The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cPanel WHM EA 4 PHP Handler not show PHP-FPM

Discussion in 'EasyApache' started by explorer1979, Dec 11, 2016.

Tags:
  1. explorer1979

    explorer1979 Member

    Joined:
    Jun 24, 2007
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    51
    Hi all,

    I have a VPS in Godaddy that provide me cPanel WHM, I then upgrade it to EA 4 from 3...

    It is using 60.0.22 already before I am upgrade from EA3 to 4

    Then choose one of ALL PHP Option with OPcache Profile to rebuild the Apache and PHP.

    OK, I am sure it have mod_proxy_fcgi, and php-fpm installed by the Profiles ....

    But ... I following up this KB
    PHP Handlers - EasyApache 4 - cPanel Documentation

    It have a PHP Handler
    FastCGI Process Manager (FPM)

    But I never find it there. on my list, it just show up
    cgi
    none
    suphp

    That is it... and it default choose is the suphp ...

    So I am wonder, do my install step wrong or PHP-fpm is there, but will not show in PHP Handler?
     
  2. cPJacob

    cPJacob cPanel Product Owner
    Staff Member

    Joined:
    May 2, 2014
    Messages:
    599
    Likes Received:
    90
    Trophy Points:
    103
    cPanel Access Level:
    DataCenter Provider
    Twitter:
  3. explorer1979

    explorer1979 Member

    Joined:
    Jun 24, 2007
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    51
    Jacob P,

    Thank you of your link and explain, now I know PHP-FPM Global Handler is not allow :) And know more cPanel.
     
  4. hbouma

    hbouma Well-Known Member

    Joined:
    Jun 8, 2002
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    306
    You're not allowing us to use PHP-FPM as a global handler because its insecure? Seriously? If its such a security risk, why is there nothing mentioned about this in the documentation? After all, if you're still allowing us to use mod_php without mod_ruid as a global handler, then PHP-FPM must be horrible and avoided at all costs.... </sarcasm> I seriously doubt that is the case since Plesk's documentation states we should use secure PHP engines like PHP-FPM instead of mod_php for shared hosting. Also, its not like mod_ruid2 is perfect either when it comes to security. So what exactly is the big issue with PHP-FPM and why was it never mentioned all these years when people were asking for PHP-FPM support?

    Hal
     
  5. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,436
    Likes Received:
    31
    Trophy Points:
    178
    cPanel Access Level:
    Root Administrator
    I think @cPJacob is referring to a single global PHP-FPM pool as being insecure. If you run all of your VirtualHosts under just 1 PHP-FPM pool, then all VirtualHosts are essentially running PHP as the same user with open access among every VirtualHost.

    Running each VirtualHost (or I would argue each user) in their own PHP-FPM pool, then you minimize this threat. Each VirtualHost or each user is tied to its own PHP-FPM pool, meaning it can only access what is within that pool.
     
Loading...

Share This Page