Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

cPanel WHM EA 4 PHP Handler not show PHP-FPM

Discussion in 'EasyApache' started by explorer1979, Dec 11, 2016.

Tags:
  1. explorer1979

    explorer1979 Member

    Joined:
    Jun 24, 2007
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    51
    Hi all,

    I have a VPS in Godaddy that provide me cPanel WHM, I then upgrade it to EA 4 from 3...

    It is using 60.0.22 already before I am upgrade from EA3 to 4

    Then choose one of ALL PHP Option with OPcache Profile to rebuild the Apache and PHP.

    OK, I am sure it have mod_proxy_fcgi, and php-fpm installed by the Profiles ....

    But ... I following up this KB
    PHP Handlers - EasyApache 4 - cPanel Documentation

    It have a PHP Handler
    FastCGI Process Manager (FPM)

    But I never find it there. on my list, it just show up
    cgi
    none
    suphp

    That is it... and it default choose is the suphp ...

    So I am wonder, do my install step wrong or PHP-fpm is there, but will not show in PHP Handler?
     
  2. JacobPerkins

    JacobPerkins Well-Known Member

    Joined:
    May 2, 2014
    Messages:
    619
    Likes Received:
    96
    Trophy Points:
    103
    cPanel Access Level:
    DataCenter Provider
    Twitter:
  3. explorer1979

    explorer1979 Member

    Joined:
    Jun 24, 2007
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    51
    Jacob P,

    Thank you of your link and explain, now I know PHP-FPM Global Handler is not allow :) And know more cPanel.
     
  4. hbouma

    hbouma Well-Known Member

    Joined:
    Jun 8, 2002
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    306
    You're not allowing us to use PHP-FPM as a global handler because its insecure? Seriously? If its such a security risk, why is there nothing mentioned about this in the documentation? After all, if you're still allowing us to use mod_php without mod_ruid as a global handler, then PHP-FPM must be horrible and avoided at all costs.... </sarcasm> I seriously doubt that is the case since Plesk's documentation states we should use secure PHP engines like PHP-FPM instead of mod_php for shared hosting. Also, its not like mod_ruid2 is perfect either when it comes to security. So what exactly is the big issue with PHP-FPM and why was it never mentioned all these years when people were asking for PHP-FPM support?

    Hal
     
  5. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,651
    Likes Received:
    73
    Trophy Points:
    328
    cPanel Access Level:
    Root Administrator
    I think @cPJacob is referring to a single global PHP-FPM pool as being insecure. If you run all of your VirtualHosts under just 1 PHP-FPM pool, then all VirtualHosts are essentially running PHP as the same user with open access among every VirtualHost.

    Running each VirtualHost (or I would argue each user) in their own PHP-FPM pool, then you minimize this threat. Each VirtualHost or each user is tied to its own PHP-FPM pool, meaning it can only access what is within that pool.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice