Forum

Hiawatha version: 9.5
Operating System: Ubuntu 14.04

I've installed a fresh new server and moved my sites over. I got a few wordpress sites.
Some work fine, others give out an error 500 and on the log it only shows:
"error while executing CGI"

I've enlarged timeout, added error_reporting yet nothing shows other than this error on the log and screen.
When I run it from shell ("php -f index.php") the page loads fine.

Any ideas on how I can debug it to see the root cause? How can I get php/hiawatha to show me more specific debug info and not just a generic error 500?

Thanks!

Can you show me your configuration?

Sure Hugo and thanks for your quick response:

hiawatha.conf is:

# Hiawatha main configuration file#
# GENERAL SETTINGS
#
ServerId = www-data
ConnectionsTotal = 2500
ConnectionsPerIP = 35
SystemLogfile = /var/log/hiawatha/system.log
GarbageLogfile = /var/log/hiawatha/garbage.log
ExploitLogfile = /var/log/hiawatha/exploit.log
MonitorServer = My.Ip.Here

LogFormat = extended
ServerString = SimpleHTTPserver
CGIwrapper = /usr/sbin/cgi-wrapper

# BINDING SETTINGS
# A binding is where a client can connect to.
#
Binding {
	Port = 80
#	Interface = 127.0.0.1
	MaxKeepAlive = 50
	TimeForRequest = 12,50
}

# BANNING SETTINGS
# Deny service to clients who misbehave.
#
BanOnGarbage = 300
BanOnMaxPerIP = 300
BanOnMaxReqSize = 300
BanOnTimeout = 300
KickOnBan = yes
RebanDuringBan = yes
BanOnDeniedBody = 300
BanOnSQLi = 300
# This settings is proofed to be working on IE, firefox and chrome on Banshee 3.5, 3.7
# Other than the above mentioned, you may need to change the value
BanOnFlooding = 90/1:300
#BanlistMask = deny 192.168.20.0/24, deny 127.0.0.1
BanlistMask = deny 127.0.0.1
BanOnInvalidURL = 300
BanOnWrongPassword = 3:300

# COMMON GATEWAY INTERFACE (CGI) SETTINGS
# These settings can be used to run CGI applications.
#
#CGIhandler = /usr/bin/perl:pl
CGIhandler = /usr/bin/php5-cgi:php,php5
#CGIhandler = /usr/bin/python:py
#CGIhandler = /usr/bin/ruby:rb
#CGIhandler = /usr/bin/ssi-cgi:shtml
#CGIextension = cgi
	
FastCGIserver {
	FastCGIid = PHP5
        ConnectTo = /var/run/php5-fpm.sock
	Extension = php
	SessionTimeout = 600
}

# URL TOOLKIT
# This URL toolkit rule was made for the Banshee PHP framework, which
# can be downloaded from http://www.hiawatha-webserver.org/banshee
#

UrlToolkit {
	ToolkitID = scannerblocker
        Header User-Agent ^w3af.sourceforge.net Return
        Header User-Agent ^dirbuster Return
        Header User-Agent ^nikto Return
        Header User-Agent ^sqlmap Return
        Header User-Agent ^fimap Return
        Header User-Agent ^nessus Return
        Header User-Agent ^whatweb Return
        Header User-Agent ^Openvas Return
        Header User-Agent ^jbrofuzz Return
        Header User-Agent ^libwhisker Return
        Header User-Agent ^webshag Return
        Header User-Agent ^WVS Return
        Header User-Agent ^Morfeus Return
        Header User-Agent ^Fucking Return
        Header User-Agent ^Scanner Return
        Header User-Agent ^Aboundex Return
        Header User-Agent ^AlphaServer Return
        Header User-Agent ^Indy Return
        Header User-Agent ^ZmEu Return
        Header User-Agent ^social Return
        Header User-Agent ^Zollard Return
        Header User-Agent ^CLR Return
        Header User-Agent ^Camino Return
        Header User-Agent ^Nmap Return
        Header HTTP:Acunetix-Product ^WVS Return
}

UrlToolkit {
        ToolkitID = banshee
        RequestURI isfile Return
        Call scannerblocker
        Match ^/(css|files|images|js|slimstat)($|/) Return
        Match ^/(favicon.ico|robots.txt|sitemap.xml)$ Return
        Match .*\?(.*) Rewrite /index.php?$1  
        Match .* Rewrite /index.php
}
 
UrlToolkit {
        ToolkitID = monitor
        RequestURI isfile Return
	Call scannerblocker
        Match ^/(css|files|images|js|slimstat)($|/) Return
        Match ^/(favicon.ico|robots.txt|sitemap.xml)$ Return
        Match .*\?(.*) Rewrite /index.php?$1
        Match .* Rewrite /index.php
}

UrlToolkit {
    ToolkitID = wordpress
    RequestURI exists Return
    Call scannerblocker
    Match .*\?(.*) Rewrite /index.php?$1
    Match .* Rewrite /index.php
}

UrlToolkit {
    ToolkitID = drupal
    RequestURI isfile Return
    Match ^/favicon.ico$ Return
    Match /(.*)\?(.*) Rewrite /index.php?q=$1&$2
    Match /(.*) Rewrite /index.php?q=$1
}

# DEFAULT WEBSITE
Hostname = My.IP.Here (So it's not on the web).
WebsiteRoot = /var/www/hiawatha
StartFile = index.html
AccessLogfile = /var/log/hiawatha/access.log
ErrorLogfile = /var/log/hiawatha/error.log
Include /etc/hiawatha/enable-sites/

Site config file:

VirtualHost {
        Hostname = mysite.com, www.mysite.com
        WebsiteRoot = /var/www/mysite.com/web
        ErrorLogfile = /var/www/mysite.com/logs/error.log
        StartFile = index.php
        ExecuteCGI = yes
        UseFastCGI = PHP5 # Use if you use PHP as a FastCGI daemon
        TimeForCGI = 220
        UseToolkit = wordpress
}

A few hints that might help:

1. I can load the admin (wp-admin) but not the front end so I'm guessing it's something in the theme (yet I see no error on screen or log so I can't debug).
   
2. I have disabled all plugins and it still happens.
   
3. Other WP sites work on the same server.
   
4. At times I get a "connection reset" error and only restarting hiawatha solves it.
   

I'm really hoping you can show me how I can get the actual error and not just error 500.

Thanks!

Try without all the Ban* settings. Maybe one of those settings is too strict. Please take a look in the system.log (probably located in /var/log/hiawatha). Perhaps you can find some clues in there.

Something else, about your scannerblocker: it doesn't work. Replace all 'Return' statements in that rule with DenyAccess and also, /banmake the calls to that rule the first in the other rules. Otherwise, the RequestURI statements also makes the scannerblocker rule useless.

Oh, and 'SimpleHTTPserver' for ServerString should of course be 'VerySuperAdvancedHTTPserver'.

Calling it SimpleHTTPServer is to confuse the enemy. I absolutely LOVE your work and this server (been using litespeed and nginx for years and switched to Hiawatha and really love it so far).

I've commented all Ban rules and restarted. Also checked the system.log but it has only one line:
Tue 29 Jul 2014 15:34:19 +0000|Hiawatha v9.6 started.

Which doesn't really help :-(

Any more ideas on how to make the server expose more error details?

Thanks!

You say other WP sites work on the same server. I guess they work well? If so, what's the difference between your this WP site and the other that work fine? And if the other WP sites work fine, doesn't that proof that this is no Hiawatha issue?

When you get the connection error issue, please try restarting the PHP FastCGI daemon. Just to test if it is a Hiawatha or a PHP issue.

About the connection reset issue - I did try it. Restarting php5-fpm didn't resolve it. Only restarting Hiawatha solved it.
The main concern here is that the process shows as running fine on both ps and netstat so I can't think of a way to monitor it and auto restart Hiawatha if it happens (I.e. if it happens when I'm not near my pc or sleeping as it's a production server).

I realize the WP issue isn't Hiawatha issue but the fact that I can't get any logged error other than a generic "CGI had a 500 error" error is actually related to the web server.
I.e. in Apache/Nginx I would get a detailed error of what caused the error 500 in the log.
All I want is to be able to get a detailed error in the log from Hiawatha or FPM.