关于 PHP5-FPM 和 NginX 的 MediaWiki PHP 会话
Posted
技术标签:
【中文标题】关于 PHP5-FPM 和 NginX 的 MediaWiki PHP 会话【英文标题】:MediaWiki PHP sessions on PHP5-FPM and NginX 【发布时间】:2014-02-28 11:26:29 【问题描述】:我已经尝试在我的 nginx/php5-fpm 堆栈上安装 mediawiki 大约一天了,我在这个堆栈上安装了许多其他框架,从 Wordpress、Magento 到 OpenEMON 都运行良好:
Ubuntu 12.04 LTS NginX 1.3.8 带 SPDY PHP-FPM 5.5.8-3 清漆 3.0.2 APCu 4.0.2 Zend OPCache 7.0.3-dev如果你看这里:http://wiki.qubmc.co.uk/mw-config/index.php
按继续只会显示会话错误:Your session data was lost! Check your php.ini and make sure session.save_path is set to an appropriate directory.
PHP 正在为此应用程序和其他应用程序在 /tmp/ 创建会话。
Nginx 配置:
# HTTP server
server
listen 8080;
server_name wiki.qubmc.co.uk;
root /var/www/qubmc.co.uk/wiki;
index index.html index.php;
client_body_timeout 60;
# Exclude all access from the cache directory
location ^~ /cache/ deny all;
# Prevent access to any files starting with a dot, like .htaccess
# or text editor temp files
location ~ /\. access_log off; log_not_found off; deny all;
# Prevent access to any files starting with a $ (usually temp files)
location ~ ~$ access_log off; log_not_found off; deny all;
# Do not log access to robots.txt, to keep the logs cleaner
location = /robots.txt access_log off; log_not_found off;
# Do not log access to the favicon, to keep the logs cleaner
location = /favicon.ico access_log off; log_not_found off;
# Keep images and CSS around in browser cache for as long as possible,
# to cut down on server load
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$
try_files $uri /index.php;
expires max;
log_not_found off;
# Mark all of these directories as "internal", which means that they cannot
# be explicitly accessed by clients. However, the web server can still use
# and serve the files inside of them. This keeps people from poking around
# in the wiki's internals.
location ^~ /bin/ internal;
location ^~ /docs/ internal;
location ^~ /extensions/ internal;
location ^~ /includes/ internal;
location ^~ /maintenance/ internal;
# location ^~ /mw-config/ internal; #Uncomment after installation
location ^~ /resources/ internal;
location ^~ /serialized/ internal;
location ^~ /tests/ internal;
# Force potentially-malicious files in the /images directory to be served
# with a text/plain mime type, to prevent them from being executed by
# the PHP handler
location ~* ^/images/.*.(html|htm|shtml|php)$
types
default_type text/plain;
# Redirect all requests for unknown URLs out of images and back to the
# root index.php file
location ^~ /images/
try_files $uri /index.php;
location ~ \.php5?$
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php-daemon;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
location ~ \.php?$
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php-daemon;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
php.ini
[Session]
; Handler used to store/retrieve data.
; http://php.net/session.save-handler
session.save_handler = files
; Argument passed to save_handler. In the case of files, this is the path
; where data files are stored. Note: Windows users have to change this
; variable in order to use PHP's session functions.
;
; The path can be defined as:
;
; session.save_path = "N;/path"
;
; where N is an integer. Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories. This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
;
; NOTE 1: PHP will not create this directory structure automatically.
; You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose to
; use subdirectories for session storage
;
; The file storage module creates files using mode 600 by default.
; You can change that by using
;
; session.save_path = "N;MODE;/path"
;
; where N is an integer. Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories. This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
;
; NOTE 1: PHP will not create this directory structure automatically.
; You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose to
; use subdirectories for session storage
;
; The file storage module creates files using mode 600 by default.
; You can change that by using
;
; session.save_path = "N;MODE;/path"
;
; where MODE is the octal representation of the mode. Note that this
; does not overwrite the process's umask.
; http://php.net/session.save-path
session.save_path = /tmp/
; Whether to use cookies.
; http://php.net/session.use-cookies
session.use_cookies = 1
; http://php.net/session.cookie-secure
;session.cookie_secure =
; This option forces PHP to fetch and use a cookie for storing and maintaining
; the session id. We encourage this operation as it's very helpful in combatting
; session hijacking when not specifying and managing your own session id. It is
; not the end all be all of session hijacking defense, but it's a good start.
; http://php.net/session.use-only-cookies
session.use_only_cookies = 1
; Name of the session (used as cookie name).
; http://php.net/session.name
session.name = PHPSESSID
; Initialize session on request startup.
; http://php.net/session.auto-start
session.auto_start = 0
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
; http://php.net/session.cookie-lifetime
session.cookie_lifetime = 0
; The path for which the cookie is valid.
; http://php.net/session.cookie-path
session.cookie_path = /
; The domain for which the cookie is valid.
; http://php.net/session.cookie-domain
session.cookie_domain =
; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as javascript.
; http://php.net/session.cookie-httponly
session.cookie_httponly =
; Handler used to serialize data. php is the standard serializer of PHP.
; http://php.net/session.serialize-handler
session.serialize_handler = php
对此的任何建议都非常值得赞赏,因为它让我发疯,所有其他框架似乎都没有会话问题。
根据要求:
root@web:~# ls -ahl /tmp/
total 3.9M
drwxrwxrwx 5 root root 3.0M Feb 4 15:56 .
drwxr-xr-x 26 root root 4.0K Jan 3 11:46 ..
drwxrwxrwt 2 root root 4.0K Jan 6 21:16 .ICE-unix
-rw------- 1 [webuser] www-data 65 Feb 4 15:06 sess_08sv9bc2ct47u0j2l3m3b77sa1
-rw------- 1 [webuser] www-data 64 Feb 4 12:09 sess_0gflq74v80c0cdsajevvr386r0
-rw------- 1 [webuser] www-data 65 Feb 4 14:38 sess_0ind5lrk1i1n3kgl8cboqpm5n4
root@web:~# ls -ahl /var/www/qubmc.co.uk/wiki/
total 840K
drwxr-xr-x 14 [webuser] www-data 4.0K Feb 4 12:17 .
drwxr-xr-x 5 [webuser] www-data 4.0K Oct 27 19:00 ..
-rw-r--r-- 1 [webuser] www-data 3.8K Jan 28 00:06 api.php
-rw-r--r-- 1 [webuser] www-data 916 Jan 28 00:06 api.php5
drwxr-xr-x 2 [webuser] www-data 4.0K Jan 28 00:06 cache
【问题讨论】:
你能给我们ls -ahl /tmp/和ls -ahl /path/to/script吗?确保允许脚本所有者从 cookie 文件和 tmp 目录读取和写入。还要确保你有正确的 (php5-fpm) php.ini 和更改 - 重新启动 fpm-workers,而不仅仅是 nginx。
根据要求,上面列出的ls,/tmp/ 是 777,php.ini 是正确的 - 如上所述,其他应用程序在同一台服务器上正常运行。我总是在测试时完全重新加载 fpm 和 nginx。
【参考方案1】:
根据Aaron Schulz,不要使用默认会话处理,这是灾难性的。当您在同一台机器上运行其他 PHP 应用程序时,会话文件也很可能相互干扰。
当你启用了 OPCache,添加
$wgMainCacheType = CACHE_ACCEL;
$wgSessionsInObjectCache = true;
在您的LocalSettings.php 中,让我们知道情况是否有所改善(他们肯定应该)。
【讨论】:
感谢您提示改用 Redis。几天来,我一直在调试 PHP 会话,这些会话在浏览相同的域和路径时只需转到“/”就消失了。如果我将 href 链接更改为“/index.php”或“/somefile.php”,那么会话将再次起作用,但是当单击“/”链接时,PHPSESSID 会消失。我正在使用 nginx 1.12 和 php5-fpm。现在我使用 Redis 进行会话,这种混乱已经消失,一切都恢复正常了 - 回到我在 Apache 上使用 PHP 模块运行这个应用程序时的工作方式。【参考方案2】:我遇到了完全相同的问题。无非就是不提供正确的路径,文件夹不存在;还需要文件夹的权限。
我的修复:
在您的目录中创建一个包含 WiKi 文件的文件夹,并将其命名为 tmp。
如果您使用的是 Windows,则为新文件夹设置权限。如果您使用的是 Mac,请使用 777。
我使用了直接路径F:\var\www\mediawiki-1.26.2\tmp\
重新加载 Apache 并再次尝试安装 WiKi。
【讨论】:
以上是关于关于 PHP5-FPM 和 NginX 的 MediaWiki PHP 会话的主要内容,如果未能解决你的问题,请参考以下文章
在 ubuntu 上使用 nginx 和 php5-fpm 进行配置帮助
Debian 8 上的 nginx 1.6 别名 + php5-fpm = 404
php5-fpm + nginx + google bot = 对等方重置连接