magento2: Unable to run Web Setup on nginx

Hi,

I’ve downloaded my magento 2 copy using composer, and set up a nginx website using this config:

upstream fastcgi_backend {
   server   unix:/var/run/php5-fpm.sock;
}

server {
   listen 80;
   server_name magento;

   set $MAGE_ROOT /home/esoares/Code/project-community-edition;
   set $MAGE_MODE developer;

   include /home/esoares/Code/project-community-edition/nginx.conf.sample;
}

When I try to run “http://magento/setuo” it loads an empty view. Oppening the Chrome Dev. Console, it shows me:

GET http://magento/setup/index.php/navigation 403 (Forbidden)
GET http://magento/setup/index.php/navigation/side-menu 403 (Forbidden)
GET http://magento/setup/index.php/navigation/header-bar 403 (Forbidden)

I’m realy getting crazy about this. I’m using recomended nginx setup and config file…

My server has permission to access files, and all files have proper chmod

Also my nginx log this:

2015/11/24 15:19:30 [error] 28384#0: *6 FastCGI sent in stderr: "Access to the script '/home/esoares/Code/project-community-edition/setup/index.php/navigation' has been denied (see security.limit_extensions)" while reading response header from upstream, client: 127.0.0.1, server: magento, request: "GET /setup/index.php/navigation HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "magento", referrer: "http://magento/setup/"
2015/11/24 15:19:30 [error] 28384#0: *5 FastCGI sent in stderr: "Access to the script '/home/esoares/Code/project-community-edition/setup/index.php/navigation/header-bar' has been denied (see security.limit_extensions)" while reading response header from upstream, client: 127.0.0.1, server: magento, request: "GET /setup/index.php/navigation/header-bar HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "magento", referrer: "http://magento/setup/"
2015/11/24 15:19:30 [error] 28384#0: *6 FastCGI sent in stderr: "Access to the script '/home/esoares/Code/project-community-edition/setup/index.php/navigation/side-menu' has been denied (see security.limit_extensions)" while reading response header from upstream, client: 127.0.0.1, server: magento, request: "GET /setup/index.php/navigation/side-menu HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "magento", referrer: "http://magento/setup/"
2015/11/24 15:21:30 [error] 28384#0: *6 FastCGI sent in stderr: "Access to the script '/home/esoares/Code/project-community-edition/setup/index.php/session/prolong' has been denied (see security.limit_extensions)" while reading response header from upstream, client: 127.0.0.1, server: magento, request: "POST /setup/index.php/session/prolong HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "magento", referrer: "http://magento/setup/"

About this issue

  • Original URL
  • State: closed
  • Created 9 years ago
  • Comments: 52 (3 by maintainers)

Most upvoted comments

Solved:

Changed nginx.conf.sample /setup location block to:

location /setup {
    root $MAGE_ROOT;
    location ~ ^/setup/index.php {

        ### This fixes the problem:
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        ################################

        fastcgi_pass   fastcgi_backend;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }

    location ~ ^/setup/(?!pub/). {
        deny all;
    }

    location ~ ^/setup/pub/ {
        add_header X-Frame-Options "SAMEORIGIN";
    }
}
+87
iget-esoares on Nov 25, 2015

The fix for me was to update cgi.fix_pathinfo to 1 inside of my php.ini file.

+21
ghost on Jan 27, 2016

this thread just shows how many people dont know the difference between the real bug and specific environmental configuration.

+13
magenx on Oct 7, 2016

Almost ONE YEAR after creating this issue, I’ve decided to try Magento 2 again, and I stuck on the same error, in another totally different machine (Ubuntu 16 instead of 14, brand new setup).

Again, the only fix I’ve found was my own fix. I really don’t understand WHY this shouldn’t be merged, since many people related that it fixed for them.

Imagine many new people that want to try Magento 2, and stuck into this error? Not everyone has the know legend to fix this, or seek on github issues.

+11
iget-esoares on Oct 7, 2016

The solution provided by @iget-esoares didn’t work for me, maybe because I’m running this on Vagrant/Homestead box, but what really worked for me was this:

Insert this directive after this location ~ ^/setup/index.php { try_files $uri $uri/ /setup/index.php?$query_string;

That fixed the problem for me.

+6
Dannymx on Aug 20, 2018

Closing this issue, since it is not magento related.

+5
mazhalai on Nov 25, 2015

Thanks from me too @iget-esoares. Wonder why so common problem posted only here. Lost 2 days to found fix for it. @mazhalai we need your attention, it’s a BUG

+3
deenoize on Jan 26, 2016

@mazhalai

Yes, it is an magento related problem!

I have many applications running on this machine, from Laravel to Zend applications, and this problem does not occours.

Magento 2 suggests an default nginx conf file that does not work!

+3
iget-esoares on Nov 25, 2015

i have this problem with apache server and php5.6; setting

cgi.fix_pathinfo=0 or cgi.fix_pathinfo=1

does not work.

In the chrome debugger network tab, i can see that an ajax request is not returning and executed again and again: Request URL:http://localhost/setup/index.php/session/prolong

it happens in angular.js:7715

Edit: my problem was that i had two repos in the composer.json after migration from 1.9

+2
daveyx on May 22, 2017

@deenoize if it was a bug then 95% installations would fail… while it’s only few of them, which tells me that you have to check your php cgi.fix_pathinfo variable. or even check your specific setup…

+2
magenx on Jan 26, 2016

Trying to follow the error.

When I try to access http://magneto/ it give me this:

NOTE: You cannot install Magento using the Setup Wizard because the Magento setup directory cannot be accessed. 
You can install Magento using either the command line or you must restore access to the following directory: /home/esoares/Code/project-community-edition/setup

Following the stack, I found this method: Magento\Framework\App\Http->redirectToSetup() that check if setupinfo is available.

The method isAvailable is:

public function isAvailable()
    {
        var_dump($this->projectRoot) // This dumps: `/home/esoares/Code/project-community-edition/pub/`

        $setupDir = $this->getDir($this->projectRoot); // If I var_dump this, i get: `/home/esoares/Code/project-community-edition/pub/setup`

        $isSubDir = false !== strpos($setupDir . '/', $this->docRoot . '/');
        return $isSubDir && realpath($setupDir);
    }

Note that this is producing wrong setup directory and root directory!

+2
iget-esoares on Nov 25, 2015

@iget-esoares I believe this is an nginx/php-fpm issue. Please see this thread for a possible solution: http://stackoverflow.com/questions/23390531/access-denied-403-for-php-files-with-nginx-php-fpm?answertab=active#tab-top

+2
mazhalai on Nov 24, 2015

magento 2.2.1, php-fpm 7, nginx. Same problem… Only @iget-esoares’s solution helps.

+1
devilstars on Nov 23, 2017

@mazhalai @magento-admin

+1
iget-esoares on Oct 7, 2016

I found simple solution from here: http://dltr.org/blog/magento/583/magento-2-setup-on-existing-vagrant-environment-using-browser

+1
ihsanberahim on Apr 20, 2016
Read more comments on GitHub
← magento2: Unable to reindex from backend, bug?
magento2: Unable to save page and block changes using Page Builder with enabled js minification. →