mod_fcgid:从FastCGI服务器/ 500内部服务器读取数据时出错

Question

我尝试设置一个IIPImage服务器，但是映像不会显示：https://oooledge.de/wisski_意见/b 719 fd1ac3844863103c508912965b883443

首先是日志、信任、模块和权限：

suexec.log

[2019-08-16 07:34:11]: uid: (10000/rnsrk) gid: (1003/1003) cmd: cgi_wrapper
[2019-08-16 13:22:11]: uid: (10000/rnsrk) gid: (1003/1003) cmd: iipsrv.fcgi
[2019-08-16 13:22:11]: command iipsrv.fcgi not in docroot (10000)

apache2 error.log

[Fri Aug 16 14:02:13.594904 2019] [fcgid:warn] [pid 18488:tid 139942348928768] (104)Connection reset by peer: [client 85.239.100.129:34372] mod_fcgid: error reading data from FastCGI server
[Fri Aug 16 14:02:13.594973 2019] [core:error] [pid 18488:tid 139942348928768] [client 85.239.100.129:34372] End of script output before headers: iipsrv.fcgi

这是我的http.conf

        ServerName "oooledge.de:443"
        ServerAlias "www.oooledge.de"
        ServerAlias "ipv4.oooledge.de"
        UseCanonicalName Off

        DocumentRoot "/var/www/vhosts/oooledge.de/httpdocs"
        CustomLog /var/www/vhosts/system/oooledge.de/logs/access_ssl_log plesklog
        ErrorLog "/var/www/vhosts/system/oooledge.de/logs/error_log"

        
            SuexecUserGroup "rnsrk" "psacln"
        

        

            UserDir "/var/www/vhosts/oooledge.de/web_users/*"
        


        Alias "/plesk-stat" "/var/www/vhosts/system/oooledge.de/statistics"
        
            Options +Indexes
        
        
            Require valid-user
        
        Alias /webstat /var/www/vhosts/system/oooledge.de/statistics/webstat
        Alias /webstat-ssl /var/www/vhosts/system/oooledge.de/statistics/webstat-ssl
        Alias /ftpstat /var/www/vhosts/system/oooledge.de/statistics/ftpstat
        Alias /anon_ftpstat /var/www/vhosts/system/oooledge.de/statistics/anon_ftpstat
        Alias /awstats-icon /usr/share/awstats/icon

        
            FcgidInitialEnv PP_CUSTOM_PHP_INI /var/www/vhosts/system/oooledge.de/etc/php.ini
            FcgidInitialEnv PP_CUSTOM_PHP_CGI_INDEX fastcgi
            FcgidMaxRequestLen 134217728
            FcgidIOTimeout 240
        

        TimeOut 240
        

            
                
                    SetHandler fcgid-script
                    Options +ExecCGI
                
            
            
                
                    SetHandler fcgid-script
                    FCGIWrapper /var/www/cgi-bin/cgi_wrapper/cgi_wrapper .php
                    Options +ExecCGI
                
            

            SSLRequireSSL

            Options -Includes -ExecCGI

        

        
            AuthType Basic
            AuthName "Domainstatistiken"
            AuthUserFile "/var/www/vhosts/system/oooledge.de/pd/d..httpdocs@plesk-stat"
            require valid-user
        

        Alias /error_docs /var/www/vhosts/oooledge.de/error_docs
        ErrorDocument 400 /error_docs/bad_request.html
        ErrorDocument 401 /error_docs/unauthorized.html
        ErrorDocument 403 /error_docs/forbidden.html
        ErrorDocument 404 /error_docs/not_found.html
        ErrorDocument 500 /error_docs/internal_server_error.html
        ErrorDocument 405 /error_docs/method_not_allowed.html
        ErrorDocument 406 /error_docs/not_acceptable.html
        ErrorDocument 407 /error_docs/proxy_authentication_required.html
        ErrorDocument 412 /error_docs/precondition_failed.html
        ErrorDocument 414 /error_docs/request_uri_too_long.html
        ErrorDocument 415 /error_docs/unsupported_media_type.html
        ErrorDocument 501 /error_docs/not_implemented.html
        ErrorDocument 502 /error_docs/bad_gateway.html
        ErrorDocument 503 /error_docs/maintenance.html

        IncludeOptional "/opt/psa/admin/conf/file_sharing.conf*"

        IncludeOptional "/var/www/vhosts/system/oooledge.de/conf/siteapp.d/*.conf"

        DirectoryIndex "index.html" "index.cgi" "index.pl" "index.php" "index.xhtml" "index.htm" "index.shtml"

        Include "/var/www/vhosts/system/oooledge.de/conf/vhost_ssl.conf"

        
            AllowOverride AuthConfig FileInfo Indexes Limit Options=Indexes,SymLinksIfOwnerMatch,MultiViews,FollowSymLinks,ExecCGI,Includes,IncludesNOEXEC
        

        
        

        #extension letsencrypt begin
        Alias /.well-known/acme-challenge "/var/www/vhosts/default/htdocs/.well-known/acme-challenge"

        
            # Require all granted
            Order Deny,Allow
            Allow from all
            Satisfy any
        

        
            # Require all denied
            Order Allow,Deny
            Deny from all
        
        #extension letsencrypt end
    




    ServerName "oooledge.de:80"
    ServerAlias "www.oooledge.de"
    ServerAlias "ipv4.oooledge.de"
    UseCanonicalName Off

    
        RewriteEngine On
        RewriteCond %{HTTPS} off
        RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,QSA]

和我的iipsrv.conf (和httpd.conf一起包括)

#Header set BASE_URL "https://oooledge.de/"


# Create a directory for the iipsrv binary
ScriptAlias /fcgi-bin/ "/var/www/fcgi-bin/"

# Set the options on that directory

   AllowOverride None
   Options None
  # Syntax for access is different in Apache 2.4 - uncomment appropriate version
  # Apache 2.2
  #   Order allow,deny
  #   Allow from all

  # Apache 2.4
  Require all granted

  # Set the module handler
  AddHandler fcgid-script .fcgi


# Set our environment variables for the IIP server
FcgidInitialEnv VERBOSITY "5"
FcgidInitialEnv LOGFILE "/var/www/vhosts/oooledge.de/logs/iipsrv.log"
FcgidInitialEnv MAX_IMAGE_CACHE_SIZE "10"
FcgidInitialEnv JPEG_QUALITY "50"
FcgidInitialEnv MAX_CVT "3000"
#FcgidInitialEnv BASE_URL "/var/www/vhosts/oooledge.de/httpdocs"

# Define the idle timeout as unlimited and the number of # processes we want
FcgidIdleTimeout 0
FcgidMaxProcessesPerClass 1
#FcgidBusyTimeout 600
#FcgidIOTimeout 600
#FcgidConnectTimeout 600

/var/www/fcgi-bin/ipsrv.fcgi的权限

-rwxr-xr-x 1 root root 6238368 Aug 15 12:52 iipsrv.fcgi

apache模块

 access_compat_module (shared)
 actions_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 auth_digest_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_core_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cgi_module (shared)
 core_module (static)
 dav_fs_module (shared)
 dav_lock_module (shared)
 dav_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 fcgid_module (shared)
 filter_module (shared)
 headers_module (shared)
 http_module (static)
 include_module (shared)
Loaded Modules:
 log_config_module (static)
 logio_module (static)
 mime_module (shared)
 mpm_event_module (shared)
 negotiation_module (shared)
 perl_module (shared)
 proxy_fcgi_module (shared)
 proxy_module (shared)
 python_module (shared)
 reqtimeout_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 socache_shmcb_module (shared)
 so_module (static)
 ssl_module (shared)
 status_module (shared)
 suexec_module (shared)
 unixd_module (static)
 userdir_module (shared)
 version_module (static)
 watchdog_module (static)

使用IIPImage服务器访问侧的控制台输出如下：

Request to access cookie or storage on “https://cdnjs.cloudflare.com/ajax/libs/fontfaceobserver/2.0.8/fontfaceobserver.js” was blocked because we are blocking all third-party storage access requests and content blocking is enabled.  
Request to access cookie or storage on “https://91.250.115.48/fcgi-bin/iipsrv.fcgi?IIIF=/var/www/vho…/6fc3a3383f93b67653e39d938f661ccf.jpg/full/55,/0/default.jpg” was blocked because we are blocking all third-party storage access requests and content blocking is enabled.  
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://91.250.115.48/fcgi-bin/iipsrv.fcgi?IIIF=/var/www/vho…sski_original/f1ec174f5a432be36edba208076f03a8.jpg/info.json. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).  
Source-Map-Fehler: request failed with status 404
Ressourcen-Adresse: https://oooledge.de/libraries/mirador/build/mirador/mirador.js?pwa674
Source-Map-Adresse: openseadragon.js.map

有几个原因，我可以想象，为什么它不起作用：

1)我可以通过IP-adress：https://91.250.115.48/fcgi-bin/iipsrv.fcgi访问服务器，但是通过尝试域路径：https://oooledge.de/fcgi-bin/iipsrv.fcgi获得一个内部错误500。

也许它必须使用base_urls或IP来解析域。

2) docroot和suexec因为suexec.log提到了docroot，所以我尝试找到suexec的docroot，但是

suexec -V 

不起作用(suexec:命令找不到)

我已经安装了suexec自定义包(suexec -V仍然不能工作)，并且我有一个/etc/apache2/suexec/www-数据文件，其中包含以下内容：

/var/www/cgi-bin
/var/www
/var/www/fcgi-bin

# The first two lines contain the suexec document root and the suexec userdir
# suffix. If one of them is disabled by prepending a # character, suexec will
# refuse the corresponding type of request.
# This config file is only used by the apache2-suexec-custom package. See the
# suexec man page included in the package for more details.

3)访问-控制-允许-起源，因为https://oooledge.de/wisski_意见/b 719 fd1ac3844863103c508912965b883443的控制台输出说明了一些关于

我尝试过其他帖子中提到的超时之类的内容，但我不认为这是一个延迟问题。谢谢你的帮助!

Answer 1

答案在于普列斯克环境的使用。Plesk 17.8.11对suexec有自己的信任，并且不可能更改设置--所以解决方案是不使用Plesk，如果您想要自己的suexec吐露，docroot等。