How much better is Nginx for Xenforo?

[Hackfall]

I'm really struggling to get Nginx and PHP (php-fastcgi) to play under Centos 6.* on my new VPS. I've spent much of the day going around in circles trying different .conf settings and I'm about to give up and go back to the standard LAMP setup that was working fine.

Before I do give up I was wondering how worthwhile it would be to keep trying. So I really would appreciate input.

Thanks

Phil

 

[x3sphere]

What exactly is your problem? Maybe people here can help... I find nginx easier to config than Apache. Even easier now that fpm is built into PHP core.

 

[p4guru]

I'm really struggling to get Nginx and PHP (php-fastcgi) to play under Centos 6.* on my new VPS. I've spent much of the day going around in circles trying different .conf settings and I'm about to give up and go back to the standard LAMP setup that was working fine.

Before I do give up I was wondering how worthwhile it would be to keep trying. So I really would appreciate input.

Thanks

Phil

Shouldn't have such problems, I know lots of folks using CentOS 6.x + Nginx combination. You might want to use php-fpm instead of php-fastcgi. If you can reset your VPS to fresh CentOS 6.x install, you can also try out Centmin Mod http://centminmod.com/ - menu based auto installer, does all the leg work in installing and configuring everything from Nginx, php-fpm, MariaDB MySQL and Xenforo rewrite rule http://centminmod.com/nginxconfigure/

 

[Hackfall]

Hi x3sphere,

You know how sometimes you just feel like giving up, you go to bed and sleep on it and get up in the morning with an idea. Then you check it out and you did something stupid. Just a little thing but it was stopping everything else.

Well it only takes one little typo in your info.php and you just get a blank screen.I now, after 2 minutes of checking have a fully functional Nginx and PHP server with eAccelerator.

Thank you very much for your kind offer. I think I was getting despondent because all of the .conf instructions were slightly different depending on which Linux distro you install and I'd gone round in so many circles I'd kind of lost my way in the code.

I'm going to spend today trying to break it with iptables settings and code to stop php running in image downloads.

Thanks again.

Phil

 

[Hackfall]

Hi p4guru,

I might just do that. I have a console page with my host that just lets me click a button and go back to a completely new clean install including Apache, PHP and MySQL.Centmin Mod sounds like it is worth investigating because this isn't the only VPS I have planned.

One thing I'm going to have to sort is a reboot script that brings up nginx. At the moment if I reboot using the button provided by the hosting company the server reboots to Apache and I manually stop that and start nginx.

Thanks for your help.

Phil

 

[Banana Pup]

Shouldn't have such problems, I know lots of folks using CentOS 6.x + Nginx combination. You might want to use php-fpm instead of php-fastcgi. If you can reset your VPS to fresh CentOS 6.x install, you can also try out Centmin Mod http://centminmod.com/ - menu based auto installer, does all the leg work in installing and configuring everything from Nginx, php-fpm, MariaDB MySQL and Xenforo rewrite rule http://centminmod.com/nginxconfigure/

Would there be any conflicts using this with cPanel/WHM? The WHM plug-in is pure crap

 

[Hackfall]

With Heartinternet in the UK the cost of Cpanel is about the same as their basic VPS so I decided to use Webmin which is limited but has its uses.

I develop on Mac and discovered a useful Sftp browser/client yesterday called Fugu. With this I can control click on a file and edit it in my favourite text editor, BBedit. This then saves to the server cmd s. I personally find Vi and Nano very difficult to get to grips with so this non terminal secure method suits me fine.

 

[Hackfall]

@p4guru

I took your suggestion onboard and went back to square one then added Centmin Mod and ran the script. The verbose feedback is amusing in a "Matrix" kind of way, I wish I'd made my terminal window black with green text. Anyway with very little intervention it finished and the new setup works perfectly.

Also I just wanted to say a big thank you to all of you who have contributed with help on this thread.

Phil

 

[p4guru]

Would there be any conflicts using this with cPanel/WHM? The WHM plug-in is pure crap

WHM nginxcp plugin is only a static file reverse proxy to apache. It works well to reduce apache related processes/load IF and only IF alot of static files are served etc. The nginxcp plugin passes the php load back to apache backend, where you're at the mercy of whether or not apache can handle php load. So depends on what type of load you have as to whether the WHM nginxcp plugin will be of benefit.

Now as to Centmin Mod, unfortuantely it doesn't work with whm/cpanel, I tried and the script aborts install when it detects unsupported environments like WHM/Cpanel. So it's strictly fresh standalone CentOS 5/6 install for Centmin Mod.

@p4guru

I took your suggestion onboard and went back to square one then added Centmin Mod and ran the script. The verbose feedback is amusing in a "Matrix" kind of way, I wish I'd made my terminal window black with green text. Anyway with very little intervention it finished and the new setup works perfectly.

Also I just wanted to say a big thank you to all of you who have contributed with help on this thread.

Phil

Great to hear it worked for you. Centmin Mod is a time saver when you just want to setup an optimised working nginx/php-fpm/mariadb mysql server

 

[Hackfall]

I'm just working on iptables. My plan is to leave ports 80, 25, 443 and whatever php-fpm listens on (I think 9000) fully open.

21, 22, 995 and 10000 I plan to leave open only for trusted IPs. I have a static IP at the office and at home.

Does this sound like a reasonable setup for Xenforo?

I've changed the IPs below so as not to invite flooding.

Thanks

Phil

#!/bin/sh
 
#Default Policy Settings
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
 
#Allow local traffic over loopback adapter
iptables -A INPUT -i lo -j ACCEPT
 
#Allow replies to connections we initiate
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 
iptables -I INPUT -s 127.0.0.1 -j ACCEPT
iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
 
#Allow connections to services (SSH, Webmin)
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -A INPUT  -s 000.000.000.000 -p tcp -m tcp --dport 21 -m state --state NEW -j ACCEPT
iptables -A INPUT  -s 000.000.000.01 -p tcp -m tcp --dport 21 -m state --state NEW -j ACCEPT
iptables -A INPUT  -s 000.000.000.000 -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
iptables -A INPUT  -s 000.000.000.01 -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
iptables -A INPUT  -s 000.000.000.000 -p tcp -m tcp --dport 10000 -m state --state NEW -j ACCEPT
iptables -A INPUT  -s 000.000.000.01 -p tcp -m tcp --dport 10000 -m state --state NEW -j ACCEPT
iptables -A INPUT  -s 000.000.000.000 -p tcp -m tcp --dport 995 -m state --state NEW -j ACCEPT
iptables -A INPUT  -s 000.000.000.01 -p tcp -m tcp --dport 995 -m state --state NEW -j ACCEPT

 

[D.O.A.]

My plan is to leave ports 80, 25, 443 and whatever php-fpm listens on (I think 9000) fully open.

You wont need the firewall open for php-fpm, it's localhost > 9000

        # use fastcgi for all php files
        location ~ \.php$ {
        try_files $uri /index.php =404;
        ...
        fastcgi_pass 127.0.0.1:9000;
        ...
        }

 

[shawn]

I develop on Mac and discovered a useful Sftp browser/client yesterday called Fugu. With this I can control click on a file and edit it in my favourite text editor, BBedit. This then saves to the server cmd s. I personally find Vi and Nano very difficult to get to grips with so this non terminal secure method suits me fine.

Can't you just mount your server's file system through a ssh tunnel and work with the files that way? I don't know much about macs, but that's basically what I do with a linux VM. Macs are posix-based, too...

 

[Hackfall]

Can't you just mount your server's file system through a ssh tunnel and work with the files that way?

Basically that's what Fugu does but it's provides a finder like functionality. The files in the files system appear as icons and names so you can just control click on one to open it in your text editor. It is useful for old duffers like me who have no short term memory and find point and click easier then typing in Terminal.app.