Hello

upstream phpstatus {
server 127.0.0.1:9000
server unix:/run/php/php7.0-fpm.sock;
server 127.0.0.1:9070;
server unix:/run/php70-fpm.sock;
}

; you have forgotten to put nginx error, please update.

--- server 127.0.0.1:9000; (;)

Hi @VirtuBox,

If the images already cached by Cloudflare CDN as a webp, it will serve in all browser as a webp even in an unsupported browser.

Is there any trick to solve this problem?

commit change with git

git -C /etc/nginx/ add . && git -C /etc/nginx/ commit -m "update nginx.conf configurations"

fatal: not a git repository (or any of the parent directories): .git

Hi there,
First up, this has to be one of the most helpful and flawless set of server set up instructions I've come across. I got started with the standard EE installation, but felt like a lot of things where missing, out of date, or overlooked.
Stumbling across your instructions has resolved that, more than I could have hoped for.

I have a question re your mysql cnf file (https://github.com/VirtuBox/ubuntu-nginx-web-server/blob/master/etc/mysql/my.cnf)

You say it's been optimised for a VPS with 4 GB of RAM.

Are you able to suggest what changes to make to it for a VPS with 2 GB of RAM?

Thanks very much,

Jonathan

Hello nginx 502 bad gateway error please update.

I notice I am getting the following error (often) in the error.log file in /var/www/domain.com/logs

2018/06/24 22:41:22 [crit] 61481#61481: *1228609 SSL_do_handshake() failed (SSL: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol) while SSL handshaking, client: 54.208.42.136, server: 0.0.0.0:443

Is this likely to be caused by an issue in the VitruBox EE configuration, or should I be looking elsewhere?

I am running Latest Nginx (Thanks to Virtubox) with PHP-FPM on Ubuntu 16.04. The VPS is continuously getting "segfault at 30 ip" error. The error was also with Nginx v1.13.10 too.

I am having 3 VPS for different Wordpress Based Blogs. I keep them updated with the Virtubox Bash Script. I have noticed that the following errors are being reported on all the servers:

error.log
worker process 1465 exited on signal 11 (core dumped)

kern.log

Apr  6 08:38:55 EE-Test-Server kernel: [39400.262830] nginx[24682]: segfault at 30 ip 0000558398c6b2d9 sp 00007ffee2bda2b0 error 4 in nginx[558398a8e000+4c2000]
Apr  6 10:17:20 EE-Test-Server kernel: [45305.179307] nginx[24811]: segfault at 30 ip 0000558398c6b2d9 sp 00007ffee2bda1e0 error 4 in nginx[558398a8e000+4c2000]
Apr  6 11:13:59 EE-Test-Server kernel: [48704.515495] nginx[25701]: segfault at 30 ip 0000558398c6b2d9 sp 00007ffee2bda240 error 4 in nginx[558398a8e000+4c2000]
Apr  6 12:36:52 EE-Test-Server kernel: [53677.956562] nginx[26724]: segfault at 30 ip 0000558398c6b2d9 sp 00007ffee2bda2b0 error 4 in nginx[558398a8e000+4c2000]
Apr  6 14:22:11 EE-Test-Server kernel: [59996.600975] nginx[27361]: segfault at 30 ip 0000558398c6b2d9 sp 00007ffee2bda240 error 4 in nginx[558398a8e000+4c2000]
Apr  6 14:24:13 EE-Test-Server kernel: [60118.378319] nginx[28313]: segfault at 30 ip 0000558398c6b2d9 sp 00007ffee2bda240 error 4 in nginx[558398a8e000+4c2000]

apport.log

ERROR: apport (pid 24810) Fri Apr  6 08:38:55 2018: called for pid 24682, signal 11, core limit 0, dump mode 1
ERROR: apport (pid 24810) Fri Apr  6 08:38:55 2018: executable: /usr/sbin/nginx (command line "nginx:\ worker\ process")
ERROR: apport (pid 24810) Fri Apr  6 08:38:55 2018: is_closing_session(): no DBUS_SESSION_BUS_ADDRESS in environment
ERROR: apport (pid 24810) Fri Apr  6 08:38:55 2018: apport: report /var/crash/_usr_sbin_nginx.33.crash already exists and unseen, doing nothing to avoid disk usage DoS
ERROR: apport (pid 25700) Fri Apr  6 10:17:20 2018: called for pid 24811, signal 11, core limit 0, dump mode 1
ERROR: apport (pid 25700) Fri Apr  6 10:17:20 2018: executable: /usr/sbin/nginx (command line "nginx:\ worker\ process")
ERROR: apport (pid 25700) Fri Apr  6 10:17:20 2018: is_closing_session(): no DBUS_SESSION_BUS_ADDRESS in environment
ERROR: apport (pid 25700) Fri Apr  6 10:17:20 2018: apport: report /var/crash/_usr_sbin_nginx.33.crash already exists and unseen, doing nothing to avoid disk usage DoS
ERROR: apport (pid 26723) Fri Apr  6 11:13:59 2018: called for pid 25701, signal 11, core limit 0, dump mode 1
ERROR: apport (pid 26723) Fri Apr  6 11:13:59 2018: executable: /usr/sbin/nginx (command line "nginx:\ worker\ process")
ERROR: apport (pid 26723) Fri Apr  6 11:13:59 2018: is_closing_session(): no DBUS_SESSION_BUS_ADDRESS in environment
ERROR: apport (pid 26723) Fri Apr  6 11:13:59 2018: apport: report /var/crash/_usr_sbin_nginx.33.crash already exists and unseen, doing nothing to avoid disk usage DoS
ERROR: apport (pid 27360) Fri Apr  6 12:36:53 2018: called for pid 26724, signal 11, core limit 0, dump mode 1
ERROR: apport (pid 27360) Fri Apr  6 12:36:53 2018: executable: /usr/sbin/nginx (command line "nginx:\ worker\ process")
ERROR: apport (pid 27360) Fri Apr  6 12:36:53 2018: is_closing_session(): no DBUS_SESSION_BUS_ADDRESS in environment
ERROR: apport (pid 27360) Fri Apr  6 12:36:53 2018: apport: report /var/crash/_usr_sbin_nginx.33.crash already exists and unseen, doing nothing to avoid disk usage DoS
ERROR: apport (pid 28312) Fri Apr  6 14:22:11 2018: called for pid 27361, signal 11, core limit 0, dump mode 1
ERROR: apport (pid 28312) Fri Apr  6 14:22:11 2018: executable: /usr/sbin/nginx (command line "nginx:\ worker\ process")
ERROR: apport (pid 28312) Fri Apr  6 14:22:11 2018: is_closing_session(): no DBUS_SESSION_BUS_ADDRESS in environment
ERROR: apport (pid 28312) Fri Apr  6 14:22:11 2018: apport: report /var/crash/_usr_sbin_nginx.33.crash already exists and unseen, doing nothing to avoid disk usage DoS

I tried to Disable the Brotli from nginx.conf as shown below:
##
# Brotli Settings
##
#brotli on;
#brotli_static on;
#brotli_buffers 16 8k;
#brotli_comp_level 6;
#brotli_types *;

The error is nowhere to see when I disable the Brotli Compression from nginx.conf. I am not much of a server expert so I want to know if it's the problem with latest Nginx or Brotli? I really want to use Brotli compression.

Hello

During the installation nginx ee is giving nginx fail error in the last stage please take care.

sudo -u www-data composer update -d /var/www/22222/htdocs/db/pma/ is not able to create the cache subdirectories composer needs.

Hello @VirtuBox

Ubuntu nginx web server server to my varnish cache installation and varnishe 80 port, and I change the port of nginx 8080, but although I do not change the port nginx 80 is running. I would like to help you resolve the problem on easyengine varnish how to install and optimization can do.

the variable webp_suffix is being used in the following files

/etc/nginx/common/wpcommon-php71.conf
/etc/nginx/common/wpcommon-php72.conf
/etc/nginx/common/wpcommon-php7.conf

However it has not been defined and results in the following error when running the command :

nginx -t

nginx: [emerg] unknown "webp_suffix" variable

root@ip-172-31-35-69:/etc/nginx/common# fail2ban-client reload
ERROR Found no accessible config files for 'filter.d/nginx-forbidden' under /etc/fail2ban
ERROR No section: 'Definition'
ERROR No section: 'Definition'
ERROR Unable to read the filter
ERROR Errors in jail 'nginx-forbidden'. Skipping...

Hello @VirtuBox

I got an issue as below:

On subsite, when I click “view details” of installed plugins , it just show:”myrootdomain.com refused to connect, please check the screenshot:http://prntscr.com/m89wo1

That means I can not view details of plugins on a subsite.

But, I am sure my account is supper administrator with the capibility of network plugin management as the screenshot: http://prntscr.com/m89vh5

Here is the setting in nginx.conf:

    ##Common headers for security
    more_set_headers "X-Frame-Options : SAMEORIGIN";
    more_set_headers "X-Xss-Protection : 1; mode=block";
    more_set_headers "X-Content-Type-Options : nosniff";
    more_set_headers "Referrer-Policy : strict-origin-when-cross-origin";
    

I tried to comment both "more_set_headers "X-Frame-Options : SAMEORIGIN";
" and "more_set_headers "Referrer-Policy : strict-origin-when-cross-origin";"

but the issue is still there.

I read an article at https://enable-cors.org/server_nginx.html

but it seems quite different, what should I do to enable "view details" on subsite please?

Thanks so much.

Hello @VirtuBox

I am trying to setup PWA for our multisites and tested these plugins:

https://wordpress.org/plugins/pwa-for-wp/
https://wordpress.org/plugins/super-progressive-web-apps/
https://wordpress.org/plugins/progressive-wp/

But the videos on our site will does not play on iPhone for every above plugins, and it show this issue as the screenshot:

https://prnt.sc/o1n31s

Also, after access the video page on iPhone Safri, our multisites and the server will be caused down, and I need restart nginx to make the sites rework.

The authors of those plugins do not think the issue is from plugins, but is related to the server configuration, since there is no this kind of issue on their case.

I do not know how to track the issue and adjust the configuration to fix the issue.

It would be great appreciated if I could have your suggestion and instructions.

Thanks in advance.

Alex

Hi,

Thanks a lot for those awesome configuration, it makes everything really fast.

just wanted to give a note about the php pool second socket file it has two dot's in the name
www-two-sock..conf

Thanks

Install MySQL manually, caused EE doesn't know the connection.

I receive an error after this command:
sudo -u www-data composer update -d /var/www/22222/htdocs/db/pma/

Cannot create cache directory /root/.composer/cache/repo/https---www.phpmyadmin.net/, or directory is not writable. Proceeding without cache
Cannot create cache directory /root/.composer/cache/repo/https---packagist.org/, or directory is not writable. Proceeding without cache
Cannot create cache directory /root/.composer/cache/files/, or directory is not writable. Proceeding without cache
Loading composer repositories with package information
Updating dependencies (including require-dev)
Nothing to install or update
Generating autoload files

[ErrorException]
chdir(): Permission denied (errno 13)

nginx.conf

This seems to only affect Chromium.

domain.tld/:1 Error with Feature-Policy header: Unrecognized feature: 'notifications'.
domain.tld/:1 Error with Feature-Policy header: Unrecognized feature: 'push'.
domain.tld/:1 Error with Feature-Policy header: Unrecognized feature: 'vibrate'.

There is an error in /etc/nginx/common/acl.conf since the auth file for wo change the name

auth_basic_user_file htpasswd-ee;

you have to replace the name of the auth file to

auth_basic_user_file htpasswd-wo;

Hi VirtuBox,

Thanks again for this work, it's helping a lot and making my site load in 2 sec while before doing the configs it was loading in 10 sec.

I tried modifying the files to have a seperate socket and tcp listener for each PHP version, I have also created different php files in /etc/nginx/common so that I can assign each site a different php version, since I still have some sites that need's php 5.6.

so what I did is changed the upstream.conf file to:
`# Common upstream settings

##################

php5.6-fpm

##################

TCP/IP on loopback interface

upstream php56-tcp {
server 127.0.0.1:9056;
}

upstream php56 {
least_conn;

server unix:/var/run/php/php56-fpm.sock;
server unix:/var/run/php/php56-two-fpm.sock;

keepalive 5;
}

Debug Pool

upstream debug {
server 127.0.0.1:9156;
}

##################

php7.0-fpm

##################

TCP/IP on loopback interface

upstream php70-tcp {
server 127.0.0.1:9070;
}

load-balancing on unix socket

upstream php70 {
least_conn;

server unix:/var/run/php/php70-fpm.sock;
server unix:/var/run/php/php70-two-fpm.sock;

keepalive 5;
}

##################

php7.1-fpm

##################

TCP/IP on loopback interface

upstream php71-tcp {
server 127.0.0.1:9071;
}

load-balancing on unix socket

upstream php71 {
least_conn;

server unix:/var/run/php/php71-fpm.sock;
server unix:/var/run/php/php71-two-fpm.sock;

keepalive 5;
}

##################

php7.2-fpm

##################

TCP/IP on loopback interface

upstream php72-tcp {
server 127.0.0.1:9072;
}

load-balancing on unix socket

upstream php72 {
least_conn;

server unix:/var/run/php/php72-fpm.sock;
server unix:/var/run/php/php72-two-fpm.sock;

keepalive 5;
}

##################

php7.3-fpm

##################

TCP/IP on loopback interface

upstream php73-tcp {
server 127.0.0.1:9073;
}

load-balancing on unix socket

upstream php73 {
least_conn;

server unix:/var/run/php/php73-fpm.sock;
server unix:/var/run/php/php73-two-fpm.sock;

keepalive 5;
}

##################

redis

##################

upstream redis {
server 127.0.0.1:6379;
keepalive 10;
}`

and then created a different files for each php version and changed the fastcgi_pass to the socket name.

but when I did that I lost the loading speed for the site and I have no idea that speed it's coming from, I would really appreciate it if we could change those files you have in the repo to give the user the ability to choose what php version needs to use for each site just by editing the site with ee site edit sitename.com
and then change the include to something like this
`server {

server_name sitename.com   www.sitename.com;


access_log /var/log/nginx/sitename.com.access.log rt_cache;
error_log /var/log/nginx/sitename.com.error.log;


root /var/www/sitename.com/htdocs;



index index.php index.html index.htm;


include common/php73.conf;

include common/wpcommon-php73.conf;
include common/locations-php73.conf;
include /var/www/sitename.com/conf/nginx/*.conf;

}`

thanks again.

Just Wanted to know The changes in you php config than default ee config

Hello,

There's one thing I've not managed to resolve.

When I access netdata using the IP address (with port 19999), it loads fine.

When I use domain.com:22222/netdata/ it has an issue. The grey background loads, and a lot of text is below it. In the Chrome console I see the following:

Failed to load resource: the server responded with a status of 404 ()         ... dashboard.js

Refused to execute script from 'https://mydomain.com:22222/netdata/dashboard.js?v20180610-1' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Is there a step I might have missed in your instructions that would have allowed for / prevented this from happening? I may not have performed 100% of your steps, as I already has a working EE installation in place. So I simply applied all from your instructions that seemed relevant (nearly all of your commands).

Greetings, I have been also fan of your work, thanks for contributing so much, just had a query, that will this git work with the latest EE v4.0. It was just released today or will this need additional modifications based on the new structure of EE v4.

Hello,

Here are debug info, and it would great appreciated if you could let me know how to resolve it:

root@101:~# ee debug --all -i
Setting up Nginx debug connection for 0.0.0.0/0
Enabling PHP debug
Setting up PHP5-FPM log_level = debug
Enabling PHP 7.0 debug
Setting up PHP7.0-FPM log_level = debug
Setting up MySQL slow log
Setting up Nginx rewrite logs
Reload : nginx [OK]
Restart : php5.6-fpm[OK]
Restart : php7.0-fpm[OK]
watching logfile /var/log/nginx/mysite.com.error.log
watching logfile /var/log/nginx/22222.error.log
watching logfile /var/log/php/5.6/slow.log
watching logfile /var/log/php/5.6/fpm.log
watching logfile /var/log/php/7.0/slow.log
watching logfile /var/log/php/7.0/fpm.log
watching logfile /var/log/mysql/mysql-slow.log
[25-Jun-2019 20:37:12.330148] DEBUG: pid 60482, fpm_systemd_heartbeat(), line 68: have notify start to systemd

[25-Jun-2019 20:37:12.330162] NOTICE: pid 60482, fpm_systemd_heartbeat(), line 75: systemd monitor interval set to 10000ms

[25-Jun-2019 20:37:12.642124] DEBUG: pid 60482, fpm_children_make(), line 421: [pool debug] child 60484 started

[25-Jun-2019 20:37:12.642169] DEBUG: pid 60482, fpm_pctl_on_socket_accept(), line 536: [pool debug] got accept without idle child available .... I forked

[25-Jun-2019 20:37:12.642176] DEBUG: pid 60482, fpm_event_loop(), line 424: event module triggered 1 events

[25-Jun-2019 20:37:13.325950] DEBUG: pid 60482, fpm_pctl_perform_idle_server_maintenance(), line 362: [pool debug] currently 0 active children, 1 spare children

[25-Jun-2019 20:37:13.326051] DEBUG: pid 60482, fpm_pctl_perform_idle_server_maintenance(), line 362: [pool www] currently 0 active children, 0 spare children

[25-Jun-2019 20:37:13.253084] DEBUG: pid 60470, fpm_pctl_perform_idle_server_maintenance(), line 362: [pool debug] currently 0 active children, 0 spare children

[25-Jun-2019 20:37:13.253146] DEBUG: pid 60470, fpm_pctl_perform_idle_server_maintenance(), line 362: [pool www] currently 0 active children, 0 spare children

Thank you for the wonderful script. Sadly I am facing an issue currently.

Kindly have a look at this screenshot: http://url.digitallyup.stream/t0de

After running the following script for SSL installation using ACME:
`cd && bash <(wget --no-check-certificate -O - https://raw.githubusercontent.com/VirtuBox/ee-acme-sh/master/install.sh)

enable acme.sh & ee-acme-sh

source .bashrc`

It asked to select which mode of validation I want but no matter what option I choose, it always gives an error which says "this option doesn't exist". Tried multiple times and multiple variations. Nothing worked.

Please help me with this.

Thanks.

This two files are crossed. Look at the php cgi version of each one.

php7.1

https://raw.githubusercontent.com/VirtuBox/ubuntu-nginx-web-server/master/etc/nginx/common/wpcommon-php71.conf -> Pointed to fastcgi_pass php72;

php7.2

https://raw.githubusercontent.com/VirtuBox/ubuntu-nginx-web-server/master/etc/nginx/common/wpcommon-php72.conf-> Pointed to fastcgi_pass php71;

Hello Master,
After many tried, I am able to get PHP 7.3 working on my production sites along with Redis running on Unix socket. All credits to you :)

As of now, I have just one issue. The Diagnostics area of Redis Object Cache plugin shows the following output:

Status: Connected
Client: Predis (v1.1.1)
Drop-in: Valid
Ping: PONG
Redis Extension: Not Found
Predis Client: 1.1.1
PHP Version: 7.3.0-2+ubuntu18.04.1+deb.sury.org+1

On PHP 7.2, it shows Client PHP Redis also shows the Redis Extension is installed. I tried enabling Redis Extension for PHP 7.3 using the following commands:

echo "extension=redis.so" > /etc/php/7.3/mods-available/redis.ini
ln -sf /etc/php/mods-available/redis.ini /etc/php/7.3/fpm/conf.d/20-redis.ini
ln -sf /etc/php/mods-available/redis.ini /etc/php/7.3/cli/conf.d/20-redis.ini
service php7.3-fpm restart

Still, I am unable to active PHPRedis Extension for PHP 7.3-FPM. Please, help me out to sort out this small issue.

Thanks :)

Did you guys figure out a workaround, fix or solution for the issue discussed here?

EasyEngine/easyengine#497

git -C /etc/nginx/ add /etc/nginx/ && git -C /etc/nginx/ commit -m "update common configurations" fatal: not a git repository (or any of the parent directories): .git

new error update

Mar 22 15:00:18 firewall fail2ban-server[25883]: No file(s) found for glob /var/log/nginx/*access.log
Mar 22 15:00:18 firewall fail2ban-server[25883]: Failed during configuration: Have not found any log file for ee-wordpre

Hi, how are you ?

I used your script to optimize WordOps and it's great I really liked it.
But I'm getting this error in the log.

2019/02/07 06:26:30 [crit] 1706 # 1706: * 795218 connect () to unix: /run/php70-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: Upstream: "fastcgi: // unix: /run/php70-fpm.sock:", host: "127.0.0.1", request: "GET / status? Full & json HTTP / 1.1"

Could you help me understand? Where do I find this error?

Since I thank you and your contribution to this project!

It looks incomplete and rushed, not properly formatted either.

hi

The system crashes when I load NGINX Configuration files. the same way mariadb and MySQL Tuning

issues : mariadb and mysql tuning " Access denied for user 'root'@'localhost' (using password: YES) "

nginx configuration : nginx -t "nginx: configuration file /etc/nginx/nginx.conf test - [ ] failed"

Hi.

noninteractive install - you can replace $USER with your username & root@$HOSTNAME by your email

sudo bash -c 'echo -e "[user]\n\tname = $USER\n\temail = root@$HOSTNAME" > $HOME/.gitconfig'

wget -qO wo wordops.se/tup && sudo bash wo

this error appears

-bash: /etc/bash_completion.d/wo_auto.rc: No such file or directory

Hi @VirtuBox,

Thanks for your awesome Ubuntu Nginx web server guide.
I have issue with pagespeed modules.

Currently I use Ubuntu 16.04 with 6GB ram and 6 CPU core.

root@srv:~# ./nginx-build.sh
EasyEngine installation detected

Welcome to the nginx-ee bash script.

Do you want to compile the latest Nginx Mainline [1] or Stable [2] Release ?
Select an option [1-2]: 2

Do you want Ngx_Pagespeed ? (y/n)
Select an option [y/n]: y

Do you want to build the latest Pagespeed Beta [1] or Stable [2] Release ?
Select an option [1-2]: 2

Do you want NAXSI WAF (still experimental)? (y/n)
Select an option [y/n]: n

Do you want RTMP streaming module ?
Select an option [y/n]: n

       Installing dependencies                [OK]
       Downloading additionals modules        [OK]
       Downloading zlib                       [OK]
       Downloading brotli                     [OK]
       Downloading openssl                    [OK]
       Downloading pagespeed                  [OK]
       Downloading nginx                      [OK]
       Applying nginx patches                 [OK]
        Configuring nginx    [FAIL]           [..]

Please look at /tmp/nginx-ee.log

/tmp/nginx-ee.log

adding module in /usr/local/src/incubator-pagespeed-ngx-latest-stable
mod_pagespeed_dir=/usr/local/src/incubator-pagespeed-ngx-latest-stable/psol/include
build_from_source=false
checking for psol ... not found
./configure: error: module ngx_pagespeed requires the pagespeed optimization library.
Look in /usr/local/src/nginx/objs/autoconf.err for more details.

virtualbox, should these settings be used all at once or just one?

TLSv1.2 TLSv1.3 only

cp -f $HOME/ubuntu-nginx-web-server/etc/nginx/nginx.conf /etc/nginx/nginx.conf

TLS intermediate - TLS v1.0 v1.1 v1.2 v1.3

cp -f $HOME/ubuntu-nginx-web-server/etc/nginx/nginx.conf /etc/nginx/nginx-intermediate.conf

TLSv1.2 only

cp -f $HOME/ubuntu-nginx-web-server/etc/nginx/nginx.conf /etc/nginx/nginx-tlsv12.conf