Xenforo 2.2 Nginx configuration

aceblaster

New member
Hello,

Is there an official Xenforo 2 Nginx server block configuration (SSL) that I can be provided with? I was able to find what looks like a very old one on the Nginx website, along with a few other examples in community help threads, but none of them have worked for me. I'm admittedly kind of new to linux but I believe I did everything right based on my experience with other config files.

Thank you.
 
It definitely works. I'd say either get the error you are getting from Nginx to point you in the right direction, or ask your hosting company/system administrator for assistance since it's their servers more or less. I wouldn't recommend trying to be a system administrator yourself (if that's what you are trying to do) if you are "new to linux". :)

Being a sysadmin has a lot to do with being able to get the underlying issue and going from there (without Nginx errors, there's not a lot anyone can really do to help, because that config definitely works).
 
that config definitely works
This isn't even a full config, just some code that needs to be added to a config. Do you know anyone who is experienced with nginx config files?

For example, here is the entire config, with the manual's code added in:
NOTE: I am replacing my website name with redacted.com for privacy purposes. So that is not the issue!

server {
listen 80;
server_name redacted.com;
return 301 https://$server_name$request_uri;
}


server {

# SSL configuration
#
listen 443 ssl http2;
server_name redacted.com;

ssl_certificate /etc/letsencrypt/live/redacted.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/redacted.com/privkey.pem;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;


root /var/www/html;

# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;


location / {
try_files $uri $uri/ index.php?$uri&$args;
index index.php index.html;
}

location /install/data/ {
internal;
}
location /install/templates/ {
internal;
}
location /internal_data/ {
internal;
}
location /library/ { #legacy
internal;
}
location /src/ {
internal;
}

location ~ \.php$ {
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}


}


And here is the error I am getting:
2022/06/17 01:16:43 [error] 106666#106666: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 108.208.11.181, server: my.site, request: "GET /install/ HTTP/2.0", upstream: "fastcgi://127.0>


Surely there is someone else here who has configured Xenforo for Nginx. And I am hoping one of them can easily show me their full config file so I can compare it to mine. But that documentation doesn't provide a full config.

Thank you.
 
Last edited:
Looks to me like you might not have PHP FPM daemon running. Nginx doesn't process PHP internally, it communicates with that to process PHP.

Some info here: https://www.php.net/manual/en/install.fpm.php

Before you try to sort out XenForo config, I'd get a basic LEMP stack working. A basic page showing you phpinfo() would at least tell you that Nginx and PHP are communicating/working together.

 
Looks to me like you might not have PHP FPM daemon running. Nginx doesn't process PHP internally, it communicates with that to process PHP.

Some info here: https://www.php.net/manual/en/install.fpm.php

Before you try to sort out XenForo config, I'd get a basic LEMP stack working. A basic page showing you phpinfo() would at least tell you that Nginx and PHP are communicating/working together.


I believe I do, in fact, have php-fpm installed. When I installed another application, Pterodactyl, I had to run the following command
apt -y install php8.1 php8.1-{cli,gd,mysql,pdo,mbstring,tokenizer,bcmath,xml,fpm,curl,zip} mariadb-server nginx tar unzip git redis-server
As you can see, fpm is included in that.
(see: https://pterodactyl.io/panel/1.0/getting_started.html)
 
Is PHP running though? php-fpm is an "always on" daemon process. Installing it doesn't necessarily mean it's running.

Do you have anything on your web server that is running PHP (that is working)?

I'm running Pterodactyl and that works fine. The only thing that tutorial really does differently than me is to uncomment a line in
/etc/php/8.1/fpm/php.ini which I tried just now to no avail.

note: I think Pterodactyl just uses php for the web panel, and is not actually running as a daemon
 
Ya, no clue what Pterodactyl is or how it works. If it works with php-fpm, then great… should be good then. If it doesn’t, then whatever it’s doing isn’t going to carry over to PHP apps like XenForo or WordPress.
 
Ya, no clue what Pterodactyl is or how it works. If it works with php-fpm, then great… should be good then. If it doesn’t, then whatever it’s doing isn’t going to carry over to PHP apps like XenForo or WordPress.

If I show the running services using command
service --status-all | grep '\[ + \]'

I see
[ + ] php8.1-fpm
in the list.
 
Okay I got xenforo install page working but now pterodactyl is broken.

Basically one of my php-fpm services was called www, so I edited the file:
/etc/php/8.1/fpm/pool.d/www.conf
(the only configuration file in here)

I commented out
;listen = /run/php/php8.1-fpm.sock

and added in
listen = 9000

now I just need to figure out how to get BOTH XF and Ptero working at the same time. I guess it needs to be listening to both of those. What the syntax/procedure is for that I'm unaware.

update: Another thing to note is that the pterodactyl files are owned by wwwl-data like php wants to see, but the Xenforo files are owned by the sftpuser account I configured to use FTP.
 
Last edited:
I seem to have temporarily fixed this by, at this step (in addition to the steps in my reply above), simply editing pterodactyl's .conf file to run using
fastcgi_pass 127.0.0.1:9000;
instead of the previous usage to make it listen on a .sock file.
If anyone has a more permanent solution, I'm all ears. If this was the correct one, hoo-rah!

I hope that this will not cause any security errors or unforeseen consequences.

Thank you for all of your help.

P.S.
In an effort to "boost security" I edited the listen = 9000 line to listen = 127.0.0.1;9000 in my /etc/php/8.1/fpm/pool.d/www.conf file
 
Back
Top Bottom