PHP-FPM: Add file extensions to proxy_fcgi_module configuration

We run our .htm and .html files through PHP on our website. We'd like to move to PHP-FPM and I'm uncertain on how to make that happen.

Our server details:
/etc/redhat-release:CentOS Linux release 7.3.1611 (Core)
/usr/local/cpanel/version:11.66.0.24
/var/cpanel/envtype:virtuozzo
CPANEL=release

I have root access.

I see the following in httpd.conf:

Code:

<IfModule proxy_fcgi_module>
        <FilesMatch \.(phtml|php[0-9]*)$>
            SetHandler proxy:unix:/opt/cpanel/ea-php70/root/usr/var/run/php-fpm/####.sock|fcgi://DOMAIN.com
        </FilesMatch>
    </IfModule>

I tried overriding with a domain specific include file and then regenerating httpd.conf. But my include file was included before the above entry, so I'm assuming the above will override my override, if that makes sense.

What is the best way for me to have something that looks like this for my VirtualHost:

Code:

<IfModule proxy_fcgi_module>
        <FilesMatch \.(htm|html|phtml|php[0-9]*)$>
            SetHandler proxy:unix:/opt/cpanel/ea-php70/root/usr/var/run/php-fpm/####.sock|fcgi://DOMAIN.com
        </FilesMatch>
    </IfModule>

 

I found this documentation: Advanced Apache Configuration - EasyApache - cPanel Documentation

In particular, I found /var/cpanel/templates/apache2_4/vhost.default. It looks I could modify that file which will then be used to generate all of the VirtualHosts when httpd.conf is regenerated.

I'm not sure this is the best solution, because this template file is used for all VirtualHosts. This would be good for per-vhost changes.

 

Hi Michael,

Thanks for pointing me in the right direction. I've gotten everything working.

For anyone else who runs into this, I've listed how I got this to work below.

For the following, assume website is domain.com and the linux user for that website is user123 and running over https. I needed root access for some of these steps.

First step is to change the VirtualHost so that Apache passes .htm and .html files over to PHP-FPM.

1. The default vhost template is located at /var/cpanel/templates/apache2_4. The one to use for https is called ssl_vhost.default. EasyApache uses this file to generate the VirtualHost entries in httpd.conf.
2. I copied this file to /var/cpanel/userdata/user123 and named it domain.com_SSL.vhost.template. This directory holds the data that EasyApache uses to generate the domain.com VirtualHost and PHP-FPM settings. It seemed like a good place to keep the new vhost template.
3. I edited the new vhost template to make the change I outlined in my initial post.
4. Now we need to tell EasyApache to use this template when generating the VirtualHost. Use this command:
   
   Code:

   perl -MYAML::Syck -e \
   'my $hr = YAML::Syck::LoadFile($ARGV[0]);$hr->{$ARGV[1]} = $ARGV[2];YAML::Syck::DumpFile($ARGV[0],$hr);' \
   /var/cpanel/userdata/user123/domain.com_SSL custom_vhost_template_ap2 /var/cpanel/userdata/user123/domain.com_SSL.vhost.template
   

5. Note that this command failed for me the first time as YAML::Syck wasn't installed on my server. I fixed it with this command:
   
   Code:

   perl -MCPAN -e shell
   install YAML::Syck
   

6. Then regenerate Apache config: /usr/local/cpanel/scripts/rebuildhttpdconf
7. Then restart Apache: /usr/local/cpanel/scripts/restartsrv_httpd

Here are some links that helped me figure this out:

• Custom Templates - EasyApache - cPanel Documentation
  
• cPanel upcp : Can’t locate YAML/Syck.pm - cPanel - Admin-Ahead Community

Second step is to change PHP-FPM configuration to process .htm and .html without throwing a 403.

1. Edit the PHP-FPM config file for the domain. It is located at /var/cpanel/userdata/user123/domain.com.php-fpm.yaml.
2. I added the following line to the bottom of the file:
   
   Code:

   security_limit_extensions: .htm .html .phtml .php .php3 .php4 .php5 .php6 .php7
   

3. The whole file looks like this (pretty much the default with the one addition):
   
   Code:

   ---
   _is_present: 1
   pm_max_children: 5
   pm_max_requests: 20
   pm_process_idle_timeout: 10
   security_limit_extensions: .htm .html .phtml .php .php3 .php4 .php5 .php6 .php7
   

4. Then rebuild PHP-FPM config: /usr/local/cpanel/scripts/php_fpm_config --rebuild

Here are some links that helped me figure this out:

• Configurations Values of PHP-FPM - Documentation - cPanel Documentation

Third step was to restart PHP-FPM and Apache services from the EasyApache control panel, just for good measure.

I'm really liking EasyApache. It is complicated but powerful.