PHP5 FastCGI php.ini Plesk 9.3 KB9059 Hotfix

[gp92300]

Hi all,

I'm running Plesk v9.3 and I successfully configured a Joomla 1.7.3 installation.
Under Plesk domain configuration PHP is on, Safe Mode is off, CGI is on, FastCGI is on.

Still I need to tweak PHP directives (memory_limit, upload_max_filesize, and so on) using php.ini

I followed instructions found on Plesk Knowledge Base here :
Using custom php.ini for PHP in FastCGI mode per-domain
http://kb.parallels.com/en/9059

When I place php.ini under /var/www/vhosts/domain.tld/conf/
it is not taken into account and it makes me angryyyyy.

I created a phpinfo.php with <?php phpinfo(); ?> inside which shows this :

PHP Version 5.2.4-2ubuntu5.17
Server API: CGI/FastCGI
Virtual Directory Support: disabled
Configuration File (php.ini) Path: /etc/php5/cgi
Loaded Configuration File: (none)
PHP API: 20041225
PHP Extension: 20060613

Environment
PATH: /usr/local/bin:/usr/bin:/bin
PHPRC: /etc/php.ini
PWD: /var/www/cgi-bin/cgi_wrapper

What is your advice for having a php.ini file for each domain ?

Thanks (and happy new year!)

 

[gp92300]

Update!

Hi all,

Upgrading from Plesk 9.3 to 9.5.4 partially helped.

Now PHP is able to locate precisely php.ini configuration which is in /etc/php5/cgi/ as shown in my screenshot.

I modified /etc/php5/cgi/php.ini but it will have an impact an all my websites running under FastCGI and I need to be able to adjust php settings from a site to another.

Any ideas ?

Help is deeply appreciated.

 

[gp92300]

CGI Wrapper

After updating Plesk to 9.5.4 my CGI Wrapper contains :

#!/bin/sh
exec /usr/bin/php5-cgi

I've lost the hotfix which contains the new wrapper :

#!/bin/sh

domain=`fgrep -m 1 "$UID" /etc/passwd| awk -F\: '{print $6}' |awk -F"/" '{print $5}'`
PHPRC=/var/www/vhosts/$domain/conf/php.ini

[ -f ${PHPRC} ] || PHPRC="/etc/php.ini"

export PHPRC
exec /usr/bin/php-cgi -c "$PHPRC"


Surprisingly when the hotfix is applied my main php.ini isn't /etc/php5/cgi/php.ini but another php.ini I can't locate.
By the way there is no such file as /etc/php.ini

I'm confused but I won't give up.

 

[Amin Taheri]

I know this doesnt help you or contribute to this problems solution at all, but anytime this comes up I feel like I have to put in my 2 cents.

I absolutely hate the idea of allowing a customer the ability to have their own php.ini file. it seems like a waste - who is going to manage it when they need changes? if you want to change the time out, or allowed memory, or error reporting (like when 5.3.x started spewing depricated messages) its a pain to manage, plus you have to remember who has them and what you changed in whose and why. If you let the customer manage it, well then there goes all security. They can basically turn off disallowing exec, or any of the functions you turned off for security. Seems like anything that is worth changing should be set globally, or in a htaccess file.

ok, that ends my rant.

 

[StéphanS]

I had a customer (ClientA) who needed Zend Optimizer for his PHP 5.2 site.
So I installed it onto the shared server he was on. (foolish, I know, but I had to find some way to get his site back up)
And his site was up and running again.

Didn't take long or another customer (ClientB) contacted us about errors on his site.
The same server as the one Zend Optimizer was installed on.

So I disabled Zend Optimizer again and ClientB's site was working again.
(Zend Optimizer and APC don't play along it seems)


But ClientA's site was, ofcourse, not working any longer with Zend Optimizer disabled.



Having experimented with Custom FastCGI wrappers on Plesk 11 before, I decided to have a little go at:
http://kb.parallels.com/en/9059

Not liking that this script is global and that it will get overwritten by any Plesk update;
I decided to merge the Plesk 11 wrappers onto my Plesk 9 setup.

Lo and behold, a one stop solution to create a wrapper on a per site basis,
that allows the use of a custom php.ini with custom modules.

#Replace example.com

export domain=example.com
export owner=$(stat -c %U /var/www/vhosts/$domain/private/)


#This will put the site in FastCGI mode and disable PHP Safe Mode

/usr/local/psa/bin/domain --update $domain -php_handler_type fastcgi -php_safe_mode false


#This will correct the permissions in httpdocs, same can be done for httpdocs

find /var/www/vhosts/$domain/httpdocs/ -not -user $owner -not -name "plesk-stat" -exec chown $ownersacln {} \;
find /var/www/vhosts/$domain/httpdocs/ -type d -not -name "plesk-stat" -print0 | xargs -0 chmod 0755
find /var/www/vhosts/$domain/httpdocs/ -type f -not -name "*.pl" -not -name "*.cgi" -not -name "*.sh" -print0 | xargs -0 chmod 0644
find /var/www/vhosts/$domain/httpdocs/ -type f -name "*.cgi" -print0 -o -name "*.pl" -print0 -o -name "*.sh" -print0 | xargs -0 chmod 0755


#Creating the wrapper

mkdir /var/www/vhosts/$domain/cgi-bin/.cgi_wrapper
cat <<EOF > /var/www/vhosts/$domain/cgi-bin/.cgi_wrapper/.phpwrapper
#!/bin/sh
export PHP_FCGI_CHILDREN=4
export PHP_FCGI_MAX_REQUESTS=1000
exec /usr/bin/php-cgi -c /etc/php.$domain.ini
EOF


#Fixing some permisson, might be optional

chgrp psaserv /var/www/vhosts/$domain/cgi-bin
chmod 101 /var/www/vhosts/$domain/cgi-bin/.cgi_wrapper
chmod 500 /var/www/vhosts/$domain/cgi-bin/.cgi_wrapper/.phpwrapper
chown $ownersacln /var/www/vhosts/$domain/cgi-bin/.cgi_wrapper -R
chattr -R +i /var/www/vhosts/$domain/cgi-bin/.cgi_wrapper


#Creating the new apache directives

cat <<EOF > /var/www/vhosts/$domain/conf/vhost.conf
<Directory /var/www/vhosts/$domain/httpdocs>
RemoveHandler fcgid-script
<IfModule mod_fcgid.c>
AddHandler fcgid-script .php
<Files ~ (\.php)>
SetHandler fcgid-script
FCGIWrapper /var/www/vhosts/$domain/cgi-bin/.cgi_wrapper/.phpwrapper .php
Options +ExecCGI
allow from all
</Files>
</IfModule>
</Directory>
EOF


#Rebuilding the apache config for this domain

/usr/local/psa/admin/sbin/websrvmng -v -u --vhost-name=$domain


#Creating the new per site php.ini

cp -a /etc/php.ini /etc/php.$domain.ini #Optionally edit /etc/php.$domain.ini and add the per user settings or load other modules


#Restarting httpd

service httpd restart


#Creating a random phpinfo.php to use for verification

export random_phpinfo=$RANDOM
echo "<?php phpinfo(); ?>" > /var/www/vhosts/$domain/httpdocs/phpinfo_$random_phpinfo.php
chown $ownersacln /var/www/vhosts/$domain/httpdocs/phpinfo_$random_phpinfo.php
echo "You can now go to http://$domain/phpinfo_$random_phpinfo.php to verify the settings."


#Destroying the variables

unset domain; unset owner; unset random_phpinfo

Now go to http://$domain/phpinfo.php and see if your custom php.ini is getting loaded at "Loaded Configuration File"



I edited the php.ini for this site like so:

;extension=apc.so
extension=../../../../../../../../usr/lib/php/zend/ZendOptimizer-5.2.so #I go up because I got error messages saying /usr/lib/php/modules//usr/lib/php/zend/ZendOptimizer-5.2.so could not be found in /var/log/httpd/error_log
#if anyone knows the best way to use extension=/usr/lib/php/zend/ZendOptimizer-5.2.so
#please let me know
#changing extension_dir = "/usr/lib/php/modules" to "/usr/lib/php/" is not wise
#what I'd like is a way to have an alternative /etc/php.d/ eg /etc/php.d.$domain/




This can be extended with Custom PHP Versions by replacing exec /usr/bin/php-cgi with your own PHP binary,
compiled into /usr/local/bin/php5412-cgi/
eg: exec /usr/local/bin/php5412-cgi/bin/php-cgi

But that's for another post.
(The research has been done, just needs a clean up and comments)