Want more timely Centmin Mod News Updates?
Become a Member

Wordpress Nginx Access Denied

Discussion in 'Add Ons' started by nVidian, Mar 24, 2016.

  1. nVidian

    nVidian Member

    85
    8
    8
    Mar 16, 2015
    Ratings:
    +23
    Local Time:
    4:57 PM
    1.7.9
    5.5
    Hi, I never really use Wordpress, so forgive my ignorance.

    I just tried to play with Wordpress and install WP with centmin (123.08stable) menu #22 , but everytime I tried it always go to Access Denied in browser - but no problem showed when restart nginx.

    This is the content of nginx conf file
    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    
    # redirect from non-www to www
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    #server {
    #            listen   80;
    #            server_name mydomain.com;
    #            return 301 $scheme://www.mydomain.com$request_uri;
    #       }
    
    server {
      listen myip:80;
      server_name mydomain.com www.mydomain.com;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/mydomain.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/mydomain.com/log/error.log;
    
      root /home/nginx/domains/mydomain.com/public;
    
      include /usr/local/nginx/conf/wpsupercache_mydomain.com.conf;
    
      location / {
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # for wordpress super cache plugin
      try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args;
    
      # Wordpress Permalinks
      #try_files $uri $uri/ /index.php?q=$uri&$args;
    
      }
    
    location ~* /(wp-login\.php) {
        limit_req zone=xwplogin burst=1 nodelay;
        #limit_conn xwpconlimit 30;
        auth_basic "Private";
        auth_basic_user_file /home/nginx/domains/mydomain.com/htpasswd_wplogin;
        include /usr/local/nginx/conf/php-wpsc.conf;
    }
    
    location ~* /(xmlrpc\.php) {
        limit_req zone=xwprpc burst=45 nodelay;
        #limit_conn xwpconlimit 30;
        include /usr/local/nginx/conf/php-wpsc.conf;
    }
    
      include /usr/local/nginx/conf/wpsecure_mydomain.com.conf;
      include /usr/local/nginx/conf/php-wpsc.conf;
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    
    Do I miss something ?

    Thank you
     
    Last edited: Mar 24, 2016
  2. eva2000

    eva2000 Administrator Staff Member

    28,996
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,769
    Local Time:
    7:57 PM
    Nginx 1.13.x
    MariaDB 5.5
    which url you specifically access in wordpress that gives this ?

    any clues in your access.log and error.log in vhost listed paths at
    Code (Text):
      access_log /home/nginx/domains/mydomain.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/mydomain.com/log/error.log;
     
  3. nVidian

    nVidian Member

    85
    8
    8
    Mar 16, 2015
    Ratings:
    +23
    Local Time:
    4:57 PM
    1.7.9
    5.5
    The URL I accessed was mydomain.com (root)

    LOG FILE:
    /home/nginx/domains/mydomain.com/log/access.log >> BLANK/EMPTY

    /home/nginx/domains/mydomain.com/log/error.log
     
    Last edited: Mar 26, 2016
  4. eva2000

    eva2000 Administrator Staff Member

    28,996
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,769
    Local Time:
    7:57 PM
    Nginx 1.13.x
    MariaDB 5.5
    problem is listed in error log - you're trying to use php-fpm with an undefined php extension not whitelisted in security.limit_extensions options in /usr/local/etc/php-fpm.conf
    Code (Text):
    has been denied (see security.limit_extensions)"while reading response header from upstream

    only these php extensions out of box are allowed to run php code via php-fpm
    Code (Text):
    grep security.limit /usr/local/etc/php-fpm.conf
    security.limit_extensions = .php .php3 .php4 .php5

    are you using wordpress permalinks ? what extension did you choose for friendly urls ? .html ?
     
  5. nVidian

    nVidian Member

    85
    8
    8
    Mar 16, 2015
    Ratings:
    +23
    Local Time:
    4:57 PM
    1.7.9
    5.5
    Code:
    # grep security.limit /usr/local/etc/php-fpm.conf
    security.limit_extensions = .php .php3 .php4 .php5
    As I said earlier, I'm not familiar with wordpress, I dont even know what is permalink (mayve clean URL in Drupal ?) :)

    1. Installed automatically using menu#22 , havent touch anything inside wordpress.
    2. Tried to access my wp site but experienced access denied
    3. Tried to use alternative nginx conf for wp, now I can access my wp site but still cannot login cause I dont know the username & password

    I changed the conf file to this from nginx site (WordPress | NGINX and I can access to my WP but cannot login.

    Code:
    # Upstream to abstract backend connection(s) for php
    upstream php {
            server unix:/tmp/php-cgi.socket;
            server 127.0.0.1:9000;
    }
    server {
            listen 1.2.3.4:80;
            server_name mydomain.com;
            root /home/nginx/domains/mydomain.com/public;
    
            location = /favicon.ico {
                    log_not_found off;
                    access_log off;
            }
    
            location = /robots.txt {
                    allow all;
                    log_not_found off;
                    access_log off;
            }
    
            location / {
                    # This is cool because no php is touched for static content.
                    # include the "?$args" part so non-default permalinks doesn't break when using query string
                    try_files $uri $uri/ /index.php?$args;
            }
    
            location ~ \.php$ {
                    #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                    include fastcgi.conf;
                    fastcgi_intercept_errors on;
                    fastcgi_pass php;
            }
    
            location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                    expires max;
                    log_not_found off;
            }
    }
    
    
     
    Last edited: Mar 26, 2016
  6. eva2000

    eva2000 Administrator Staff Member

    28,996
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,769
    Local Time:
    7:57 PM
    Nginx 1.13.x
    MariaDB 5.5
    every centmin.sh menu option has a log timestamped at /root/centminlogs - you can find the wp install one and look into that log for centmin.sh menu option 22 wp login info

    however, it's strange centmin.sh menu option 22 wp install would give your such problems
     
  7. eva2000

    eva2000 Administrator Staff Member

    28,996
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,769
    Local Time:
    7:57 PM
    Nginx 1.13.x
    MariaDB 5.5
    which version of php you using ? is this test VPS with test wp site only ?
     
  8. nVidian

    nVidian Member

    85
    8
    8
    Mar 16, 2015
    Ratings:
    +23
    Local Time:
    4:57 PM
    1.7.9
    5.5
    Ok, How do i login to my wp-admin if I dont know the username & password ? :)

    Is the password inside htpasswd file ? What is the default username ?
     
  9. eva2000

    eva2000 Administrator Staff Member

    28,996
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,769
    Local Time:
    7:57 PM
    Nginx 1.13.x
    MariaDB 5.5
  10. nVidian

    nVidian Member

    85
    8
    8
    Mar 16, 2015
    Ratings:
    +23
    Local Time:
    4:57 PM
    1.7.9
    5.5
    Code:
    # php -v
    PHP 5.6.19 (cli) (built: Mar  6 2016 16:26:15)
    Copyright (c) 1997-2016 The PHP Group
    Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
        with the ionCube PHP Loader (enabled) + Intrusion Protection from ioncube24.com (unconfigured) v5.1.1, Copyright (c) 2002-2016, by ionCube Ltd.
        with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies
    
    The VPS already has couple of Drupal sites + one WHMCS installation before I install WP.
     
  11. eva2000

    eva2000 Administrator Staff Member

    28,996
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,769
    Local Time:
    7:57 PM
    Nginx 1.13.x
    MariaDB 5.5
    unfortunately, without me being able to reproduce the problem on my end, not much i can do. Could be something else in your configuration interferring i.e. ioncube ???

    In the /root/centminlogs for your wp install log, you should have all login into, http authentication pass as well as path to uninstall script which can reverse everything and remove the wordpress nginx vhost site, files directory and just leave the wp database itself.
     
  12. eva2000

    eva2000 Administrator Staff Member

    28,996
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,769
    Local Time:
    7:57 PM
    Nginx 1.13.x
    MariaDB 5.5
    Also what's output of nginx config command at
    Code (Text):
    nginx -V

    did you disable any nginx modules ? some are required for wp super cache configuration as well
     
  13. nVidian

    nVidian Member

    85
    8
    8
    Mar 16, 2015
    Ratings:
    +23
    Local Time:
    4:57 PM
    1.7.9
    5.5
    I think I never touch default nginx modules.
    Code:
    # nginx -V
    nginx version: nginx/1.9.12
    built by clang 3.4.2 (tags/RELEASE_34/dot2-final)
    built with OpenSSL 1.0.2g  1 Mar 2016
    TLS SNI support enabled
    configure arguments: --with-ld-opt='-ljemalloc -Wl,-z,relro' --with-cc-opt='-m64 -mtune=native -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wno-sign-compare -Wno-string-plus-int -Wno-deprecated-declarations -Wno-unused-parameter -Wno-unused-const-variable -Wno-conditional-uninitialized -Wno-mismatched-tags -Wno-c++11-extensions -Wno-sometimes-uninitialized -Wno-parentheses-equality -Wno-tautological-compare -Wno-self-assign -Wno-deprecated-register -Wno-deprecated -Wno-invalid-source-encoding -Wno-pointer-sign -Wno-parentheses -Wno-enum-conversion' --sbin-path=/usr/local/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --with-http_ssl_module --with-http_v2_module --with-http_gzip_static_module --with-http_stub_status_module --with-http_sub_module --with-http_addition_module --with-http_image_filter_module --with-http_secure_link_module --with-http_realip_module --with-http_geoip_module --with-openssl-opt=enable-tlsext --add-module=../ngx-fancyindex-ngx-fancyindex --add-module=../ngx_cache_purge-2.3 --add-module=../nginx-accesskey-2.0.3 --add-module=../nginx-http-concat-master --add-module=../openresty-memc-nginx-module-4f6f78f --add-module=../openresty-srcache-nginx-module-ffa9ab7 --add-module=../ngx_devel_kit-0.2.19 --add-module=../set-misc-nginx-module-0.29 --add-module=../echo-nginx-module-0.58 --add-module=../redis2-nginx-module-0.12 --add-module=../ngx_http_redis-0.3.7 --add-module=../nginx_upstream_check_module-0.3.0 --add-module=../nginx-module-vts --add-module=../headers-more-nginx-module-0.28 --with-openssl=../openssl-1.0.2g --with-libatomic --with-threads --with-stream --with-stream_ssl_module --with-pcre=../pcre-8.37 --with-pcre-jit
    
     
  14. eva2000

    eva2000 Administrator Staff Member

    28,996
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,769
    Local Time:
    7:57 PM
    Nginx 1.13.x
    MariaDB 5.5
    nginx module wise looks ok so not that problem at least