Server side includes not working on .php files

Operating System & Version
CentOS 7.9
cPanel & WHM Version
11.100.0

msklut

Well-Known Member
May 24, 2020
62
5
8
NC
cPanel Access Level
Root Administrator
Due to the CMS framework we are using (OpenCart), we had to go with server side includes (SSI) to load text content on our webpages (which are dynamic PHP). No doubt php_include would be ideal, however the page templates does not allow php for security reasons. At any rate, we are able to get SSI to work on .html pages, but not on .php. The Apache configuration files and loaded modules are listed below. Any suggestions would be greatly appreciated!

Example code for the SSI on an .html page
<!--#include virtual="/includes/content_123.html" -->

.htaccess (public_html)
Options +Includes
AddOutputFilter INCLUDES .html .php


/etc/httpd/conf/httpd.conf
# Further relax access to the default document root:
<Directory "/var/www/html">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options +Includes
AddOutputFilter INCLUDES .php .html

# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
XBitHack on
#
# Controls who can get stuff from this server.
#
Require all granted
</Directory>

#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>
<FilesMatch "\.(php|shtml|html)$">
SetHandler application/x-httpd-php
</FilesMatch>


Loaded Modules
core_module (static)
so_module (static)
http_module (static)
mpm_prefork_module (shared)
systemd_module (shared)
cgi_module (shared)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
expires_module (shared)
file_cache_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
log_config_module (shared)
log_forensic_module (shared)
logio_module (shared)
mime_module (shared)
mime_magic_module (shared)
negotiation_module (shared)
proxy_module (shared)
proxy_fcgi_module (shared)
proxy_http_module (shared)
proxy_wstunnel_module (shared)
remoteip_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_shmcb_module (shared)
socache_redis_module (shared)
speling_module (shared)
status_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
bwlimited_module (shared)
ssl_module (shared)
security2_module (shared)
ruid2_module (shared)
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
12,499
1,971
363
cPanel Access Level
Root Administrator

msklut

Well-Known Member
May 24, 2020
62
5
8
NC
cPanel Access Level
Root Administrator
Hey there! Would you happen to be running LiteSpeed or just Apache? This is a known limitation of the LiteSpeed server:


Other than that, I'm not finding much on my end for this particular issue so it might be best to submit a ticket to our team so we can check the machine.
[~]# ps aux | grep litespeed
root 14699 0.0 0.0 112808 976 pts/1 R+ 10:29 0:00 grep --color=auto litespeed


I attempted to use the code from this cPanel support article to switch to Apache from LiteSpeed, but it would not work.
 

msklut

Well-Known Member
May 24, 2020
62
5
8
NC
cPanel Access Level
Root Administrator
OK. We have the LiteSpeed PHP extensions enabled under EasyApache4:

php71-php-litespeed
php72-php-litespeed
php73-php-litespeed
php74-php-litespeed

That wouldn't affect this right?

I'll go ahead and create a ticket in the mean time.
 

msklut

Well-Known Member
May 24, 2020
62
5
8
NC
cPanel Access Level
Root Administrator
Solution:
1. WHM » MultiPHP Manager
change PHP handler from cgi to dso for active PHP version

2. WHM » Software » EasyApache4 » Apache Modules
enable mod_ruid2 module

3. WHM » Restart Services » HTTP Server (Apache)
restart Apache

4. WHM » MultiPHP INI Editor » Editor Mode
change output_buffering from Off to 4096 or higher (Production Value: 4096)
 

msklut

Well-Known Member
May 24, 2020
62
5
8
NC
cPanel Access Level
Root Administrator
Does anyone have suggestions for the following error message?

PHP Warning: Response::output(): Headers already sent. You cannot change the session module's ini settings at this time in /home/admin_user/public_html/system/library/response.php on line 118

We tried add ob_start(); to the index.php file, however it still shows these errors in the log.
 

Spirogg

Well-Known Member
Feb 21, 2018
700
161
43
chicago
cPanel Access Level
Root Administrator
Does anyone have suggestions for the following error message?

PHP Warning: Response::output(): Headers already sent. You cannot change the session module's ini settings at this time in /home/admin_user/public_html/system/library/response.php on line 118

We tried add ob_start(); to the index.php file, however it still shows these errors in the log.
You
Might try reading this answer

 

msklut

Well-Known Member
May 24, 2020
62
5
8
NC
cPanel Access Level
Root Administrator
You
Might try reading this answer

OK. The article references that the echo function produces 'output' which can terminate sending HTTP headers. The warning/error message indicates line 118 in the response.php file below is the issue.

Response::output(): Headers already sent. You cannot change the session module's ini settings at this time in /home/admin_user/public_html/system/library/response.php on line 118

Code:
class Response {
    private $headers = array();
    private $level = 0;
    private $output;

    /**
     * Constructor
     *
     * @param    string    $header
     *
     */
    public function addHeader($header) {
        $this->headers[] = $header;
    }
    
    /**
     * 
     *
     * @param    string    $url
     * @param    int        $status
     *
     */
    public function redirect($url, $status = 302) {
        header('Location: ' . str_replace(array('&amp;', "\n", "\r"), array('&', '', ''), $url), true, $status);
        exit();
    }
    
    /**
     * 
     *
     * @param    int        $level
     */
    public function setCompression($level) {
        $this->level = $level;
    }
    
    /**
     * 
     *
     * @return    array
     */
    public function getOutput() {
        return $this->output;
    }
    
    /**
     * 
     *
     * @param    string    $output
     */    
    public function setOutput($output) {
        $this->output = $output;
    }
    
    /**
     * 
     *
     * @param    string    $data
     * @param    int        $level
     * 
     * @return    string
     */
    private function compress($data, $level = 0) {
        if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) && (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false)) {
            $encoding = 'gzip';
        }

        if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) && (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'x-gzip') !== false)) {
            $encoding = 'x-gzip';
        }

        if (!isset($encoding) || ($level < -1 || $level > 9)) {
            return $data;
        }

        if (!extension_loaded('zlib') || ini_get('zlib.output_compression')) {
            return $data;
        }

        if (headers_sent()) {
            return $data;
        }

        if (connection_status()) {
            return $data;
        }

        $this->addHeader('Content-Encoding: ' . $encoding);

        return gzencode($data, (int)$level);
    }
    
    /**
     * 
     */

108   public function output() {
109        if ($this->output) {
110           $output = $this->level ? $this->compress($this->output, $this->level) : $this->output;
111         
112            if (!headers_sent()) {
113               foreach ($this->headers as $header) {
114                   header($header, true);
115                      }
116           }
117         
118            echo $output;
        }
    }
}
Any thoughts? Seems like this issue only presented itself when we updated PHP from 7.2 to 7.3 a few weeks back. We never had these error messages before.
 

Spirogg

Well-Known Member
Feb 21, 2018
700
161
43
chicago
cPanel Access Level
Root Administrator
OK. The article references that the echo function produces 'output' which can terminate sending HTTP headers. The warning/error message indicates line 118 in the response.php file below is the issue.

Response::output(): Headers already sent. You cannot change the session module's ini settings at this time in /home/admin_user/public_html/system/library/response.php on line 118

Code:
class Response {
    private $headers = array();
    private $level = 0;
    private $output;

    /**
     * Constructor
     *
     * @param    string    $header
     *
     */
    public function addHeader($header) {
        $this->headers[] = $header;
    }
   
    /**
     *
     *
     * @param    string    $url
     * @param    int        $status
     *
     */
    public function redirect($url, $status = 302) {
        header('Location: ' . str_replace(array('&amp;', "\n", "\r"), array('&', '', ''), $url), true, $status);
        exit();
    }
   
    /**
     *
     *
     * @param    int        $level
     */
    public function setCompression($level) {
        $this->level = $level;
    }
   
    /**
     *
     *
     * @return    array
     */
    public function getOutput() {
        return $this->output;
    }
   
    /**
     *
     *
     * @param    string    $output
     */   
    public function setOutput($output) {
        $this->output = $output;
    }
   
    /**
     *
     *
     * @param    string    $data
     * @param    int        $level
     *
     * @return    string
     */
    private function compress($data, $level = 0) {
        if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) && (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false)) {
            $encoding = 'gzip';
        }

        if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) && (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'x-gzip') !== false)) {
            $encoding = 'x-gzip';
        }

        if (!isset($encoding) || ($level < -1 || $level > 9)) {
            return $data;
        }

        if (!extension_loaded('zlib') || ini_get('zlib.output_compression')) {
            return $data;
        }

        if (headers_sent()) {
            return $data;
        }

        if (connection_status()) {
            return $data;
        }

        $this->addHeader('Content-Encoding: ' . $encoding);

        return gzencode($data, (int)$level);
    }
   
    /**
     *
     */

108   public function output() {
109        if ($this->output) {
110           $output = $this->level ? $this->compress($this->output, $this->level) : $this->output;
111        
112            if (!headers_sent()) {
113               foreach ($this->headers as $header) {
114                   header($header, true);
115                      }
116           }
117        
118            echo $output;
        }
    }
}
Any thoughts? Seems like this issue only presented itself when we updated PHP from 7.2 to 7.3 a few weeks back. We never had these error messages before.
Just wondering if you could update to 7.4 might be more stable than 7.3. If not I would suggest try to switch back to 7.2 and see if the issue persists now.
sorry I don’t have much more to offer you in the way ofhelp. Hopefully @cPRex might be able to tomorrow when he is on the forums :)
 

msklut

Well-Known Member
May 24, 2020
62
5
8
NC
cPanel Access Level
Root Administrator
Just wondering if you could update to 7.4 might be more stable than 7.3. If not I would suggest try to switch back to 7.2 and see if the issue persists now.
sorry I don’t have much more to offer you in the way ofhelp. Hopefully @cPRex might be able to tomorrow when he is on the forums :)
Updated to 7.4 earlier today, but the error messages are still there. The CMS recommends using 7.4, so I’ll probably just have to start the witch hunt for any files that may have an extra space before “<?php”.
 

Spirogg

Well-Known Member
Feb 21, 2018
700
161
43
chicago
cPanel Access Level
Root Administrator
usage examples


  • phptags --whitespace *.php cleans up spaces or UTF-8 BOM issues before opening and after close tags
  • phptags --warn directory/ searches through a directory and just warns about whitespace issues

this might help you find whitespace in the Tags seems pretty cool tool for this
 
  • Like
Reactions: cPRex

msklut

Well-Known Member
May 24, 2020
62
5
8
NC
cPanel Access Level
Root Administrator
usage examples


  • phptags --whitespace *.php cleans up spaces or UTF-8 BOM issues before opening and after close tags
  • phptags --warn directory/ searches through a directory and just warns about whitespace issues

this might help you find whitespace in the Tags seems pretty cool tool for this
Looks like a very helpful tool. Unfortunately, it fails to install the phptags.rpm package.

Code:
[~]# wget http://include-once.org/p/phptags/phptags-1.2.rpm
--2022-04-21 11:18:57--  http://include-once.org/p/phptags/phptags-1.2.rpm
Resolving include-once.org (include-once.org)... 172.67.134.40, 104.21.6.15, 2606:4700:3033::6815:60f, ...
Connecting to include-once.org (include-once.org)|172.67.134.40|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 16351 (16K) [application/x-redhat-package-manager]
Saving to: ‘phptags-1.2.rpm’
100%[=================================================>] 16,351      --.-K/s   in 0.1s    
2022-04-21 11:18:57 (136 KB/s) - ‘phptags-1.2.rpm’ saved [16351/16351]

[~]# yum install phptags-1.2.rpm
Loaded plugins: fastestmirror, langpacks, universal-hooks
Examining phptags-1.2.rpm: phptags-1.2-1.noarch
Error: Nothing to do