"Primary script unknown" wp-login.php

Detlef_R · January 9, 2014, 5:58am

As subject says: I cannot access wp-admin due to above [error].
Otherwise, site functions as it should.

See error log:
2014/01/09 04:31:23 [error] 35759#0: *5254 FastCGI sent in stderr:
“Primary script unknown” while reading response header from upstream,
client: ipaddress, server: hostname, request: “GET
/wordpress/wp-login.php HTTP/1.1”, upstream:
“fastcgi://unix:/var/run/php-fpm.sock:”, host: “hostname”, referrer:
“http://hostname/”

See access.log
[09/Jan/2014:04:31:23 +0000] “GET /wordpress/wp-login.php HTTP/1.1” 404
27 “hostname” “useragent” “-”

See nginx.conf
user www;
worker_processes 1;
error_log logs/error.log info;
pid /var/run/nginx.pid;

events {
worker_connections 768;
}

http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local]
“$request” ’
'$status $body_bytes_sent “$http_referer” ’
‘“$http_user_agent” “$http_x_forwarded_for”’;

 access_log  logs/access.log  main;
 sendfile        on;
 tcp_nopush     off;
 keepalive_timeout  65;
 gzip  off;

 server {
     listen       80;
     listen       443 ssl;
     server_name  hostname;
     root   /usr/local/www;
     ssl_certificate /path/to/crt-chain.pem;
     ssl_certificate_key /path/to/privatekey.pem;
     ssl_dhparam /pth/to/dhparam4096.pem;
     server_name hostname www.hostnam;
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM

EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384
EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW
!3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
ssl_prefer_server_ciphers on;
access_log logs/access.log main;
charset utf-8;

     location / {
         root   /usr/local/www/wordpress;
         try_files $uri $uri/ /index.php?q=$uri&$args;
         index  index.php index.html index.htm;
     }

     error_page   500 502 503 504  /50x.html;
     location = /50x.html {
         root   /usr/local/www/nginx-dist;
     }

     location ~ \.(js|css|png|jpg|jpeg|gif|ico|html)$ {
         expires max;
     }

     location ~ \.php$ {
         root html;
         fastcgi_pass unix:/var/run/php-fpm.sock;
         fastcgi_index  index.php;
         fastcgi_param  SCRIPT_FILENAME

/usr/local/www/wordpress$fastcgi_script_name;
include fastcgi_params;
}

     location ~ /\.ht {
         deny  all;
     }
 }

}

See fastcgi_params:
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param REDIRECT_STATUS 200;

Please advise my mistake and how to fix. Thank you.

nano · January 9, 2014, 12:01pm

On Thu, Jan 09, 2014 at 03:57:43PM +1100, nano wrote:

Hi there,

As subject says: I cannot access wp-admin due to above [error].
Otherwise, site functions as it should.

    location ~ \.php$ {
        fastcgi_param  SCRIPT_FILENAME
/usr/local/www/wordpress$fastcgi_script_name;
}

The request /wordpress/wp-login.php should be handled in your “location
~ .php$” block, where you tell nginx to tell the fasctcgi server to
process the file /usr/local/www/wordpress/wordpress/wp-login.php.

Is that the file that you want the fastcgi server to process?

f

Francis D. [email protected]

nano · January 9, 2014, 12:47pm

On 9/01/2014 10:01 PM, Francis D. wrote:

     }
The request /wordpress/wp-login.php should be handled in your “location
~ .php$” block, where you tell nginx to tell the fasctcgi server to
process the file /usr/local/www/wordpress/wordpress/wp-login.php.

Is that the file that you want the fastcgi server to process?

f

I resolved this problem by making the /wordpress directory the server
root. However, I now have the problem of /usr/local/www/phpMyAdmin being
inaccessible, due to the same error.

–

nano · January 9, 2014, 5:47pm

I resolved this problem by making the /wordpress directory the server root.
However, I now have the problem of /usr/local/www/phpMyAdmin being
inaccessible, due to the same error.

You can, and its probably best to use:

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

Also you should have those to in different nginx config files, its far
better to read/modify if needed.
In any case the .php block should work has long has the “root” is set
right in the different locations!

nano · January 10, 2014, 11:12am

On 10/01/2014 3:46 AM, Miguel C. wrote:

Also you should have those to in different nginx config files, its far
better to read/modify if needed.
In any case the .php block should work has long has the “root” is set
right in the different locations!

Thank you, Miguel. I have implemented your advice to use $document_root
and I have also split configuration into separate files[0] as per your
advice.

[0]
nginx.conf
user www www;
worker_processes 3;
worker_priority 15;
pid /var/run/nginx.pid;
error_log /var/log/nginx-error.log crit;
events {
worker_connections 1024;
accept_mutex on;
use kqueue;
}
http {
include conf.d/options;
include mime.types;
default_type application/octet-stream;
access_log /var/log/nginx-access.log main buffer=32k;
include sites/*.on;
}
±—[ eof ]

sites/site1.on
server {
server_name site1.com www.site1.com;
add_header Cache-Control “public”;
add_header X-Frame-Options “DENY”;
limit_req zone=gulag burst=200 nodelay;
expires max;
listen 80;
listen 443 ssl;
include conf.d/ssl;
root /usr/local/www/site1;
index index.html index.htm index.php;
location = /favicon.ico { return 204; }
location ~*
.(engine|inc|info|install|make|module|profile|test|po|sh|.sql|theme|tpl(.php)?|xtmpl)$|^(..|Entries.*|Repository|Root|Tag|Template)$|.php_
{ deny all; }
location ~ /. {
deny all;
access_log off;
log_not_found off;
}
location / {
root /usr/local/www/site1/wordpress;
try_files $uri $uri/ /index.php?$args;
location ~ .php$ { include conf.d/php-fpm; }
}
include conf.d/phpmyadmin;
location /management { root /usr/local/www/site1/administration; }
location ~ .php$ { include conf.d/php-fpm; }
error_page 500 502 503 504 /50x.html;
location = /50x.html { root /usr/local/www/nginx-dist; }
}
±—[ eof ]

conf.d/phpmyadmin
location ^~ /phpmyadmin {
access_log off;
rewrite ^ /phpMyAdmin/ permanent;
}
location /phpMyAdmin {
root /usr/local/www;
index index.php index.html;
location ~ ^/phpMyAdmin/(.*.php)$ {
root /usr/local/www/;
include conf.d/php-fpm;
}
}
±—[ eof ]

conf.d/php-fpm
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
try_files $uri = 404;
fastcgi_split_path_info ^(.+.php)(.*)$;
fastcgi_index index.php;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_param GEOIP_COUNTRY_CODE $geoip_country_code;
fastcgi_param GEOIP_COUNTRY_NAME $geoip_country_name;
include fastcgi_params;
±—[ eof ]

conf.d/ssl
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_certificate /path/to/crt-chain.pem;
ssl_certificate_key /path/to/key.pem;
ssl_dhparam /path/to/dhparam4096.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers “EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384
EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4
EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS
!RC4”;
ssl_ecdh_curve secp256r1;
ssl_stapling on;
ssl_stapling_verify on;
ssl_prefer_server_ciphers on;
±—[ eof ]

conf.d/options
client_body_timeout 5s;
client_header_timeout 5s;
keepalive_timeout 75s;
send_timeout 15s;
charset utf-8;
#default_type application/octet-stream;
#include /etc/mime.types;
gzip off;
gzip_static on;
gzip_proxied any;
ignore_invalid_headers on;
keepalive_requests 50;
keepalive_disable none;
max_ranges 1;
msie_padding off;
open_file_cache max=1000 inactive=2h;
open_file_cache_errors on;
open_file_cache_min_uses 1;
open_file_cache_valid 1h;
output_buffers 1 512;
postpone_output 1440;
read_ahead 512K;
recursive_error_pages on;
reset_timedout_connection on;
sendfile on;
server_tokens off;
server_name_in_redirect off;
source_charset utf-8;
tcp_nodelay on;
tcp_nopush off;
gzip_disable “MSIE [1-6].(?!.*SV1)”;
limit_req_zone $binary_remote_addr zone=gulag:1m rate=60r/m;
log_format main ‘$remote_addr $host $remote_user [$time_local]
“$request” $status $body_bytes_sent “$http_referer” “$http_user_agent”
$ssl_cipher $request_time’;
±—[ eof ]

–
syn.bsdbox.co ← for dummies