real solution for `No input file specified.` (nginx, fpm)
Most answers to this question are, set fastcgi_param SCRIPT_FILENAME and it will work (italic formatting is broken?!).
I have set this variable (correct) but it still shows the error instead of a 404 page, because the root of the problem is here:
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
A nonexistent path is passed to php5-fpm, this in return prints the error, which in the log looks like:
FastCGI sent in stderr:
"Unable to open primary script: ... (No such file or directory)"
while reading response header from upstream
So before the line fastcgi_pass
there must be a condition to check whether the file really exists, or, if the fpm worker returns "file not found", to guide nginx to return a 404 page.
How can I do this?
Solution 1:
Using try_files $uri =404;
first!
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
Thanks to http://nginxlibrary.com/resolving-no-input-file-specified-error/
Solution 2:
In some old tutorials you often find something like this
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (! -f $document_root$fastcgi_script_name) {
return 404;
}
But as https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ states you should better use try_files instead
Just a side note: It's dangerous to use the config you posted without an if/try_files block because it can allow execution of arbitrary code under some circumstances! In fact there are a lot of tutorials on the net that don't cover this aspect so I'd recommend everyone to check if their config is not just working but also secure.