PHP not executing sgerror.php in nginx for denied pages with SquidGuard in 2.4

tadaog

In pages redirected by SquidGuard to http://<pfsense_ip>:80/sgerror.php, instead of PHP executing the code, nginx delivers the php source code.

That redirection works perfectly in 2.3.2 release</pfsense_ip>

jimp

Are you sure you're hitting nginx and not something else? It works for me (but on 443, not 80)

tadaog

Sure, http:// <pfsense_ip>shows nginx welcome screen.

The /usr/local/etc/nginx/nginx.conf from previously 2.2 and 2.3 versions (I don't remember which one exactly) that remained in my VM of 2.3.2 RELEASE works just fine!

I copied it to my VM of pfSense 2.4 BETA and it works flawlessly.

I couldn't attach the file, it follows as a quote below:

nginx configuration file

pid /var/run/nginx.pid;

user  root wheel;
worker_processes  2;
error_log  syslog:server=unix:/var/run/log,facility=local5;

events {
    worker_connections  1024;
}

http {
        include      /usr/local/etc/nginx/mime.types;
        default_type  application/octet-stream;
        add_header X-Frame-Options SAMEORIGIN;
        server_tokens off;

sendfile        on;
        keepalive_timeout  65;

access_log      syslog:server=unix:/var/run/log,facility=local5 combined;

server {
                listen 80;
                listen [::]:80;

client_max_body_size 200m;

gzip on;
                gzip_types text/plain text/css text/javascript application/x-javascript text/xml application/xml application/xml+rss application/json;

root "/usr/local/www/nginx/";
                location / {
                        index  index.html index.htm index.php;
                }

location ~ .php$ {
                        try_files $uri =404; #  This line closes a potential security hole
                        # ensuring users can't execute uploaded files
                        # see: http://forum.nginx.org/read.php?2,88845,page=3
                        fastcgi_pass  unix:/var/run/php-fpm.socket;
                        fastcgi_index  index.php;
                        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
                        fastcgi_read_timeout 180;
                        include        /usr/local/etc/nginx/fastcgi_params;
                }
        }
}</pfsense_ip>

tadaog

Are anybody correcting this?

Nginx are not executing any php in 2.4 pfSense BETA.

So wpad doesn't work, nothing that depends on PHP in nginx via http (port 80).

Only the Web Configurator in https port is running PHP ok in pfSense 2.4!