Ben*_*org 5 php apache wordpress fastcgi nginx
我正在尝试使用带有 php 5.6 和 nginx 的 Synology 来设置网站。该网站是 WordPress 和一个主题。在处理演示导入时,我们有 NGINX 错误 405(不允许)。
这有点令人沮丧,因为我喜欢事情做得很好。
我查看了 php.ini 文件和 nginx.conf 文件。
# Copyright (c) 2000-2016 Synology Inc. All rights reserved.
worker_processes auto;
#worker_cpu_affinity auto;
worker_rlimit_nofile 65535;
include conf.d/main.conf;
events {
use epoll;
multi_accept on;
worker_connections 1024;
include conf.d/events.conf;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log off;
#access_log syslog:server=unix:/dev/log,facility=local7,tag=nginx_access,nohostname main;
error_log syslog:server=unix:/dev/log,facility=local7,tag=nginx_error,nohostname error;
sendfile on;
server_tokens off;
proxy_request_buffering off;
fastcgi_request_buffering off;
scgi_request_buffering off;
proxy_buffering off;
fastcgi_buffering off;
scgi_buffering off;
resolver_timeout 5s;
client_header_timeout 10s;
client_body_timeout 60s;
send_timeout 60s;
keepalive_timeout 65s 20s;
client_max_body_size 0;
server_names_hash_max_size 8192;
ssl_certificate /usr/syno/etc/certificate/system/default/fullchain.pem;
ssl_certificate_key /usr/syno/etc/certificate/system/default/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
ssl_dhparam /usr/syno/etc/ssl/dh2048.pem;
ssl_prefer_server_ciphers on;
gzip_disable "msie6";
gzip_min_length 1000;
gzip_types text/plain text/css application/javascript application/json;
gzip_vary on;
gzip_static on;
upstream synoscgi {
server unix:/run/synoscgi.sock;
}
index index.html index.htm index.php;
set_real_ip_from 127.0.0.1;
real_ip_header X-Real-IP;
server {
listen 5000 default_server;
listen [::]:5000 default_server;
server_name _;
gzip on;
include app.d/alias.*.conf;
root /usr/syno/synoman;
index index.cgi;
ignore_invalid_headers off;
include app.d/dsm.*.conf;
include /usr/syno/share/nginx/conf.d/dsm.*.conf;
include conf.d/dsm.*.conf;
location = / {
try_files $uri /index.cgi$is_args$query_string;
}
location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;
root /;
include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}
location ~ /webman/modules/(PersonalSettings|ExternalDevices|FileBrowser)/index_ds.php$ {
alias /usr/syno/share/OAuth/index_ds.php;
default_type text/html;
}
location ~ \.cgi {
include scgi_params;
scgi_read_timeout 3600s;
scgi_pass synoscgi;
}
error_page 403 404 500 502 503 504 @error_page;
location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}
location ~ ^/webman/modules/Indexer/ {
deny all;
}
location ~ ^/webapi/lib/ {
deny all;
}
location ~ ^/webapi/(:?(:?.*)\.lib|(:?.*)\.api|(:?.*)\.auth|lib.def)$ {
deny all;
}
location ~ /\. { access_log off; log_not_found off; deny all; }
location ~* \.(?:js|css|png|jpg|gif|ico)$ {
access_log off;
log_not_found off;
}
location = /favicon.ico {
access_log off;
log_not_found off;
}
location = /robots.txt {
allow all;
access_log off;
log_not_found off;
}
}
server {
listen 5001 default_server ssl;
listen [::]:5001 default_server ssl;
server_name _;
include app.d/alias.*.conf;
root /usr/syno/synoman;
index index.cgi;
ignore_invalid_headers off;
include app.d/dsm.*.conf;
include /usr/syno/share/nginx/conf.d/dsm.*.conf;
include conf.d/dsm.*.conf;
location = / {
try_files $uri /index.cgi$is_args$query_string;
}
location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;
root /;
include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}
location ~ /webman/modules/(PersonalSettings|ExternalDevices|FileBrowser)/index_ds.php$ {
alias /usr/syno/share/OAuth/index_ds.php;
default_type text/html;
}
location ~ \.cgi {
include scgi_params;
scgi_read_timeout 3600s;
scgi_pass synoscgi;
}
error_page 403 404 500 502 503 504 @error_page;
location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}
location ~ ^/webman/modules/Indexer/ {
deny all;
}
location ~ ^/webapi/lib/ {
deny all;
}
location ~ ^/webapi/(:?(:?.*)\.lib|(:?.*)\.api|(:?.*)\.auth|lib.def)$ {
deny all;
}
location ~ /\. { access_log off; log_not_found off; deny all; }
location ~* \.(?:js|css|png|jpg|gif|ico)$ {
access_log off;
log_not_found off;
}
location = /favicon.ico {
access_log off;
log_not_found off;
}
location = /robots.txt {
allow all;
access_log off;
log_not_found off;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 default_server ssl;
listen [::]:443 default_server ssl;
server_name _;
location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;
root /;
include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}
include app.d/www.*.conf;
include app.d/alias.*.conf;
include /usr/syno/share/nginx/conf.d/www.*.conf;
include conf.d/www.*.conf;
location = /webman/pingpong.php {
rewrite /webman/pingpong.php /webman/pingpong.cgi break;
root /usr/syno/synoman;
include scgi_params;
scgi_pass synoscgi;
}
location = /webdefault/images/logo.jpg {
alias /usr/syno/share/nginx/logo.jpg;
}
error_page 405 =200 $uri;
location ~* \.php$ {
include fastcgi_params;
fastcgi_index index.php;
fastcgi_read_timeout 240;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
error_page 403 404 500 502 503 504 @error_page;
location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}
location ^~ /.well-known/acme-challenge {
root /var/lib/letsencrypt;
default_type text/plain;
}
include app.d/.location.webstation.conf*;
location ~ ^/$ {
if ($scheme = https) {
rewrite / https://$host:5001/ redirect;
}
rewrite / http://$host:5000/ redirect;
}
}
include conf.d/http.*.conf;
include app.d/server.*.conf;
include sites-enabled/*;
}
我在互联网上搜索了很多,到目前为止只有一些有趣的线索,但没有任何效果。
我试图将以下内容添加到 nginx.conf (这就是为什么我的实际 nginx.conf 有这些行)但它没有解决我的问题。
location ~* \.php$ {
include fastcgi_params;
fastcgi_index index.php;
fastcgi_read_timeout 240;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
有关信息,这是日志文件中的错误:
2017/02/10 18:14:07 [错误] 18555#18555:*2563 上游超时(110:连接超时),同时从上游读取响应头,客户端:xxx.xxx.xxx.xxx,服务器:示例。 com,请求:“POST /wp-admin/admin-ajax.php HTTP/1.1”,上游:“fastcgi://unix:/run/php-fpm/php56-fpm.sock”,主机:“www.example .com”,引荐来源:http : //example.com/wp-admin/admin.php? page= laborator- demo-content-installer& install- pack= agency&
如果您有任何想法来解决这个问题......因为我已经从几个星期以来一直在努力......在此先感谢
tl;dr\xe2\x80\x94你的 WordPress 太慢了。跳到底部查看如何让 NGINX 返回正确的504 GATEWAY TIMEOUT状态代码。
更长的版本:你有一堆单独的问题以一种无益的方式一起工作。
\n\n1.您的上游服务器 WordPress 响应速度不够快
\n\n它需要超过 4 分钟,这就是您110: Connection timed out在日志中看到 的原因。解决速度缓慢的方法是加快 WordPress 的速度。作为解决方法,您可以给它更多时间来处理请求。为此,请增加fastcgi_read_timeout 240;规则中的数量。请注意,超时以秒为单位,因此如果您愿意等待 10 分钟,请将其设置为600。
不过,我建议不要增加超时时间。您确实应该解决性能问题本身。如此长的请求会阻塞 NGINX 和 WordPress 中的资源,因此让您很容易受到 DDoSed,甚至是您自己不小心。
\n\n因为你的上游时间太长,NGINX 会响应504 GATEWAY TIMEOUT. 不能,因为\xe2\x80\xa6
2、静态文件无法响应POST请求
\n\n在您所在的error_page位置,您告诉 NGINX 使用静态文件来处理请求。GET这对于or来说很好HEAD,但对于 来说不起作用POST,因为它会要求 NGINX 覆盖/创建文件。NGINX 既不打算也不支持这种情况。(使用其他修饰动词,例如PUTand ,该请求也会失败DELETE(出于同样的原因,
请注意,您正在使用命名位置 ,@error_page该方法仍然是 POST,如手册所述:
If there is no need to change URI and method during internal redirection it is possible to pass error processing into a named location.\n您已经知道其中的一部分,这就是为什么您添加了error_page 405 =200 $uri;规则的原因。不幸的是,这并没有拯救你,因为\xe2\x80\xa6
3.内部error_page重定向默认不是递归的
\n\nerror_page据我所知,手册的文档中没有提到这一点 ,但它是,但在以下指令的文档中提到了
解决方法:启用递归 error_page 重定向
\n\n指令recursive_error_pages允许您处理发生的错误在处理前一个错误来自文档:
\n\n Enables or disables doing several redirects using the error_page directive. The number of such redirects is limited.\n如果您启用此功能,通过将其放入recursive_error_pages on;服务器块中,您将允许该error_page 405指令生效。
不幸的是,由于您仍在请求与您的$uri部件相同的资源,WordPress 将再次查询相同的 URL,这次是 GET 请求。不知道你的 WordPress 如何处理这个问题,但很可能发生的错误不会帮助你调试这个问题。
这实际上只是在回避问题;你应该得到的是原件504。因此,我建议您执行以下操作,而不是启用递归错误页面重定向:
解决方案:使用GET来获取错误页面
我假设即使在 POST 请求中您仍然希望返回 error.html。为此,您需要强制 NGINX 删除POST并使用 处理错误GET,以便可以使用静态文件。我发现实现这一点的唯一方法是不使用命名位置(开头带有 的位置@),而是使用内部位置。
要使用此选项,请更改您的@error_page位置以包含伪路径和internal指令,例如如下所示:
location /error_page {\n internal;\n root /usr/syno/share/nginx;\n rewrite (.*) /error.html break;\n }\n然后,修改error_page指令以使用新位置:
error_page 403 404 500 502 503 504 /error_page;\n