starred/LookingGlass
1
0
Fork 0
mirror of https://github.com/telephone/LookingGlass.git synced 2026-04-25 07:56:01 +03:00
Code Issues 25 Projects Releases Packages Wiki Activity

[GH-ISSUE #9] [emerg] "fastcgi_busy_buffers_size" must be less than the size of all "fastcgi_buffers" minus one buffer #9

New issue
Closed
opened 2026-02-28 00:40:07 +03:00 by kerem · 1 comment
kerem commented 2026-02-28 00:40:07 +03:00
Owner
Copy link

Originally created by @asimzeeshan on GitHub (Nov 25, 2012).
Original GitHub issue: https://github.com/telephone/LookingGlass/issues/9

root@lg:~# service nginx restart
Restarting nginx: nginx: [emerg] "fastcgi_busy_buffers_size" must be less than the size of all "fastcgi_buffers" minus one buffer in /etc/nginx/nginx.conf:73
nginx: configuration file /etc/nginx/nginx.conf test failed

I get this when I add the nginx changes as described https://github.com/telephone/LookingGlass#nginx

my php.conf file

root@lg:~# cat /etc/nginx/php.conf
# Route all requests for non-existent files to index.php
location / {
        try_files $uri $uri/ /index.php$is_args$args;
}

# Pass PHP scripts to php-fastcgi listening on port 9000
location ~ \.php$ {

        # Zero-day exploit defense.
        # http://forum.nginx.org/read.php?2,88845,page=3
        # Won't work properly (404 error) if the file is not stored on
        # this server,  which is entirely possible with php-fpm/php-fcgi.
        # Comment the 'try_files' line out if you set up php-fpm/php-fcgi
        # on another machine.  And then cross your fingers that you won't get hacked.
        try_files $uri =404;

        include fastcgi_params;

        # Keep these parameters for compatibility with old PHP scripts using them.
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

        # Some default config
        fastcgi_connect_timeout        20;
        fastcgi_send_timeout          180;
        fastcgi_read_timeout          180;
        fastcgi_busy_buffers_size    256k;
        fastcgi_temp_file_write_size 256k;
        fastcgi_intercept_errors    on;
        fastcgi_ignore_client_abort off;
        fastcgi_pass 127.0.0.1:9000;

    # Append the following for https://github.com/telephone/LookingGlass
    fastcgi_buffer_size   1k;
    fastcgi_buffers       128 1k;
    fastcgi_max_temp_file_size 0;
    gzip off;

}
# PHP search for file Exploit:
# The PHP regex location block fires instead of the try_files block. Therefore we need
# to add "try_files $uri =404;" to make sure that "/uploads/virusimage.jpg/hello.php"
# never executes the hidden php code inside virusimage.jpg because it can't find hello.php!
# The exploit also can be stopped by adding "cgi.fix_pathinfo = 0" in your php.ini file.
Originally created by @asimzeeshan on GitHub (Nov 25, 2012). Original GitHub issue: https://github.com/telephone/LookingGlass/issues/9 ``` root@lg:~# service nginx restart Restarting nginx: nginx: [emerg] "fastcgi_busy_buffers_size" must be less than the size of all "fastcgi_buffers" minus one buffer in /etc/nginx/nginx.conf:73 nginx: configuration file /etc/nginx/nginx.conf test failed ``` I get this when I add the nginx changes as described https://github.com/telephone/LookingGlass#nginx my php.conf file ``` root@lg:~# cat /etc/nginx/php.conf # Route all requests for non-existent files to index.php location / { try_files $uri $uri/ /index.php$is_args$args; } # Pass PHP scripts to php-fastcgi listening on port 9000 location ~ \.php$ { # Zero-day exploit defense. # http://forum.nginx.org/read.php?2,88845,page=3 # Won't work properly (404 error) if the file is not stored on # this server, which is entirely possible with php-fpm/php-fcgi. # Comment the 'try_files' line out if you set up php-fpm/php-fcgi # on another machine. And then cross your fingers that you won't get hacked. try_files $uri =404; include fastcgi_params; # Keep these parameters for compatibility with old PHP scripts using them. fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; # Some default config fastcgi_connect_timeout 20; fastcgi_send_timeout 180; fastcgi_read_timeout 180; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; fastcgi_intercept_errors on; fastcgi_ignore_client_abort off; fastcgi_pass 127.0.0.1:9000; # Append the following for https://github.com/telephone/LookingGlass fastcgi_buffer_size 1k; fastcgi_buffers 128 1k; fastcgi_max_temp_file_size 0; gzip off; } # PHP search for file Exploit: # The PHP regex location block fires instead of the try_files block. Therefore we need # to add "try_files $uri =404;" to make sure that "/uploads/virusimage.jpg/hello.php" # never executes the hidden php code inside virusimage.jpg because it can't find hello.php! # The exploit also can be stopped by adding "cgi.fix_pathinfo = 0" in your php.ini file. ```
kerem 2026-02-28 00:40:07 +03:00
  • closed this issue
  • added the
    v1
         label
kerem commented 2026-02-28 00:40:08 +03:00
Author
Owner
Copy link

@telephone commented on GitHub (Nov 25, 2012):

The error states the issue. fastcgi_busy_buffers_size is larger than fastcgi_buffers.
Try decreasing fastcgi_busy_buffers_size to below 127k (As the error pointed out, at least 1k below fastcgi_buffers).

^ I'm unsure if this will work... Therefore I'd recommend following the edit below.

EDIT:

As I mentioned in the README, I recommend NOT adding those pre-configured settings to your existing PHP config as they're not optimal for normal usage.
Instead, I'd create a new location ~ \.php$ { block for the host file pointing to the looking glass (therefore removing the existing PHP config include).

Here's an example from my LG:

        # Include PHP with output buffering
        location ~ \.php$ {
                fastcgi_pass unix:/dev/shm/php-fastcgi.socket;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
                try_files $uri =404;
                fastcgi_buffer_size   1k;
                fastcgi_buffers       128 1k;  # up to 1k + 128 * 1k
                fastcgi_max_temp_file_size 0;
                gzip off;
        }
<!-- gh-comment-id:10693635 --> @telephone commented on GitHub (Nov 25, 2012): The error states the issue. `fastcgi_busy_buffers_size` is larger than `fastcgi_buffers`. Try decreasing `fastcgi_busy_buffers_size` to below 127k (As the error pointed out, at least 1k below `fastcgi_buffers`). ^ I'm unsure if this will work... Therefore I'd recommend following the edit below. **EDIT:** As I mentioned in the README, I recommend **NOT** adding those pre-configured settings to your existing PHP config as they're not optimal for normal usage. Instead, I'd create a new `location ~ \.php$ {` block for the host file pointing to the looking glass (therefore removing the existing PHP config include). Here's an example from my LG: ``` nginx # Include PHP with output buffering location ~ \.php$ { fastcgi_pass unix:/dev/shm/php-fastcgi.socket; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; try_files $uri =404; fastcgi_buffer_size 1k; fastcgi_buffers 128 1k; # up to 1k + 128 * 1k fastcgi_max_temp_file_size 0; gzip off; } ```
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
dev
v1.3.0
v1.2.0
v1.1.0
v1.0.0
Labels
Clear labels   
enhancement

   
enhancement

   
enhancement

   
pull-request

Mirrored from GitHub Pull Request

  
v1
No labels
enhancement
enhancement
enhancement
pull-request
v1
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/LookingGlass#9
No description provided.