Customized suggestions and tips

.htaccess code from Final htaccess file

RUN PHP AS APACHE MODULE

AddHandler software/x-httpd-php .php .htm

RUN PHP AS CGI

AddHandler php-cgi .php .htm

CGI PHP WRAPPER FOR CUSTOM PHP.INI

AddHandler phpini-cgi .php .htm
Motion phpini-cgi /cgi-bin/php5-custom-ini.cgi

FAST-CGI SETUP WITH PHP-CGI WRAPPER FOR CUSTOM PHP.INI

AddHandler fastcgi-script .fcgi
AddHandler php-cgi .php .htm
Motion php-cgi /cgi-bin/php5-wrapper.fcgi

CUSTOM PHP CGI BINARY SETUP

AddHandler php-cgi .php .htm
Motion php-cgi /cgi-bin/php.cgi

When php run as Apache Module (mod_php)

in root .htaccess

SetEnv PHPRC /location/todir/containing/phpinifile

When php run as CGI

Place your php.ini file within the dir of your cgi’d php, on this case /cgi-bin/

htaccess may look one thing like this

AddHandler php-cgi .php .htm
Motion php-cgi /cgi-bin/php5.cgi

When php is run as cgi

Create a wrapper script known as phpini.cgi to export the listing that comprises the php.ini file as PHPRC

#!/bin/sh
export PHPRC=/internet/web site/askapache.com/inc
exec /person/public_html/cgi-bin/php5.cgi

In your .htaccess or httpd.conf file

AddHandler php-cgi .php
Motion php-cgi /cgi-bin/phpini.cgi

When cgi’d php is run with wrapper (for FastCGI)

NOTE: Customized PHP.ini with FastCGI on DreamHost

You should have a shell wrapper script one thing like this:

#!/bin/sh
export PHP_FCGI_CHILDREN=3
exec /person/public_html/cgi-bin/php5.cgi

Change To

#!/bin/sh
export PHP_FCGI_CHILDREN=3
exec /person/public_html/cgi-bin/php.cgi -c /internet/person/php.ini

NOTES:

  • Since PHP 5.1.0, it’s potential to check with present .ini variables from inside .ini documents. open_basedir = ${open_basedir} ":/new/dir"
  • To ensure that PHP to learn it, config file should be named php.ini
  • SetEnv PHPRC solely works when utilizing PHP as CGI, not when utilizing php as an Apache Module

Default places to search for php.ini

PHP seems for {custom} php.ini on this order:

Src: PHP Runtime Configuration

Within the Present working listing

  1. Place your php.ini in the identical listing because the php executable.
  2. If php executable is right here: /internet/user1/public_html/cgi-bin/
  3. then place your php.ini file right here: /internet/user1/public_html/cgi-bin/php.ini

Within the path specified by the atmosphere variable PHPRC

  1. If you should utilize SetEnv in .htaccess files–> within the root .htaccess file specify the trail to the listing containing php.ini SetEnv PHPRC /internet/user1
  2. If you cannot use SetEnv and you’re utilizing a wrapper shell script place this in your wrapper shell script export PHPRC=/internet/user1

Within the path that was outlined at compile time with –with-config-file-path

  • The trail during which the php.ini file is seemed for could be overridden utilizing the -c argument in command line mode. (cgi) /internet/user1/public_html/cgi-bin/php.cgi -c /internet/user1/php.ini
  • With this selection one can both specify a listing the place to search for php.ini or you’ll be able to specify a {custom} INI file immediately (which does not must be named php.ini),$ php -c /{custom}/listing/custom-file.ini my_script.php
  • Underneath Home windows, the compile-time path is the Home windows listing. Place php.ini in one of many directories, C:home windows or C:winnt

php.ini is looked for in these places on this order

NOTE: The Apache internet server modifications the listing to root at startup inflicting PHP to aim to learn php.ini from the foundation filesystem if it exists. If php-SAPI.ini exists (the place SAPI is used SAPI, so the filename is e.g. php-cli.ini or php-apache.ini), it is used as an alternative of php.ini. SAPI identify could be decided by php_sapi_name(). You should use additionally use the predefined PHP_SAPI fixed as an alternative of php_sapi_name()

Learn this text: In case your server is working Home windows

  1. SAPI module particular location
    • PHPIniDir directive in Apache 2
    • -c command line possibility in CGI and CLI
    • php_ini parameter in NSAPI
    • PHP_INI_PATH atmosphere variable in THTTPD
  2. The PHPRC atmosphere variable (Earlier than PHP 5.2.0 this was checked after the registry key talked about beneath.)
  3. HKEY_LOCAL_MACHINESOFTWAREPHPIniFilePath (Home windows Registry location)
  4. Present working listing (for CLI)
  5. The net server’s listing (for SAPI modules)
  6. Listing of PHP (If Home windows)
  7. Home windows listing (C:home windows or C:winnt)
  8. –with-config-file-path compile time possibility

Instructions for {custom} php.ini for Powweb Clients

Particular to Powweb, however can be utilized elsewhere.

SetEnv PHPRC /internet/clients/internet/bEXAMPLE/pow.EXAMPLE
  1. Within the folder above the htdocs (your ROOT) for the area you need a {custom} php.ini file for, create an htaccess file with the above content material:
  2. Then create a clean php.ini additionally in your ROOT listing (/internet/clients/internet/bEXAMPLE/pow.EXAMPLE). Subsequent copy the powweb php.ini textual content to your php.ini file and customise it.
  3. You’ll be able to take a look at to ensure you are utilizing the brand new php.ini by working phpinfo(); If you’d like a number of php.ini documents, then use .htaccess documents to set the PHPRC variable to the listing that the php.ini file you wish to use is in.

File construction from ROOT listing

.
|-- site1.com
|   `-- htdocs
|   |   |-- cgi-bin
|   |   |   `-- dl.cgi
|   |   `-- index.html
|   |-- phpsessions
|   |-- php.ini
|   `-- .htaccess
|-- site2.org
|   `-- htdocs
|   |   |-- cgi-bin
|   |   |   `-- dl.cgi
|   |   `-- index.html
|   |-- phpsessions
|   |-- php.ini
|   `-- .htaccess
`-- site3.web
`-- htdocs
|   |-- cgi-bin
|   |   `-- dl.cgi
|   `-- index.html
|-- phpsession
|-- php.ini
`-- .htaccess

Powweb File Permissions

Bear in mind to chmod 640 all .htaccess documents, chmod 600 your php.ini documents, chmod 600 your php flies, and chmod 705 your cgi scripts.. if you do not need ftp clients to have the ability to change the file than chmod 400.

PHP-CGI vs. MOD_PHP

What is the distinction between PHP-CGI and PHP as an Apache module?

Advantages of PHP-CGI

  • php-cgi is safer. The PHP runs as your person quite than dhapache. Meaning you’ll be able to put your database passwords in a file readable solely by you and your php scripts can nonetheless entry it!
  • php-cgi is extra versatile. Due to safety considerations when working PHP as an Apache module, we disabled instructions with the non-CGI PHP. This can trigger set up issues with sure widespread PHP scripts for those who run PHP not as a CGI!
  • php-cgi is simply as quick as working PHP as an Apache module, and we embrace extra default libraries.

Caveats of PHP-CGI

If certainly one of these is a show-stopper for you, you’ll be able to simply swap to working PHP as an Apache module and never CGI, however be ready for a bunch of potential safety and ease-of-use points! If you do not know what any of those drawbacks imply, you are nice simply utilizing the default setting of PHP-CGI and never worrying about something!

  • Variables within the URL which aren’t common ?foo=bar variables will not work with out utilizing (mod_rewrite)
  • Customized php directives in .htaccess documents (php_include_dir /internet/person;/internet/person/example_dir) will not work.
  • The $_SERVER['SCRIPT_NAME'] variable will return the php.cgi binary quite than the identify of your script
  • Persistant database connections is not going to work. PHP’s mysql_pconnect() operate will simply open a brand new connection as a result of it could’t discover a persistant one.

PHP’s configuration file

The configuration file (known as php3.ini in PHP 3, and easily php.ini as of PHP 4) is learn when PHP begins up. For the server module variations of PHP, this occurs solely as soon as when the online server is began. Word: For the CGI and CLI model, php.ini is learn on each invocation.

Operating PHP as Apache module (mod_php)

When utilizing PHP as an Apache module, it’s also possible to change the configuration settings utilizing directives in Apache configuration documents (e.g. httpd.conf) and .htaccess documents. You have to certainly one of these privileges:

AllowOverride Choices
AllowOverride All

With PHP 4 and PHP 5, there are a number of Apache directives that help you change the PHP configuration from inside the Apache configuration documents.

NOTE: With PHP 3, there are Apache directives that correspond to every configuration setting within the php3.ini identify, besides the identify is prefixed by “php3_”.

php_value identify worth
Units the worth of the desired directive. Can be utilized solely with PHP_INI_ALL and PHP_INI_PERDIR sort directives. To clear a beforehand set worth use none as the worth.
php_flag identify on|off
Used to set a boolean configuration directive. Can be utilized solely with PHP_INI_ALL and PHP_INI_PERDIR sort directives.
php_admin_value identify worth
Units the worth of the desired directive. This can’t be utilized in .htaccess documents. Any directive sort set with php_admin_value can’t be overridden by .htaccess or virtualhost directives. To clear a beforehand set worth use none as the worth.
php_admin_flag identify on|off
Used to set a boolean configuration directive. This can’t be utilized in .htaccess documents. Any directive sort set with php_admin_flag can’t be overridden by .htaccess or virtualhost directives.

NOTE: Do not use php_value to set boolean values. use php_flag as an alternative.

Change php settings in .htaccess or httpd.conf

mod_php .htaccess instance

add settings to a .htaccess file with ‘php_flag’ like this:

php_flag register_globals off
php_flag magic_quotes_gpc on

In .htaccess, solely true/false on/off flags could be set utilizing php_flag. To set different values that you must use php_value, like this:

php_value upload_max_filesize 20M

PHP_INI_SYSTEM could be configured per-directory by putting it inside a per-directory block in httpd.conf

# Selectively allow APC for wildly widespread directories
# apc.enabled is Off in php.ini to scale back reminiscence use

php_flag apc.enabled On

NOTE: To ensure that these settings to work in your htaccess file, you will want so as to add “Options” to your AllowOverride specs for the listing/webserver if it is not already allowed.

Src: How one can change configuration settings


php_value include_path ".:/web/askapache/lib/php"
php_admin_flag safe_mode on


php_value include_path ".:/web/askapache/lib/php"
php_admin_flag safe_mode on


php3_include_path ".:/web/askapache/lib/php"
php3_safe_mode on

Modify PHP configuration by way of Home windows Registry

When working PHP on Home windows, the configuration values could be modified on a per-directory foundation utilizing the Home windows registry. The configuration values are saved within the registry key HKLMSOFTWAREPHPPer Listing Values, within the sub-keys akin to the trail names. For instance, configuration values for the listing c:inetpubwwwroot can be saved in the important thing HKLMSOFTWAREPHPPer Listing Valuescinetpubwwwroot. The settings for the listing can be energetic for any script working from this listing or any subdirectory of it. The values underneath the important thing ought to have the identify of the PHP configuration directive and the string worth. PHP constants within the values are
not parsed. Nonetheless, solely configuration values changeable in PHP_INI_USER could be set this fashion, PHP_INI_PERDIR values can’t.

Strategies to change PHP configuration

No matter the way you run PHP, you’ll be able to change sure values at runtime of your scripts via ini_set().

If you’re thinking about an entire checklist of configuration settings in your system with their present values, you’ll be able to execute the phpinfo() operate, and assessment the ensuing web page. You can too entry the values of particular person configuration directives at runtime utilizing ini_get() or get_cfg_var().

No enter file specified

Some of the widespread the explanation why you get

No enter file specified

(AKA ‘the second most helpful error message on the planet’) is that you’ve got set doc_root (in php.ini) to a price which is to the DocumentRoot outlined within the apache configuration.

This is similar for different webservers. For instance, on lighttpd, make certain the server.document-root worth is similar as what’s outlined as doc_root in php.ini.

PHP.ini file Downloads

Consumer-Contributed Notes

There are a few errors within the mod_rewrite directives given. I discovered that the next works:

RewriteEngine on
RewriteCond %{ENV:REDIRECT_STATUS} !200
RewriteRule ^cgi-bin/php.cgi - [F]

I’ve observed that some individuals have famous that working PHP as a CGI program can run slowly in contrast with a compiled in module. Some have famous that they wish to use FastCGI however are hesitant. I discovered that utilizing the Apache 2’s CGID module was an effective way to hurry up efficiency nearly to the identical degree as an “so”-installed PHP module however you get the additional benefit of working every digital host underneath it is personal person and group.

In my testing I obtained 44 pages per second utilizing PHP as a module and I obtained roughly the identical efficiency (inside 5%) working PHP as a CGI program via CGID. CGID can also be very easy to arrange. Simply add –enable-cgid to your Apache configure command and also you’re good to go. Simply arrange PHP as a CGI usually. I am certain that there is additional RAM used for this methodology however RAM is as low-cost as borscht anyhow so it should not be a significant factor when attempting to hurry up PHP CGI.


Listed here are my two cents of information about php-cgi when working CGI script from immediate: For those who get the “No input file specified.” error, create the atmosphere variable “SCRIPT_FILENAME=C:filestest.php”. For those who get “Security Alert!” error and it tells you to create the REDIRECT_STATUS atmosphere variable, it’s as a result of you’ve the SERVER_NAME variable set however not the REDIRECT_STATUS variable. Therefore, in case you have SERVER_NAME, you additionally want REDIRECT_STATUS, however not in any other case. And also you just about ought to have SCRIPT_FILENAME in any respect time.


--enable-force-cgi-redirect will not work in FastCGI mode as of 4.3.10, it is just supported in CGI mode. Nonetheless, you’ll be able to obtain the identical end result with mod_rewrite underneath Apache.


RewriteEngine on
RewriteCond %{ENV:REDIRECT_STATUS} !=200
RewriteRule /cgi-bin/path/to/php - [F]

This can solely permit inner redirection, thus forbidding direct HTTP entry to php interpreter.


PHP CGI with VirtualHosts. That is what I came upon whereas attempting to get php to work as CGI with Apache VirtualHosts.

By enabling ‘force-cgi-redirects’, you will need to:

  1. set ‘cgi.fix_pathinfo=1’ in php.ini or the apache logs will exhibit ‘surprising T_STRING’ within the php binary.
  2. go away doc_root commented out (php.ini additionally) otherwise you’ll solely see ‘No enter file specified.’, as an alternative of the anticipated output.

You’ll be able to then activate the php help for a selected vhost by defining an motion/handler contained in the corresponding

Motion php-script /cgi-bin/php

PHP works with Apache and suEXEC like this: (Assuming that suEXEC ist allready established and dealing)


Set up PHP as CGI binary (e.g. in /usr/native/bin/php) (compile with –enable-force-cgi-redirect) and create a Hyperlink inside cgi-bin listing to make php-cgi accessable:

cd /usr/native/apache/cgi-bin
ln /usr/native/bin/php php


Edit your httpd.conf file:

AddHandler php4-script .php
Motion php4-script /cgi-bin/php


Consumer exampleuser
Group examplegroup ...

Restart Apache and PHP-scripts are actually known as underneath the user-id of exampleuser and group-id of examplegroup.


A substitute for suexec is suphp (http://www.suphp.org).

suPHP is a software for executing PHP scripts with the permissions of their homeowners. It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is known as by the Apache module to vary the uid of the method executing the PHP interpreter.


A tip for Home windows-users: PHP first appear to look within the php-directory for php.ini, and if that file doesn’t exist, it seems within the Home windows listing. I renamed the file php.ini-dist to php.ini and copied it to my Home windows listing, after which I modified the notorious “cgi.force_redirect = 0” within the php.ini file positioned within the Home windows listing, to make it work. However it didn’t as a result of it reads from the “original” php.ini – So after I deleted this php.ini issues began working once more


If you’re utilizing php per cgi and have moreover mod_gzip enabled you need to disable mod_gzip for the php cgi binary to make use of –enable-cgi-redirect. mod_gzip units the REDIRECT_STATUS all the time to 200 which makes it unattainable for the php binary to know when it was known as immediately or when it was known as by a redirect.


To make use of php-cgi with suexec it is going to be good that every digital host has ist’s personal php.ini. This goes with :

SetEnv PHPRC /var/www/server/www.take a look at.com/conf

However suexec will kill this atmosphere trigger It do not know that it’s “save” so you will need to edit the suexec.c for compiling


When utilizing php in cgi mode, it is typically a good suggestion to try the apache suexec characteristic along with the –force-cgi-redirect possibility.


For those who do virutal internet hosting, you’ll be able to flip protected mode on and off for various Apache Virutal Hosts utilizing the php_admin_value directive. This additionally permits you to have customised most execution instances, disabled capabilities, and many others; something which is about in php.ini. Word that by putting a base_dir for every virutal host, this implies PHP CANNOT entry documents beneath this heirachy; strongly recomended for buyer internet hosting.

Instance (httpd.conf):


DocumentRoot /var/www/html/safephphost/
ServerName safephp
php_admin_value safe_mode 1
php_admin_value open_base_dir /var/www/html/safephphost/
php_admin_value sendmail_from person.mail.web


For those who care about safety, you’re higher of setting: register_globals = off, enable_track_vars = on.


If you wish to use suexec and reference your php interpreter by way of #!/usr/native/bin/php, you’ll want to compile php WITHOUT –enable-force-cgi-redirect.


suEXEC require CGI mode, and decelerate the scripts.

  1. Set up php as DSO mode. (for max velocity and low safe)
  2. Make a seperate CGI set up with –enable-force-cgi-redirect, place php to cgi-bin
  3. For safer with suEXEC, select one of many following methodology:
    1. Place a .htaccess file containing this to override predominant config to guard All php documents in subdirectory:
      AddType software/x-httpd-wphp php
      Motion software/x-httpd-wphp /cgi-bin/php
      
    2. add following in httpd.conf and rename delicate documents with the ext .sphp
      AddType software/x-httpd-wphp sphp
      Motion software/x-httpd-wphp /cgi-bin/php
      
    3. Add “php_value doc_root /web/user/html_docs” to every digital host directive in httpd.conf

Notes on Consumer Notes

cgi.fix_pathinfo Offers actual PATH_INFO/PATH_TRANSLATED help for CGI. PHP’s earlier behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok what PATH_INFO is. For extra info on PATH_INFO, see the cgi specs. Setting this to 1 will trigger PHP CGI to repair it is paths to evolve to the spec. A setting of zero causes PHP to behave as earlier than. Default is zero. You must repair your scripts to make use of SCRIPT_FILENAME quite than PATH_TRANSLATED.

cgi.force_redirect gi.force_redirect is important to supply safety working PHP as a CGI underneath most internet servers. Left undefined, PHP turns this on by default. You’ll be able to flip it off at your personal danger.

cgi.redirect_status_env If cgi.force_redirect is turned on, and you aren’t working underneath Apache or Netscape (iPlanet) internet servers, chances are you’ll must set an atmosphere variable identify that PHP will search for to know it’s OK to proceed execution.

NOTE: Setting this variable could trigger safety points, know what you’re doing first.

fastcgi.impersonate FastCGI underneath IIS (on WINNT based mostly OS) helps the power to impersonate safety tokens of the calling consumer. This permits IIS to outline the safety context that the request runs underneath. mod_fastcgi underneath Apache doesn’t presently help this characteristic (03/17/2002) Set to 1 if working underneath IIS. Default is zero.

Leave a Reply

Your email address will not be published. Required fields are marked *