I have Apache (2.2.22 on Debian) configured to handle PHP files via FastCGI:
<FilesMatch ".+.php$">
SetHandler application/x-httpd-php
</FilesMatch>
Action application/x-httpd-php /fcgi-bin/php5-fpm virtual Alias
/fcgi-bin/php5-fpm /fcgi-bin-php5-fpm FastCgiExternalServer
/fcgi-bin-php5-fpm -socket /var/run/php5-fpm.sock -idle-timeout 600
-pass-header Authorization
To show a custom File Not Found (HTTP 404) page is configured in Apache as follows:
<Directory "/home/http/domain/root">
..
ErrorDocument 404 /pagenotfound.htm
..
</Directory>
Requests for non-existing non-PHP files are answered with the custom 404 pagenotfound.htm file. No problem.
But requests for non-existing PHP files are answered with http-status-header "HTTP/1.1 404 Not Found" and contents "File not found.", so not my custom error page. Problem!
The Apache error log shows (in the latter case):
[Sat Nov 21 14:03:07 2015] [error] [client xx.xxx.xx.xx] FastCGI: server "/fcgi-bin-php5-fpm" stderr: Primary script unknown
How can I configure a custom 404 page for non-existing PHP files when using PHP-FPM?
set "ProxyErrorOverride on" in either your global server config or in individual virtual hosts, see http://httpd.apache.org/docs/current/mod/mod_proxy.html#proxyerroroverride
When 'File not found' is shown instead of custom error page for non-existing .php files (and all other non-existing files get the correct custom error page)...
Centos 8, PHP 7.2.11
File: /etc/httpd/conf.d/php.conf
Add 'ProxyErrorOverride On' after the SetHandler
<FilesMatch \.(php|phar)$>
SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost"
ProxyErrorOverride On
</FilesMatch>
Not sure if required, but I then did:
systemctl restart httpd
Option: ProxyErrorOverride
ProxyErrorOverride can be used if you have access to the server's configuration. But it doesn't work within the .htaccess context and it will prevent PHP from outputting dynamic response bodies for all configured status codes (default: 400 to 599).
Option: <If> directive (Apache 2.4+)
Let Apache check if the file exists, before invoking PHP:
<Files "*.php">
<If "-e %{REQUEST_FILENAME}">
# Assuming PHP-FPM over Unix socket via mod_proxy_fcgi.
SetHandler proxy:unix:/path/to/php-fpm.sock|fcgi://
</If>
<Else>
# Ensure that *.php files are never handled by the default handler.
Redirect 404
</Else>
</Files>
Docs: <If>, Expression parser, Redirect
Option: mod_rewrite
The ErrorDocument can be triggered using mod_rewrite:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule "\.php$" - [R=404]
Note: This only works if REQUEST_FILENAME has already been determined (so not in the server config or virtual host, but in a directory or .htaccess context). Otherwise it is equal to REQUEST_URI and that probably wouldn't be an existing local file.
Related
Overview
I'm trying to host a few legacy PHP apps on Heroku with Apache. They all relied on the following deprecated syntax to parse any unknown file types (without the .php extension) as PHP.
DefaultType application/x-httpd-php
This has been replaced by AddType in Apache 2.4 (Heroku currently uses v2.4.37). Heroku also uses mod_proxy_fcgi to process PHP files via fcgi://heroku-fcgi.
Issue
I have a file foo.test and I want to have it handled by PHP FPM. Taking cues from the docs and the default Apache config provided by Heroku, here's what I've tried:
# .htaccess
<FilesMatch \.test$>
<If "-f %{REQUEST_FILENAME}">
SetHandler proxy:fcgi://heroku-fcgi
</If>
</FilesMatch>
# apache_app.conf (properly loaded via Procfile)
ProxyPassMatch "^/(.*\.test(/.*)?)$" "fcgi://heroku-fcgi/app/$1"
With both of these I get a plain-text 403 Access denied. response from PHP FPM. I'm sure both configs are properly loading and pointing to the FCGI handler because changing the endpoint results in other errors.
My Apache skills are long since rusty and I can't seem to find any good pointers online. The Apache error log is also clean. Any ideas (without the obvious "change all extensions to PHP, you dumbass") would be appreciated!
Fairly obvious solution. PHP FPM has its own configuration with a security.limit_extensions flag. It defaults to .php.
The solution was to unset that value: security.limit_extensions =. This naturally can pose some security threats, but these apps are only going up for static demo.
I was using heroku/heroku-buildpack-php but forked that to update this file. The htaccess FilesMatch should work now but I just ended up placing it into the Apache config file to avoid repetition across the sites I'll be serving.
security.limit_extensions can be customized with a configuration file passed as a Procfile argument.
https://devcenter.heroku.com/articles/custom-php-settings#php-fpm-settings
PHP-FPM settings:
In addition to php_value and php_flag for php.ini specific settings, any pool specific PHP-FPM configuration directives are valid in that configuration file, so you can use it to fine tune PHP-FPM’s behavior.
So you can set up it like the following
Procfile
web: vendor/bin/heroku-php-apache2 -C apache.conf -F fpm_custom.conf web/
apache.conf
<FilesMatch \.test$>
<If "-f %{REQUEST_FILENAME}"> # make sure the file exists so that if not, Apache will show its 404 page and not FPM
SetHandler proxy:fcgi://heroku-fcgi
</If>
</FilesMatch>
fpm_custom.conf
security.limit_extensions = .php .test
I am trying to configure everything in order to run simultaneously php5 and php7 on Fedora 27. I am using Remi's guides from here and here, I am able to switch versions in the command line with module load/unload php71/php56
but on the page where I output phpinfo(); I get php version of 7.1. I have also
running php56-php-fpm.service and php71-php-fpm.service running.
What should I check or where to search? Thank you.
php.conf file:
# Redirect to local php-fpm if mod_php (5 or 7) is not available
<IfModule !mod_php5.c>
<IfModule !mod_php7.c>
# Enable http authorization headers
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
<FilesMatch \.php$>
SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost"
</FilesMatch>
</IfModule>
</IfModule>
also there are php56-php.conf and php71-php.conf files. As I understand mod_php is serving files instead of php-fpm, is there any method to disable it?
Check all SetHandler Directives in /etc/httpd/conf.d/*conf
Each package comes with its configuration file (php##-php.conf), you may have to disable them to be able to set the proper version per vhost / project / directory, or ensure your configuration files are loaded after provided ones.
I have a simple setup with Apache2.4 and PHP-FPM and I am trying to enable +Indexes option but I get 404 "File not found." when trying to access a folder that doesn't have an index file even when autoindex is enabled.
Here's part of my vhost:
#php
ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/var/run/fpm/fatal.sock|fcgi://
#super public directory with Indexes!
<Location /pub>
Options +Indexes
IndexOptions +FancyIndexing
</Location>
When I try to access http://domain.com/pub/ I expected to see a list of files I put there but instead I get error 404 Not Found.
I wonder where this comes from since ProxyPassMatch shouldn't forward the request because there is no .php in the query so next is directory index which looks for index.php which doesn't exists (404) but why then mod_autoindex doesn't work?
When I remove the ProxyPassMatch line the autoindex works just fine and I see the folder content listed.
Any ideas?
I found the answer here http://blog.famillecollet.com/post/2014/03/28/PHP-FPM-and-HTTPD-2.4-improvement
As the ProxyPassMatch directive is evaluated at the very beginning of each request:
AddType (for MultiView) or DirectoryIndex directives are not usable
right management per directory is not available
each Alias directive needs another proxy rule
The SetHandler directive, evaluated later, is much more flexible / usable.
So I changed my vhost to look like this and got rid of the ProxyPassMatch directive.
<FilesMatch \.php$>
SetHandler "proxy:unix:/var/run/fpm/fatal.sock|fcgi://"
</FilesMatch>
Note: this solution applies to Apache 2.4.9+
(I do wonder if there are any performance difference and in what direction?)
On my development machine, this works as expected (requests to server.com/.myhandler are executed as php), but when I uploaded to the production machine (running ubuntu server 11.04) it just serves the un-executed php. Is there anything extra I must configure for this to work?
Contents of .htaccess file:
AddType text/html .myhandler
<FilesMatch "\.myhandler$">
SetHandler application/x-httpd-php
</FilesMatch>
DirectoryIndex .myhandler index.php index.htm
Most possibly this type of configuration is not allowed via .htaccess in the directory where your script and .htaccess reside in. Put this in your Apache site / VirtualHost configuration:
<Directory /absolute/path/to/webroot/>
AllowOverride All
</Directory>
So my server suddenly stopped parsing PHP (sends raw php to the client). I'm not really sure when it happened, but I just noticed it today. I was messing with some mod_rewrite stuff, but I put it back and it didn't change. Other than that I haven't changed anything (to the best of my knowledge). Ideas? It's an Ubuntu 11.10 server, BTW.
Few things to try...
First:
apachectl -t -D DUMP_MODULES | grep php
You should get something like:
php5_module (shared)
at the very least.
Secondly... how are you restarting apache? Are you sure it is getting killed? I have used an apache init.d script before that would actually run an apachectl configtest to make sure it was error free before stopping and restarting. So, perhaps you need to stop, ensure it is stopped, then start again.
Also, in your config, make sure you have something like:
<IfModule php5_module>
AddType application/x-httpd-php .php
</IfModule>
You don't necessarily need the <IfModule> directive, but doesn't hurt.
And what version of apache are you running?
check:
that PHP files have their executable bit set
that "index.php" is set as one of default index files in your web
root
that php module is loaded by apache (see apache config file, perhaps
near by enabling mod_rewrite module)
Remove the Rewrite setting might be you have return wrong.
And restart the Apache server. Hope that will resolve the issue.
Can refer to
http://www.matthewwittering.co.uk/blog/ubuntu-tips/apache-not-running-php-files.htm
https://askubuntu.com/questions/59272/php-not-working-in-apache2-after-system-upgrade
<IfModule mod_php5.c>
<FilesMatch "\.ph(p3?|tml)$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler application/x-httpd-php-source
</FilesMatch>
# To re-enable php in user directories comment the following lines
# (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it
# prevents .htaccess files from disabling it.
<IfModule mod_userdir.c>
<Directory /home/*/public_html>
php_admin_value engine Off
</Directory>
</IfModule>
</IfModule>