The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

enabling and disabling xdebug on cpanel servers

Discussion in 'General Discussion' started by actived, Aug 5, 2012.

  1. actived

    actived Well-Known Member

    Joined:
    Mar 30, 2012
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Website Owner
    Hi,
    We have a huge web application with a few 100s of source code files (some huge), lots of modules, templating, etc. So we need to profile it to see how things can be sped up. Going with xdebug, I've got it running on Windows and Linux (XAMPP) for debugging and profiling and it works well.

    Now I want to know:
    1.
    Is it a huge security risk to have xdebug installed for a day or two on the production server for debugging and profiling?

    2.
    Is it necessary to do an EasyApache rebuild to enable / disable the xdebug extension?
    That is, can it not be simply installed once and then enabled disabled using only php.ini edit+restart ?

    3.
    I've used the Easy Xdebug Firefox extension. It initiates profiling from the browser add-on.
    So, can any user who has the Firefox Xdebug extension installed, connect to an xdebug-enabled production web app and grab any data from it?

    Thanks in advance.
    Regards,
    Dave.
     
  2. actived

    actived Well-Known Member

    Joined:
    Mar 30, 2012
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Website Owner
    XHProf, PHP_Debug, xdebug in PECL but not get Re:enabling/disabling xdebug

    Hi,
    I looked into xdebug alternatives because enabling profiling on production using xdebug looked a bad idea.
    I found that xdebug has an option to be enabled/disabled by code - only for a region of code - not for the whole app. This gives security and performance while also providing debugging capability.

    However, i found many advocating Facebook's XHProf as being designed for production environments.

    So I searched in PECL ( WHM > Module Installers > PECL > Manage ) and did find :
    However on clicking install it gives the following message:
    Code:
    Failed to download pecl/xhprof within preferred state "stable", 
    latest release is version 0.9.2, stability "beta", 
    use "channel://pecl.php.net/xhprof-0.9.2" to install
    install failed
    The xhprof.so object is not in /usr/local/lib/php/extensions/no-debug-non-zts-20060613
    Tidying /usr/local/lib/php.ini...
    No changes
    Tidying /usr/local/cpanel/3rdparty/etc/php.ini...
    No changes
    We use Release Tier - would this mean that Xdebug is the best option for us?
    (I havent seen PHP_Debug yet).
     
  3. actived

    actived Well-Known Member

    Joined:
    Mar 30, 2012
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Website Owner
    Well, I tried installing xdebug, only to find that it apparently conflicts with Zend Optimizer, which too we have installed.
    This causes an endless stream of such errors:
    Code:
    [Mon Aug 06 11:46:32 2012] [notice] Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 configured -- resuming normal operations
    [Mon Aug 06 11:46:32 2012] [error] [client x.x.x.x] Premature end of script headers: index.php
    [Mon Aug 06 11:46:34 2012] [error] [client x.x.x.x] Premature end of script headers: index.php
    [Mon Aug 06 11:46:34 2012] [error] [client x.x.x.x] Premature end of script headers: index.php
    ...
    
    Since we need Zend Optimizer, the only option we have left for profiling is to install XHProf manually (if possible) or PHP_Debug or a custom solution.
     
  4. actived

    actived Well-Known Member

    Joined:
    Mar 30, 2012
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Website Owner
    Got this thread: http://forums.cpanel.net/f42/installing-xhprof-php-function-call-debugging-252521.html with all the answers I need. I'll post if all went as expected.

    UPDATE:
    Works perfectly.
    A couple of minor changes:
    Step # 6 in that howto - xhprof_lib and xhprof_html were not formed under any xhprof directory but just by themselves in /root/tmp/pear/cache/

    When I try to see the call graph , inspite of having dot installed, I get
    Code:
    failed to shell execute cmd=" dot -Tpng"
    This is because we have disabled proc_open for security reasons:
    Code:
    [06-Aug-2012 14:24:02] PHP Warning:  proc_open() has been disabled for security reasons in /home/username/public_html/xhprof/xhprof_lib/utils/callgraph_utils.php on line 108
     
    #4 actived, Aug 6, 2012
    Last edited: Aug 6, 2012
Loading...

Share This Page