Category Archives: Nginx

How I fixed 504 Gateway Timeout error on Nginx + PHP-FPM

Today I got 504 Gateway Timeout error while updating my Joomla website and solved this issue by adding “fastcgi_read_timeout 300” into Nginx virtual host:

location ~ \.php$ {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_pass unix:/run/php/www-shar.sock;
    fastcgi_index index.php;
    include fastcgi.conf;
    fastcgi_read_timeout 300;
}

I already had request_terminate_timeout option set to 300s in the pool configuration file:

; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 300s

(more…)

Securing Nginx with Let’s Encrypt on Ubuntu 16.04

First we need to install certbot utility:

apt-get install software-properties-common
add-apt-repository ppa:certbot/certbot
apt-get update
apt-get install python-certbot-nginx

After that, we can easily generate SSL certificates for all the domains listed in Nginx ‘server_name’ attributes in alive (working) virtual hosts. The examples are:

certbot --nginx certonly -d slogpost.ru -d www.slogpost.ru
certbot --nginx certonly -d psiholog-s-vami.ru -d www.psiholog-s-vami.ru
certbot certonly --nginx --cert-name sharlines.com -d sharlines.com -d www.sharlines.com
certbot certonly --nginx --cert-name developernote.com -d developernote.com -d www.developernote.com -d herb.developernote.com -d mastermag.developernote.com -d geographx.developernote.com -d geographx.net -d www.geographx.net -d xn--80acc2atiigge7h.xn--p1ai -d www.xn--80acc2atiigge7h.xn--p1ai -d git.developernote.com -d gitweb.developernote.com

(do not forget to run the commands above each time you add or remove a subdomain)

We cannot use wildcard domains line *.developernote.com with Let’s Encrypt, so we should list all the subdomains. And I do not see anything wrong in combining multiple domains in a single certificate.

To remove the certificate we do something like this:

certbot revoke --cert-path /etc/letsencrypt/live/developernote.com/fullchain.pem
certbot delete --cert-name developernote.com

Updating all the generated certificates:

certbot renew

After changing the website URL from HTTP to HTTPS, probably it makes a sense to update all the hyperlinks in MySQL database:

show tables;
show columns from wp_posts;
SELECT ID, post_title, post_date, post_name FROM wp_posts WHERE INSTR(post_content, 'http://slogpost.ru') <> 0;
UPDATE wp_posts SET post_content=REPLACE(post_content, 'http://slogpost.ru', 'https://slogpost.ru') WHERE INSTR(post_content, 'http://slogpost.ru') <> 0;
UPDATE wp_posts SET post_content=REPLACE(post_content, 'http://developernote.com', 'https://developernote.com') WHERE INSTR(post_content, 'http://developernote.com') <> 0;

The final step is adding certbot-renew.sh file to /etc/cron.monthly with the following content:

certbot renew
service squid reload

It seems like the service … command is completely ignored. Nothing in syslog, nothing in nginx logs. I switched to using

certbot renew
systemctl reload squid

instead, and this seems to work.

Installing Git on Ubuntu 12.04 and enabling HTTP access with Nginx

Git is a good alternative for developers who need a version control supported on both Windows and Linux platforms. Below I provided basic steps for installing Git on Ubuntu 12.04 and enabling HTTP access to the repositories with Nginx web server.

Installing required packages

First, we need to install Nginx and Git packages:

apt-get install nginx git

by default Nginx processes will run as www-data, (check “user” keyword in /etc/nginx/nginx.conf configuration file). Git installation has not created any user yet.

(more…)

Nginx 502 Bad Gateway error after updating Ubuntu 12.04

Today I updated my Ubuntu Server to 12.04.5 LTS (release 12.04, codename: precise), and got “502 Bad Gateway” on all my websites.

I checked Nginx log files and found that Nginx cannot open the socket created by PHP-FPM:

2014/09/11 19:01:03 [crit] 2741#0: *107 connect() to unix:/var/run/www-devnote.sock failed (13: Permission denied) while connecting to upstream, client: XXX.XX.X.XX, server: ~^(www\.)?(?<domain>.+)$, request: “GET /2014/04/using-a-wpf-control-in-a-mfc-application/ HTTP/1.1”, upstream: “fastcgi://unix:/var/run/www-devnote.sock:”, host: “developernote.com”

(more…)

Setting up Shared Hosting with Nginx on Ubuntu – step by step guide

This is a draft version of the post. It’ll be revised.

Installing Ubuntu Server

  1. Download the latest version of Ubuntu Server. Note that it is not possible to convert Ubuntu 32 bit to 64 bit. The only way is to do a clean install.
  2. Create a bootable USB stick using Pen Drive Linux’s USB Installer.
  3. Boot up from USB and install Ubuntu Server. During the installation you can switch to terminal mode by pressing Alt+F2 and switch back by pressing Alt+F1.

Update the server:

aptitude update
aptitude safe-upgrade

(more…)

How I fixed Nginx 502 Bad Gateway error

Today to my grate surprise I got “502 Bad Gateway” error while trying to open some specific URL on my web site:

Nginx 502 Bad Gateway

I took a look at the Nginx log file located in /var/log/nginx/ directory on my machine and seen the following:

(more…)