Is it possible to set up PHP-FPM to receive/send encrypted communication with the webserver (e.g. NGINX)? most of the documentation I've found only refers to the webserver talking to outside with SSL.
Since we have NGINX and PHP-FPM on different servers, my hope was to be able to talk between the servers with encryption. Our webserver talk to the outside with SSL, but within the data center php and nginx communicate with over port 9000 without encryption
Related
Why every tutorial that I find on the web always share the code folder between the two machines?
If i'm setting two different machines, its the same that have two physical machines, let's say nginx server on california and php server in florida.
On my understanding, the fastcgi protocol is sending the data through the networks right?
Thats why we are using IP:PORT right?
So nginx ask the machine that understand php to process the data sending to that IP:PORT through fastcgi and getting the processed response to show to the browser right?
Or am I crazy?
Having made the same journey through these tutorials, here my view:
php-fpm is only the processor for php files, cannot serve static files. For php calls only, php-fpm would technically be enough but the php-fpm container cannot handle multiple requests even if the php-fpm itself is capable to do so
nginx plays the role of a webserver and load balancer, generally a socket (via volume) to communicate to php, and is also delivering static files
So, the shared code is necessary for the entrypoint to php files and having the static files to serve while php-fpm is using code for execution.
Suggestions to improve this answer welcome.
References here:
php-fpm and nginx on linode.com
nextcloud using the fpm image
There are a lot of examples of implementing a TCP/IP-WS stack in all kinds of languages, also in PHP/CLI. But that is not what I'm looking for.
For http protocol there is Apache webserver software. It listens on default http port 80 for incoming requests. On shared hosting servers it can host an array of domain names and the incoming request url is mapped to the right served directory/file in the "hostAccountDir/domainName/docRoot/".
In this model each PHP script is a "specialized HTTP/application level" server; and does not need to invent/implement the TCP/IP-HTTP stack. Fortunately Apache does that for all PHP scripts.
Is there such a thing for Websockets, listening on port 9000(?), forking to the served directory/file... etc?
Apache powers more than 70% of websites today, but new alternatives are gaining market share. Apache is a reliable server, but it takes considerable memory to run. In some situations other web servers can perform better. The best-known alternative open source HTTP servers are lighttpd, nginx, and Cherokee.
PHP-FPM can listen on multiple sockets. It also listen on Unix sockets, or TCP sockets.
nginx is an HTTP server and mail proxy server. It has been running for more than two years on many heavily loaded Russian sites, and it has become more popular in the rest of the world, to the point where today it’s used by 6.5% of all websites.
For more details refer to the links below.
https://serversforhackers.com/video/php-fpm-configuration-the-listen-directive
https://linuxaria.com/article/apache-alternatives-for-serving-php
I have a situation where a C/C++ application has a thread dedicated for nginx webserver and the thread and nginx server communicates via a specific port. This nginx server is configured to display the data (the data from the C/C++ application) on the webserver with the help of php-cgi. The port for php-cgi is different.
Is it possible to replace nginx server with tomcat server with minimal changes?
I came to know about php/java bridge while researching about it. I am not sure if that is the one I am looking for.
Please help.
Thanks
Edit: Any other cgi is okay as long as the data from the native C/C++ application is sent to webpages, but using tomcat server.
I want to use PHP 7 when it comes out, but my server admin refuses to upgrade past PHP 5.3.3 and I don't have root privileges. I can run a webserver on port 1024 or higher, but I need it to be available on ports 80 and 443.
I am considering connecting to this userland webserver via a local SOCKS client in PHP. Can I effectively run a PHP 7 webserver on port 80 and 443 this way, and will it be possible to handle PHP requests and sessions correctly?
No. Port 80 is a privileged port.
Is it possible to run serve my web application from another server than the one provided in cloud9?
For example : I would like to run different applications (PHP, Node.js - not sure what's possible yet) with nginx as the backend server (i) and/or a reverse proxy (ii) (to try different scenarios and configuration options).
Is it possible to run nginx and serve content to the outside world in cloud9?
Is it possible to have nginx as a reverse proxy in cloud9?
EDIT:
Here they write:
$PORT is exposed to the outside: When you run an application which listens on the port specified in the environment variable $PORT, you can access this application using the http://projectname.username.c9.io URL scheme. The proxy expects the server on that port to be a HTTP server. Other protocols are not supported.
This leads me to believe that if I would start nginx on port=$PORT it would be accesible via the specified URL sheme - can anyone confirm? Maybe anyone has tried this and can share some time-saving tips. Thanks.
I know this might be a late reply but might be helpful for those who are wondering how to do the same.
Short answer
I've created a repository to hold all the configuration needed on the process. Just run a command and NGINX and PHP-FPM will be serving and accessible from internet.
GitHub repo: https://github.com/GabrielGil/c9-lemp
Explanation
Basically to run NGINX on a c9 environment as you noted, you just have to make it listen on port 8080. YOu can either edit the default site on /etc/nginx/sites-available or create and enable your own (That's what the script above does)
Then, in order to run PHP-FPM script using NGINX, configure some permissions and the socket on the webserver is needed. By default, c9 uses ubuntu:ubuntu and the webserver www-data:www-data.
The script above also does this changes for you.
Hope this help you, or other users on similar situations.
You can run nginx on a normal Cloud9 workspace, as long as it listens to port 8080 (the value of $PORT). The URL scheme to reach your server would be http://projectname-username.c9.io, however. Please refer to the docs.c9.io for more up-to-date help on running applications.
One other thing you can do if you have another server where you would like to host your software, is to create an ssh workspace (https://docs.c9.io/ssh_workspaces.html). That way, you can connect Cloud9 to an external server directly.