The 1. page content
Introductory
In a multi-server environment, greater security and independence of user web directories are essential. THE PHP by default, it uses the mod_php server API for running web pages by default, which is appropriate as a development environment, but is no longer recommended for a live server with multiple users running multiple web pages. Its disadvantages, for example, are that it executes server-side PHP scripts on the pages of each of the websites it runs, which is not secure. It also loads on static websites Apache PHP module which requires additional resources.
However, there are more advanced, more secure, and more efficient solutions, such as FastCGI, or an improved version of it - the current state-of-the-art PHP way to run the CGI line - PHP FastCGI Process Manager, more commonly known as PHP-FPM. Main Benefits of PHP-FPM a mod_phpcompared to:
- PHP is not run by Apache, but by a FastCGI server separate from Apache, FPM. This way, it does not load when retrieving static web pages.
- The PHP files of the websites can be run not only by the Apache user (www-data), but it is also possible for each website to configure the assigned linux user for this. For example, users cannot access things on the other user's website.
- As a result of the previous one, it was used to fill up the storage space FTP programs can also be run in the name of the same user, thus the files uploaded via FTP and uploaded with website forms will have the same owner, so there is no need to constantly set the permissions.
- It is possible for each web page to use a separate php.ini file, so that the PHP environment of each web page can be customized individually.
- Adaptive process management for optimum server resource utilization. This means that PHP-FPM will start as many processes on the server as and when needed based on the instant Apache requests that the server receives.
And there are a lot of other benefits that are more related to what works in the background.
Prerequisites
Installing it on a different server environment or distribution does not guarantee that it will work.
Update and install packages
Upgrade your libraries and packages with apt-get commands:
apt-get update
apt-get upgrade
Then install the php5-fpm package:
apt-get -y install php5-fpm
The package provides FPM support for the PHP engine and its many extensions. When installing, enable PHP extensions for FPM SAPI:
Check PHP-FPM
After installing the packages, you can check the PHP-FPM functionality. First let's get started:
service php5-fpm start
Then the following systemctl command to check its status:
systemctl status php5-fpm.service
You should output something like this:
● php5-fpm.service - The PHP FastCGI Process Manager Loaded: loaded (/lib/systemd/system/php5-fpm.service; enabled) Active: active (running) since sze 2019-03-13 14:33:46 CET; 3h 3min ago Main PID: 25865 (php5-fpm) Status: "Processes active: 0, idle: 2, Requests: 0, slow: 0, Traffic: 0req/sec" CGroup: /system.slice/php5-fpm.service ├─25865 php-fpm: master process (/etc/php5/fpm/php-fpm.conf) ├─25866 php-fpm: pool www └─25867 php-fpm: pool www márc 13 17:36:38 szerver1 systemd[1]: Started The PHP FastCGI Process Manager.
Configure PHP-FPM
There are many ways to configure PHP-FPM. In this description, the mod_proxy_fcgi We review the current latest method offered by the Apache module, which can be used from Apache 8 on Debian 2.4.10 (Jessie). The method is based on the principle of using the web server as a reverse proxy, which in short means redirecting PHP requests to the server to the FastCGI server, in this case PHP-FPM, using the Apache Handler.
You will also learn about several ways to use this method.
You must first enable the mod_proxy_fcgi Apache module:
a2enmod proxy_fcgi
Global setting (single user mode)
The easiest way to configure is to enable PHP-FPM on the entire server at the same time, running with the same linux user. This may be necessary when using the server only as a development environment and not needing a multi-user web environment, as only we use the whole thing ourselves. In this case, it is not necessary to run each website as a separate user, so we can develop and maintain them as a user without mixing the owners of the files, which creates a much more comfortable work environment. However, we can take advantage of the other benefits of PHP-FPM in the same way. So this configuration form is optional, if you want to use PHP-FPM this way, just do the parts for the global configuration.
Configuration using Unix domain socket (UDS)
The Unix domain socket (UDS) is a relatively new thing in the history of Apache, it can only handle it from version 2.4.9. Its use comes in handy when the Apache web server and the FastCGI server it calls (in this case PHP-FPM) are on a physical server, in which case they communicate with each other through the system's local sockets. The advantage of this is that PHP requests to the web server do not have to cross different network protocols, but only read / write on the local file system. So this configuration mode provides slightly better server performance.
Open the www.conf file:
nano /etc/php5/fpm/pool.d/www.conf
Then look for the following sections and set it up accordingly:
[...] user = www-data group = www-data [...] listen = /var/run/php5-fpm.sock [...] listen.owner = www-data listen.group = www-data [...] security.limit_extensions = .php .html [...]
Here, by default, the www data is set everywhere, but I put it in if it might not be somewhere.
Restart PHP-FPM:
systemctl restart php5-fpm.service
PHP-FPM will then create the socket file at the configured location.
Then comes the Apache section. Open (or create it if not available) a /etc/apache2/mods-available/proxy_fcgi.conf file:
nano /etc/apache2/mods-available/proxy_fcgi.conf
And let's add the following:
<IfModule mod_proxy_fcgi.c> <FilesMatch "\.(php|html)$"> SetHandler "proxy:unix:/var/run/php5-fpm.sock|fcgi://localhost" </FilesMatch> </IfModule>
Save and restart Apache:
systemctl restart apache2.service
And we're done.
Configuration using TCP socket
TCP sockets allow you to run PHP-FPM on another server, so you can reference it by the IP address and port number of the remote machine.
It is configured almost the same as with Unix sockets, except for the 1-1 line of options.
nano /etc/php5/fpm/pool.d/www.conf
[...] user = www-data group = www-data [...] listen = 127.0.0.1:9000 [...] listen.owner = www-data listen.group = www-data [...] security.limit_extensions = .php .html [...]
Then restart PHP-FPM:
systemctl restart php5-fpm.service
Apache Configuration:
nano /etc/apache2/mods-available/proxy_fcgi.conf
<IfModule mod_proxy_fcgi.c> <FilesMatch "\.(php|html)$"> SetHandler "proxy:fcgi://localhost:9000/" </FilesMatch> </IfModule>
Finally, Apache restart:
systemctl restart apache2.service
Testing
To test it, create a php file in the document root directory on the server, which includes the following:
1 2 3 <?php phpinfo(); ?>
Then, when loaded from the browser, we should see the following:
Here where I put the green dots, the Server API line should be set to "FPM / FastCGI". Then scroll down to check the PHP user and the user and document root directories:
A next page we continue with PHP-FPM site-specific configuration ...
- Encyclopedia - PHP-FPM
- Installing Debian 8 (Jessie) LAMP Server v1.0
- How to install newer PHP versions on our Debian 9 (Stretch) LAMP server in PHP-FPM mode
- How to install PHP 8 on your Debian or Ubuntu server
- How to manually change the PHP version of a website or web application running in a PHP-FPM pool?
- Encyclopedia - Apache HTTP Server
- apache.org - mod_proxy_fcgi
- wiki.apache.org - PHP-FPM
- What's new and changed in PHP 8
Navigation
- To post registration and login required
- 402 views