<div dir="ltr">PHP-FPM is only for PHP. You'll want something like fcgiwrap for regular CGI files.<div><br></div><div>See <a href="https://www.nginx.com/resources/wiki/start/topics/examples/fcgiwrap/">https://www.nginx.com/resources/wiki/start/topics/examples/fcgiwrap/</a></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Apr 6, 2018 at 6:02 PM, Ralph Seichter <span dir="ltr"><<a href="mailto:m16+nginx@monksofcool.net" target="_blank">m16+nginx@monksofcool.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello list,<br>
<br>
I am fairly new to nginx and now have stumbled across an issue I can't<br>
solve. I have successfully configured nginx on Gentoo Linux to run PHP<br>
applications (e.g. phpBB and phpMyAdmin) with php-fpm.<br>
<br>
As far as I understand, php-fpm should also be able to execute "regular<br>
CGI" in the form of Shell-Scripts or Perl, as long as the files are<br>
executable and use shebang-notation to indicate what interpreter they<br>
want to be run with?<br>
<br>
In my test installation CGI scripts are never executed by php-fpm. File<br>
contents are simply piped to the web browser, and I can't figure out<br>
why. I searched the Net and mailing list archives, but did not find a<br>
solution, so I thought it best to ask here.<br>
<br>
Output of nginx -V, configuration dump and test.cgi are attached. Your<br>
help is appreciated.<br>
<br>
-Ralph<br>
<br>
<br>
nginx version: nginx/1.13.11<br>
built with OpenSSL 1.0.2n 7 Dec 2017<br>
TLS SNI support enabled<br>
configure arguments: --prefix=/usr --conf-path=/etc/nginx/nginx.<wbr>conf<br>
--error-log-path=/var/log/<wbr>nginx/error_log --pid-path=/run/nginx.pid<br>
--lock-path=/run/lock/nginx.<wbr>lock --with-cc-opt=-I/usr/include<br>
--with-ld-opt=-L/usr/lib64 --http-log-path=/var/log/<wbr>nginx/access_log<br>
--http-client-body-temp-path=/<wbr>var/lib/nginx/tmp/client<br>
--http-proxy-temp-path=/var/<wbr>lib/nginx/tmp/proxy<br>
--http-fastcgi-temp-path=/var/<wbr>lib/nginx/tmp/fastcgi<br>
--http-scgi-temp-path=/var/<wbr>lib/nginx/tmp/scgi<br>
--http-uwsgi-temp-path=/var/<wbr>lib/nginx/tmp/uwsgi --with-compat<br>
--with-http_v2_module --with-pcre --with-pcre-jit<br>
--with-http_addition_module<br>
--with-http_dav_module --with-http_perl_module --with-http_realip_module<br>
--add-module=external_module/<wbr>headers-more-nginx-module-0.33<br>
--add-module=external_module/<wbr>ngx-fancyindex-0.4.2<br>
--add-module=external_module/<wbr>ngx_http_auth_pam_module-1.5.1<br>
--add-module=external_module/<wbr>nginx-dav-ext-module-0.1.0<br>
--add-module=external_module/<wbr>echo-nginx-module-0.61<br>
--add-module=external_module/<wbr>nginx-auth-ldap-<wbr>42d195d7a7575ebab1c369ad3fc5d7<wbr>8dc2c2669c<br>
--add-module=external_module/<wbr>nginx-module-vts-0.1.15-gentoo<br>
--with-http_ssl_module --without-stream_access_module<br>
--without-stream_geo_module --without-stream_limit_conn_<wbr>module<br>
--without-stream_map_module --without-stream_return_module<br>
--without-stream_split_<wbr>clients_module --without-stream_upstream_<wbr>hash_module<br>
--without-stream_upstream_<wbr>least_conn_module<br>
--without-stream_upstream_<wbr>zone_module --without-mail_pop3_module --with-mail<br>
--with-mail_ssl_module --user=nginx --group=nginx<br>
<br>
# configuration file /etc/nginx/nginx.conf:<br>
<br>
user nginx nginx;<br>
worker_processes 1;<br>
<br>
error_log /var/log/nginx/error_log info;<br>
<br>
events {<br>
worker_connections 1024;<br>
use epoll;<br>
}<br>
<br>
http {<br>
include /etc/nginx/mime.types;<br>
default_type application/octet-stream;<br>
<br>
log_format main<br>
'$remote_addr - $remote_user [$time_local] '<br>
'"$request" $status $bytes_sent '<br>
'"$http_referer" "$http_user_agent" '<br>
'"$gzip_ratio"';<br>
<br>
client_header_timeout 10m;<br>
client_body_timeout 10m;<br>
send_timeout 10m;<br>
<br>
connection_pool_size 256;<br>
client_header_buffer_size 1k;<br>
large_client_header_buffers 4 2k;<br>
request_pool_size 4k;<br>
<br>
gzip off;<br>
<br>
output_buffers 1 32k;<br>
postpone_output 1460;<br>
<br>
sendfile on;<br>
tcp_nopush on;<br>
tcp_nodelay on;<br>
<br>
keepalive_timeout 75 20;<br>
<br>
ignore_invalid_headers on;<br>
<br>
index index.html;<br>
<br>
server {<br>
listen *:8080 default_server;<br>
access_log /var/log/nginx/access_log main;<br>
error_log /var/log/nginx/error_log info;<br>
<br>
server_name _;<br>
root /var/www/localhost/htdocs;<br>
<br>
# Alternative: temp redirect to HTTPS<br>
#return 302 https://$host$request_uri;<br>
}<br>
<br>
include local/*.conf;<br>
}<br>
<br>
# configuration file /etc/nginx/local/20-test.conf:<br>
<br>
server {<br>
listen *:8443 ssl default_server;<br>
server_name test.mydomain.tld;<br>
access_log /var/log/nginx/ssl_access_log main;<br>
error_log /var/log/nginx/ssl_error_log debug;<br>
<br>
ssl on;<br>
ssl_certificate /etc/ssl/mydomain/cert.pem;<br>
ssl_certificate_key /etc/ssl/mydomain/key.pem;<br>
<br>
root /var/www/localhost/test;<br>
index test.cgi;<br>
<br>
location ~ \.cgi$ {<br>
# Test for non-existent scripts or throw a 404 error<br>
try_files $uri =404;<br>
<br>
include fastcgi_params;<br>
fastcgi_param SCRIPT_FILENAME $request_filename;<br>
fastcgi_pass unix:/run/php7-fpm.sock;<br>
}<br>
}<br>
<br>
# configuration file /etc/nginx/mime.types:<br>
<br>
types {<br>
text/html html htm shtml;<br>
text/css css;<br>
text/xml xml;<br>
image/gif gif;<br>
image/jpeg jpeg jpg;<br>
application/javascript js;<br>
application/atom+xml atom;<br>
application/rss+xml rss;<br>
<br>
text/mathml mml;<br>
text/plain txt;<br>
text/vnd.sun.j2me.app-<wbr>descriptor jad;<br>
text/vnd.wap.wml wml;<br>
text/x-component htc;<br>
<br>
image/png png;<br>
image/svg+xml svg svgz;<br>
image/tiff tif tiff;<br>
image/vnd.wap.wbmp wbmp;<br>
image/webp webp;<br>
image/x-icon ico;<br>
image/x-jng jng;<br>
image/x-ms-bmp bmp;<br>
<br>
application/font-woff woff;<br>
application/java-archive jar war ear;<br>
application/json json;<br>
application/mac-binhex40 hqx;<br>
application/msword doc;<br>
application/pdf pdf;<br>
application/postscript ps eps ai;<br>
application/rtf rtf;<br>
application/vnd.apple.mpegurl m3u8;<br>
application/vnd.google-earth.<wbr>kml+xml kml;<br>
application/vnd.google-earth.<wbr>kmz kmz;<br>
application/vnd.ms-excel xls;<br>
application/vnd.ms-fontobject eot;<br>
application/vnd.ms-powerpoint ppt;<br>
application/vnd.oasis.<wbr>opendocument.graphics odg;<br>
application/vnd.oasis.<wbr>opendocument.presentation odp;<br>
application/vnd.oasis.<wbr>opendocument.spreadsheet ods;<br>
application/vnd.oasis.<wbr>opendocument.text odt;<br>
<br>
application/vnd.<wbr>openxmlformats-officedocument.<wbr>presentationml.presentation<br>
pptx;<br>
application/vnd.<wbr>openxmlformats-officedocument.<wbr>spreadsheetml.sheet<br>
xlsx;<br>
application/vnd.<wbr>openxmlformats-officedocument.<wbr>wordprocessingml.document<br>
docx;<br>
application/vnd.wap.wmlc wmlc;<br>
application/x-7z-compressed 7z;<br>
application/x-cocoa cco;<br>
application/x-java-archive-<wbr>diff jardiff;<br>
application/x-java-jnlp-file jnlp;<br>
application/x-makeself run;<br>
application/x-perl pl pm;<br>
application/x-pilot prc pdb;<br>
application/x-rar-compressed rar;<br>
application/x-redhat-package-<wbr>manager rpm;<br>
application/x-sea sea;<br>
application/x-shockwave-flash swf;<br>
application/x-stuffit sit;<br>
application/x-tcl tcl tk;<br>
application/x-x509-ca-cert der pem crt;<br>
application/x-xpinstall xpi;<br>
application/xhtml+xml xhtml;<br>
application/xspf+xml xspf;<br>
application/zip zip;<br>
<br>
application/octet-stream bin exe dll;<br>
application/octet-stream deb;<br>
application/octet-stream dmg;<br>
application/octet-stream iso img;<br>
application/octet-stream msi msp msm;<br>
<br>
audio/midi mid midi kar;<br>
audio/mpeg mp3;<br>
audio/ogg ogg;<br>
audio/x-m4a m4a;<br>
audio/x-realaudio ra;<br>
<br>
video/3gpp 3gpp 3gp;<br>
video/mp2t ts;<br>
video/mp4 mp4;<br>
video/mpeg mpeg mpg;<br>
video/quicktime mov;<br>
video/webm webm;<br>
video/x-flv flv;<br>
video/x-m4v m4v;<br>
video/x-mng mng;<br>
video/x-ms-asf asx asf;<br>
video/x-ms-wmv wmv;<br>
video/x-msvideo avi;<br>
}<br>
<br>
# configuration file /etc/nginx/fastcgi_params:<br>
<br>
fastcgi_param QUERY_STRING $query_string;<br>
fastcgi_param REQUEST_METHOD $request_method;<br>
fastcgi_param CONTENT_TYPE $content_type;<br>
fastcgi_param CONTENT_LENGTH $content_length;<br>
<br>
fastcgi_param SCRIPT_NAME $fastcgi_script_name;<br>
fastcgi_param REQUEST_URI $request_uri;<br>
fastcgi_param DOCUMENT_URI $document_uri;<br>
fastcgi_param DOCUMENT_ROOT $document_root;<br>
fastcgi_param SERVER_PROTOCOL $server_protocol;<br>
fastcgi_param REQUEST_SCHEME $scheme;<br>
fastcgi_param HTTPS $https if_not_empty;<br>
<br>
fastcgi_param GATEWAY_INTERFACE CGI/1.1;<br>
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;<br>
<br>
fastcgi_param REMOTE_ADDR $remote_addr;<br>
fastcgi_param REMOTE_PORT $remote_port;<br>
fastcgi_param SERVER_ADDR $server_addr;<br>
fastcgi_param SERVER_PORT $server_port;<br>
fastcgi_param SERVER_NAME $server_name;<br>
<br>
# PHP only, required if PHP was built with --enable-force-cgi-redirect<br>
fastcgi_param REDIRECT_STATUS 200;<br>
<br>
# httpoxy mitigation (<a href="https://httpoxy.org/" rel="noreferrer" target="_blank">https://httpoxy.org/</a><br>
<a href="https://www.nginx.com/blog/?p=41962" rel="noreferrer" target="_blank">https://www.nginx.com/blog/?p=<wbr>41962</a>)<br>
fastcgi_param HTTP_PROXY "";<br>
<br>
<br>
$ cat /var/www/localhost/test/test.<wbr>cgi<br>
#!/bin/sh<br>
echo '<html><body>Hello world.</body></html>'<br>
<br>
$ ls -l /var/www/localhost/test/test.<wbr>cgi<br>
-rwxr-xr-x 1 root root 67 Apr 6 17:24 /var/www/localhost/test/test.<wbr>cgi*<br>
______________________________<wbr>_________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/<wbr>mailman/listinfo/nginx</a><br>
</blockquote></div><br></div>