Opened 3 years ago
Closed 3 years ago
#2140 closed defect (invalid)
nginx doesn't use the path specified by root directive as document_root in a location directive
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | documentation | Version: | 1.18.x |
| Keywords: | root document_root fastcgi_param | Cc: | stirwl@… |
| uname -a: | Linux fedora 5.7.11-200.fc32.x86_64 #1 SMP Wed Jul 29 17:15:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.18.0
built by gcc 10.0.1 20200328 (Red Hat 10.0.1-0.11) (GCC) built with OpenSSL 1.1.1d FIPS 10 Sep 2019 (running with OpenSSL 1.1.1g FIPS 21 Apr 2020) TLS SNI support enabled configure arguments: --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/tmp/client_body --http-proxy-temp-path=/var/lib/nginx/tmp/proxy --http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi --http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi --http-scgi-temp-path=/var/lib/nginx/tmp/scgi --pid-path=/run/nginx.pid --lock-path=/run/lock/subsys/nginx --user=nginx --group=nginx --with-file-aio --with-ipv6 --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-stream_ssl_preread_module --with-http_addition_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_slice_module --with-http_stub_status_module --with-http_perl_module=dynamic --with-http_auth_request_module --with-mail=dynamic --with-mail_ssl_module --with-pcre --with-pcre-jit --with-stream=dynamic --with-stream_ssl_module --with-google_perftools_module --with-debug --with-cc-opt='-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection' --with-ld-opt='-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-E' |
||
Description
server root is set to /usr/share/nginx/html
"location ~* \.php$" root is set to /www/html;
But when constructing fastcgi_param SCRIPT_FILENAME, nginx is using /usr/share/nginx/html instead of /www/html. So that action.php can't be found.
attached is related config and error.log:
server {
listen 80;
listen [::]:80;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
root /www/html;
index index.html;
}
location ~* \.php$ {
root /www/html;
fastcgi_index index.php;
fastcgi_pass unix:/run/php-fpm/www.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
2021/02/20 22:20:32 [debug] 90122#0: *1 http script copy: "SCRIPT_FILENAME"
2021/02/20 22:20:32 [debug] 90122#0: *1 http script var: "/usr/share/nginx/html"
2021/02/20 22:20:32 [debug] 90122#0: *1 http script var: "/action.php"
2021/02/20 22:20:32 [debug] 90122#0: *1 fastcgi param: "SCRIPT_FILENAME: /usr/share/nginx/html/action.php"
Attachments (1)
Change History (2)
by , 3 years ago
comment:1 by , 3 years ago
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
The request in question is handled in the "\.(php|phar)(/.*)?$" location, not in the
\.php$one. Quoting the debug log provided:As such, the request uses configuration specific to the location in question, notably the document root.
Most likely this is due to
include /etc/nginx/default.d/*.conf;in your configuration. Note that using included files might made it difficult to support a configuration, since important parts of the configuration cannot be seen when editing a configuration. In many cases it is a better idea to avoid included files, especially if you are using locations specified by regular expressions.If you have further questions on how to configure nginx, please use the support options available.