real solution for `No input file specified.` (nginx, fpm)

Most answers to this question are, set fastcgi_param SCRIPT_FILENAME and it will work (italic formatting is broken?!).

I have set this variable (correct) but it still shows the error instead of a 404 page, because the root of the problem is here:

location ~ \.php$ {
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_index index.php;
            include fastcgi_params;
    }

A nonexistent path is passed to php5-fpm, this in return prints the error, which in the log looks like:

FastCGI sent in stderr:
"Unable to open primary script: ... (No such file or directory)"
while reading response header from upstream

So before the line fastcgi_pass there must be a condition to check whether the file really exists, or, if the fpm worker returns "file not found", to guide nginx to return a 404 page.

How can I do this?


Solution 1:

Using try_files $uri =404; first!

location ~ \.php$ {
        try_files  $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
}

Thanks to http://nginxlibrary.com/resolving-no-input-file-specified-error/

Solution 2:

In some old tutorials you often find something like this

    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    if (! -f $document_root$fastcgi_script_name) {
            return 404;
    }

But as https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ states you should better use try_files instead

Just a side note: It's dangerous to use the config you posted without an if/try_files block because it can allow execution of arbitrary code under some circumstances! In fact there are a lot of tutorials on the net that don't cover this aspect so I'd recommend everyone to check if their config is not just working but also secure.