Why are my CGI scripts not executed like PHP ?

Ralph Seichter m16+nginx at monksofcool.net
Fri Apr 6 16:02:13 UTC 2018


Hello list,

I am fairly new to nginx and now have stumbled across an issue I can't
solve. I have successfully configured nginx on Gentoo Linux to run PHP
applications (e.g. phpBB and phpMyAdmin) with php-fpm.

As far as I understand, php-fpm should also be able to execute "regular
CGI" in the form of Shell-Scripts or Perl, as long as the files are
executable and use shebang-notation to indicate what interpreter they
want to be run with?

In my test installation CGI scripts are never executed by php-fpm. File
contents are simply piped to the web browser, and I can't figure out
why. I searched the Net and mailing list archives, but did not find a
solution, so I thought it best to ask here.

Output of nginx -V, configuration dump and test.cgi are attached. Your
help is appreciated.

-Ralph


nginx version: nginx/1.13.11
built with OpenSSL 1.0.2n  7 Dec 2017
TLS SNI support enabled
configure arguments: --prefix=/usr --conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error_log --pid-path=/run/nginx.pid
--lock-path=/run/lock/nginx.lock --with-cc-opt=-I/usr/include
--with-ld-opt=-L/usr/lib64 --http-log-path=/var/log/nginx/access_log
--http-client-body-temp-path=/var/lib/nginx/tmp/client
--http-proxy-temp-path=/var/lib/nginx/tmp/proxy
--http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi
--http-scgi-temp-path=/var/lib/nginx/tmp/scgi
--http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi --with-compat
--with-http_v2_module --with-pcre --with-pcre-jit
--with-http_addition_module
--with-http_dav_module --with-http_perl_module --with-http_realip_module
--add-module=external_module/headers-more-nginx-module-0.33
--add-module=external_module/ngx-fancyindex-0.4.2
--add-module=external_module/ngx_http_auth_pam_module-1.5.1
--add-module=external_module/nginx-dav-ext-module-0.1.0
--add-module=external_module/echo-nginx-module-0.61
--add-module=external_module/nginx-auth-ldap-42d195d7a7575ebab1c369ad3fc5d78dc2c2669c
--add-module=external_module/nginx-module-vts-0.1.15-gentoo
--with-http_ssl_module --without-stream_access_module
--without-stream_geo_module --without-stream_limit_conn_module
--without-stream_map_module --without-stream_return_module
--without-stream_split_clients_module --without-stream_upstream_hash_module
--without-stream_upstream_least_conn_module
--without-stream_upstream_zone_module --without-mail_pop3_module --with-mail
--with-mail_ssl_module --user=nginx --group=nginx

# configuration file /etc/nginx/nginx.conf:

user nginx nginx;
worker_processes 1;

error_log /var/log/nginx/error_log info;

events {
  worker_connections 1024;
  use epoll;
}

http {
  include /etc/nginx/mime.types;
  default_type application/octet-stream;

  log_format main
  '$remote_addr - $remote_user [$time_local] '
  '"$request" $status $bytes_sent '
  '"$http_referer" "$http_user_agent" '
  '"$gzip_ratio"';

  client_header_timeout 10m;
  client_body_timeout 10m;
  send_timeout 10m;

  connection_pool_size 256;
  client_header_buffer_size 1k;
  large_client_header_buffers 4 2k;
  request_pool_size 4k;

  gzip off;

  output_buffers 1 32k;
  postpone_output 1460;

  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;

  keepalive_timeout 75 20;

  ignore_invalid_headers on;

  index index.html;

  server {
  listen *:8080 default_server;
  access_log /var/log/nginx/access_log main;
  error_log /var/log/nginx/error_log info;

  server_name _;
  root /var/www/localhost/htdocs;

  # Alternative: temp redirect to HTTPS
  #return 302 https://$host$request_uri;
  }

  include local/*.conf;
}

# configuration file /etc/nginx/local/20-test.conf:

server {
  listen *:8443 ssl default_server;
  server_name test.mydomain.tld;
  access_log /var/log/nginx/ssl_access_log main;
  error_log /var/log/nginx/ssl_error_log debug;

  ssl on;
  ssl_certificate /etc/ssl/mydomain/cert.pem;
  ssl_certificate_key /etc/ssl/mydomain/key.pem;

  root /var/www/localhost/test;
  index test.cgi;

  location ~ \.cgi$ {
  # Test for non-existent scripts or throw a 404 error
  try_files $uri =404;

  include fastcgi_params;
  fastcgi_param SCRIPT_FILENAME $request_filename;
  fastcgi_pass unix:/run/php7-fpm.sock;
  }
}

# configuration file /etc/nginx/mime.types:

types {
    text/html                                        html htm shtml;
    text/css                                         css;
    text/xml                                         xml;
    image/gif                                        gif;
    image/jpeg                                       jpeg jpg;
    application/javascript                           js;
    application/atom+xml                             atom;
    application/rss+xml                              rss;

    text/mathml                                      mml;
    text/plain                                       txt;
    text/vnd.sun.j2me.app-descriptor                 jad;
    text/vnd.wap.wml                                 wml;
    text/x-component                                 htc;

    image/png                                        png;
    image/svg+xml                                    svg svgz;
    image/tiff                                       tif tiff;
    image/vnd.wap.wbmp                               wbmp;
    image/webp                                       webp;
    image/x-icon                                     ico;
    image/x-jng                                      jng;
    image/x-ms-bmp                                   bmp;

    application/font-woff                            woff;
    application/java-archive                         jar war ear;
    application/json                                 json;
    application/mac-binhex40                         hqx;
    application/msword                               doc;
    application/pdf                                  pdf;
    application/postscript                           ps eps ai;
    application/rtf                                  rtf;
    application/vnd.apple.mpegurl                    m3u8;
    application/vnd.google-earth.kml+xml             kml;
    application/vnd.google-earth.kmz                 kmz;
    application/vnd.ms-excel                         xls;
    application/vnd.ms-fontobject                    eot;
    application/vnd.ms-powerpoint                    ppt;
    application/vnd.oasis.opendocument.graphics      odg;
    application/vnd.oasis.opendocument.presentation  odp;
    application/vnd.oasis.opendocument.spreadsheet   ods;
    application/vnd.oasis.opendocument.text          odt;

application/vnd.openxmlformats-officedocument.presentationml.presentation
                                                     pptx;
    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
                                                     xlsx;
    application/vnd.openxmlformats-officedocument.wordprocessingml.document
                                                     docx;
    application/vnd.wap.wmlc                         wmlc;
    application/x-7z-compressed                      7z;
    application/x-cocoa                              cco;
    application/x-java-archive-diff                  jardiff;
    application/x-java-jnlp-file                     jnlp;
    application/x-makeself                           run;
    application/x-perl                               pl pm;
    application/x-pilot                              prc pdb;
    application/x-rar-compressed                     rar;
    application/x-redhat-package-manager             rpm;
    application/x-sea                                sea;
    application/x-shockwave-flash                    swf;
    application/x-stuffit                            sit;
    application/x-tcl                                tcl tk;
    application/x-x509-ca-cert                       der pem crt;
    application/x-xpinstall                          xpi;
    application/xhtml+xml                            xhtml;
    application/xspf+xml                             xspf;
    application/zip                                  zip;

    application/octet-stream                         bin exe dll;
    application/octet-stream                         deb;
    application/octet-stream                         dmg;
    application/octet-stream                         iso img;
    application/octet-stream                         msi msp msm;

    audio/midi                                       mid midi kar;
    audio/mpeg                                       mp3;
    audio/ogg                                        ogg;
    audio/x-m4a                                      m4a;
    audio/x-realaudio                                ra;

    video/3gpp                                       3gpp 3gp;
    video/mp2t                                       ts;
    video/mp4                                        mp4;
    video/mpeg                                       mpeg mpg;
    video/quicktime                                  mov;
    video/webm                                       webm;
    video/x-flv                                      flv;
    video/x-m4v                                      m4v;
    video/x-mng                                      mng;
    video/x-ms-asf                                   asx asf;
    video/x-ms-wmv                                   wmv;
    video/x-msvideo                                  avi;
}

# configuration file /etc/nginx/fastcgi_params:

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REQUEST_SCHEME     $scheme;
fastcgi_param  HTTPS              $https if_not_empty;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

# httpoxy mitigation (https://httpoxy.org/
https://www.nginx.com/blog/?p=41962)
fastcgi_param  HTTP_PROXY         "";


$ cat /var/www/localhost/test/test.cgi
#!/bin/sh
echo '<html><body>Hello world.</body></html>'

$ ls -l /var/www/localhost/test/test.cgi
-rwxr-xr-x 1 root root 67 Apr  6 17:24 /var/www/localhost/test/test.cgi*


More information about the nginx mailing list