Ah01071 got error access to the script - Исправление ошибок и поиск оптимальных решений проблем

I seem to be getting these lines in my /var/log/apache2/error.log and the corresponding records in /var/log/apache2/access.log

/var/log/apache2/error.log

[Fri Sep 20 02:28:36.654357 2019] [proxy_fcgi:error] [pid 28619:tid 140003157985024] [client 49.233.5.191:37604] AH01071: Got error 'Primary script unknownn'
[Fri Sep 20 02:28:38.136282 2019] [proxy_fcgi:error] [pid 28618:tid 140003082450688] [client 49.233.5.191:43806] AH01071: Got error 'Primary script unknownn'

/var/log/apache2/access.log

49.233.5.191 - - [20/Sep/2019:02:28:36 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 392 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
49.233.5.191 - - [20/Sep/2019:02:28:36 +0000] "GET /elrekt.php HTTP/1.1" 404 433 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"

Those files obviously do not exist so this seems like a bot scan from the ip location and the behavior. However, when i request another file that does not exist. I do not get the ‘Got error ‘Primary script unknownn’ errors in the /var/log/apache2/error.log file

php-fpm configuration

<IfModule !mod_php7.c>
<IfModule proxy_fcgi_module>
    # Enable http authorization headers
    <IfModule setenvif_module>
    SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
    </IfModule>

    <FilesMatch ".+.ph(ar|p|tml)$">
        SetHandler "proxy:unix:/run/php/php7.2-fpm.sock|fcgi://localhost"
    </FilesMatch>
    <FilesMatch ".+.phps$">
        # Deny access to raw php sources by default
        # To re-enable it's recommended to enable access to the files
        # only in specific virtual host or directory
        Require all denied
    </FilesMatch>
    # Deny access to files without filename (e.g. '.php')
    <FilesMatch "^.ph(ar|p|ps|tml)$">
        Require all denied
    </FilesMatch>
</IfModule>
</IfModule>

Is this something that i can do something about, configuration change maybe?

I know i can block the ip using iptables, i am more interested in getting rid of the log entry if possible by some configuration change.

Источник

TL;DR: The permission problem is being introduced during composer update. Possibly during one of the scripts (a list of which can be found in composer.json).

I started from scratch on a VM with your repository and followed your startup instructions.

git clone https://github.com/reypm/symfony3app
cd symfony3app
docker-compose up -d --build --force-recreate

At this point, the chown from 20-permissions.sh should have been run. To verify that, I looked inside the container. The error I have seen related to /data/www/var/cache/dev, so I looked at the permissions on every directory in that path.

[my-vm]# docker-compose exec php-fpm bash
[container]# ls -la /data/www{,/var{,/cache{,/dev}}}

ls: cannot access /data/www/var/cache/dev: No such file or directory
/data/www:
total 168
drwxrwsr-x 8 apache root   4096 Jan 15 19:26 .
drwxr-xr-x 8 root   root   4096 Jan 15 19:27 ..
-rw-rw-r-- 1 apache root    248 Jan 15 19:26 .gitignore
-rw-rw-r-- 1 apache root     74 Jan 15 19:26 README.md
drwxrwsr-x 5 apache root   4096 Jan 15 19:27 app
drwxrwsr-x 2 apache root   4096 Jan 15 19:26 bin
-rw-rw-r-- 1 apache root   2387 Jan 15 19:26 composer.json
-rw-rw-r-- 1 apache root 119533 Jan 15 19:26 composer.lock
-rw-rw-r-- 1 apache root    978 Jan 15 19:26 phpunit.xml.dist
drwxrwsr-x 3 apache root   4096 Jan 15 19:26 src
drwxrwsr-x 3 apache root   4096 Jan 15 19:26 tests
drwxrwsr-x 4 apache root   4096 Jan 15 19:26 var
drwxrwsr-x 2 apache root   4096 Jan 15 19:26 web

/data/www/var:
total 52
drwxrwsr-x 4 apache root  4096 Jan 15 19:26 .
drwxrwsr-x 8 apache root  4096 Jan 15 19:26 ..
-rw-rw-r-- 1 apache root 34272 Jan 15 19:26 SymfonyRequirements.php
drwxrwsr-x 2 apache root  4096 Jan 15 19:26 cache
drwxrwsr-x 2 apache root  4096 Jan 15 19:26 sessions

/data/www/var/cache:
total 8
drwxrwsr-x 2 apache root 4096 Jan 15 19:26 .
drwxrwsr-x 4 apache root 4096 Jan 15 19:26 ..
-rw-rw-r-- 1 apache root    0 Jan 15 19:26 .gitkeep

So far, so good. The chown has set everything to apache:root and using the modes specified in the script.

Next, I exited the container and ran the composer update.

docker-compose exec php-fpm composer update

When prompted, I used the database parameters I found in the git repo, and everything installed fine. Next, I went back into the container to see if the permissions had changed.

[my-vm]# docker-compose exec php-fpm bash
[container]# ls -la /data/www{,/var{,/cache{,/dev}}}

/data/www:
total 164
drwxrwsr-x  9 apache root   4096 Jan 15 19:20 .
drwxr-xr-x  8 root   root   4096 Jan 15 19:18 ..
-rw-rw-r--  1 apache root    248 Jan 15 19:17 .gitignore
-rw-rw-r--  1 apache root     74 Jan 15 19:17 README.md
drwxrwsr-x  5 apache root   4096 Jan 15 19:18 app
drwxrwsr-x  2 apache root   4096 Jan 15 19:21 bin
-rw-rw-r--  1 apache root   2387 Jan 15 19:17 composer.json
-rw-rw-r--  1 apache root 114331 Jan 15 19:20 composer.lock
-rw-rw-r--  1 apache root    978 Jan 15 19:17 phpunit.xml.dist
drwxrwsr-x  3 apache root   4096 Jan 15 19:17 src
drwxrwsr-x  3 apache root   4096 Jan 15 19:17 tests
drwxrwsr-x  5 apache root   4096 Jan 15 19:21 var
drwxr-sr-x 25 root   root   4096 Jan 15 19:21 vendor
drwxrwsr-x  3 apache root   4096 Jan 15 19:21 web

/data/www/var:
total 96
drwxrwsr-x 5 apache root  4096 Jan 15 19:21 .
drwxrwsr-x 9 apache root  4096 Jan 15 19:20 ..
-rw-rw-r-- 1 apache root 34272 Jan 15 19:21 SymfonyRequirements.php
-rw-r--r-- 1 root   root 39637 Jan 15 19:21 bootstrap.php.cache
drwxrwsr-x 3 apache root  4096 Jan 15 19:21 cache
drwxr-sr-x 2 root   root  4096 Jan 15 19:21 logs
drwxrwsr-x 2 apache root  4096 Jan 15 19:17 sessions

/data/www/var/cache:
total 12
drwxrwsr-x 3 apache root 4096 Jan 15 19:21 .
drwxrwsr-x 5 apache root 4096 Jan 15 19:21 ..
-rw-rw-r-- 1 apache root    0 Jan 15 19:17 .gitkeep
drwxr-sr-x 4 root   root 4096 Jan 15 19:21 dev

/data/www/var/cache/dev:
total 636
drwxr-sr-x 4 root   root   4096 Jan 15 19:21 .
drwxrwsr-x 3 apache root   4096 Jan 15 19:21 ..
-rw-r--r-- 1 root   root     90 Jan 15 19:21 annotations.map
-rw-r--r-- 1 root   root 277718 Jan 15 19:21 appDevDebugProjectContainer.php
-rw-r--r-- 1 root   root  38062 Jan 15 19:21 appDevDebugProjectContainer.php.meta
-rw-r--r-- 1 root   root 213247 Jan 15 19:21 appDevDebugProjectContainer.xml
-rw-r--r-- 1 root   root  84170 Jan 15 19:21 appDevDebugProjectContainerCompiler.log
-rw-r--r-- 1 root   root   4790 Jan 15 19:21 classes.map
drwxr-sr-x 3 root   root   4096 Jan 15 19:21 doctrine
drwxr-sr-x 4 root   root   4096 Jan 15 19:21 pools

As you can see, some things are now owned by root:root. As far as I can tell, this is simply because the container itself runs things as root. So when you exec a job inside, that job is run as root. Therefore, anything it creates is, by default, owned by root.

Meanwhile, Apache runs as the user «apache», because that is what supervisord is configured to do.

There are probably more elegant fixes for this problem, but this one was the simplest one I came up with:

docker-compose exec php-fpm chown -R apache:root /data/www/var/cache
docker-compose restart php-fpm

After that, the app returns

Welcome to
Symfony 3.2.2

Your application is now ready. You can start working on it at: /data/www/

I haven’t tried to fix things any better than this. But my suggestion would be to try to have the startup run composer update for you and do the chown job after that. You probably don’t need to chown all of /data/www, as Apache probably doesn’t need write privs to everything in there. My guess was that the cache directory is one place it needs to write, so I chown’d that path.

Источник

Wondering how to fix AH01071: got error ‘primary script unknown’ in Plesk? We can help you.

Often our customers report to us that they found this error in the website error log after upgrading to Plesk Obsidian.

Here at Bobcares, we often handle requests from our customers to fix similar Plesk errors as a part of our Server Management Services. Today we will see how our support engineers fix this for our customers.

What causes AH01071: Got error ‘Primary script unknown’ in Plesk

Before going into the steps for fixing this error we will see what causes this error.

A typical error from the website error log looks like the one given below:

AH01071: Got error 'Primary script unknown' - Apache Error

Although all the services in the server run fine, we may see that the websites on php showing a “File not found” error.

Cause

Generally, this happens due to incorrect permissions on the domain’s folder.

Symptoms

Following are some of the symptoms that we notice with the error:

1. Unable to access File Manager for a certain domain or for all domains on a server:

Server Error
500 PleskUtilException
Internal error: Unable to find the directory /var/www/vhosts/example.com/: filemng failed: filemng: opendir failed: Permission denied System error 13: Permission denied

2. Not being able to execute actions on File Manager: such as ZIP extraction, Copy, Rename, Changing Permissions, etc.

3. Unable to connect via FTP to a domain main folder or a sub-folder with the following error:

4. Unable to connect FTP: 421 Service not available, remote server has closed.

4. Alternatively, it is not possible to add files to archive in Domains > example.com > File Manager > Add to Archive:

Unable to create the archive: filemng failed: filemng: /usr/bin/zip execution failed: zip warning: Permission denied zip warning: Permission denied zip warning: Permission denied zip warning: Permission denied zip warning: Permission denied zip warning: Permission denied.

Next, we will see how to fix this error either from Plesk GUI or via SSH.

How to fix AH01071: got error ‘primary script unknown’ in Plesk

Now we will see the steps that our Support Engineers follow to fix this issue for our customers.

Plesk GUI

1. First, Log in to Plesk GUI

2. Then we have to install the Repair Kit extension

3. For this we can go to Tools & Settings > Diagnose & Repair > File System > Repair

SSH

1. First, we have to connect to the server via SSH

2. Then run the following command to repair file permissions:

# plesk repair fs -y example.com

To fix permissions for all the domains:

# plesk repair fs -y

[Still, stuck with the error? We can help you]

Conclusion

In short, we saw how our Support Techs fix AH01071: got error ‘primary script unknown’ in Plesk for our customers.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = «owonCMyG5nEQ0aD71QM»;

Источник

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and
privacy statement. We’ll occasionally send you account related emails.

Already on GitHub?
Sign in
to your account

Closed

jmhunter opened this issue

Oct 11, 2016

· 8 comments

Comments

(Apologies if this is the wrong place for this — I’m new to github)

I have been trying to get the nextcloud docker image working, but have either misunderstood the instructions, or something isn’t working.

I am running nextcloud as follows (I already have something else listening on port 9000)
# docker run --name nextcloud -d -p 8001:9000 indiehosters/nextcloud
and I am using Apache as a proxy to access it (Took me ages to figure out that I couldn’t simply point a web browser at the HTTP port — I have never used php-fpm before) :

Listen 1.2.3.100:81
<VirtualHost 1.2.3.100:81>
        ProxyPassMatch "^/(.*)" "fcgi://127.0.0.1:8001/var/www/html/$1"
</VirtualHost>

This seems to work in that the php scripts themselves run fine, but none of the support files come through, they don’t get passed to the browser.

[Mon Oct 10 00:44:07 2016] [error] [client 1.2.3.4] AH01071: Got error 'Access to the script '/var/www/html/core/vendor/backbone/backbone.js' has been denied (see security.limit_extensions)n'
[Mon Oct 10 00:44:07 2016] [error] [client 1.2.3.4] AH01071: Got error 'Access to the script '/var/www/html/core/js/oc-backbone.js' has been denied (see security.limit_extensions)nxffx7f'
[Mon Oct 10 00:44:07 2016] [error] [client 1.2.3.4] AH01071: Got error 'Access to the script '/var/www/html/core/js/placeholder.js' has been denied (see security.limit_extensions)nxffx7f'
[....]

Am I missing something basic in the config somewhere, or am I misunderstanding how this is meant to fit together?

Hi!

I’m no apache expert, but seems you could remove /var/www/html from
your config, I think the path mismatches.

On 11-10-2016 01:22, jmhunter wrote:

(Apologies if this is the wrong place for this — I’m new to github)

I have been trying to get the nextcloud docker image working, but have
either misunderstood the instructions, or something isn’t working.

I am running nextcloud as follows (I already have something else
listening on port 9000)
|# docker run —name nextcloud -d -p 8001:9000 indiehosters/nextcloud
|
and I am using Apache as a proxy to access it (Took me ages to figure
out that I couldn’t simply point a web browser at the HTTP port — I have
never used php-fpm before) :

|Listen 1.2.3.100:81 <VirtualHost 1.2.3.100:81> ProxyPassMatch «^/(.*)»
«fcgi://127.0.0.1:8001/var/www/html/$1» |

This seems to work in that the php scripts themselves run fine, but none
of the support files come through, they don’t get passed to the browser.

|[Mon Oct 10 00:44:07 2016] [error] [client 1.2.3.4] AH01071: Got error
‘Access to the script ‘/var/www/html/core/vendor/backbone/backbone.js’
has been denied (see security.limit_extensions)n’ [Mon Oct 10 00:44:07
2016] [error] [client 1.2.3.4] AH01071: Got error ‘Access to the script
‘/var/www/html/core/js/oc-backbone.js’ has been denied (see
security.limit_extensions)nxffx7f’ [Mon Oct 10 00:44:07 2016] [error]
[client 1.2.3.4] AH01071: Got error ‘Access to the script
‘/var/www/html/core/js/placeholder.js’ has been denied (see
security.limit_extensions)nxffx7f’ [….] |

Am I missing something basic in the config somewhere, or am I
misunderstanding how this is meant to fit together?

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
#16, or mute the thread
https://github.com/notifications/unsubscribe-auth/ABxvHSfPbZerp3xyLjK-HMuYGti02TOiks5qytaxgaJpZM4KTHmj.

I use PGP to protect our privacy, if you want to know more, you can
follow this
https://emailselfdefense.fsf.org/en/

If you have further questions, please do not hesitate to ask.
You can verify my public key here: https://keybase.io/pierreozoux

Thanks pierreozoux for the suggestion around removing /var/www/html from the Apache config, but unfortunately I did try this (it was what I started with) and it just results with the browser showing a «File not found» message. At least with /var/www/html in the path, the php file executes even if the associated CSS files etc. can’t be loaded.

I can’t help feeling that I have mis-understood how this fits together, somehow.

For reference my non-working config («File not found») is as follows:

ProxyPassMatch "^/(.*)" "fcgi://127.0.0.1:8001/$1"

which results in:

[Tue Oct 11 16:32:51 2016] [error] [client 1.2.3.4] AH01071: Got error 'Primary script unknownn'
[Tue Oct 11 16:32:51 2016] [error] [client 1.2.3.4] AH01071: Got error 'Primary script unknownn', referer: http://1.2.3.100:81/

This is returned to the browser:

<html><body><p>File not found.
</p></body></html>

Adding in /var/www/html to the fcgi path at least results in the php executing.

To add some clarity, here is the current status.

I have nextcloud docker running on my server:
# docker run --name nextcloud -d -p 8001:9000 indiehosters/nextcloud

And I am using Apache to reverse proxy (I’ve sanitised the server IP to 1.2.3.4 here):

<VirtualHost 1.2.3.4:81>
        ProxyPassMatch "^/(.*)" "fcgi://127.0.0.1:8001/var/www/html/$1"
</VirtualHost>

This all works, to a point — so I think the path in the config file is OK, at least. I can visit http://1.2.3.4:81/index.php and the nextcloud index page executes and displays.. but none of the non-PHP files e.g. CSS, images, Javascript libraries etc. work — see screenshot below:

This is what I get in Apache’s error_log:

[Wed Nov 02 00:36:30 2016] [error] [client 2.2.2.2] AH01071: Got error 'Access to the script '/var/www/html/core/css/styles.css' has been denied (see security.limit_extensions)n'
[Wed Nov 02 00:36:30 2016] [error] [client 2.2.2.2] AH01071: Got error 'Access to the script '/var/www/html/core/css/header.css' has been denied (see security.limit_extensions)n'
[Wed Nov 02 00:36:30 2016] [error] [client 2.2.2.2] AH01071: Got error 'Access to the script '/var/www/html/core/css/inputs.css' has been denied (see security.limit_extensions)n'
[Wed Nov 02 00:36:30 2016] [error] [client 2.2.2.2] AH01071: Got error 'Access to the script '/var/www/html/core/css/icons.css' has been denied (see security.limit_extensions)n'
[Wed Nov 02 00:36:30 2016] [error] [client 2.2.2.2] AH01071: Got error 'Access to the script '/var/www/html/core/css/fonts.css' has been denied (see security.limit_extensions)n'
[Wed Nov 02 00:36:30 2016] [error] [client 2.2.2.2] AH01071: Got error 'Access to the script '/var/www/html/core/css/apps.css' has been denied (see security.limit_extensions)n'
[Wed Nov 02 00:36:30 2016] [error] [client 2.2.2.2] AH01071: Got error 'Access to the script '/var/www/html/core/css/global.css' has been denied (see security.limit_extensions)n'
[Wed Nov 02 00:36:30 2016] [error] [client 2.2.2.2] AH01071: Got error 'Access to the script '/var/www/html/core/css/fixes.css' has been denied (see security.limit_extensions)n'
[Wed Nov 02 00:36:30 2016] [error] [client 2.2.2.2] AH01071: Got error 'Access to the script '/var/www/html/core/css/multiselect.css' has been denied (see security.limit_extensions)n'
[Wed Nov 02 00:36:30 2016] [error] [client 2.2.2.2] AH01071: Got error 'Access to the script '/var/www/html/core/css/mobile.css' has been denied (see security.limit_extensions)n'
[...]

It looks as though it’s trying to execute all the support files, rather than just show them directly.

I appreciate I’m using Apache and not nginx — but the only docs I have been able to find are https://hub.docker.com/r/indiehosters/nextcloud/ which simply says to use a reverse proxy.

How is this meant to work?

There is an apache version in preparation. #21 would you mind testing?

Apologies as I know this isn’t the place for docker type queries.. but I have been trying on and off to test #21 since December.. I just don’t know what docker commands I need to do, to test it

My docker skills are pretty much limited to ‘docker pull indiehosters/nextcloud’ and ‘docker run indiehosters/nextcloud’.. I’ve found the github pull requests associated with #21 (I think) but I’m not sure either how to get docker to build it (presumably I manually create the appropriate directory structure on disk locally, and ‘docker run’ from there) or how to tell docker to use the Apache variant of nextcloud instead of the php-fpm variant. I thought it would be an environment variable passed to the nextcloud docker instance, but looking at the files on github I can’t see anything in the docker script that checks for environment variables and selects php-fpm or apache?

I would absolutely love to test this version — and figured I should probably post on here to ask for guidance, rather than sit silently and not test it.. Thanks for everyone’s efforts on the apache version — that will solve my issue (although I’m still confused as to why php-fpm doesn’t work for me )

Answering my own question… I think I figured it out. Posting here my steps, in case it helps others:

Download ‘10.0/apache/Dockerfile’ and ‘10.0/apache/docker-entrypoint.sh’ from https://github.com/nextcloud/docker/pull/21/files
chmod +x docker-entrypoint.sh
From the download directory, run ‘docker build -t nextcloud-test .’ and then ‘docker run —name nextcloud-test —restart=always -d -p 8001:80 nextcloud-test’

The PR landed in master, and I htink the issue is solved, can you confirm and close?

Thank you to all who have worked on this. I have now tested using steps as below, and I can confirm that the apache variant works fine (the setup wizard appears correctly) 😃

The front page docker/nextcloud documentation now needs to be updated, I think, to guide people to the existence of the Apache variant and how to use it — at the moment, it just talks about php-fpm.

(There is probably also a better way of launching this using docker, rather than manually downloading the files as I have done — see below for how I ran it. I am not yet a docker expert, but as soon as I am, I will absolutely share what I have learnt!)

Am therefore closing this — thanks! (My initial question remains unanswered but can equally be re-framed as «how do I use php-fpm with apache as reverse proxy» and there are other forums for that. The existence of the apache variant means I don’t need to get php-fpm working, anyway)

Steps I used:

mkdir docker-nextcloud-test && cd docker-nextcloud-test
wget https://raw.githubusercontent.com/nextcloud/docker/master/10.0/apache/Dockerfile    
wget https://raw.githubusercontent.com/nextcloud/docker/master/10.0/apache/docker-entrypoint.sh
chmod +x docker-entrypoint.sh
docker build -t nextcloud-test . && docker run --name nextcloud-test --restart=always -d -p 8001:80 nextcloud-test

2 participants

Источник

I got this error on apache logs:

Code:

[Mon Oct 01 21:56:45.* 2018***] [proxy_fcgi:error] [pid 145*:*tid 14****] [client ****] AH01071: Got error 'Primary script unknownn'
[Mon Oct 01 21:56:4*** 2018] [proxy_fcgi:error] [pid 14535:tid 140****] [client *****] AH01071: Got error 'Primary script unknownn'
[Mon Oct 01 21:56:45.916027 2018] [proxy_fcgi:error] [pid 145***:tid 140*****] [client *****] AH01071: Got error 'Primary script unknownn'
[Mon Oct 01 21:56:46****2018] [proxy_fcgi:error] [pid 145***:tid 140*****2] [client ****] AH01071: Got error 'Primary script unknownn'
[Mon Oct 01 21:56:4*** 2018] [proxy_fcgi:error] [pid 145**:tid 1401*****] [client ****] AH01071: Got error 'Primary script unknownn'
[Mon Oct 01 21:56:47*2018] [**proxy_fcgi:error] [pid 14***:tid 140*****] [client ****] AH01071: Got error 'Primary script unknownn'
[Mon Oct 01 21:56:4* 2018] ***[proxy_fcgi:error] [pid 145***:tid 1401***] [client ********] AH01071: Got error 'Primary script unknownn'

Why im getting this error?
How to fix?

I guess that means the php file does not exist (404), primary with bots/etc trying to find vulnerable scripts, but the htaccess is wrong.

See here

I guess that means the php file does not exist (404), primary with bots/etc trying to find vulnerable scripts, but the htaccess is wrong.

See here

little confused, to which htaccess code should i use?

@rtdirect,

I guess you need to check the link in the post #2 suggested by Peter, and you will probably understand what has it to do with .htaccess.

@rtdirect,

I guess you need to check the link in the post #2 suggested by Peter, and you will probably understand what has it to do with .htaccess.

my htaccess code not like that.
there is no /fc2/ on me.

Yeah but that htaccess code isnt same with mine.

my htaccess code not like that.
there is no /fc2/ on me.

Try

i appreciate with your help but my htaccess is similar to wordpress default htaccess.

Like this:

Code:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

There are also some plugin added codes in it.

I’m actually seeing this myself without even realising

No error pages appear to the browser, just a «File not found» appears for .php pages…….

Looks like it’s a deeper problem than I first thought.

Erm…. Apache and php-fpm.

I have just noticed the same thing (never did before, no real reason to check for 404s errors )

I also found the solutions for both Nginx and Nginx+Apache
If you’re using only Nginx and php-fpm use this when you’re calling the PHP handler:

Code:

fastcgi_intercept_errors on;

(https://serverfault.com/questions/628810/serve-a-custom-404-page-generated-by-php)

If you’re using Nginx+Apache (or only Apache) and php-fpm use this when you’re calling the PHP handler:

(https://stackoverflow.com/questions/33843786/custom-404-message-when-using-php-fpm-with-apache=

Quick example for Apache:

Code:

                        ProxyErrorOverride on
                        AddHandler "proxy:unix:/usr/local/php56/sockets/cn.sock|fcgi://localhost" .php56

I think is more likely to be better to change the templates using custom versions, but probably much better if DA add this option as default.

I am going to forward the URL to this thread to John.

PLEASE NOTE: Enabling this option might disable the per-site custom error pages (as for instance the one generated by WP) in Nginx (it does NOT in Apache, I tested, but Apache uses .htaccess to override this, on Nginx there is no .htaccess so I am not sure how the custom error pages in WP do works and if this might cause an issue.
In Nginx I presum Custom HTTPD Templates will be used, so it still might be fine actually.

Regards

Last edited: Oct 11, 2018

I wonder if this was an oversight, as, like Sellerone, I dont check errors etc….

A fix for Apache has been addded, now in pre-release: https://www.directadmin.com/features.php?id=2211
For Nginx has not yet been implemented because John wasn’t able to replicate (as for Apache, but since there were 3 ppl having this issue did just make sense to fix it)

Regards

A fix for Apache has been addded, now in pre-release: https://www.directadmin.com/features.php?id=2211
For Nginx has not yet been implemented because John wasn’t able to replicate (as for Apache, but since there were 3 ppl having this issue did just make sense to fix it)

You write «a fix for Apache», but the feature page says «nginx+apache», I sure hope it is not added for plain Apache.

I don’t know about Nginx and Nginx+Apache, but you must not add «ProxyErrorOverride on» for plain Apache, that will break Drupal «Maintenance Mode page», because Drupal is actually sending a HTTP status 503 for their Maintenance Mode page. It is also likely that this will cause trouble for other CMS.

Apache doesn’t care if it’s the only webserver, the fix is on the check for PHP-FPM, regardless of Nginx, that’s why is a fix for Apache, it would work on any Apache related configuration when using PHP-FPM.

Wouldn’t Drupal use a .htaccess file to override the error pages?

All I am saying is that DirectAdmin should not add «ProxyErrorOverride on» to /etc/httpd/conf/extra/httpd-default.conf for us that use plain Apache (I don’t know about Nginx and don’t use it). I have tested this because DirectAdmin added «ProxyErrorOverride on» in the beginning of march 2018, and I got support tickets from customers complaining that Drupal maintainance page did not work any more. I sent a ticket to DirectAdmin wich reverted this change in CustomBuild 2.0 rev. 1846. I have now sent a new ticket to DirectAdmin to let them know about this again.

Regarding Drupal and their «Maintenance Mode page», this thread might give some information about that: https://www.drupal.org/project/drupal/issues/2674900 (please note Drupal is not going to change this, because the status says «Closed (works as designed)».

I see your point, but that’s not where has been added actually

Code:

Relates to not passing errors to nginx, and instead let php/apache generate the error pages.
The 4 virtual_host2*.conf files will have:
ProxyErrorOverride on

just before the AddHandler for both php1-fpm and php2-fpm.

I will check that Drupal report, do you have by any chance a test server where Drupal is configured and I can run some confs tests so to find a better solution if this doesn’t work?

Drupal is actually responding with a 503 which is an HTTP Server code, so I don’t see the problem on using the HTTP Server to handle them.

Then, if you want to have a custom page that says «Mantainance mode on» that’s up to the customer and can (and should) be managed by .htaccess.

I don’t see nor understand how PHP would handle that better, I would need an example

I found some example to have custom 503 Page on Drupal and not the server one (which I repeat, are the correct one to be showed for every normal case), sites have been using standard web server error page for ages, I don’t see how Drupal can have a «say» on that

https://groups.drupal.org/node/256708

https://gist.github.com/perusio/3778833

Custom code for the Nginx config:

Code:

error_page 503 = @503;

location @503 {
     if ($upstream_http_etag) {
         return 503 "Site down for maintenance. We'll be back shortly";
     }
}

Best regards

@SeLLeRoNe, Well this is how Drupal handle Maintenance page, and we are a shared hosting and we need to support Drupal out of the box. The Drupal Maintenance page does not work when «ProxyErrorOverride on» is added, but instead show the default Apache 503 status page. As a shared host, we can’t tell customers to use different solutions, we need to support Drupal out of the box.

Again I ask that «ProxyErrorOverride on» is not added for us that use plain Apache. If it is added by DirectAdmin, we will remove it manually on every update. I am not going into a debate on this. I have said all I have to say.

Is not matter of Apache or Nginx+Apache, that is not what is causing the problem, the problem is Apache+PHP-FPM and Nginx+PHP-FPM and Nginx+Aoache+PHP-FPM.

If you use Apache+MOD_PHP you would have the error pages handled by Apache aswell, even in that case you wouldn’t use the Drupal one unless you have custom .htaccess or customizations in Apache configuration.

That option is used when you are using a Proxy after Apache (as PHP-FPM work).
If Drupal is working as stand-alone application it would means you’re proxying it, so you wouldn’t put that option on that proxy coniguraiton, while DA is adding that for the specific AddHandler bit when PHP-FPM is in place, not as a default option.

Here an example of configuration from last update from my server:

Code:

                <FilesMatch ".(inc|php|phtml|phps|php72)$">
                        ProxyErrorOverride on
                        AddHandler "proxy:unix:/usr/local/php72/sockets/cn.sock|fcgi://localhost" .inc .php .phtml .php72
                </FilesMatch>
                <FilesMatch ".(inc|php|phtml|phps|php56)$">
                        ProxyErrorOverride on
                        AddHandler "proxy:unix:/usr/local/php56/sockets/cn.sock|fcgi://localhost" .php56
                </FilesMatch>

If you’re bypassing somehow PHP-FPM for Drupal (not sure, never used Drupal so mine are just hypotesis), than you should be fine.
If Drupal is working as any other PHP Application, which is run from PHP (either mod_php or PHP-FPM) than the result shouldn’t change with that option.

Again, the change is not in the default template as you wrote, so that shouldn’t even affect you.

Best regards

Источник

Topic starter 16/06/2018 8:36 am

Another silly error I had to fix on same server as .htaccess: Option FollowSymLinks not allowed here. After I got rid of that .htaccess error from Apache2 logs, bunch of following lines started to appear.

[proxy_fcgi:error] [pid 17763:tid 140531061487360] [client xx.xx.xx.xxx:16953] AH01071: Got error 'Primary script unknownn'

And php files started to give 404 not found errors. So it still seemed like something related to mod_rewite or .htaccess. I checked everything and restarted Apache2 and PHP a couple times. But still nothing changed.

Since I already have a perfectly working php app on the server I compared both Apache2 virtual hosts and they were almost identical. I was clueless at this point. I was well over an hour into this error and was pulling my hair. I decided to take a break and did a system reboot.

That magically fixed it.

Yes, a simple system reboot fixed it. I still have no idea why a system reboot would fix it and not Apache2 restart. I’m thinking this is related to Virtualmin I was using as the control panel.

Источник