Matt Wilcox's Setting up a (reasonably) secure home web-server with Raspberry Pi 'howto'

John johnhedge at gmail.com
Mon Jul 24 03:32:02 UTC 2017


I've been implementing (my 4th iteration) Matt Wilcox's Setting up a
(reasonably) secure home web-server with Raspberry Pi
<https://mattwilcox.net/web-development/setting-up-a-secure-home-web-server-with-raspberry-pi/>
'howto' but I keep getting a 404 on my local network (both html and php)
when trying to connect to my RPi nginx web server.

My hosts file is:

127.0.0.1 localhost
10.0.0.46 hedge.local

My hedge config file is:

server {

        listen 80 default_server;

        root /websites/hedge/www;

        index index.html index.htm index.php;

        server_name hedge.local hedge.com.au www.hedge.com.au;

        location / {

                # First attempt to serve request as file, then

                # as directory, then fall back to displaying a 404.

                try_files $uri $uri/ =404;

                # try_files $url $url/ /index.php?q=$url&$args;

        }

        error_log /websites/hedge/logs/error.log error;

        access_log /websites/hedge/logs/access.log;

        location ~ [^/].php(/|$) {

        fastcgi_split_path_info ^(.+?.php)(/.*)$;

        if (!-f $document_root$fastcgi_script_name) {

        return 404;

        }

        fastcgi_pass unix:/var/run/php5-fpm.sock;

        fastcgi_index index.php;

        include fastcgi_params;

        }

}

The nginx config file is:

user www-data;

worker_processes 2;

pid /run/nginx.pid;

events {

        worker_connections 768;

        # multi_accept on;

}

http {

        ##

        # Basic Settings

        ##

        sendfile on;

        tcp_nopush on;

        tcp_nodelay on;

        # keepalive_timeout 65;

        types_hash_max_size 2048;

        server_tokens off;

        server_names_hash_bucket_size 64;

        # server_name_in_redirect off;

        include /etc/nginx/mime.types;

        default_type application/octet-stream;

        ##

        # SSL Settings

        ##

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE

        ssl_prefer_server_ciphers on;

        ##

        # Logging Settings

        ##

        access_log /var/log/nginx/access.log;

        error_log /var/log/nginx/error.log;

        ##

        # Gzip Settings

        ##

        gzip on;

        gzip_disable "msie6";

        gzip_min_length 1100;

        gzip_vary on;

        gzip_proxied any;

        gzip_comp_level 6;

        gzip_buffers 16 8k;

        gzip_http_version 1.1;

        gzip_types text/plain text/css applciation/json
application/x-javascript text/xml application/xml application/rss+xml
text/javascript images/svg+xml application/x-font-ttf font/opentype
application/vnd.ms-fontobject;

        ##

        # Virtual Host Configs

        ##

        include /etc/nginx/conf.d/*.conf;

        include /etc/nginx/sites-enabled/*;

        include /etc/nginx/perfect-forward-secrecy.conf;

        client_header_timeout 10;

        client_body_timeout   10;

        keepalive_timeout     10 10;

        send_timeout          10;

}

The 'hedge' error.log is empty. The 'hedge' access.log has:

10.0.0.206 - - [24/Jul/2017:06:29:42 +1000] "GET /index.html HTTP/1.1" 404
564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"

10.0.0.206 - - [24/Jul/2017:06:31:04 +1000] "GET /index.php HTTP/1.1" 404
564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"

The /var/log/nginx access.log is empty. The error.log has:

2017/07/23 16:27:29 [notice] 17471#0: signal process started

2017/07/23 16:36:20 [notice] 17519#0: signal process started

2017/07/24 12:36:34 [notice] 20858#0: signal process started

I hope I've thought of everything but if not please let me know what else
you require to get me up and going, please.

TIA

John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170724/3705b131/attachment-0001.html>


More information about the nginx mailing list