PHP-FPM: Add file extensions to proxy_fcgi_module configuration

Oct 9, 2017
9
3
3
Delaware
cPanel Access Level
Root Administrator
We run our .htm and .html files through PHP on our website. We'd like to move to PHP-FPM and I'm uncertain on how to make that happen.

Our server details:
/etc/redhat-release:CentOS Linux release 7.3.1611 (Core)
/usr/local/cpanel/version:11.66.0.24
/var/cpanel/envtype:virtuozzo
CPANEL=release

I have root access.

I see the following in httpd.conf:
Code:
<IfModule proxy_fcgi_module>
        <FilesMatch \.(phtml|php[0-9]*)$>
            SetHandler proxy:unix:/opt/cpanel/ea-php70/root/usr/var/run/php-fpm/####.sock|fcgi://DOMAIN.com
        </FilesMatch>
    </IfModule>
I tried overriding with a domain specific include file and then regenerating httpd.conf. But my include file was included before the above entry, so I'm assuming the above will override my override, if that makes sense.

What is the best way for me to have something that looks like this for my VirtualHost:
Code:
<IfModule proxy_fcgi_module>
        <FilesMatch \.(htm|html|phtml|php[0-9]*)$>
            SetHandler proxy:unix:/opt/cpanel/ea-php70/root/usr/var/run/php-fpm/####.sock|fcgi://DOMAIN.com
        </FilesMatch>
    </IfModule>
 
  • Like
Reactions: lkraav
Oct 9, 2017
9
3
3
Delaware
cPanel Access Level
Root Administrator
I found this documentation: Advanced Apache Configuration - EasyApache - cPanel Documentation

In particular, I found /var/cpanel/templates/apache2_4/vhost.default. It looks I could modify that file which will then be used to generate all of the VirtualHosts when httpd.conf is regenerated.

I'm not sure this is the best solution, because this template file is used for all VirtualHosts. This would be good for per-vhost changes.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Hello,

Updating the default virtual host template would be the only way to achieve this type of functionality. The following thread is helpful if you wanted to apply a specific entry to a specific domain name in the template:

SOLVED - Editing IfModule mod_include.c on virtualhost permanently

We do have an internal case open (CPANEL-15494) to add support for the ability to choose what file extensions are used in PHP-FPM, however there's currently no decision on if/when such a feature would be added to the product.

Thank you.
 
  • Like
Reactions: egifford_corexcel
Oct 9, 2017
9
3
3
Delaware
cPanel Access Level
Root Administrator
Hi Michael,

Thanks for pointing me in the right direction. I've gotten everything working.

For anyone else who runs into this, I've listed how I got this to work below.

For the following, assume website is domain.com and the linux user for that website is user123 and running over https. I needed root access for some of these steps.

First step is to change the VirtualHost so that Apache passes .htm and .html files over to PHP-FPM.
  1. The default vhost template is located at /var/cpanel/templates/apache2_4. The one to use for https is called ssl_vhost.default. EasyApache uses this file to generate the VirtualHost entries in httpd.conf.
  2. I copied this file to /var/cpanel/userdata/user123 and named it domain.com_SSL.vhost.template. This directory holds the data that EasyApache uses to generate the domain.com VirtualHost and PHP-FPM settings. It seemed like a good place to keep the new vhost template.
  3. I edited the new vhost template to make the change I outlined in my initial post.
  4. Now we need to tell EasyApache to use this template when generating the VirtualHost. Use this command:
    Code:
    perl -MYAML::Syck -e \
    'my $hr = YAML::Syck::LoadFile($ARGV[0]);$hr->{$ARGV[1]} = $ARGV[2];YAML::Syck::DumpFile($ARGV[0],$hr);' \
    /var/cpanel/userdata/user123/domain.com_SSL custom_vhost_template_ap2 /var/cpanel/userdata/user123/domain.com_SSL.vhost.template
  5. Note that this command failed for me the first time as YAML::Syck wasn't installed on my server. I fixed it with this command:
    Code:
    perl -MCPAN -e shell
    install YAML::Syck
  6. Then regenerate Apache config: /usr/local/cpanel/scripts/rebuildhttpdconf
  7. Then restart Apache: /usr/local/cpanel/scripts/restartsrv_httpd
Here are some links that helped me figure this out:
Second step is to change PHP-FPM configuration to process .htm and .html without throwing a 403.
  1. Edit the PHP-FPM config file for the domain. It is located at /var/cpanel/userdata/user123/domain.com.php-fpm.yaml.
  2. I added the following line to the bottom of the file:
    Code:
    security_limit_extensions: .htm .html .phtml .php .php3 .php4 .php5 .php6 .php7
  3. The whole file looks like this (pretty much the default with the one addition):
    Code:
    ---
    _is_present: 1
    pm_max_children: 5
    pm_max_requests: 20
    pm_process_idle_timeout: 10
    security_limit_extensions: .htm .html .phtml .php .php3 .php4 .php5 .php6 .php7
  4. Then rebuild PHP-FPM config: /usr/local/cpanel/scripts/php_fpm_config --rebuild
Here are some links that helped me figure this out:
Third step was to restart PHP-FPM and Apache services from the EasyApache control panel, just for good measure.

I'm really liking EasyApache. It is complicated but powerful.