Reputation: 8869

MediaWiki PHP sessions on PHP5-FPM and NginX

I have been trying to install mediawiki on my nginx/php5-fpm stack for about a day now, I have numerous other frameworks from Wordpress, Magento to OpenEMON installed on this stack all working perfectly:

Ubuntu 12.04 LTS
NginX 1.3.8 w/ SPDY
PHP-FPM 5.5.8-3
Varnish 3.0.2
APCu 4.0.2
Zend OPCache 7.0.3-dev

If you look here: http://wiki.qubmc.co.uk/mw-config/index.php

Pressing continue just brings up the session error: Your session data was lost! Check your php.ini and make sure session.save_path is set to an appropriate directory.

Sessions ARE being created in /tmp/ by PHP for this application and others.

Nginx config:

# HTTP server
server {
        listen   8080;
        server_name  wiki.qubmc.co.uk;

    root /var/www/qubmc.co.uk/wiki;
    index index.html index.php;
    client_body_timeout     60;

#    Exclude all access from the cache directory
  location ^~ /cache/ { deny all; }

#    Prevent access to any files starting with a dot, like .htaccess
#    or text editor temp files
  location ~ /\. { access_log off; log_not_found off; deny all; }

#    Prevent access to any files starting with a $ (usually temp files)
  location ~ ~$ { access_log off; log_not_found off; deny all; }

#    Do not log access to robots.txt, to keep the logs cleaner
  location = /robots.txt { access_log off; log_not_found off; }

#    Do not log access to the favicon, to keep the logs cleaner
  location = /favicon.ico { access_log off; log_not_found off; }

#    Keep images and CSS around in browser cache for as long as possible,
#    to cut down on server load
  location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
      try_files $uri /index.php;
      expires max;
      log_not_found off;
  }

#    Mark all of these directories as "internal", which means that they cannot
#    be explicitly accessed by clients. However, the web server can still use
#    and serve the files inside of them. This keeps people from poking around
#    in the wiki's internals.
  location ^~ /bin/ { internal; }
  location ^~ /docs/ { internal; }
  location ^~ /extensions/ { internal; }
  location ^~ /includes/ { internal; }
  location ^~ /maintenance/ { internal; }
#    location ^~ /mw-config/ { internal; } #Uncomment after installation
  location ^~ /resources/ { internal; }
  location ^~ /serialized/ { internal; }
  location ^~ /tests/ { internal; }

#    Force potentially-malicious files in the /images directory to be served
#    with a text/plain mime type, to prevent them from being executed by
#    the PHP handler
  location ~* ^/images/.*.(html|htm|shtml|php)$ {
      types { }
      default_type text/plain;
  }

#    Redirect all requests for unknown URLs out of images and back to the
#    root index.php file
  location ^~ /images/ {
      try_files $uri /index.php;
  }

  location ~ \.php5?$ {
      try_files $uri =404;
      include fastcgi_params;
      fastcgi_pass php-daemon;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      fastcgi_intercept_errors on;
  }

  location ~ \.php?$ {
      try_files $uri =404;
      include fastcgi_params;
      fastcgi_pass php-daemon;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      fastcgi_intercept_errors on;
  }
}

php.ini

[Session]
; Handler used to store/retrieve data.
; http://php.net/session.save-handler
session.save_handler = files

; Argument passed to save_handler.  In the case of files, this is the path
; where data files are stored. Note: Windows users have to change this
; variable in order to use PHP's session functions.
;
; The path can be defined as:
;
;     session.save_path = "N;/path"
;
; where N is an integer.  Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories.  This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
;
; NOTE 1: PHP will not create this directory structure automatically.
;         You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose to
;         use subdirectories for session storage
;
; The file storage module creates files using mode 600 by default.
; You can change that by using
;
;     session.save_path = "N;MODE;/path"
;
; where N is an integer.  Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories.  This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
;
; NOTE 1: PHP will not create this directory structure automatically.
;         You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose to
;         use subdirectories for session storage
;
; The file storage module creates files using mode 600 by default.
; You can change that by using
;
;     session.save_path = "N;MODE;/path"
;
; where MODE is the octal representation of the mode. Note that this
; does not overwrite the process's umask.
; http://php.net/session.save-path
session.save_path = /tmp/

; Whether to use cookies.
; http://php.net/session.use-cookies
session.use_cookies = 1

; http://php.net/session.cookie-secure
;session.cookie_secure =

; This option forces PHP to fetch and use a cookie for storing and maintaining
; the session id. We encourage this operation as it's very helpful in combatting
; session hijacking when not specifying and managing your own session id. It is
; not the end all be all of session hijacking defense, but it's a good start.
; http://php.net/session.use-only-cookies
session.use_only_cookies = 1

; Name of the session (used as cookie name).
; http://php.net/session.name
session.name = PHPSESSID

; Initialize session on request startup.
; http://php.net/session.auto-start
session.auto_start = 0

; Lifetime in seconds of cookie or, if 0, until browser is restarted.
; http://php.net/session.cookie-lifetime
session.cookie_lifetime = 0

; The path for which the cookie is valid.
; http://php.net/session.cookie-path
session.cookie_path = /

; The domain for which the cookie is valid.
; http://php.net/session.cookie-domain
session.cookie_domain =

; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
; http://php.net/session.cookie-httponly
session.cookie_httponly =

; Handler used to serialize data.  php is the standard serializer of PHP.
; http://php.net/session.serialize-handler
session.serialize_handler = php

Any advice on this much aprecciated as it's driving me nuts that all other frameworks seem to have no problems with sessions.

As requested:

root@web:~# ls -ahl /tmp/
total 3.9M
drwxrwxrwx  5 root  root     3.0M Feb  4 15:56 .
drwxr-xr-x 26 root  root     4.0K Jan  3 11:46 ..
drwxrwxrwt  2 root  root     4.0K Jan  6 21:16 .ICE-unix
-rw-------  1 [webuser] www-data   65 Feb  4 15:06 sess_08sv9bc2ct47u0j2l3m3b77sa1
-rw-------  1 [webuser] www-data   64 Feb  4 12:09 sess_0gflq74v80c0cdsajevvr386r0
-rw-------  1 [webuser] www-data   65 Feb  4 14:38 sess_0ind5lrk1i1n3kgl8cboqpm5n4

root@web:~# ls -ahl /var/www/qubmc.co.uk/wiki/
total 840K
drwxr-xr-x 14 [webuser] www-data 4.0K Feb  4 12:17 .
drwxr-xr-x  5 [webuser] www-data 4.0K Oct 27 19:00 ..
-rw-r--r--  1 [webuser] www-data 3.8K Jan 28 00:06 api.php
-rw-r--r--  1 [webuser] www-data  916 Jan 28 00:06 api.php5
drwxr-xr-x  2 [webuser] www-data 4.0K Jan 28 00:06 cache

Upvotes: 1

MediaWiki PHP sessions on PHP5-FPM and NginX

Answers (2)

Related Questions