I've got Apache setup to run PHP through FPM and I want to be able to get .js files passed through FPM as well as .php files.
On my dev box I can do this:
AddType application/x-httpd-php .js
But on my live box, which is locked down more I get this error in the browser:
Refused to execute script from 'https://blah/test.js' because its MIME type ('application/x-httpd-php') is not executable, and strict MIME type checking is enabled.
I've tried adding a handler with:
AddHandler php-fastcgi .js
I've tried setting a handler with these and other variations:
<FilesMatch \.js$>
SetHandler php7-fastcgi
#SetHandler php7-fcgi
</FilesMatch>
But none of them works. What do I need to do?
I found it, the handler I needed to add is:
SetHandler "proxy:unix:/run/php/php7.0-fpm.sock|fcgi://localhost/"
Still needs some touch-ups on the content type that is served with it, but at least my JavaScript file is now going through PHP and I can add my dynamic content.
You also need to edit this line in /etc/php/7.0/fpm/pool.d/www.conf to allow FPM to handle .js files, otherwise the requests will be rejected.
security.limit_extensions = .php .js
My current hack to fix the MIME type is to add this in the PHP part of the file, but I've got a feeling I can fix it through Apache, but as the main problem is solved, I'm going to worry about that later.
header ("content-type: text/javascript");
Related
I'm trying to move over to AWS EC2 and I've hit a sticking point. I've spent a full day trying every possible solution I could find on Stack Overflow and elsewhere, but to no avail.
I want to process .htm files as PHP files. Files ending in .php are processed just fine, but I can't get .htm files to be processed as PHP.
If I use this "AddHandler" syntax in .htaccess, nothing happens:
AddHandler application/x-httpd-php .htm
"x-httpd-php" can literally be anything. It doesn't matter. Even this does nothing:
AddHandler application/its-a-fish .htm
Using this "AddType" syntax, on the other hand, always causes the file to be downloaded by the browser instead of parsed as code:
AddType application/x-httpd-php .htm
Here again, what follows "application/" doesn't matter. All of these cause the file to be downloaded instead of processed:
AddType application/its-a-fish .htm
AddType application/x-http-php7 .htm
AddType application/x-http-php73 .htm
When the file is downloaded, the Content-Type in the Response header is whatever comes after "AddType" in .htaccess, e.g.:
Content-Type: application/x-http-php73
So maybe I just haven't found the "application" identifier my PHP is running under?
I've tried literally every code example I can find over a ~10-hour period (especially in these threads) but nothing has worked:
Server not parsing .html as PHP
Parsing HTML files as PHP
http://kb.cloudblue.com/en/115773
I suspect the reason it worked on all my previous servers and not on AWS is because PHP is running as FastCGI on AWS, not an Apache Handler, but I can't figure out how to make it work with FastCGI.
Here are the relevant packages I currently I have installed:
[root#ip-172-31-30-111 etc]# rpm -qa | egrep 'http|php'
libnghttp2-1.31.1-1.amzn2.0.2.x86_64
httpd-tools-2.4.39-1.amzn2.0.1.x86_64
mod_http2-1.14.1-1.amzn2.x86_64
php-pdo-7.3.6-1.amzn2.0.1.x86_64
generic-logos-httpd-18.0.0-4.amzn2.noarch
httpd-filesystem-2.4.39-1.amzn2.0.1.noarch
httpd-2.4.39-1.amzn2.0.1.x86_64
php-json-7.3.6-1.amzn2.0.1.x86_64
php-mysqlnd-7.3.6-1.amzn2.0.1.x86_64
php-cli-7.3.6-1.amzn2.0.1.x86_64
php-common-7.3.6-1.amzn2.0.1.x86_64
php-fpm-7.3.6-1.amzn2.0.1.x86_64
I finally figured this out, thanks primarily to this post:
https://talk.plesk.com/threads/cant-get-php-versions-to-serve-html-as-php.342045/page-2#post-854770
Here's what to do specifically on AWS EC2 Linux:
Add these lines to .htaccess, changing the "Files" section to specify the extensions you want to process as PHP:
<IfModule mod_proxy_fcgi.c>
<Files ~ (\.htm$)>
SetHandler proxy:unix:/run/php-fpm/www.sock|fcgi://127.0.0.1:9000
</Files>
</IfModule>
Change the security.limit_extensions setting in /etc/php-fpm.d/www.conf to allow the extensions you added in .htaccess (plus .php):
security.limit_extensions = .php .htm
Restart the php-fpm service (restarting httpd will not force a reread of www.conf):
service php-fpm restart
If you do #1 without doing #2, you will get an "Access denied" error. Step #2 is what fixes that.
for a certain folder on my local Apache-Server (running with Ubuntu) I'd like that all *php-files will be displayed as if they were plain text-files. I need this since I only want to see the source code of these files and NOT run them.
While searching, I found that most people have the opposite problem :-) and couldn't really find a solution for me.
What would I need to include in the .htacces-file of my folder?
THANKS!
THE ANSWER:
in .htaccess-file type
php_flag engine off
#This will prevent apache from executing *.php-files
AddType text/plain php
#this wil display php-files in browser (if not, browser will want to download file!)
Thanks to Brad!
My Godaddy setup wont allow me to edit the httpd.conf files, and the php_flag command doesn't work due to how they've implemented php for me.
I was able to use this in my .htaccess file:
SetHandler default-handler
AddType text/plain php
I put this in the directory above where my FTP user is allowed to access, which forces all PHP files in that directory, as well as all sub-directories to show php as plain text.
This will work for other file types as well. All you need to do is add another line with whatever extension of file you want to be forced to display in plain text. AddType text/plain cgi for example
Look at your httpd.conf file for the AddType of .php extension, and change it fortext/plain, and php_flag engine to the offvalue just as sait by Sam Bisbee.
But prefer do these change in the httpd.conf, the .htaccess are useless if you have a dedicated server, and lowing your perfs.
But you can also just change the extensions of your PHP scripts...
Two solutions off the top of my head...
Change their file name extensions to .phps. Ex., index.phps.
Change the Content-type for them in the .htaccess file. AddType text/plain .php uses mod_mime to do this. More info at http://httpd.apache.org/docs/2.2/mod/mod_mime.html#addtype
Turn off the the PHP module in apache? (if you won't be needing php execution, of course)
My problem started when I was working with the .htaccess file to a directory trying to get php to run inside of html files. I tried ALOT of combinations of AddTypes and AddHandlers. I took them out and now my php files are being downloaded by the broswer instead of running. There are a few other questions on here that I have studied up and down, but they are not exactly my problem.
I'm fairly lost now, I've tried just about every combination of AddType and AddHandler. I've since decided to use mod_rewrite and just have all my files end in .php but I can't get them to run.
This is what I'm using to test:
<!DOCTYPE html>
<body>
<?php
echo("php working");
?>
</body>
</html>
Am I missing something? Luckily I made all my changes at a separate directory than the root so that the site still runs, but none of the php files in that folder can be viewed in broswer. What can I do? Any help is appreciated.
EDIT:
Just to make it clear, I was originally trying to be able to put php in my html files so I was messing around with handlers and addtypes. My server does have php. If I call a php script from a .html file, it runs. I just can't get a php file like the example I included above to open in brower ANYMORE, it used to open in browser. My fear is that I have messed something up by trying all the different handlers in .htaccess. I have since cleared my .htaccess file in hopes that would at least get me to square one, but it hasn't.
SECOND EDIT:
I went to the root directory and made a php file and it ran just fine so its definitely something I changed in the .htaccess for the particular directory. Is there anyway I can reset that directory?
have you made sure to install php correctly within apache?
if you are using php as a module, you need the following:
LoadModule php5_module "c:/php/php5apache2.dll"
AddType application/x-httpd-php .php
# configure the path to php.ini
PHPIniDir "C:/php"
or as a CGI binary
ScriptAlias /php/ "c:/php/"
AddType application/x-httpd-php .php
# For PHP 4
Action application/x-httpd-php "/php/php.exe"
# For PHP 5
Action application/x-httpd-php "/php/php-cgi.exe"
other things to consider, are the permissions set correctly on the php binaries, is the php.ini present and correct, have you restarted apache since installing php into apache?
lastly, php doesnt run within html files, you would need to set the following as pretty much the last thing in the apache config
AddType application/x-httpd-php .html .htm
Do you see the line like this in your htaccess file?
php_flag engine off
If yes, delete it.
One more thing that may help you understand what happened
The following piece of htaccess would make Php from being executed but rather downloaded as a text file
<VirtualHost *>
ServerName sourcecode.testserver.me
DocumentRoot /var/www/example
AddType text/plain php
</VirtualHost>
One more thing
I'm guessing that this topic was addressed once here-> htaccess downloading file instead of loading
I wanted to change the .php extension to .foo, to hide it for visitors.
My webserver has cPanel installed, so I logged in and clicked on "MIME Types", and entered the following:
MIME Type: application/x-httpd-php
Extension: foo
The problem is that it's not being parsed as PHP, but instead is downloaded (when you click the link, a file containing all the code of that file is being downloaded)
How would I solve this?
Add in httpd.conf or vhost.conf
<IfModule mime_module>
AddType application/x-httpd-php .foo
</IfModule>
But best way to solve you problem is in using mod_rewrite
If you have the necessary AllowOverride permissions to use .htaccess, try
AddHandler application/x-httpd-php5 .php .foo
For some reason our CentOS server needs x-httpd-php5, where as our WAMP internal server just uses x-httpd-php like you have (and -php5 will not work)
I have a CPanel based website and we used the above rule to set .html to be parsed as php, didn't even bother with the CPanel Mime settings... but there are other ways to determine if a server is running PHP so you're not really hiding that you use PHP from anyone who knows what they are doing
Okay, so I have a weird one for you all today. I'm looking into creating a custom MIME type for a .php file. I've read some pro's/con's on this and it won't be for much other than some experimentation to see what can really be done. My company's initials are TTP and so we decided it'd be kinda fun to have all of our .php pages re-written to a custom .ttp extension. I've attempted my normal cPanel X route with adding it in, and I've also tried adding the change into the .htaccess file. It work's perfectly fine until I change the application type to anything php.
AddType text/html ttp // works
AddType text/x-php ttp // doesn't work
AddType application/x-php ttp // doesn't work
AddType application/x-http-php ttp // doesn't work
Some things that have come up was an issue that doing this renders the .php file and therefore makes it difficult for the browser to decide how to handle it. Any other ideas? I'm pretty sure that at the end of the day this won't be something the company will do, but they wanted to see if any experiment I could run will work.
The browser doesn't handle PHP. Content-Type doesn't matter here.
Look at your CGI or module configuration, to configure PHP to handle more than .php. For PHP as a module:
<FilesMatch \.ttp$>
SetHandler application/x-httpd-php
</FilesMatch>
Handlers are specified with AddHandler. The mod_php handler is php5-script.
And the browser never handles PHP.