Detailed explanation of php + nginx permissions

This article mainly introduces you to the relevant information about permissions in the php + nginx project. The article is very detailed and has certain reference and learning value for everyone. Friends who need it can take a look below.

This article introduces to you the relevant content about php + nginx project permissions and shares it for your reference and study. Let’s take a look at the detailed introduction:

nginx/ php-fpm

Process permissions

• The main process user is the user who started it

• Subprocess

1. The user of nginx is the user configured in nginx.conf

2.php- The user of fpm is the user configured in php-fpm.conf

For example: root is the one who starts nginx, and the user configured in nginx is nginx, then the main process is root and the child process is nginx

Processing method

The following accesses are performed by nginx sub-process

Static files

• Steps: When nginx accesses /index.html, nginx will directly access the corresponding file and return the content to the requesting client.

• Permission situation: At this time, only nginx needs to have permissions for the index.html file.
  

php script file

Steps:

• nginx visit/ index.php, in order for nginx to return the correct script processing results to the client, it needs to be configured to tell nginx.php that it is a non-static file and needs to be processed by the PHP script parser before the content can be returned.

• Generally speaking, a configuration item like fastcgi_pass unix:/var/run/php5-fpm.sock; will be added to the nginx configuration to indicate that nginx encounters access to the script file. Who do you need to go to? Then you will access the file to forward the request to php-fpm.

• Access the real php script file from php-fpm, return the result to nginx, and then nginx returns the result to the client.
  

Permission status:

• nginx needs to have /var/run/php5-fpm.sock file permissions;

• php-fpm needs to have /index.php file permission;
  

User configuration location

nginx user is set in the first line of user in nginx.conf

php-fpm user is set in php-fpm.conf

• listen.owner = xxx;Set unix socket user

• user = xxxSet process startup user
  

Note: The file names of the above two configuration files are slightly different under different operating systems. Please make your own judgment based on your own installation conditions.

nginx forwards content to php-fpm not only through /var/run/php5-fpm.sock, but also through configuration in php-fpm.conf to xxx.xxx.xxx:9000, etc.

; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
;       a specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
;       a specific port;
; 'port'     - to listen on a TCP socket to all IPv4 addresses on a
;       specific port;
; '[::]:port'   - to listen on a TCP socket to all addresses
;       (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php5-fpm.sock

Others

is a special point, generally nginx is started with the root user (in order to obtain 80 Port permissions), if the local development nginx is restarted as a normal user, then the main process and the child process will be the current user, and the configuration in nginx.conf will no longer take effect. The reason is not yet clear.

The above is the detailed content of Detailed explanation of php + nginx permissions. For more information, please follow other related articles on the PHP Chinese website!