How are you able to change the security.limit_extensions directive on Azure App Service for Linux when running PHP 8 or 8.1 (Nginx rather than Apache)?
I have changed all of the usual places (including /usr/local/etc/php-fpm.conf) but none are having an impact. I understand this will need a bash script to update each restart, and have this working for php.ini values, but cannot get this to work for FPM values. Currently have the following error when parsing HTML as PHP, with NGINX blocks seemingly setup correctly:
[ERROR] NOTICE: Access to the script '/home/site/wwwroot/login.html' has been denied (see security.limit_extensions)
You have probably already created a custom nginx config file and set up /home/site/startup.sh to copy it in place and reload nginx.
The principal is the same.
cp /usr/local/php-fpm.d/www.conf /home/site
Edit /home/site/www.conf and comment out the security.limit_extensions line and add some extensions:
security.limit_extensions = .php .php3 .php4 .php5 .php7 .html .htm
Edit /home/site/startup.sh to add the following line before the nginx reload:
cp /home/site/www.conf /usr/local/etc/php-fpm.d/www.conf
Restart your web app.
Related
Overview
I'm trying to host a few legacy PHP apps on Heroku with Apache. They all relied on the following deprecated syntax to parse any unknown file types (without the .php extension) as PHP.
DefaultType application/x-httpd-php
This has been replaced by AddType in Apache 2.4 (Heroku currently uses v2.4.37). Heroku also uses mod_proxy_fcgi to process PHP files via fcgi://heroku-fcgi.
Issue
I have a file foo.test and I want to have it handled by PHP FPM. Taking cues from the docs and the default Apache config provided by Heroku, here's what I've tried:
# .htaccess
<FilesMatch \.test$>
<If "-f %{REQUEST_FILENAME}">
SetHandler proxy:fcgi://heroku-fcgi
</If>
</FilesMatch>
# apache_app.conf (properly loaded via Procfile)
ProxyPassMatch "^/(.*\.test(/.*)?)$" "fcgi://heroku-fcgi/app/$1"
With both of these I get a plain-text 403 Access denied. response from PHP FPM. I'm sure both configs are properly loading and pointing to the FCGI handler because changing the endpoint results in other errors.
My Apache skills are long since rusty and I can't seem to find any good pointers online. The Apache error log is also clean. Any ideas (without the obvious "change all extensions to PHP, you dumbass") would be appreciated!
Fairly obvious solution. PHP FPM has its own configuration with a security.limit_extensions flag. It defaults to .php.
The solution was to unset that value: security.limit_extensions =. This naturally can pose some security threats, but these apps are only going up for static demo.
I was using heroku/heroku-buildpack-php but forked that to update this file. The htaccess FilesMatch should work now but I just ended up placing it into the Apache config file to avoid repetition across the sites I'll be serving.
security.limit_extensions can be customized with a configuration file passed as a Procfile argument.
https://devcenter.heroku.com/articles/custom-php-settings#php-fpm-settings
PHP-FPM settings:
In addition to php_value and php_flag for php.ini specific settings, any pool specific PHP-FPM configuration directives are valid in that configuration file, so you can use it to fine tune PHP-FPM’s behavior.
So you can set up it like the following
Procfile
web: vendor/bin/heroku-php-apache2 -C apache.conf -F fpm_custom.conf web/
apache.conf
<FilesMatch \.test$>
<If "-f %{REQUEST_FILENAME}"> # make sure the file exists so that if not, Apache will show its 404 page and not FPM
SetHandler proxy:fcgi://heroku-fcgi
</If>
</FilesMatch>
fpm_custom.conf
security.limit_extensions = .php .test
In my project I want to store all new/specific code into files with xphp extension but I want server to parse those file as .php.
Can we configure this. If yes how?
I am using Apache server with php 5.6.3, with access to server configurations.
Thanks in Advance.
in apache2 you can add multiple handlers as follows:
within your .conf file which is often located in /etc/apache/sites-available/ in linux/ubuntu , add this line
AddType: application/xhttpd-php .xphp
this will only take effect on the virtual host which you are adding this line to,
if you want your changes take effect on all your hosts, add this line to your /etc/apache2/apache2.conf
if you don't have an access to you server configurations files :
you can add this line to your .htaccess file :
Addhandler application/x-httpd-php .html .php .xphp
don't forget to restart your apache2 after changing the conf files
sudo service apache2 restart
I downloaded EasyPHP 14.1 VC9, and downloaded all of my files from my webhost (new computer). Now when going to any folder below the data/localweb/ level just causes my browser to download the file instead of executing and opening it.
For example:
data/localweb/index.php works fine.
data/localweb/somefolder/index.php doesn't work.
No wordpress or any craziness, just vanilla PHP. Any PHP on the root folder works fine, but my server architecture is just folders off the root - any way to keep it and have PHP find ALL php files and execute them as long as they are under the root folder?
I have these lines in the Apache config:
AddType application/x-httpd-php .phtml .pwml .php5 .php4 .php3 .php2 .php .inc
LoadModule php5_module "${path}/binaries/php/php_runningversion/php5apache2_4.dll"
OS: Win7 Home Premium 64bit
facepalm
Let this be a lesson learned for everyone out there.
The key we should be looking for from now on is 'downloaded from webhost'.
My somefolder/ contained an extra .htaccess that was from my webhost. Deleting it solved the problem.
In a newly setup digitalOcean cloud server (CentOS), I have installed php and Apache. The webserver is running fine:
[root#a2m5cent01 httpd]# service httpd status
httpd (pid 11232) is running...
[root#a2m5cent01 httpd]# php --version | head -1
PHP 5.3.3 (cli) (built: Dec 11 2013 03:29:57)
But browser is showing blank pages (white page) if I try to visit any php page.
Here is what I have done so far to troubleshoot:
Created a page with following content: <?php phpinfo(); ?>. It displays a blank page when viewed from browser.
Just to ensure, apache is pointing to the correct directory, placed a static .html page there, and saw it comes out fine in browser, so apache is working and directory is correct.
In /etc/php.ini, changed display_errors directive to On. Still blank page
In Apache config file (/etc/httpd/conf/httpd.conf) found this line Include conf.d/*.conf. Inside conf.d directory, there is a php.conf file containing the line:
LoadModule php5_module modules/libphp5.so. Ensured that this .so file actually exists in this place.
In the same file I have these two lines as well: AddHandler php5-script .php and AddType text/html .php
Executed the php page from CLI, it works fine - so php is working locally.
Then why is it always shows a blank/white page over the browser? What else am I missing?
EDIT
Based on suggestions from #Nathan,
I checked Apache error log file, could not see any error being
reported there.
My /etc/php.ini says, php error_log is located as syslog. So I checked /var/log/messages but could not find any PHP error message
Next I put some normal HTML in the php file containing phpinfo() call. Interestingly I found that even the normal HTML texts are also not coming. It still produces blank page.
Then I checked Apache access log. Surprise! There is no GET request for any of the PHP files I tried to load in the browser. But GET request for all the non-php files are there with 200 return code.
Apache is not even logging any access request for PHP files. Any idea why would that happen?
check out your phpinfo() script.
<?php
phpinfo();
?>
missing the "php" behind the first "?" will give a blank page
I think your php installation with apache is faulty. Thats why you can not see any php page in your webserver. Clean remove all the existing apps, like httpd,php,php-fpm,php-cli etc. and try to clean isntall in this order
yum install httpd -y
yum install php php-common php-cli php-gd php-curl php-fpm -y
then make sure you restart yout httpd server.
service httpd restart
Install mod_fastcgi:
yum install mod_fastcgi
Start the service:
service php-fpm start
Restart Apache:
service httpd restart
5. Configuration of Apache with PHP-FPM
Open the fastcgi.conf file:
nano /etc/httpd/conf.d/fastcgi.conf
Add this to the end of the file:
<IfModule mod_fastcgi.c>
DirectoryIndex index.html index.shtml index.cgi index.php
AddHandler php5-fcgi .php
Action php5-fcgi /php5-fcgi
Alias /php5-fcgi /usr/lib/cgi-bin/php5-fcgi
FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -host 127.0.0.1:9000 -pass-header Authorization
</IfModule>
After that search after "FastCgiWrapper" and make sure it's set to "off" then save the file.
The /usr/lib/cgi-bin/ directory must exist, so we create it:
mkdir /usr/lib/cgi-bin/
If mod_php is installed and enabled, we need to disable it so open the configuration at /etc/httpd/conf.d/php.conf:
nano /etc/httpd/conf.d/php.conf
Comment out the AddHandler and AddType lines so it looks like here:
#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
#
<IfModule prefork.c>
LoadModule php5_module modules/libphp5.so
</IfModule>
<IfModule worker.c>
LoadModule php5_module modules/libphp5-zts.so
</IfModule>
#
# Cause the PHP interpreter to handle files with a .php extension.
#
#AddHandler php5-script .php
#AddType text/html .php
#
# Add index.php to the list of files that will be served as directory
# indexes.
#
DirectoryIndex index.php
#
# Uncomment the following line to allow PHP to pretty-print .phps
# files as PHP source code:
#
#AddType application/x-httpd-php-source .phps
Save the file and restart Apache:
service httpd restart
Are you navigating to the php file directly? Or are you just going to the directory root?
If the later, Apache might not be recognizing .php as the directory index.
To test, try create a .htaccess file in your web root containing the following line:
DirectoryIndex index.php
I have the same issue...
The problem is in the iptables. (It seems like it)
Try with:
service iptables stop
## check if it stop...
service iptables status
Then try to reload the page again.
If you had other solution please share.
[edit]
Restarting the iptables service is working for me.
Try:
service iptables restart
First of all you should check the permissions of your file.
If you don't grant read-permission to public, Apache produces a blank page without showing any errors.
It's been sometime, but I wanted to come back to this question to update that the issue was with the directory permission setup.
The FPM user I was using didn't have necessary permission to execute the index.php file in the web root.
To avoid these issues in the future, I have created an automated bash script that will automatically create and configure webservers in DigitalOcean boxes. Please take a look here https://github.com/akash-mitra/fairy
This script will automatically,
Installs Nginx
Create virtual server block for nginx
Installs PHP, PHP APC, PHP Curl etc.
Supports PHP Fast Process Manager (php-fpm)
Installs Memcached
Installs Database (MariaDB / MySQL)
Optionally Installs PHP Composer and Laravel
Configures and Strengthens SSH
Activates Firewall
Optionally enables SWAP space in DO server and fixes a locale issue
Since everything looks at its default state, have you checked this part just for confirmation
cat /etc/php.ini | grep log_errors
If log_errors is disabled then enable it and check this below log after restarting httpd.
/var/log/httpd/error_log
--
Also check this part from php configuration.
cat /etc/php.ini | grep error_reporting
This value should be enabled by default so that display_errors will work.
error_reporting = E_ALL
Sorry to repost an old thread...this is important.
I also was having these problems where no html response was outputting
After double-checking php.ini or my apache conf files and was still receiving no output, I later found out that I was suppressing the error of an include / require of a class, with #, which was nested within a constructor function. There was a syntax error in the included file, which stopped all output altogether when errors were thrown.
So, check your handlers first.
If you are storing all your output into vars first and you are including various scripts first that fail you'll have to see those errors. If you suppress file handler errors, you'll get a blank screen if you have a syntax error in the file.
Search your files for all instances of # in your php code. Then turn #include "/path_to/script.php"; to include "/path_to/script.php"; or anything #$foo into $foo as such var might reference a dependency that is causing your script to end with nothing showing in the httpd error log or in the http response.
Its my first time working with Apache,PHP,MySql. I downloaded and installed the latest package of these 3. Now I checked with apache and the index.html works. Now I replaced the index.html with some php script to check if my php works or not. When opened the html page again I see the php code directly. It seems it does not work. following is how my php code looks like.
<html>
<body>
<?php
echo "Hello World";
?>
</body>
</html>
when I open my index.php , I see the above code itself. Can anybody let me know whats wrong and how can i fix it?
Check your apache httpd.conf file for some commented out code that looks like this
LoadModule php5_module libexec/apache2/libphp5.so
and further down the file, this...
<IfModule php5_module>
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>
</IfModule>
it seems there is some problem in the installation. use WAMP as stefan and dessus or XAMPP. i recomand u to use XAMPP its bundled with APACHE, MYSQL, File Zilla Server, Mercury for mail. Easy to Install and Use . http://www.apachefriends.org/en/xampp.html
Another vote for WampServer. Once you have a working server, it's then easier to poke around with configurations files and then learn Apache/PHP configuration that way.
use wamp! it's easy and fast :)
http://www.wampserver.com/en/
personally, i use an old version from 2007, 1.7.4, it can be found here: http://sourceforge.net/projects/wampserver/files%2FWAMP5/
the good thing about using an old version is that your code will work on old machines, and many servers out there have old versions of php and mysql.
the bad thing about using an old version is that your code might not work on new machines, and some machines out there have new versions of php and mysql.
http://computing-know.blogspot.in/#!/2013/10/how-to-setup-apache-php-mysql.html
Step By Step Process to Setup Apaache,PHP,Mysql,phpMyAdmin and XDebug.
1)How to install Apache
2)Setup PHP for Apache
3)Install & Configure MySQL to use with PHP
4)Setup XDebug for Debugging
5)phpMyAdmin
Note:In this tutorial my Server Folder is located on F:\Server
How to install Apache
1)There are two ways to install apache either install the old version of apache httpd (Compatible with Windows XP) from httpd.apache.org/download.cgi or get the latest apache build zip from www.apachelounge.com/download/ .
2)I will show how to configure apache from the zip version downloaded from apachelounge.com/download/ .
3)Click on Additional + VC9 on the left of the page.
4)Download the 2.4.x zip build with OpenSSL 0.9.8.
5)Create a folder with a name Server on location where .
6)My Location is F:\Server
7)Extract the Apache24 from apache zip to the Server folder.
8)Now Goto config folder in Apache and open httpd.config in any text editor.
9)Find(Ctrl + F) and replace each and every instance of "c:/Apache24" and change it to your apache location in my case its f:/Server/Apaache24.
ServerRoot "c:/Apache24" with ServerRoot "f:/Server/Apache24"
DocumentRoot "c:/Apache24/htdocs" with DocumentRoot "f:/Server/Apache24/htdocs"
with
ScriptAlias /cgi-bin/ "c:/Apache24/cgi-bin/" with ScriptAlias /cgi-bin/ "f:/Server/Apache24/cgi-bin/"
with
8)Now run the Command Prompt (with Administrator Rights) .
9)On Command Prompt go to the location Server/Apache24/bin .
10)Inside the Bin folder type "httpd -k install" to install the Apache service and then press Enter.
11)To start the Apache Server simply type in "httpd -k start" and then press Enter.
12)Restart Your Computer
13)Now Open the Bin folder and double click on the ApacheMonitor.exe and Start Apache
14)Now Goto localhost if you see page "It Works" then Apache is sucessfully installed on you computer.
If you see a page that says "It works!" then the Apache server has been installed successfully.
Setup PHP for Apache
1)Goto windows.php.net/download/ download the php-5.4.x-Win32-VC9-x86.zip.
2)Create a folder named php inside Server folder.
3)Extract all files from php-5.4.x-Win32-VC9-x86.zip to php folder in the Server.
4)Now Goto config folder in Apache and open httpd.config in any text editor.
5)Find(Ctrl + F) the LoadModule scroll down until last LoadModule and Paste the following
LoadModule php5_module "f:/Server/php/php5apache2_4.dll".
6) Find(Ctrl + F) the AddType scroll down until last AddType and Paste the following
AddType application/x-httpd-php .php .
7)Add the PHP location to the end of the httpd.conf file. For example, at the end of the file, add the following: PHPIniDir "Your PHP Location".
localhost/info.php
8)In the php folder rename the php.ini-development to php.ini and open it in Text Editor.
9)Find(Ctrl + F) the display_errors, and make sure the value is set to On.
10) Find(Ctrl + F) the extension_dir = "./" and change it to extension_dir = "F:\Server\php\ext" .
11)Restart Apache Server.
12)Create a file "phpinfo.php" in htdocs folder in Apache with follwoing content:
13)Goto localhost/phpinfo.php
extension_dir = "./"
14)Right Click MyComputer Click Propertes
15)Click Environment Variables
16)Add Your php folder location at the end of the path
17)Restart Your Computer.
Install & Configure MySQL to use with PHP
1)Goto dev.mysql.com/downloads/mysql/ download the zip or installer version.
2)Install MySQL
3)Click Next
4)Select Complete & click Next
5)Click Finsh
6)Click Standard Configuration
7)Click Next
8)Enter the password for mySQL
9)Goto MySQL Command Line and enter the password.
12)Open the php.ini file and find the line: ;extension=php_mysql.dll remove the semi-colon.
and find the line: ;extension=php_mysql.dll
phpMyAdmin
1)Goto config folder in Apache and open httpd.config in any text editor.
2) Find(Ctrl + F) the line DirectoryIndex index.html add index.php.
3)Open php.ini file in the Server Folder and Uncomment the mbstring and mysqli extension.
3)Goto phpmyadmin.net/ Download the latest phpMyAdmin-4.0.8-english.zip.
4)Extract it to phpMyAdmin folder in htdocs.
5)Restart the Apache Server.
6)Goto localhost/phpMyAdmin/
Setup XDebug for Debugging
1)Goto http://xdebug.org/download.php from your browser and download the
php_xdebug-2.x.x-5.4-vc9 Thread Safe 32 bit version.
2)Copy and Paste it to the extension folder in the php.
3)Copy & Paste the following line of code at the end of php.ini file .
[XDebug]
;; Only Zend OR (!) XDebug
zend_extension="Your Location of Xdebug"
xdebug.remote_enable=true
xdebug.remote_host=localhost
xdebug.remote_port=10000
xdebug.remote_handler=dbgp
4)Restart Apache Server.
5)Goto to localhost/phpinfo.php scroll down to see if xDebug is installed