我正在尝试使用php 5.6和nginx的synology设置一个网站 . 该网站是WordPress和主题 . 处理演示导入时,我们有一个NGINX错误405(不允许) .
这有点令人沮丧,因为我喜欢什么时候做得好 .
我查看了php.ini文件和nginx.conf文件 .
# Copyright (c) 2000-2016 Synology Inc. All rights reserved.
worker_processes auto;
#worker_cpu_affinity auto;
worker_rlimit_nofile 65535;
include conf.d/main.conf;
events {
use epoll;
multi_accept on;
worker_connections 1024;
include conf.d/events.conf;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log off;
#access_log syslog:server=unix:/dev/log,facility=local7,tag=nginx_access,nohostname main;
error_log syslog:server=unix:/dev/log,facility=local7,tag=nginx_error,nohostname error;
sendfile on;
server_tokens off;
proxy_request_buffering off;
fastcgi_request_buffering off;
scgi_request_buffering off;
proxy_buffering off;
fastcgi_buffering off;
scgi_buffering off;
resolver_timeout 5s;
client_header_timeout 10s;
client_body_timeout 60s;
send_timeout 60s;
keepalive_timeout 65s 20s;
client_max_body_size 0;
server_names_hash_max_size 8192;
ssl_certificate /usr/syno/etc/certificate/system/default/fullchain.pem;
ssl_certificate_key /usr/syno/etc/certificate/system/default/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
ssl_dhparam /usr/syno/etc/ssl/dh2048.pem;
ssl_prefer_server_ciphers on;
gzip_disable "msie6";
gzip_min_length 1000;
gzip_types text/plain text/css application/javascript application/json;
gzip_vary on;
gzip_static on;
upstream synoscgi {
server unix:/run/synoscgi.sock;
}
index index.html index.htm index.php;
set_real_ip_from 127.0.0.1;
real_ip_header X-Real-IP;
server {
listen 5000 default_server;
listen [::]:5000 default_server;
server_name _;
gzip on;
include app.d/alias.*.conf;
root /usr/syno/synoman;
index index.cgi;
ignore_invalid_headers off;
include app.d/dsm.*.conf;
include /usr/syno/share/nginx/conf.d/dsm.*.conf;
include conf.d/dsm.*.conf;
location = / {
try_files $uri /index.cgi$is_args$query_string;
}
location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;
root /;
include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}
location ~ /webman/modules/(PersonalSettings|ExternalDevices|FileBrowser)/index_ds.php$ {
alias /usr/syno/share/OAuth/index_ds.php;
default_type text/html;
}
location ~ \.cgi {
include scgi_params;
scgi_read_timeout 3600s;
scgi_pass synoscgi;
}
error_page 403 404 500 502 503 504 @error_page;
location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}
location ~ ^/webman/modules/Indexer/ {
deny all;
}
location ~ ^/webapi/lib/ {
deny all;
}
location ~ ^/webapi/(:?(:?.*)\.lib|(:?.*)\.api|(:?.*)\.auth|lib.def)$ {
deny all;
}
location ~ /\. { access_log off; log_not_found off; deny all; }
location ~* \.(?:js|css|png|jpg|gif|ico)$ {
access_log off;
log_not_found off;
}
location = /favicon.ico {
access_log off;
log_not_found off;
}
location = /robots.txt {
allow all;
access_log off;
log_not_found off;
}
}
server {
listen 5001 default_server ssl;
listen [::]:5001 default_server ssl;
server_name _;
include app.d/alias.*.conf;
root /usr/syno/synoman;
index index.cgi;
ignore_invalid_headers off;
include app.d/dsm.*.conf;
include /usr/syno/share/nginx/conf.d/dsm.*.conf;
include conf.d/dsm.*.conf;
location = / {
try_files $uri /index.cgi$is_args$query_string;
}
location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;
root /;
include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}
location ~ /webman/modules/(PersonalSettings|ExternalDevices|FileBrowser)/index_ds.php$ {
alias /usr/syno/share/OAuth/index_ds.php;
default_type text/html;
}
location ~ \.cgi {
include scgi_params;
scgi_read_timeout 3600s;
scgi_pass synoscgi;
}
error_page 403 404 500 502 503 504 @error_page;
location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}
location ~ ^/webman/modules/Indexer/ {
deny all;
}
location ~ ^/webapi/lib/ {
deny all;
}
location ~ ^/webapi/(:?(:?.*)\.lib|(:?.*)\.api|(:?.*)\.auth|lib.def)$ {
deny all;
}
location ~ /\. { access_log off; log_not_found off; deny all; }
location ~* \.(?:js|css|png|jpg|gif|ico)$ {
access_log off;
log_not_found off;
}
location = /favicon.ico {
access_log off;
log_not_found off;
}
location = /robots.txt {
allow all;
access_log off;
log_not_found off;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 default_server ssl;
listen [::]:443 default_server ssl;
server_name _;
location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;
root /;
include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}
include app.d/www.*.conf;
include app.d/alias.*.conf;
include /usr/syno/share/nginx/conf.d/www.*.conf;
include conf.d/www.*.conf;
location = /webman/pingpong.php {
rewrite /webman/pingpong.php /webman/pingpong.cgi break;
root /usr/syno/synoman;
include scgi_params;
scgi_pass synoscgi;
}
location = /webdefault/images/logo.jpg {
alias /usr/syno/share/nginx/logo.jpg;
}
error_page 405 =200 $uri;
location ~* \.php$ {
include fastcgi_params;
fastcgi_index index.php;
fastcgi_read_timeout 240;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
error_page 403 404 500 502 503 504 @error_page;
location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}
location ^~ /.well-known/acme-challenge {
root /var/lib/letsencrypt;
default_type text/plain;
}
include app.d/.location.webstation.conf*;
location ~ ^/$ {
if ($scheme = https) {
rewrite / https://$host:5001/ redirect;
}
rewrite / http://$host:5000/ redirect;
}
}
include conf.d/http.*.conf;
include app.d/server.*.conf;
include sites-enabled/*;
}
我在互联网上搜索了很多,到目前为止只有一些有趣的线索,但没有任何效果 .
我试图将以下内容添加到nginx.conf(这就是为什么我的实际nginx.conf有这些行)但它没有解决我的问题 .
location ~* \.php$ {
include fastcgi_params;
fastcgi_index index.php;
fastcgi_read_timeout 240;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
有关信息,这是日志文件中的错误:
2017/02/10 18:14:07 [错误] 18555#18555:* 2563上游超时(110:连接超时)从上游读取响应头,客户端:xxx.xxx.xxx.xxx,server:example .com,请求:“POST /wp-admin/admin-ajax.php HTTP / 1.1”,上游:“fastcgi:// unix:/run/php-fpm/php56-fpm.sock”,主持人:“www . example.com“,推荐人:http://example.com/wp-admin/admin.php?page = laborator-demo-content-installer&install-pack=agency&
如果你有任何想法可以解决这个问题......因为我已经有几个星期以来一直在努力...非常感谢提前
1 回答
tl; dr-你的WordPress太慢了 . 跳到底部,看看如何让NGINX返回正确的
504 GATEWAY TIMEOUT
状态代码 .更长的版本:你有一堆单独的问题以无益的方式协同工作 .
1. WordPress, your upstream server, is not responding fast enough
这需要超过4分钟,这就是您在日志中看到
110: Connection timed out
的原因 . solution to the slowness 是为了加速WordPress . 作为一种解决方法,您可以给它更多时间来处理请求 . 为此,请增加fastcgi_read_timeout 240;
规则中的数字 . 请注意,超时以秒为单位,因此如果等待10分钟就可以了,请将其设置为600
.不过,我建议不要增加超时时间 . 您应该真正解决性能问题本身 . 如此长的请求会阻止NGINX和WordPress中的资源,因此您可以非常轻松地进行DDoSed,甚至可能是您自己 .
因为你的上游需要太长时间,NGINX会回复
504 GATEWAY TIMEOUT
. 它不能因为......2. POST requests cannot be answered with static files
在
error_page
位置,GET
或HEAD
很好're telling NGINX to use static files to handle the requests. That',但它不适用于POST
,因为它会要求NGINX覆盖/创建文件 . NGINX既不打算也不支持 . (出于同样的原因,请求也会失败使用其他修改动词,例如PUT
和DELETE
. )请注意,您使用的是method remains POST, as the manual says的命名位置
@error_page
:您已经知道其中的一部分,这就是您添加
error_page 405 =200 $uri;
规则的原因 . 不幸的是,这并没有拯救你,因为......3. Internal error_page redirects are not recursive by default
据我所知,
error_page
手册的文档中没有提到这一点,但在以下指令的文档中提到了这一点:Workaround: Enable recursive error_page redirects
指令recursive_error_pages允许您处理在处理上一个错误时发生的错误 . 来自文档:
如果启用此功能,通过将
recursive_error_pages on;
放入服务器块,您将允许error_page 405
指令启动 .不幸的是,由于您仍在使用
$uri
部分请求相同的资源,因此将再次查询WordPress以获取相同的URL,这次是使用GET请求 . 不知道你的WordPress如何处理,但很可能会发生错误,然后无法帮助你调试它 .这真的只是跳过问题;你应该得到的是原始
504
. 因此,我建议您执行以下操作,而不是启用递归错误页面重定向:Solution: Use GET to fetch your error pages
我假设你仍然希望在POST请求时返回你的error.html . 为此,您需要强制NGINX删除
POST
并使用GET
处理错误,以便可以使用静态文件 . 我发现实现这一目标的唯一方法是不使用命名位置(开头的@
),而是使用internal .要使用此选项,请将
@error_page
位置更改为包含伪路径和internal
指令,例如:然后,修改
error_page
指令,以使用新位置:资源:A helpful discussion on the NGINX mailing list.