# Nginx frontend Apache24 backend



## akshin (Jul 17, 2019)

Hi!
Please help me. I can't do Nginx frontend and apache24 backend. I get this error here.




Here are my settings. FreeBSD12. PHP 7.2.19. nginx/1.14.2.

```
root@freebsd:/usr/local/www/test3.iandreev.com # ls
index.php               test3-access_log        test3-error_log

root@freebsd:/usr/local/www/test3.iandreev.com # cat test3-access_log
127.0.0.1 - - [17/Jul/2019:16:46:17 +0400] "GET / HTTP/1.0" 403 209
root@freebsd:/usr/local/www/test3.iandreev.com # cat test3-error_log
[Wed Jul 17 16:46:17.509106 2019] [authz_core:error] [pid 3217] [client 127.0.0.1:26663] AH01630: client denied by server configuration: /usr/local/www/test3.iandreev.com/

root@freebsd:/usr/local/etc/apache24/modules.d # service apache24 restart 
Performing sanity check on apache24 configuration:
Syntax OK
Stopping apache24.
Waiting for PIDS: 3214.
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
root@freebsd:/usr/local/etc/apache24/modules.d # service php-fpm restart
Performing sanity check on php-fpm configuration:
[17-Jul-2019 17:22:08] NOTICE: configuration file /usr/local/etc/php-fpm.conf test is successful

Stopping php_fpm.
Waiting for PIDS: 3237.
Performing sanity check on php-fpm configuration:
[17-Jul-2019 17:22:08] NOTICE: configuration file /usr/local/etc/php-fpm.conf test is successful

Starting php_fpm.
root@freebsd:/usr/local/etc/apache24/modules.d # service nginx restart 
Performing sanity check on nginx configuration:
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Stopping nginx.
Waiting for PIDS: 3257.
Performing sanity check on nginx configuration:
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Starting nginx.
```


----------



## SirDice (Jul 17, 2019)

akshin said:


> I can't do Nginx frontend and apache24 backend.


Help me out here, why do you want to do this in the first place? What problem or issue are you trying to solve with this setup?

That said, the error points to a non-existing DirectoryIndex. If it's missing or not accessible Apache defaults to showing a directory listing, which is forbidden by default due to the security implications. Hence the 403 Forbidden.


----------



## akshin (Jul 17, 2019)

```
<IfModule dir_module>
    DirectoryIndex index.php index.html
</ IfModule>
```

But same error.


----------



## SirDice (Jul 17, 2019)

Are there more vhosts defined for Apache? You're specifically calling http://127.0.0.1:8080 from the nginx proxy statement. So Apache is going to use the first defined vhost. Which may not be your test3 Apache vhost.

Also check the permissions on /usr/local/www/test3.iandreev.com directory and check if a index.php or index.html actually exists there.


----------



## akshin (Jul 17, 2019)

I calling with 
test3.iandreev.com


----------



## akshin (Jul 17, 2019)

```
root@freebsd:/usr/local/www # ls -la
total 40
drwxr-xr-x  10 root  wheel   512 Jul 15 14:06 .
drwxr-xr-x  14 root  wheel   512 Jul  2 01:10 ..
drwxr-xr-x   6 root  wheel   512 Jul  6 15:51 apache24
lrwxr-xr-x   1 root  wheel    25 Jul  1 23:46 nginx -> /usr/local/www/nginx-dist
dr-xr-xr-x   2 root  wheel   512 Jul  2 00:46 nginx-dist
drwxr-xr-x   2 www   www     512 Jul 17 14:59 test1.iandreev.com
drwxr-xr-x   2 www   www     512 Jul 17 14:59 test2.iandreev.com
drwxr-xr-x   2 www   www     512 Jul 17 16:33 test3.iandreev.com
drwxr-xr-x   5 www   www     512 Jul 15 13:14 test4.iandreev.com
drwxr-xr-x   2 www   www     512 Jul 15 14:10 test5.iandreev.com
drwxr-xr-x  13 www   www    3584 Jul  2 00:53 zabbix4
```


----------



## SirDice (Jul 17, 2019)

akshin said:


> I calling with
> test3.iandreev.com




Yes, but that's being handled by nginx. Nginx in turn calls for http://127.0.0.1:8080:


```
upstream backend {
  server 127.0.0.1:8080;
}

....
    location / {
        proxy_pass  http://backend;
....
```

So Apache is going to see a request for 127.0.0.1, not test3.iandreev.com.


----------



## akshin (Jul 17, 2019)

upstream backend {
  server test3.iandreev.com:8080;

Is it right?


----------



## SirDice (Jul 17, 2019)

I should have looked further, this is correct:

```
proxy_set_header            Host $host;
```

That will make sure nginx passes the Host: header to Apache. So that actually looks to be in order.

Have a look through /var/log/nginx/test3.iandreev.error.log for any errors on the nginx side. Then look through /usr/local/www/test3.iandreev.com/test3-error_log for errors on the Apache side. One of them is going to show the error and the reason for it.


----------



## akshin (Jul 17, 2019)

```
root@freebsd:/usr/local/www/test3.iandreev.com # cat /var/log/nginx/test3.iandreev.error.log
2019/07/17 17:42:24 [error] 3966#100152: *5 open() "/home/site/adminunix.ru/static/favicon.ico" failed (2: No such file or directory), client: 192.168.1.155, server: test3.iandreev.com, request: "GET /favicon.ico HTTP/1.1", host: "test3.iandreev.com", referrer: "[URL]http://test3.iandreev.com/[/URL]"
2019/07/17 17:43:10 [error] 3966#100152: *11 open() "/home/site/adminunix.ru/static/favicon.ico" failed (2: No such file or directory), client: 192.168.1.155, server: test3.iandreev.com, request: "GET /favicon.ico HTTP/1.1", host: "test3.iandreev.com"

root@freebsd:/usr/local/www/test3.iandreev.com # /usr/local/www/test3.iandreev.com/test3-error_log
/usr/local/www/test3.iandreev.com/test3-error_log: Permission denied.
```


----------



## SirDice (Jul 17, 2019)

You can ignore the errors about favicon.ico. They're not important.


----------



## akshin (Jul 18, 2019)

Solved
DocumentRoot "/usr/local/www"
<Directory "/usr/local/www">
in httpd.conf
Thank you!


----------

