EC2のnginxでWordPressを設置しています。
それまでは問題なかったのですが、ALBのヘルスチェックを通そうと試行錯誤しているうちに
パブリックIPでアクセスしたところPHPが動作していないのかダウンロードしてしまいます。
(WordPressは/var/www/html/wordpressに設置しております。)
nginxのバージョンは1.10.2、php-fpmは5.6.30
nginx.confとdefault.conf、php-fpm/www.conf(文字数制限のため変更箇所のみ)は以下になりますが何かご助言を頂けないでしょうか?
なお、ディストリビューションはAMAZON LINUX AMI release2017.03で、php5-fpmは起動しております。
ポートを443に指定してアクセスすると400Bad Requestになり、ポート指定無し&ポート80に指定ではダウンロードになるようです。
nginx.conf
# For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx; worker_processes auto; worker_rlimit_nofile 4096; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; # Load dynamic modules. See /usr/share/nginx/README.fedora. include /usr/share/nginx/modules/*.conf; events { worker_connections 2048; } http { server_tokens off; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; # for more information. include /etc/nginx/conf.d/*.conf; gzip on; gzip_disable "msie6"; gzip_disable "Mozilla/4"; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_min_length 1024; gzip_types text/plain text/xml text/css application/xml application/xhtml+xml application/rss+xml application/atom_xml application/json application/javascript application/x-javascript; index index.php index.html index.htm; }
default.conf
server { client_max_body_size 96M; listen 80 http2; root /var/www/html/wordpress; server_name example.com www.example.com; charset utf-8; add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains'; resolver 127.0.0.1; resolver_timeout 10s; return 301 https://example.com$request_uri; } server { client_max_body_size 96M; listen 443 ssl default_server http2; server_name example.com; root /var/www/html/wordpress; charset utf-8; ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem; ssl_dhparam /etc/nginx/ssl/dhparam.pem; keepalive_timeout 70; ssl_stapling on; ssl_stapling_verify on; ssl_session_cache builtin:1000 shared:SSL:10m; ssl_session_timeout 10m; ssl_session_tickets off; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'; ssl_prefer_server_ciphers on; add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains'; #resolver 8.8.4.4 8.8.8.8 valid=300s; resolver 10.0.0.2; resolver_timeout 10s; set $server "example.com"; location / { root /var/www/html/wordpress; index index.html index.htm index.php; proxy_ssl_server_name on; proxy_pass https://$server; proxy_set_header X-Forwarded-Host $server; proxy_redirect off; try_files $uri $uri/ /index.php?q=$uri&$args @wp; if (!-e $request_filename) { rewrite ^.+?(/wp-.*) $1 last; rewrite ^.+?(/.*\.php)$ $1 last; rewrite ^ /index.php last; } } location ~* \.php$ { root /var/www/html/wordpress; try_files $uri @wp; fastcgi_pass unix:/var/run/php-fpm.sock; fastcgi_index index.php; fastcgi_split_path_info ^(.+\.php)(.*); fastcgi_param SCRIPT_FILENAME /var/www/html/wordpress/$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_pass_header "X-Accel-Redirect"; fastcgi_pass_header "X-Accel-Expires"; fastcgi_read_timeout 180; include fastcgi_params; } location @wp { root /var/www/html/wordpress; fastcgi_index index.php; fastcgi_split_path_info ^(.+\.php)(.*)$; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_param SCRIPT_FILENAME /var/www/html/wordpress/index.php; include fastcgi_params; } location ~* /wp-config.php { deny all; } location ~* /(phpmyadmin|myadmin|pma) { access_log off; log_not_found off; return 404; } location = /healthcheck.txt { access_log off; return 204; break; } location /.well-known { root /var/www/html; } # let's encrypt location ^~ /.well-known/acme-challenge { root /usr/local/letsencrypt; access_log /var/log/nginx/access_letsencrypt.log; error_log /var/log/nginx/error_letsencrypt.log; } # error_page 404 /index.php?error=404; error_page 500 502 503 504 /50x.html; location /favicon { empty_gif; access_log off; log_not_found off; } location = /robots.txt { log_not_found off; access_log off; } location ~ /\. { deny all; log_not_found off; access_log off; } location ~* \.(pdf)$ { add_header X-Robots-Tag noindex; } }
/etc/php-fpm-5.6.d/www.conf
user = nginx ; RPM: Keep a group allowed to write in log dir. group = nginx listen = /var/run/php-fpm.sock ;listen = 127.0.0.1:9000 (略) ; Set session path to a directory owned by process user php_value[session.save_handler] = files php_value[session.save_path] = /var/lib/php/5.6/session ; 170602 エラーのためコメントアウト ;php_value[soap.wsdl_cache_dir] = /var/lib/php/5.6/wsdlcache catch_workers_output = yes
回答4件
あなたの回答
tips
プレビュー
下記のような回答は推奨されていません。
このような回答には修正を依頼しましょう。
2017/06/06 02:36