Now, mod_fastcgi is configured and running. FastCGI supports connection via UNIX sockets or TCP/IP networking. This is useful to spread load among various backends. For example, php will be severed from 192.168.1.10 and python / ruby on rails will be severed from 192.168.1.11. This is only possible with mod_fastcgi.
Required utilities
You can spawn FastCGI processes using a dispatcher script or using spawn-fcgi utility, which is used to spawn remote FastCGI processes. spawn-fcgi included with lighttpd web server. You can grab source code from lighttpd.net or simply install it using lighttpd as follows (you need EPEL repo enabled under RHEL / CentOS / Fedora Linux):
# yum install lighttpd-fastcgi
# cp /usr/bin/spawn-fcgi /tmp
# yum remove lighttpd-fastcgi
# mv /tmp/spawn-fcgi /usr/bin/spawn-fcgi
lighttpd-fastcgi is FastCGI module and spawning helper for lighttpd and PHP configuration.
How do spawning php as TCP/IP remote app?
Use /usr/bin/spawn-fcgi as follows, enter:
# /usr/bin/spawn-fcgi -f /usr/bin/php-cgi -a 192.168.1.10 -p 9000 -P /var/run/php-cgi.fastcgi.pid -u apache -g apache
You can also jail php, using following syntax (make sure /var/run/ and /usr/bin/php-cgi exists inside jail directory):
# /usr/bin/spawn-fcgi -c /httpdjail -a 192.168.1.10 -p 9000 -P /var/run/php-cgi.fastcgi.pid -u apache -g apache -- /usr/bin/php-cgi
Where,
- -f /usr/bin/php-cgi: Filename of the fcgi-application
- -a 192.168.1.10 : Bind to ip address
- -p 9000 : Bind to tcp-port
- -P /var/run/php-cgi.fastcgi.pid: Name of PID-file for spawed process
- -c /httpdjail : Chroot to directory (security feature)
- -u apache : Change to user-id (security feature - drop root user privileges to apache user)
- -g apache : Change to group-id (security feature - drop root group privileges to apache group)
Configure Apache 2 mod_fastcgi connect to external PHP fcgi application
Above command will run php fcgi on 192.168.1.10:9000. Here is our sample setup:
- 192.168.1.10 port 9000 : PHP FastCGI server
- 192.168.1.11 port 9000 : Python or Ruby on rails cgi process
- 202.54.1.20 port 80 : Apache 2 running mod_fastcgi (DocumentRoot set to /webroot/http)
Open your httpd.conf on 202.54.1.20, enter:
# vi /etc/httpd/conf/httpd.conf
Locate your domain VirtualHost configuration and append following two directives:
AddHandler php5-fastcgi .php FastCgiExternalServer /webroot/http -host 192.168.1.10:9000
Here is complete snippet from one my box:
<VirtualHost nixcraft.com:80> ServerAdmin webmaster@nixcraft.com DocumentRoot /webroot/http ServerName nixcraft.com ErrorLog logs/nixcraft.com-error_log CustomLog logs/nixcraft.com-access_log common AddHandler php5-fastcgi .php FastCgiExternalServer /webroot/http -host 192.168.1.10:9000 </VirtualHost>
Save and close the file. Restart httpd:
# service httpd restart
Make sure iptables is configured to allow communication between public and private fastcgi server.
How do I configure PHP FastCGI via UNIX sockets?
UNIX sockets are faster as compare to TCP/IP sockets. However, they do not support remote spawning. Create /tmp/php.socket as follows:
# /usr/bin/spawn-fcgi -f /usr/bin/php-cgi -s /tmp/php.socket -u apache -g apache
Add following configuration to your httpd.conf virtual host:
AddHandler php5-fastcgi .php FastCgiExternalServer /webroot/http -socket /tmp/php.socket
Save and close the file. Restart httpd, type:
# service httpd restart
mod_fastcgi has lots of other options. Please refer to Apache and mod_fastcgi documentation for further information.
A note about mod_fastcgi limitation
You can not load balance between multiple php backend. You need to use lighttpd or nginx or other reverse proxy software.
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- My 10 UNIX Command Line Mistakes
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
Facebook it - Tweet it - Print it -
We're here to help you make the most of sysadmin work. So, subscribe!
{ 7 comments… read them below or add one }
thank you
I tried this, and it worked perfectly for pages that exist. However, DirectoryIndex no longer functions, so type a url like http://example.com/foo/ no longer serves the page at http://example.com/foo/index.php !
Any idea why?
Do you have DirectoryIndex configured?
Yes; if I take out the FastCgiExternalServer line, I get my php (source) displayed automatically (i.e., I hit http://example.com and I get http://example.com/index.php's source)
Thanks, needed this!
This is possible also with mod_proxy ;D
Hello,
when i use fastcgi i have problems with the DirectoryIndex. For example, when i has activated fastcgi and go on my website i become 404, only when i give direct the index,php. When i delete the fastcgi Support in Apache then all running well. Has someone the same problem and find a way to fix it?
Regards
Silvio