Using Virtualmin with Nginx - 403 Forbidden & 502 Bad Gateway

Hi all!

I just got a new server up and running with Virtualmin with Nginx and have been very happy with the feature set and the capability for the cost (can’t beat free!). The problem that I’m having is that while the first (and most important) server on my VPS is working quite well, I can’t seem to get the second server I created and all of the sub-servers underneath to work. At first, I was getting a 403 Forbidden error for everything (files that existed, files that didn’t exist, empty folders, folders with no index files, etc.). Following the (somewhat inconclusive) advise of other threads I’ve run across, I’ve modified some of the permissions in some of the folders (the main public_html, the sub-server root directories (i.e. /home/account/domains/example.domain.com), and the sub-server public_html directories), and now Nginx is serving static files from the affected domains, but is returning a 502 Bad Gateway error when trying to access any PHP files.

Here’s my Nginx configuration (domain names have been changed for privacy):

user nginx; worker_processes 1;

error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;

events {
worker_connections 1024;
}

http {
include /etc/nginx/mime.types;
default_type application/octet-stream;

log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                  '$status $body_bytes_sent "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for"';

access_log  /var/log/nginx/access.log  main;

sendfile        on;
#tcp_nopush     on;

keepalive_timeout  65;

#gzip  on;

include /etc/nginx/conf.d/*.conf;
server_names_hash_bucket_size 128;
server {
	server_name workingdomain.com www.workingdomain.com;
	listen 198.15.123.155;
	root /home/workingdomain/public_html;
	index "index.html index.php";
	access_log /var/log/virtualmin/workingdomain.com_access_log;
	error_log /var/log/virtualmin/workingdomain.com_error_log;
	fastcgi_param GATEWAY_INTERFACE CGI/1.1;
	fastcgi_param SERVER_SOFTWARE nginx;
	fastcgi_param QUERY_STRING $query_string;
	fastcgi_param REQUEST_METHOD $request_method;
	fastcgi_param CONTENT_TYPE $content_type;
	fastcgi_param CONTENT_LENGTH $content_length;
	fastcgi_param SCRIPT_FILENAME /home/workingdomain/public_html$fastcgi_script_name;
	fastcgi_param SCRIPT_NAME $fastcgi_script_name;
	fastcgi_param REQUEST_URI $request_uri;
	fastcgi_param DOCUMENT_URI $document_uri;
	fastcgi_param DOCUMENT_ROOT /home/workingdomain/public_html;
	fastcgi_param SERVER_PROTOCOL $server_protocol;
	fastcgi_param REMOTE_ADDR $remote_addr;
	fastcgi_param REMOTE_PORT $remote_port;
	fastcgi_param SERVER_ADDR $server_addr;
	fastcgi_param SERVER_PORT $server_port;
	fastcgi_param SERVER_NAME $server_name;
	fastcgi_param HTTPS on;
	location ~ \.php$ {
		try_files $uri =404;
		fastcgi_pass localhost:9000;
	}
	listen 198.15.123.155:443 default ssl;
	ssl_certificate /home/workingdomain/ssl.cert;
	ssl_certificate_key /home/workingdomain/ssl.key;
	gzip on;

	# CS-Cart
	location / {
		if (-f $request_filename/index.html){
			rewrite (.*) $1/index.html break;
		}

		if (-f $request_filename/index.php){
			rewrite (.*) $1/index.php;
		}

		if (!-f $request_filename){
			rewrite ^ /index.php?sef_rewrite=1;
		}
	}

	location ~* .(tpl|zip|gz)$ {
		if (-f $request_filename) {
			return 403;
		}
	}
}
server {
	server_name nonworkingdomain.com www.nonworkingdomain.com;
	listen 198.15.123.154;
	root /home/nonworkingdomain/public_html;
	index index.html index.htm index.php;
	access_log /var/log/virtualmin/nonworkingdomain.com_access_log;
	error_log /var/log/virtualmin/nonworkingdomain.com_error_log;
	fastcgi_param GATEWAY_INTERFACE CGI/1.1;
	fastcgi_param SERVER_SOFTWARE nginx;
	fastcgi_param QUERY_STRING $query_string;
	fastcgi_param REQUEST_METHOD $request_method;
	fastcgi_param CONTENT_TYPE $content_type;
	fastcgi_param CONTENT_LENGTH $content_length;
	fastcgi_param SCRIPT_FILENAME /home/nonworkingdomain/public_html$fastcgi_script_name;
	fastcgi_param SCRIPT_NAME $fastcgi_script_name;
	fastcgi_param REQUEST_URI $request_uri;
	fastcgi_param DOCUMENT_URI $document_uri;
	fastcgi_param DOCUMENT_ROOT /home/nonworkingdomain/public_html;
	fastcgi_param SERVER_PROTOCOL $server_protocol;
	fastcgi_param REMOTE_ADDR $remote_addr;
	fastcgi_param REMOTE_PORT $remote_port;
	fastcgi_param SERVER_ADDR $server_addr;
	fastcgi_param SERVER_PORT $server_port;
	fastcgi_param SERVER_NAME $server_name;
	location ~ \.php$ {
		try_files $uri =404;
		fastcgi_pass localhost:9001;
	}
	listen 198.15.123.154:443 default ssl;
	ssl_certificate /home/nonworkingdomain/ssl.cert;
	ssl_certificate_key /home/nonworkingdomain/ssl.key;
}
server {
	server_name auctions.nonworkingdomain.com www.auctions.nonworkingdomain.com;
	listen 198.15.123.154;
	root /home/nonworkingdomain/domains/auctions.nonworkingdomain.com/public_html;
	index index.html index.htm index.php;
	access_log /var/log/virtualmin/auctions.nonworkingdomain.com_access_log;
	error_log /var/log/virtualmin/auctions.nonworkingdomain.com_error_log;
	fastcgi_param GATEWAY_INTERFACE CGI/1.1;
	fastcgi_param SERVER_SOFTWARE nginx;
	fastcgi_param QUERY_STRING $query_string;
	fastcgi_param REQUEST_METHOD $request_method;
	fastcgi_param CONTENT_TYPE $content_type;
	fastcgi_param CONTENT_LENGTH $content_length;
	fastcgi_param SCRIPT_FILENAME /home/nonworkingdomain/domains/auctions.nonworkingdomain.com/public_html$fastcgi_script_name;
	fastcgi_param SCRIPT_NAME $fastcgi_script_name;
	fastcgi_param REQUEST_URI $request_uri;
	fastcgi_param DOCUMENT_URI $document_uri;
	fastcgi_param DOCUMENT_ROOT /home/nonworkingdomain/domains/auctions.nonworkingdomain.com/public_html;
	fastcgi_param SERVER_PROTOCOL $server_protocol;
	fastcgi_param REMOTE_ADDR $remote_addr;
	fastcgi_param REMOTE_PORT $remote_port;
	fastcgi_param SERVER_ADDR $server_addr;
	fastcgi_param SERVER_PORT $server_port;
	fastcgi_param SERVER_NAME $server_name;
	location ~ \.php$ {
		try_files $uri =404;
		fastcgi_pass localhost:9002;
	}
	listen 198.15.123.154:443;
	ssl_certificate /home/nonworkingdomain/domains/auctions.nonworkingdomain.com/ssl.cert;
	ssl_certificate_key /home/nonworkingdomain/domains/auctions.nonworkingdomain.com/ssl.key;
}
server {
	server_name billing.nonworkingdomain.com www.billing.nonworkingdomain.com;
	listen 198.15.123.154;
	root /home/nonworkingdomain/domains/billing.nonworkingdomain.com/public_html;
	index index.html index.htm index.php;
	access_log /var/log/virtualmin/billing.nonworkingdomain.com_access_log;
	error_log /var/log/virtualmin/billing.nonworkingdomain.com_error_log;
	fastcgi_param GATEWAY_INTERFACE CGI/1.1;
	fastcgi_param SERVER_SOFTWARE nginx;
	fastcgi_param QUERY_STRING $query_string;
	fastcgi_param REQUEST_METHOD $request_method;
	fastcgi_param CONTENT_TYPE $content_type;
	fastcgi_param CONTENT_LENGTH $content_length;
	fastcgi_param SCRIPT_FILENAME /home/nonworkingdomain/domains/billing.nonworkingdomain.com/public_html$fastcgi_script_name;
	fastcgi_param SCRIPT_NAME $fastcgi_script_name;
	fastcgi_param REQUEST_URI $request_uri;
	fastcgi_param DOCUMENT_URI $document_uri;
	fastcgi_param DOCUMENT_ROOT /home/nonworkingdomain/domains/billing.nonworkingdomain.com/public_html;
	fastcgi_param SERVER_PROTOCOL $server_protocol;
	fastcgi_param REMOTE_ADDR $remote_addr;
	fastcgi_param REMOTE_PORT $remote_port;
	fastcgi_param SERVER_ADDR $server_addr;
	fastcgi_param SERVER_PORT $server_port;
	fastcgi_param SERVER_NAME $server_name;
	location ~ \.php$ {
		try_files $uri =404;
		fastcgi_pass localhost:9003;
	}
	listen 198.15.123.154:443;
	ssl_certificate /home/nonworkingdomain/domains/billing.nonworkingdomain.com/ssl.cert;
	ssl_certificate_key /home/nonworkingdomain/domains/billing.nonworkingdomain.com/ssl.key;
}
server {
	server_name go.nonworkingdomain.com www.go.nonworkingdomain.com;
	listen 198.15.123.154;
	root /home/nonworkingdomain/domains/go.nonworkingdomain.com/public_html;
	index index.html index.htm index.php;
	access_log /var/log/virtualmin/go.nonworkingdomain.com_access_log;
	error_log /var/log/virtualmin/go.nonworkingdomain.com_error_log;
	fastcgi_param GATEWAY_INTERFACE CGI/1.1;
	fastcgi_param SERVER_SOFTWARE nginx;
	fastcgi_param QUERY_STRING $query_string;
	fastcgi_param REQUEST_METHOD $request_method;
	fastcgi_param CONTENT_TYPE $content_type;
	fastcgi_param CONTENT_LENGTH $content_length;
	fastcgi_param SCRIPT_FILENAME /home/nonworkingdomain/domains/go.nonworkingdomain.com/public_html$fastcgi_script_name;
	fastcgi_param SCRIPT_NAME $fastcgi_script_name;
	fastcgi_param REQUEST_URI $request_uri;
	fastcgi_param DOCUMENT_URI $document_uri;
	fastcgi_param DOCUMENT_ROOT /home/nonworkingdomain/domains/go.nonworkingdomain.com/public_html;
	fastcgi_param SERVER_PROTOCOL $server_protocol;
	fastcgi_param REMOTE_ADDR $remote_addr;
	fastcgi_param REMOTE_PORT $remote_port;
	fastcgi_param SERVER_ADDR $server_addr;
	fastcgi_param SERVER_PORT $server_port;
	fastcgi_param SERVER_NAME $server_name;
	location ~ \.php$ {
		try_files $uri =404;
		fastcgi_pass localhost:9004;
	}
}
server {
	server_name survey.nonworkingdomain.com www.survey.nonworkingdomain.com;
	listen 198.15.123.154;
	root /home/nonworkingdomain/domains/survey.nonworkingdomain.com/public_html;
	index index.html index.htm index.php;
	access_log /var/log/virtualmin/survey.nonworkingdomain.com_access_log;
	error_log /var/log/virtualmin/survey.nonworkingdomain.com_error_log;
	fastcgi_param GATEWAY_INTERFACE CGI/1.1;
	fastcgi_param SERVER_SOFTWARE nginx;
	fastcgi_param QUERY_STRING $query_string;
	fastcgi_param REQUEST_METHOD $request_method;
	fastcgi_param CONTENT_TYPE $content_type;
	fastcgi_param CONTENT_LENGTH $content_length;
	fastcgi_param SCRIPT_FILENAME /home/nonworkingdomain/domains/survey.nonworkingdomain.com/public_html$fastcgi_script_name;
	fastcgi_param SCRIPT_NAME $fastcgi_script_name;
	fastcgi_param REQUEST_URI $request_uri;
	fastcgi_param DOCUMENT_URI $document_uri;
	fastcgi_param DOCUMENT_ROOT /home/nonworkingdomain/domains/survey.nonworkingdomain.com/public_html;
	fastcgi_param SERVER_PROTOCOL $server_protocol;
	fastcgi_param REMOTE_ADDR $remote_addr;
	fastcgi_param REMOTE_PORT $remote_port;
	fastcgi_param SERVER_ADDR $server_addr;
	fastcgi_param SERVER_PORT $server_port;
	fastcgi_param SERVER_NAME $server_name;
	location ~ \.php$ {
		try_files $uri =404;
		fastcgi_pass localhost:9005;
	}
}

}

As the names suggest, “workingdomain.com” is the server that’s working, and “nonworkingdomain.com” is the server that isn’t. If any additional would be helpful, please let me know!

If anyone could offer any insight or possible solutions to try, it would be greatly appreciated.

Thank you in advance for your help!

Any ideas anyone?

Is this in one file? if so the server parts does not belong in the nginx.conf every domain has its own separate file with the server { … } in it, virtualmin makes those when you create domain.

When I see the server { … } I don’t see any errors so when you have a index.htm , .php or .html it would work