About
Using nginx with php is done trough a FastCgi service known as php-fpm that creates a bridge between nginx and php where Nginx forward the request to the php-fpm service.
The below users should have access to the files otherwise you can get a permission denied error.
- nginx: the user that runs nginx
- www-data: or the user running the FastCgi service (php-fpm for instance)
*62 "/www/my.php" is forbidden (13: Permission denied)
Example
server {
listen 80;
server_name example.org www.example.org;
root /data/www;
location / {
index index.html index.php;
}
location ~ \.php$ {
fastcgi_pass localhost:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}
A request “/index.php” is handled by the php location block:
- that passes the request to the FastCGI server listening on localhost:9000.
- with the parameters:
- set by the fastcgi_param directive
- SCRIPT_FILENAME is equal to /data/www/index.php because:
- the variable document_root is equal to the value of the root directive (/data/www)
- and the variable fastcgi_script_name is equal to the request URI, i.e. /index.php.
- set in the fastcgi_params file
fastcgi_params / fastcgi.conf
You might have an:
- /etc/nginx/fastcgi.conf
- /etc/nginx/fastcgi_params
that’s installed by default and that you can use with an include directive (to include it in your location block)
cat /etc/nginx/fastcgi_params;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;