Author Topic: Nginx Varnish Apache php-fpm 403 Forbidden  (Read 408 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Nginx Varnish Apache php-fpm 403 Forbidden
« on: September 20, 2024, 07:32:03 PM »
Hi
I have tested this on Alma Linux 8 and 9. Same problem on both OS.
After fresh install of CWP, PHP7.4 and FPM or PHP8.3 and FPM
i goto SelectWebServer option under WebServer Settings menu and select Nginx & Varnish & Apache.
I install varnish directly from ssh and start the process successfully.
I add New user and domain.
After that i generate SSL successfully.
Then i goto WebServerDomain Conf and enable Varnish on the domain.

As soon as i enable it, and try to browse the domain, i get NGINX 403 Forbidden.
As soon as i disable Varnish by deleting the config from WebServerDomain Conf , website starts working again.
Could anyone please guide me how to fix this? I am using CWP Pro.

Offline
***
Re: Nginx Varnish Apache php-fpm 403 Forbidden
« Reply #1 on: September 20, 2024, 07:46:34 PM »
Quote
i goto SelectWebServer option under WebServer Settings menu and select Nginx & Varnish & Apache.

Why do you install Varnish manually after the webserver selection in CWP ?

I use AlmaLinux 8 and it installs Nginx, Varnish and Apache automatically.

Code: [Select]
# ps auxc | egrep "http|varn|nginx"
root     2768751  0.0  0.0  47424  1044 ?        Ss   19:42   0:00 nginx
nobody   2768752  0.0  0.2  68876  5152 ?        S    19:42   0:00 nginx
nobody   2768753  0.0  0.2  68568  4780 ?        S    19:42   0:00 nginx
varnish  2768762  0.0  0.2  55600  5432 ?        SLs  19:42   0:00 varnishd
varnish  2768821  0.0  4.2 280468 88952 ?        SLl  19:42   0:00 cache-main
root     2769048  0.0  0.2  94748  5280 ?        Ss   19:42   0:00 httpd
nobody   2769051  0.0  0.2 854512  5264 ?        Sl   19:42   0:00 httpd
nobody   2769052  0.0  0.2 854512  5264 ?        Sl   19:42   0:00 httpd
nobody   2769053  0.0  0.2 854512  5264 ?        Sl   19:42   0:00 httpd
« Last Edit: September 20, 2024, 07:48:12 PM by cyberspace »

Offline
*
Re: Nginx Varnish Apache php-fpm 403 Forbidden
« Reply #2 on: September 20, 2024, 07:53:40 PM »
On Alma Linux 8 it installs automatically.
On Alma Linux 9 I need to install it manually.
Forgot to mention this.
Doesn't matter if it's installed auto or manually, I still get the same problem.

Offline
***
Re: Nginx Varnish Apache php-fpm 403 Forbidden
« Reply #3 on: September 21, 2024, 07:15:53 AM »
I couldn't recreate the problem on my Almalinux 8 test box.

What errors do you get in the files:

Code: [Select]
/var/log/nginx/error.log
/usr/local/apache/domlogs/DOMAIN.error.log

when you try to access the site with enabled Nginx, Varnish, Apache ?

Offline
*
Re: Nginx Varnish Apache php-fpm 403 Forbidden
« Reply #4 on: September 21, 2024, 05:44:39 PM »
I don't get any error logs at all when i browse the website after enabling Varnish for that domain.
https://prnt.sc/Kpa7trYIGnKR
« Last Edit: September 21, 2024, 05:51:53 PM by ictflare »

Offline
***
Re: Nginx Varnish Apache php-fpm 403 Forbidden
« Reply #5 on: September 21, 2024, 06:40:39 PM »
The error 403 appears when the webserver can't access the file on the server. It can be caused by access permissions, mod_security, etc. More detailed info about the problem the webserver puts into the error log file by default. If you get nothing then you look inside a wrong log file or something like that.

So I recommend you to make sure the error logging is enabled in Nginx, Varnish and Apache. Double check you look for the error in the correct error log file.

However, it isn't good way to solve any problems in attempt to guess because it takes time and could lead far away from the solution.

Offline
*
Re: Nginx Varnish Apache php-fpm 403 Forbidden
« Reply #6 on: September 22, 2024, 06:18:00 AM »
  • Just to test again,For the 11th time i have created a fresh VPS with AlmaLinux 8
  • Disabled SELinux.
  • Installed CWP Pro by following the simple instructions on the CWP Website.
  • Installed PHP/FPM 8.3 from PHP Settings.
  • Rebooted Server.
  • Enabled Nginx & Varnish & Apache from Select WebServers.
  • Varnish and Nginx auto installed successfully.
  • Create a User Account with my domain.
  • Applied SSL Successfully.
  • Mod Security never enabled.
  • Enabled Varnish for my domain from WebServer Domain Conf.


Code: [Select]
tcp        0      0 X.X.X.X:80        0.0.0.0:*               LISTEN      366579/nginx: maste
tcp        0      0 0.0.0.0:82              0.0.0.0:*               LISTEN      366610/varnishd     
tcp        0      0 X.X.X.X:443       0.0.0.0:*               LISTEN      366579/nginx: maste
tcp        0      0 127.0.0.1:36763         0.0.0.0:*               LISTEN      366610/varnishd     
tcp6       0      0 :::82                   :::*                    LISTEN      366610/varnishd     
tcp6       0      0 :::8181                 :::*                    LISTEN      372476/httpd       
tcp6       0      0 :::8443                 :::*                    LISTEN      372476/httpd

https://prnt.sc/Kvgr6gB4jw0m
https://prnt.sc/DCIj8l80_GMv

This is very straightforward and easy installation . But selecting NGINX->Varnish->Apache->PHP-FPM  , this doesn't work out of the box even in CWP Pro. This is why i got CWP Pro, trying a few more times before moving back to CPanel. But i hope someone from CWP takes this seriously as i really like and need CWP and that's why i got the PRO version.

Still tying to reinstall and troubleshoot by checking log files.
« Last Edit: September 22, 2024, 06:20:10 AM by ictflare »

Offline
***
Re: Nginx Varnish Apache php-fpm 403 Forbidden
« Reply #7 on: September 23, 2024, 10:10:10 AM »
All services (nginx, varnish and apache) are installed and running. Therefore you need to dig logs to identify why you get the error 403. I recommend you to do following:

1. Create some test .html file and place it in the document root of the website
2. Create a test script .php and place it in the document root of the website too
3. Try to open the .html file over http://domain.com/test.html
if there is no error then the problem is caused by Varnish or Apache. In other case it means access is blocked by Nginx (check logs to get more info about the problem, review the nginx config file of the virtual host)

Do step 4 if the step 3 was accomplished without the error.

4. Try to open the .php script over http://domain.com/test.php
and check the logs to get more info about the problem. Look for the records associated with your WAN IP and your test script.