1

I try to set up Apache v2.4 + PHP-FPM + ProxyPassMatch using Unix socket.

Using Debian 9 Stretch, PHP v5.6.37, PHP v7.0.31, Apache v2.4.25.

My virtualhost setting is the following (000-default.conf):

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName local.lc

    DocumentRoot /var/www

    ProxyPassMatch "^/(.*\.php(/.*)?)$" "unix:/var/run/php5.6-fpm.sock|fcgi://localhost/var/www/"

    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>
    <Directory /var/www/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
        AllowOverride None
        Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Order allow,deny
        Allow from all
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

I executed the following commands:

sudo apt-get install php7.0-cli php7.0-fpm php-pear libapache2-mod-fcgid
sudo apt install software-properties-common
# add repo to get PHP5
sudo apt-get -y install apt-transport-https lsb-release ca-certificates
sudo curl https://packages.sury.org/php/apt.gpg | apt-key add -
sudo wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
sudo echo 'deb https://packages.sury.org/php/ stretch main' > /etc/apt/sources.list.d/deb.sury.org.list
sudo apt-get update
sudo apt-get install php5.6-cli php5.6-fpm
sudo apt-get install php7.0 php7.0-fpm
sudo a2enconf php5.6-fpm
sudo systemctl reload apache2
sudo a2dismod php5 php7 php5.6 php7.0 mpm_prefork
sudo a2enmod actions alias proxy_fcgi mpm_worker
sudo systemctl restart apache2 php5.6-fpm php7.0-fpm

Servers are restarted after changes using:

sudo systemctl restart apache2 php5.6-fpm php7.0-fpm

I get empty page, when I load the 

http://local.lc/

website on my Windows based development computer. The local.lc is in the "hosts" file.

I see the following in the log (/var/log/apache2/error.log):

[Tue Aug 28 23:24:26.685004 2018] [mpm_worker:notice] [pid 43104:tid 140487559849152] AH00295: caught SIGTERM, shutting down
[Tue Aug 28 23:24:27.001054 2018] [:notice] [pid 43531:tid 139833116394688] ModSecurity for Apache/2.9.1 (http://www.modsecurity.org/) configured.
[Tue Aug 28 23:24:27.001189 2018] [:notice] [pid 43531:tid 139833116394688] ModSecurity: APR compiled version="1.5.2"; loaded version="1.5.2"
[Tue Aug 28 23:24:27.001205 2018] [:notice] [pid 43531:tid 139833116394688] ModSecurity: PCRE compiled version="8.39 "; loaded version="8.39 2016-06-14"
[Tue Aug 28 23:24:27.001223 2018] [:notice] [pid 43531:tid 139833116394688] ModSecurity: LUA compiled version="Lua 5.1"
[Tue Aug 28 23:24:27.001236 2018] [:notice] [pid 43531:tid 139833116394688] ModSecurity: YAJL compiled version="2.1.0"
[Tue Aug 28 23:24:27.001248 2018] [:notice] [pid 43531:tid 139833116394688] ModSecurity: LIBXML compiled version="2.9.4"
[Tue Aug 28 23:24:27.001498 2018] [:notice] [pid 43531:tid 139833116394688] ModSecurity: StatusEngine call: "2.9.1,Apache/2.4.25 (Debian),1.5.2/1.5.2,8.39/8.39 2016-06-14,Lua 5.1,2.9.4,cb"
[Tue Aug 28 23:24:27.135554 2018] [:notice] [pid 43531:tid 139833116394688] ModSecurity: StatusEngine call successfully sent. For more information visit: http://status.modsecurity.org/
[Tue Aug 28 23:24:28.005175 2018] [mpm_worker:notice] [pid 43532:tid 139833116394688] AH00292: Apache/2.4.25 (Debian) OpenSSL/1.0.2l mod_fcgid/2.3.9 configured -- resuming normal operations
[Tue Aug 28 23:24:28.005270 2018] [core:notice] [pid 43532:tid 139833116394688] AH00094: Command line: '/usr/sbin/apache2'

I don't see any helpful in the log.

Any idea what may be wrong?

Why the default page is not loading?

klor
  • 344
  • 4
  • 8
  • 25
  • 1
    What is the default page? There's no obvious `DirectoryIndex` directive in your configuration which I'd expect to be set to `index.php` if you're using PHP-FPM. – bodgit Sep 02 '18 at 21:13
  • Added "DirectoryIndex index.html index.php" so when calling http://local.lc or http://local.lc/index.html displays: "It works!". But when I execute http://local.lc/index.php or http://local.lc/test.php the error was the following: "Service Unavailable. The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later". – klor Sep 03 '18 at 14:47
  • Looking at the error.log now I see the following error message: "No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /var/run/php5.6-fpm.sock (localhost) failed". Checking the /var/run/php5.6-fpm.sock path was not found, but the /var/run/php/php5.6-fpm.sock was found. So fixing the path in the vhost config file, then loading http://local.lc/index.php page, now displays : "It works!". Thanks for pushing me to the right direction! – klor Sep 03 '18 at 14:48
  • Ok, that's good. I'll add it as an answer. – bodgit Sep 03 '18 at 14:49

2 Answers2

1

You're missing a DirectoryIndex directive in your configuration, so when requesting a URL like http://local.lc/ Apache doesn't know what file to look for on the disk and serve instead of just showing you the contents of the directory (which is probably not what you want).

Given you're using PHP-FPM, I'd expect you to set DirectoryIndex to something like index.php which should then be processed by PHP-FPM.

Testing PHP-FPM directly using something like the cgi-fcgi utility will allow you to bypass Apache in the case it still doesn't work.

bodgit
  • 4,751
  • 16
  • 27
  • Well the path problem was discovered by me, so I keep the credits for it. Please remove the "assuming you've got the socket path set correctly" part from your solution, because it was not part of your original comment. You got the bounty because you pushed me to the right direction, so you deserve it. – klor Sep 03 '18 at 15:02
  • You might upvote my answer, as it also added some info to the full resolution. – klor Sep 03 '18 at 15:43
1

Accessing http://local.lc/index.html did not result any page, nor an error in error.log.

After fixing this with DirectoryIndex directive suggested by @bodgit, and loaded http://local.lc/index.php now resulted error in error.log.

Looking at the error.log, now I saw the following error message: 

No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /var/run/php5.6-fpm.sock (localhost) failed".

Checking the /var/run/php5.6-fpm.sock path was not found, but the /var/run/php/php5.6-fpm.sock was found.

The path was fixed in my virtualhost setting as the following (000-default.conf):

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName local.lc

    DocumentRoot /var/www

    ProxyPassMatch "^/(.*\.php(/.*)?)$" "unix:/var/run/php/php5.6-fpm.sock|fcgi://localhost/var/www/"

    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>
    <Directory /var/www/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
        AllowOverride None
        Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Order allow,deny
        Allow from all
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

So fixing the path in the vhost config file, then loading http://local.lc/index.php page, now displays :

"It works!".

Problem fixed!

klor
  • 344
  • 4
  • 8
  • 25