Why are my CGI scripts not executed like PHP ?
Ralph Seichter
m16+nginx at monksofcool.net
Fri Apr 6 16:02:13 UTC 2018
Hello list,
I am fairly new to nginx and now have stumbled across an issue I can't
solve. I have successfully configured nginx on Gentoo Linux to run PHP
applications (e.g. phpBB and phpMyAdmin) with php-fpm.
As far as I understand, php-fpm should also be able to execute "regular
CGI" in the form of Shell-Scripts or Perl, as long as the files are
executable and use shebang-notation to indicate what interpreter they
want to be run with?
In my test installation CGI scripts are never executed by php-fpm. File
contents are simply piped to the web browser, and I can't figure out
why. I searched the Net and mailing list archives, but did not find a
solution, so I thought it best to ask here.
Output of nginx -V, configuration dump and test.cgi are attached. Your
help is appreciated.
-Ralph
nginx version: nginx/1.13.11
built with OpenSSL 1.0.2n 7 Dec 2017
TLS SNI support enabled
configure arguments: --prefix=/usr --conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error_log --pid-path=/run/nginx.pid
--lock-path=/run/lock/nginx.lock --with-cc-opt=-I/usr/include
--with-ld-opt=-L/usr/lib64 --http-log-path=/var/log/nginx/access_log
--http-client-body-temp-path=/var/lib/nginx/tmp/client
--http-proxy-temp-path=/var/lib/nginx/tmp/proxy
--http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi
--http-scgi-temp-path=/var/lib/nginx/tmp/scgi
--http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi --with-compat
--with-http_v2_module --with-pcre --with-pcre-jit
--with-http_addition_module
--with-http_dav_module --with-http_perl_module --with-http_realip_module
--add-module=external_module/headers-more-nginx-module-0.33
--add-module=external_module/ngx-fancyindex-0.4.2
--add-module=external_module/ngx_http_auth_pam_module-1.5.1
--add-module=external_module/nginx-dav-ext-module-0.1.0
--add-module=external_module/echo-nginx-module-0.61
--add-module=external_module/nginx-auth-ldap-42d195d7a7575ebab1c369ad3fc5d78dc2c2669c
--add-module=external_module/nginx-module-vts-0.1.15-gentoo
--with-http_ssl_module --without-stream_access_module
--without-stream_geo_module --without-stream_limit_conn_module
--without-stream_map_module --without-stream_return_module
--without-stream_split_clients_module --without-stream_upstream_hash_module
--without-stream_upstream_least_conn_module
--without-stream_upstream_zone_module --without-mail_pop3_module --with-mail
--with-mail_ssl_module --user=nginx --group=nginx
# configuration file /etc/nginx/nginx.conf:
user nginx nginx;
worker_processes 1;
error_log /var/log/nginx/error_log info;
events {
worker_connections 1024;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main
'$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$gzip_ratio"';
client_header_timeout 10m;
client_body_timeout 10m;
send_timeout 10m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 4 2k;
request_pool_size 4k;
gzip off;
output_buffers 1 32k;
postpone_output 1460;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 75 20;
ignore_invalid_headers on;
index index.html;
server {
listen *:8080 default_server;
access_log /var/log/nginx/access_log main;
error_log /var/log/nginx/error_log info;
server_name _;
root /var/www/localhost/htdocs;
# Alternative: temp redirect to HTTPS
#return 302 https://$host$request_uri;
}
include local/*.conf;
}
# configuration file /etc/nginx/local/20-test.conf:
server {
listen *:8443 ssl default_server;
server_name test.mydomain.tld;
access_log /var/log/nginx/ssl_access_log main;
error_log /var/log/nginx/ssl_error_log debug;
ssl on;
ssl_certificate /etc/ssl/mydomain/cert.pem;
ssl_certificate_key /etc/ssl/mydomain/key.pem;
root /var/www/localhost/test;
index test.cgi;
location ~ \.cgi$ {
# Test for non-existent scripts or throw a 404 error
try_files $uri =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_pass unix:/run/php7-fpm.sock;
}
}
# configuration file /etc/nginx/mime.types:
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
application/font-woff woff;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
# configuration file /etc/nginx/fastcgi_params:
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
# httpoxy mitigation (https://httpoxy.org/
https://www.nginx.com/blog/?p=41962)
fastcgi_param HTTP_PROXY "";
$ cat /var/www/localhost/test/test.cgi
#!/bin/sh
echo '<html><body>Hello world.</body></html>'
$ ls -l /var/www/localhost/test/test.cgi
-rwxr-xr-x 1 root root 67 Apr 6 17:24 /var/www/localhost/test/test.cgi*
More information about the nginx
mailing list