Nginx 404 on wordpress permalinks

[realasifn]

Hello DA Community,

I am setting up a nginx server on direct admin using php-fpm (8.1, 8.3), reverse proxy, and fastcgi.
Everything is going good on testing but when i installed a wordpress on one of the domain, posts, pages are giving "404 not found | nginx" error on posts/custom permalinks. On plan ?p=1 link permalinks, its working fine.

I already tried a custom configuration:

nginx_php.conf

|*if HAVE_PHP1_FPM="1"|
                # use fastcgi for all PHP files

                #location / {
                #    try_files $uri $uri/ /index.php?$args;
                #}

                location ~ \.php$ {
                        try_files $uri =404;
                        fastcgi_split_path_info ^(.+\.php)(/.+)$;
                        include /etc/nginx/fastcgi_params;
                        fastcgi_index index.php;
                        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

                        # Cache logic
                        set $skip_cache 0;

                        # Skip cache for POST requests
                        if ($request_method = POST) {
                                set $skip_cache 1;
                        }

                        # Skip cache for URLs with query strings
                       # if ($query_string != "") {
                       #         set $skip_cache 1;
                       # }

                        # Skip cache for logged-in users or specific cookies
                        if ($http_cookie ~* "wordpress_logged_in|wp-postpass|wordpress_sec|wordpress_test_cookie") {
                                set $skip_cache 1;
                        }

                        if ($query_string ~ "page_id=[0-9]+") {
                                set $skip_cache 0;  # Do not skip caching for permalinks with page_id query string
                       }

                        # Define caching behavior
                        fastcgi_cache_bypass $skip_cache;
                        fastcgi_no_cache $skip_cache;
                        fastcgi_cache FASTCGICACHE;
                        fastcgi_cache_valid 200 60m; # Cache 200 OK responses for 60 minutes
                        fastcgi_cache_valid 301 302 30m; # Cache redirects for 30 minutes
                        fastcgi_cache_valid any 10m; # Cache other responses for 10 minutes

                        # Debug headers
                        add_header X-Cache $upstream_cache_status;
 add_header Cache-Control "public, max-age=3600";

                        # Pass to PHP-FPM
                        fastcgi_pass unix:/usr/local/php|PHP1_RELEASE|/sockets/|USER|.sock;

                        # Include NGINX limits
                        include /etc/nginx/nginx_limits.conf;

                        # Only pass requests for valid files to PHP
                        if (-f $request_filename) {
                                fastcgi_pass unix:/usr/local/php|PHP1_RELEASE|/sockets/|USER|.sock;
                        }
                }

                # Block direct access to specific PHP versions
                location ~ \.(php53|php54|php55|php56|php70|php71|php72|php73|php74|php80|php81|php82)$ {
                        deny all;
                }


|*endif|

nginx_server.conf

|CUSTOM1|
|?DOCROOT=`HOME`/domains/`DOMAIN`/public_html|
|?REALDOCROOT=`HOME`/domains/`DOMAIN`/public_html|
|?OPEN_BASEDIR_PATH=`HOME`/:/tmp:/opt/alt/php`PHP1_RELEASE`/usr/share/pear/:/dev/urandom:/var/tmp:/usr/local/lib/php/|
|?HOST_DOMAIN=`DOMAIN`|
|*if HOST_POINTER|
|?HOST_DOMAIN=`HOST_POINTER`|
|*endif|
server
{
|CUSTOM|

        listen |IP|:|PORT_80|;
        |MULTI_IP|

        server_name |HOST_DOMAIN| www.|HOST_DOMAIN|;

        access_log /var/log/nginx/domains/|DOMAIN|.log;
        access_log /var/log/nginx/domains/|DOMAIN|.bytes bytes;
        error_log /var/log/nginx/domains/|DOMAIN|.error.log;

        root "|DOCROOT|";
        try_files $uri $uri/ /index.php?$args;
        index index.php index.html index.htm;

        |FORCE_SSL_REDIRECT|

        location / {
            try_files $uri $uri/ /index.php?$args;
        }

        # rewrite /wp-admin$ $scheme://$host$uri/ permanent;

        location ~ \.php$ {
            try_files $uri =404;
            include /etc/nginx/fastcgi_params;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/usr/local/php|PHP1_RELEASE|/sockets/|USER|.sock;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_index index.php;
        }

        |NGINX_PHP_CONF|

|*if MAIL_AUTOCONFIG="1"|
    # Mail auto configuration (Thunderbird)
    location = "/.well-known/autoconfig/mail/config-v1.1.xml" {
        proxy_pass http://unix/usr/local/directadmin/shared/internal.sock;
        proxy_set_header X-Forwarded-For  $remote_addr;
        proxy_set_header X-Forwarded-Host $host;
    }
|*endif|

|*if HAVE_NGINX_PROXY="1"|
    location / {
        # Add WordPress-specific permalink handling
        # |CUSTOM2|
        try_files $uri $uri/ /index.php?$args;

        proxy_buffering |PROXY_BUFFERING|;
        proxy_pass http://|PROXY_IP|:|PORT_8080|;
        proxy_set_header X-Client-IP      $remote_addr;
        proxy_set_header X-Accel-Internal /nginx_static_files;
        proxy_set_header Host             $host;
        proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_hide_header Upgrade;
    }

    location /nginx_static_files/ {
        alias "|DOCROOT|/";
        internal;
    }
|*endif|

|NGINX_REDIRECTS|
|HOTLINK_PROTECTION|
|*endif|

|CUSTOM3|
        include /etc/nginx/webapps.conf;

|*if HAVE_NGINX_PROXY!="1"|
|LOCATION_BLOCKS|
|EXTRA_LOCATIONS|
|*endif|

|MOD_SECURITY_RULES|

|CUSTOM4|
}

cd /usr/local/directadmin/custombuild
./build rewrite_confs
service nginx restart

(on every modification to the custom files)

WordPress > Permali

 

[zEitEr]

Hello,

You mentioned a a revered proxy. If you run NGINX+Apache, then mod_rewrite rules in .htaccess file should work fine.

If you run NGINX, then you can choose a WordPress template in Directadmin for your site.

 

[realasifn]

Thanks for response, i have already fixed this problem, try_files was repeating on multiple config files, used only once fixed the problem.

1 thing keeps bothering me for months, is the correct max pm child setting:

Current settings:
pm = ondemand
pm.max_children = |MAX_CHILDREN|
pm.process_idle_timeout = 20
pm.max_requests = |MAX_REQUESTS|
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 10
pm.max_children = 20

new tested settings (crashed nginx error) = calculated using formula as described at: https://thisinterestsme.com/php-fpm-settings/

pm.max_children 25
pm.start_servers 16
pm.min_spare_servers 8
pm.max_spare_servers 16

Can you help me with this? it keeps spawning processes and very high CPU usage even for single user on any site. Opcache & server cache helps but i want main config optimised also for new users and dynamic sites.

 

[zEitEr]

Can you help me with this?

Yes, I can help you with it. But I don't give figures on forums without a full investigation done by me. Users who posts on the forums hoping to get magic numbers, will be most likely disappointed. If we fully rely on your post keeping in mind that you mentioned a single user visiting a site it will be not professional advice, but just a guess game. And the game might take too much time.

I saw many cases when a single user (or bot) can bring a server down. If it is your case, then I would dive into details and try to find out what is wrong with a PHP application. What scripts are keeping running too long. Whether or not they do remote calls over HTTP/SMTP/FTP, whether they or not send emails, query a database server, write files, crop images, etc.

So, again, I do give no magic figures. If you need only them, you are kindly advised to do it on your own. Trying to find the figures that would work for the case, is just the same if we would try and guess what speed will you need to keep a car driving with one wheel blown.

If you want to dive into details and troubleshoot the application, then a good point to start from will be:

- mysqladmin
- slow logs in PHP-FPM
- nginx logs

Probably your application/site is under attacks from bots and vulnerability scanners, which are not visible for JS monitoring tools. How do you define that there is only one user on a site then?