I've been trying to install Nginx as a reverse proxy for the past couple of days, but I can't get it to work. Everytime I load a page on my site, or even a file on my server, it returns a 403 forbidden error.
I've been following a tutorial I found on DigitalOcean, which I've completed. (At the end of the article, there's a picture of a phpinfo page says it was loaded with an Apache Handler. My phpinfo page said the same thing.
But what ever I do, I can't get the 403 error to go away.
Server Specs:
OS: Unbutu
RAM: 512 MB
Nginx Config File
server {
### server port and name ###
listen *:443;
ssl on;
server_name --Server Name--;
#include global/common.conf;
#include global/wordpress.conf;
#include global/multisite.conf;
### SSL log files ###
access_log --Log Location--;
error_log --Log Location--;
### SSL cert files ###
ssl_certificate --Certificate File--;
ssl_certificate_key --Certificate Key File--;
root /var/www/;
allow 127.0.0.1;
deny all;
index index.php index.html index.htm;
server_name --Server Name--;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}
location ~ /\.ht {
deny all;
}
}
Apache Ports.conf File
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf
#Listen 127.0.0.1:8080
Listen *:8080
#Listen 80
<IfModule ssl_module>
Listen 444
#Didn't work on 443 with Nginx as a reverse proxy
</IfModule>
<IfModule mod_gnutls.c>
Listen 444
#Didn't work on 443 with Nginx as a reverse proxy
</IfModule>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Apache Config File
<VirtualHost *:8080>
DocumentRoot /var/www/
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
Best Answer
Ok, everything looks like it's running smoothly. Basically, I changed my Nginx server block to forward SSL requests to port
445
, which Apache runs SSL on.Nginx Server Block
Apache Virtual Host File
This post sent me on the right track. Multisite Nginx reverse proxy routing to Apache