问题一
常见502 Bad的问题
[root@localhost ~]# vi /usr/local/nginx/conf/vhost/test.com.conf
将
50 fastcgi_pass unix:/tmp/php-fcgi.sock;
改错为
50 fastcgi_pass unix:/tmp/php-cgi.sock;
[root@localhost ~]# curl -x 127.0.0.1:80 test.com/test.php
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.8.0</center>
</body>
</html>
[root@localhost ~]# tail /usr/local/nginx/logs/nginx_error.log
2018/03/02 16:07:03 [notice] 7416#0: nginx/1.8.0
2018/03/02 16:07:03 [notice] 7416#0: built by gcc 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC)
2018/03/02 16:07:03 [notice] 7416#0: OS: Linux 3.10.0-123.el7.x86_64
2018/03/02 16:07:03 [notice] 7416#0: getrlimit(RLIMIT_NOFILE): 1024:4096
2018/03/02 16:07:03 [notice] 7417#0: start worker processes
2018/03/02 16:07:03 [notice] 7417#0: start worker process 7418
2018/03/02 16:07:03 [notice] 7417#0: start worker process 7419
更改级别
[root@localhost ~]# vi /usr/local/nginx/conf/nginx.conf
将
3 error_log /usr/local/nginx/logs/nginx_error.log crit;
更改为
3 error_log /usr/local/nginx/logs/nginx_error.log debug;
为
1 user nobody nobody;
2 worker_processes 2;
3 error_log /usr/local/nginx/logs/nginx_error.log debug;
4 pid /usr/local/nginx/logs/nginx.pid;
5 worker_rlimit_nofile 51200;
6 events
7 {
8 use epoll;
9 worker_connections 6000;
10 }
11 http
12 {
13 include mime.types;
14 default_type application/octet-stream;
15 server_names_hash_bucket_size 3526;
16 server_names_hash_max_size 4096;
17 log_format user '$remote_addr $http_x_forwarded_for [$time_local]'
18 ' $host "$request_uri" $status'
19 ' "$http_referer" "$http_user_agent"';
20 sendfile on;
21 tcp_nopush on;
22 keepalive_timeout 30;
23 client_header_timeout 3m;
24 client_body_timeout 3m;
25 send_timeout 3m;
26 connection_pool_size 256;
27 client_header_buffer_size 1k;
28 large_client_header_buffers 8 4k;
29 request_pool_size 4k;
30 output_buffers 4 32k;
31 postpone_output 1460;
32 client_max_body_size 10m;
33 client_body_buffer_size 256k;
34 client_body_temp_path /usr/local/nginx/client_body_temp;
35 proxy_temp_path /usr/local/nginx/proxy_temp;
36 fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
37 fastcgi_intercept_errors on;
38 tcp_nodelay on;
39 gzip on;
40 gzip_min_length 1k;
41 gzip_buffers 4 8k;
42 gzip_comp_level 5;
43 gzip_http_version 1.1;
44 gzip_types text/plain application/x-javascript text/css text/htm
45 application/xml;
46 include vhost/*.conf;
47 }
[root@localhost ~]# /etc/init.d/nginx restart
Restarting nginx (via systemctl): [ OK ]
[root@localhost ~]# vi /usr/local/nginx/conf/nginx.conf
user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log debug;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format user '$remote_addr $http_x_forwarded_for [$time_local]'
' $host "$request_uri" $status'
' "$http_referer" "$http_user_agent"';
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
include vhost/*.conf;
}
检查
[root@localhost ~]# curl -x 127.0.0.1:80 test.com/test.php
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.8.0</center>
</body>
</html>
[root@localhost ~]# tail /usr/local/nginx/logs/nginx_error.log
2018/03/02 16:07:03 [notice] 7416#0: nginx/1.8.0
2018/03/02 16:07:03 [notice] 7416#0: built by gcc 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC)
2018/03/02 16:07:03 [notice] 7416#0: OS: Linux 3.10.0-123.el7.x86_64
2018/03/02 16:07:03 [notice] 7416#0: getrlimit(RLIMIT_NOFILE): 1024:4096
2018/03/02 16:07:03 [notice] 7417#0: start worker processes
2018/03/02 16:07:03 [notice] 7417#0: start worker process 7418
2018/03/02 16:07:03 [notice] 7417#0: start worker process 7419
2018/03/02 16:10:08 [notice] 7418#0: *1 "Spider/3.0|YoudaoBot|Tomato" does not match "curl/7.29.0", client: 127.0.0.1, server: test.com, request: "GET HTTP://test.com/test.php HTTP/1.1", host: "test.com"
2018/03/02 16:10:08 [crit] 7418#0: *1 connect() to unix:/tmp/php-cgi.sock failed (2: No such file or directory) while connecting to upstream, client: 127.0.0.1, server: test.com, request: "GET HTTP://test.com/test.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-cgi.sock:", host: "test.com"
2018/03/02 16:10:08 [info] 7418#0: *1 client 127.0.0.1 closed keepalive connection
通过错误信息查询
[root@localhost ~]# ls /tmp/php-cgi.sock
ls: cannot access /tmp/php-cgi.sock: No such file or directory
查询php定义的sock
[root@localhost ~]# cat /usr/local/php-fpm/etc/php-fpm.conf
[global]
pid = /usr/local/php-fpm/var/run/php-fpm.pid
error_log = /usr/local/php-fpm/var/log/php-fpm.log
[www]
listen = /tmp/php-fcgi.sock
listen.mode = 666
user = php-fpm
group = php-fpm
pm = dynamic
pm.max_children = 50
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
rlimit_files = 1024
解决方案
[root@localhost ~]# vi /usr/local/nginx/conf/vhost/test.com.conf
将
50 fastcgi_pass unix:/tmp/php-cgi.sock;
改为
50 fastcgi_pass unix:/tmp/php-fcgi.sock;
[root@localhost ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]# /usr/local/nginx/sbin/nginx -s reload
[root@localhost ~]# curl -x 127.0.0.1:80 test.com/test.php
正常解析
问题二
[root@localhost ~]# vi /usr/local/php-fpm/etc/php-fpm.conf
注释
5 listen = /tmp/php-fcgi.sock
为
5 #listen = /tmp/php-fcgi.sock
添加
6 listen = 127.0.0.1:9000
为
1 [global]
2 pid = /usr/local/php-fpm/var/run/php-fpm.pid
3 error_log = /usr/local/php-fpm/var/log/php-fpm.log
4 [www]
5 #listen = /tmp/php-fcgi.sock
6 listen = 127.0.0.1:9000
7 listen.mode = 666
8 user = php-fpm
9 group = php-fpm
10 pm = dynamic
11 pm.max_children = 50
12 pm.start_servers = 20
13 pm.min_spare_servers = 5
14 pm.max_spare_servers = 35
15 pm.max_requests = 500
16 rlimit_files = 1024
[root@localhost ~]# vi /usr/local/php-fpm/etc/php-fpm.conf
[global]
pid = /usr/local/php-fpm/var/run/php-fpm.pid
error_log = /usr/local/php-fpm/var/log/php-fpm.log
[www]
#listen = /tmp/php-fcgi.sock
listen = 127.0.0.1:9000
listen.mode = 666
user = php-fpm
group = php-fpm
pm = dynamic
pm.max_children = 50
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
rlimit_files = 1024
[root@localhost ~]# /usr/local/php-fpm/sbin/php-fpm -t
[02-Mar-2018 16:37:48] NOTICE: configuration file /usr/local/php-fpm/etc/php-fpm.conf test is successful
[root@localhost ~]# /etc/init.d/php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm done
[root@localhost ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2498/master
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 7484/php-fpm: maste
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 7417/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1287/sshd
tcp6 0 0 ::1:25 :::* LISTEN 2498/master
tcp6 0 0 :::3306 :::* LISTEN 2487/mysqld
tcp6 0 0 :::22 :::* LISTEN 1287/sshd
[root@localhost ~]# curl -x 127.0.0.1:80 test.com/test.php
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.8.0</center>
</body>
</html>
[root@localhost ~]# tail /usr/local/nginx/logs/nginx_error.log
2018/03/02 16:36:11 [notice] 7462#0: exit
2018/03/02 16:36:12 [notice] 7417#0: signal 17 (SIGCHLD) received
2018/03/02 16:36:12 [notice] 7417#0: worker process 7463 exited with code 0
2018/03/02 16:36:12 [notice] 7417#0: signal 29 (SIGIO) received
2018/03/02 16:36:12 [notice] 7417#0: signal 17 (SIGCHLD) received
2018/03/02 16:36:12 [notice] 7417#0: worker process 7462 exited with code 0
2018/03/02 16:36:12 [notice] 7417#0: signal 29 (SIGIO) received
2018/03/02 16:38:55 [notice] 7474#0: *5 "Spider/3.0|YoudaoBot|Tomato" does not match "curl/7.29.0", client: 127.0.0.1, server: test.com, request: "GET HTTP://test.com/test.php HTTP/1.1", host: "test.com"
2018/03/02 16:38:55 [crit] 7474#0: *5 connect() to unix:/tmp/php-fcgi.sock failed (2: No such file or directory) while connecting to upstream, client: 127.0.0.1, server: test.com, request: "GET HTTP://test.com/test.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-fcgi.sock:", host: "test.com"
2018/03/02 16:38:55 [info] 7474#0: *5 client 127.0.0.1 closed keepalive connection
解决办法
[root@localhost ~]# vi /usr/local/nginx/conf/vhost/test.com.conf
注释
48 fastcgi_pass unix:/tmp/php-fcgi.sock;
为
48 # fastcgi_pass unix:/tmp/php-fcgi.sock;
添加
49 fastcgi_pass 127.0.0.1:9000;
为
1 server
2 {
3 listen 80;
4 server_name test.com test2.com test3.com;
5 index index.html index.htm index.php;
6 root /data/wwwroot/test.com;
7
8 if ( $host != 'test.com' ) {
9 rewrite ^/(.*)$ http://test.com/$1 permanent;
10 }
11
12 location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$
13 {
14 expires 7d;
15 valid_referers none blocked server_names *.test.com;
16 if ($invalid_referer) {
17 return 403;
18 }
19 access_log off;
20 }
21
22 location ~ .*\.(js|css)$
23 {
24 expires 12h;
25 access_log off;
26 }
27
28 location /admin/
29 {
30 allow 127.0.0.1;
31 allow 192.168.81.133;
32 deny all;
33 }
34
35 location ~ .*(upload|image)/.*\.php$
36 {
37 deny all;
38 }
39
40 if ($http_user_agent ~* 'Spider/3.0|YoudaoBot|Tomato')
41 {
42 return 403;
43 }
44
45 location ~ \.php$
46 {
47 include fastcgi_params;
48 # fastcgi_pass unix:/tmp/php-fcgi.sock;
49 fastcgi_pass 127.0.0.1:9000;
50 fastcgi_index index.php;
51 fastcgi_param SCRIPT_FILENAME /data/wwwroot/test.com$fastcgi_script_name;
52 }
53
54 access_log /tmp/test.com.log user;
55 }
[root@localhost ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]# /usr/local/nginx/sbin/nginx -s reload
[root@localhost ~]# curl -x 127.0.0.1:80 test.com/test.php
正常解析
问题三
[root@localhost ~]# vi /usr/local/php-fpm/etc/php-fpm.conf
取消注释
5 #listen = /tmp/php-fcgi.sock
为
5 listen = /tmp/php-fcgi.sock
注释
6 #listen = 127.0.0.1:9000
7 #listen.mode = 666
为
1 [global]
2 pid = /usr/local/php-fpm/var/run/php-fpm.pid
3 error_log = /usr/local/php-fpm/var/log/php-fpm.log
4 [www]
5 listen = /tmp/php-fcgi.sock
6 #listen = 127.0.0.1:9000
7 #listen.mode = 666
8 user = php-fpm
9 group = php-fpm
10 pm = dynamic
11 pm.max_children = 50
12 pm.start_servers = 20
13 pm.min_spare_servers = 5
14 pm.max_spare_servers = 35
15 pm.max_requests = 500
16 rlimit_files = 1024
[root@localhost ~]# vi /usr/local/php-fpm/etc/php-fpm.conf
[global]
pid = /usr/local/php-fpm/var/run/php-fpm.pid
error_log = /usr/local/php-fpm/var/log/php-fpm.log
[www]
listen = /tmp/php-fcgi.sock
#listen = 127.0.0.1:9000
#listen.mode = 666
user = php-fpm
group = php-fpm
pm = dynamic
pm.max_children = 50
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
rlimit_files = 1024
[root@localhost ~]# /usr/local/php-fpm/sbin/php-fpm -t
[02-Mar-2018 16:55:05] NOTICE: configuration file /usr/local/php-fpm/etc/php-fpm.conf test is successful
[root@localhost ~]# /etc/init.d/php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm done
[root@localhost ~]# ls -l /tmp/php-fcgi.sock
srw-rw----. 1 root root 0 Mar 2 16:55 /tmp/php-fcgi.sock
这里sock为660,其他用户的权限都是0
取消注释
48 # fastcgi_pass unix:/tmp/php-fcgi.sock;
为
48 fastcgi_pass unix:/tmp/php-fcgi.sock;
注释
49 # fastcgi_pass 127.0.0.1:9000;
为
1 server
2 {
3 listen 80;
4 server_name test.com test2.com test3.com;
5 index index.html index.htm index.php;
6 root /data/wwwroot/test.com;
7
8 if ( $host != 'test.com' ) {
9 rewrite ^/(.*)$ http://test.com/$1 permanent;
10 }
11
12 location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$
13 {
14 expires 7d;
15 valid_referers none blocked server_names *.test.com;
16 if ($invalid_referer) {
17 return 403;
18 }
19 access_log off;
20 }
21
22 location ~ .*\.(js|css)$
23 {
24 expires 12h;
25 access_log off;
26 }
27
28 location /admin/
29 {
30 allow 127.0.0.1;
31 allow 192.168.81.133;
32 deny all;
33 }
34
35 location ~ .*(upload|image)/.*\.php$
36 {
37 deny all;
38 }
39
40 if ($http_user_agent ~* 'Spider/3.0|YoudaoBot|Tomato')
41 {
42 return 403;
43 }
44
45 location ~ \.php$
46 {
47 include fastcgi_params;
48 fastcgi_pass unix:/tmp/php-fcgi.sock;
49 # fastcgi_pass 127.0.0.1:9000;
50 fastcgi_index index.php;
51 fastcgi_param SCRIPT_FILENAME /data/wwwroot/test.com$fastcgi_script_name;
52 }
53
54 access_log /tmp/test.com.log user;
55 }
[root@localhost ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]# /usr/local/nginx/sbin/nginx -s reload
[root@localhost ~]# curl -x 127.0.0.1:80 test.com/test.php
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.8.0</center>
</body>
</html>
[root@localhost ~]# tail /usr/local/nginx/logs/nginx_error.log
2018/03/02 17:00:12 [notice] 7529#0: exit
2018/03/02 17:00:12 [notice] 7530#0: exit
2018/03/02 17:00:12 [notice] 7417#0: signal 17 (SIGCHLD) received
2018/03/02 17:00:12 [notice] 7417#0: worker process 7529 exited with code 0
2018/03/02 17:00:12 [notice] 7417#0: worker process 7530 exited with code 0
2018/03/02 17:00:12 [notice] 7417#0: signal 29 (SIGIO) received
2018/03/02 17:00:12 [notice] 7417#0: signal 17 (SIGCHLD) received
2018/03/02 17:01:33 [notice] 7587#0: *9 "Spider/3.0|YoudaoBot|Tomato" does not match "curl/7.29.0", client: 127.0.0.1, server: test.com, request: "GET HTTP://test.com/test.php HTTP/1.1", host: "test.com"
2018/03/02 17:01:33 [crit] 7587#0: *9 connect() to unix:/tmp/php-fcgi.sock failed (13: Permission denied) while connecting to upstream, client: 127.0.0.1, server: test.com, request: "GET HTTP://test.com/test.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php-fcgi.sock:", host: "test.com"
2018/03/02 17:01:33 [info] 7587#0: *9 client 127.0.0.1 closed keepalive connection
解决办法
[root@localhost ~]# ps aux | grep nginx
root 7417 0.0 0.0 26124 1780 ? Ss 16:07 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody 7587 0.0 0.2 27956 4108 ? S 17:00 0:00 nginx: worker process
nobody 7588 0.0 0.1 27956 3600 ? S 17:00 0:00 nginx: worker process
root 7626 0.0 0.0 112664 976 pts/0 S+ 17:04 0:00 grep --color=auto nginx
[root@localhost ~]# chown nobody /tmp/php-fcgi.sock
[root@localhost ~]# curl -x 127.0.0.1:80 test.com/test.php
正常解析
或
[root@localhost ~]# vi /usr/local/php-fpm/etc/php-fpm.conf
取消注释
7 listen.mode = 666
为
1 [global]
2 pid = /usr/local/php-fpm/var/run/php-fpm.pid
3 error_log = /usr/local/php-fpm/var/log/php-fpm.log
4 [www]
5 listen = /tmp/php-fcgi.sock
6 #listen = 127.0.0.1:9000
7 listen.mode = 666
8 user = php-fpm
9 group = php-fpm
10 pm = dynamic
11 pm.max_children = 50
12 pm.start_servers = 20
13 pm.min_spare_servers = 5
14 pm.max_spare_servers = 35
15 pm.max_requests = 500
16 rlimit_files = 1024
[root@localhost ~]# /etc/init.d/php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm done
[root@localhost ~]# ls -l /tmp/php-fcgi.sock
srw-rw-rw-. 1 root root 0 Mar 2 17:13 /tmp/php-fcgi.sock
[root@localhost ~]# curl -x 127.0.0.1:80 test.com/test.php
正常解析
