to 128MB

PHP Process Limitations - Check with server admin/hosting provider

Corrupt PHP Modules, Extensions, Builds - Check with server admin/hosting provider

The obscure - If points 1-5 don't produce a fix typically the best course of action is to check the Apache Error Logs.

If the error is not displayed when following point 1, the error is beyond the control of the WHMCS Installation & staff as it becomes a Server issue, which we would not have the level of access to completely resolve.

Examining the Apache Error logs is the next step in trouble shooting, which depending on your level of access, may require contacting your Hosting Provider to assist.
Click to expand...

for number 5, you could try commenting out with a hash # in front, each php extension added by Centmin Mod source compile as outputted by php --ini command
Code:
php --ini
Configuration File (php.ini) Path: /usr/local/lib
Loaded Configuration File:         /usr/local/lib/php.ini
Scan for additional .ini files in: /etc/centminmod/php.d
Additional .ini files parsed:      /etc/centminmod/php.d/a_customphp.ini,
/etc/centminmod/php.d/curlcainfo.ini,
/etc/centminmod/php.d/geoip.ini,
/etc/centminmod/php.d/imagick.ini,
/etc/centminmod/php.d/memcached.ini,
/etc/centminmod/php.d/zendopcache.ini
so just comment out the zend or extension load *.so line with hash in front and restart nginx and php-fpm via nprestart command and see if you can isolate a problematic php extension

if it php memory and process limits you can check via
Code:
php -i | grep memory_limit
memory_limit => 160M => 160M
set from /etc/centminmod/php.d/a_customphp.ini
Code:
date.timezone = UTC
max_execution_time = 60
short_open_tag = On
realpath_cache_size = 2048k
realpath_cache_ttl = 28800
upload_max_filesize = 160M
memory_limit = 160M
post_max_size = 160M
expose_php = Off
mail.add_x_header = Off
max_input_nesting_level = 128
max_input_vars = 10000
mysqlnd.net_cmd_buffer_size = 16384
always_populate_raw_post_data=-1
raise or change php settings via custom .ini file and not directly in php.ini as per PHP-FPM - CentminMod.com LEMP Nginx web stack for CentOS

number 2 file user/group ownership and permissions

and again the above nginx debug mode

Matt Williams · Dec 13, 2015

Sounds like a permissions issue somewhere. I just upgraded ours to the latest but have installed it several times and have come across this before when I didn't set the correct permissions on a folder/file.

You also might be missing a primary file somewhere. Can you try deleting your current install, download a new zip file from WHMCS and re-upload it and run through the install again?

Robust · Dec 13, 2015

eva2000 said: ↑

nothing in that vhost file looks out of place besides missing http2 based ssl directive and ocsp stapling if you have a paid commercial ssl certificate
Click to expand...

I disabled it temporarily to see if it was causing WHMCS issues and I'm not sure what the ocsp stapling data is for PositiveSSL COMODO certificate

An error in one of the PHP Files - Try enabling the display errors option.
Click to expand...

Tried, no errors shown or produced. Once enabled, where are errors logged? On the screen or the respective error.log files?

File Permissions & Ownership - All files should have a permission level of 644, folders should be 755.
Click to expand...

chown'd properly with correct file perms, just in case I did a chmod to 777 and it didn't fix any of it.

PHP Memory & Process limitations - Try increasing to 128MB
Click to expand...

It is 128MB

what does nginx debug mode do?

Matt Williams said: ↑

You also might be missing a primary file somewhere. Can you try deleting your current install, download a new zip file from WHMCS and re-upload it and run through the install again?
Click to expand...

I did last night. The install went fine, actually. An upgrade to WHMCS v6.2 from v6.0.3. The installer said I pass all requirements and said the upgrade completed successfully. After, it said remove the install directory to begin using WHMCS, as it's a security concern. I did, and then the blank pages and 500 errors started.

Matt Williams · Dec 13, 2015

have you tried commenting out:

/usr/local/nginx/conf/wpsecure_yourdomain.com.conf;
Click to expand...

in:

/usr/local/nginx/conf/conf.d/domain.com.ssl.conf
Click to expand...

eva2000 · Dec 13, 2015

Robust said: ↑

I disabled it temporarily to see if it was causing WHMCS issues and I'm not sure what the ocsp stapling data is for PositiveSSL COMODO certificate
Click to expand...

OCSP improves SSL performance OCSP stapling - Wikipedia, the free encyclopedia

Robust said: ↑

It is 128MB

what does nginx debug mode do?
Click to expand...

could be too low, try raising it to 256MB at least

nginx debug as it stats debugs every connection and process that goes through nginx Debugging | NGINX it's very verbose

never used WHMCS, so no idea if removing the install directory has a particular right and wrong way of doing it

eva2000 · Dec 13, 2015

oh did you move directories above public webroot as suggested at Further Security Steps - WHMCS Documentation ? did you make sure to disable openbase_dir from FAQ item 26 ?

i don't see anything in WHMCS docs saying deleting install directory ?

Robust · Dec 17, 2015

I managed to fix it, basically stupid WHMCS software, not much to do with the system itself. WHMCS is just a bunch of obfuscated code that has no application logs, so when 500 errors happen they say it's your system. When you're puzzled why it's not being logged, it's because it's application side (bad WHMCS hooks) which isn't logged anywhere because they handle all logging but don't show the end user any of it!

I'll look into OCSP stapling. Any info on enabling it with PositiveSSL w/ nginx?

Log in / Register

Forums

Learn about Centmin Mod LEMP Stack today

Nginx WHMCS 500 errors

Robust Member

Matt Williams WordPress Fanatic

Robust Member

Matt Williams WordPress Fanatic

Robust Member

Matt Williams WordPress Fanatic

Robust Member

Matt Williams WordPress Fanatic

Robust Member

Matt Williams WordPress Fanatic

eva2000 Administrator Staff Member

Robust Member

Robust Member

eva2000 Administrator Staff Member

Matt Williams WordPress Fanatic

Robust Member

Matt Williams WordPress Fanatic

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

Robust Member

.

Log in / Register

Useful Searches

Learn about Centmin Mod LEMP Stack today

Nginx WHMCS 500 errors

Robust Member

Matt Williams WordPress Fanatic

Robust Member

Matt Williams WordPress Fanatic

Robust Member

Matt Williams WordPress Fanatic

Robust Member

Matt Williams WordPress Fanatic

Robust Member

Matt Williams WordPress Fanatic

eva2000 Administrator Staff Member

Robust Member

Robust Member

eva2000 Administrator Staff Member

Matt Williams WordPress Fanatic

Robust Member

Matt Williams WordPress Fanatic

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

Robust Member

.