I run Apache 2.4 and PHP-FPM via ProxyPassmatch in httpd.conf, not vhost (for what it's worth):
ProxyPassMatch ^/(.*\.php)$ unix:/var/run/php-fpm.sock|fcgi://127.0.0.1/home/user/www
I wanted to create a subdomain to run a CMS on but quickly I figured out that PHP files aren't being processed on that subdomain probably due to my lack of understanding how to set it up.
I'm not sure whether I need to create a vhost with separate ProxyPassMatch directive or default one above will work.
httpd.conf:
ServerRoot "/usr/local"
Listen 192.168.1.2:80
LoadModule authn_file_module libexec/apache24/mod_authn_file.so
LoadModule authn_core_module libexec/apache24/mod_authn_core.so
LoadModule authz_host_module libexec/apache24/mod_authz_host.so
LoadModule authz_groupfile_module libexec/apache24/mod_authz_groupfile.so
LoadModule authz_user_module libexec/apache24/mod_authz_user.so
LoadModule authz_core_module libexec/apache24/mod_authz_core.so
LoadModule access_compat_module libexec/apache24/mod_access_compat.so
LoadModule auth_basic_module libexec/apache24/mod_auth_basic.so
LoadModule reqtimeout_module libexec/apache24/mod_reqtimeout.so
LoadModule filter_module libexec/apache24/mod_filter.so
LoadModule deflate_module libexec/apache24/mod_deflate.so
LoadModule mime_module libexec/apache24/mod_mime.so
LoadModule log_config_module libexec/apache24/mod_log_config.so
LoadModule env_module libexec/apache24/mod_env.so
LoadModule expires_module libexec/apache24/mod_expires.so
LoadModule headers_module libexec/apache24/mod_headers.so
LoadModule setenvif_module libexec/apache24/mod_setenvif.so
LoadModule proxy_module libexec/apache24/mod_proxy.so
LoadModule proxy_fcgi_module libexec/apache24/mod_proxy_fcgi.so
LoadModule unixd_module libexec/apache24/mod_unixd.so
LoadModule autoindex_module libexec/apache24/mod_autoindex.so
LoadModule negotiation_module libexec/apache24/mod_negotiation.so
LoadModule dir_module libexec/apache24/mod_dir.so
LoadModule actions_module libexec/apache24/mod_actions.so
LoadModule alias_module libexec/apache24/mod_alias.so
LoadModule rewrite_module libexec/apache24/mod_rewrite.so
IncludeOptional etc/apache24/modules.d/[0-9][0-9][0-9]_*.conf
<IfModule unixd_module>
User www
Group www
</IfModule>
ServerAdmin [email protected]
ServerName 192.168.1.2:80
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot "/home/user/www"
<Directory "/home/user/www">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "/var/log/apache/error.log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "/var/log/apache/access.log" combined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/usr/local/www/apache24/cgi-bin/"
</IfModule>
<Directory "/usr/local/www/apache24/cgi-bin">
AllowOverride None
Options None
Require all denied
</Directory>
<IfModule mime_module>
TypesConfig etc/apache24/mime.types
AddType application/x-compress .Z
</IfModule>
EnableMMAP On
Include etc/apache24/extra/httpd-mpm.conf
Include etc/apache24/extra/httpd-default.conf
Include etc/apache24/extra/h5bp.conf
Include etc/apache24/Includes/*.conf
ProxyPassMatch ^/(.*\.php)$ unix:/var/run/php-fpm.sock|fcgi://127.0.0.1/home/user/www
subdomain vhost:
<VirtualHost *:80>
DocumentRoot "/home/user/www/xxx"
ServerName xxx.domain.com
DirectoryIndex index.php
<Directory "/home/user/www/xxx">
AllowOverride FileInfo
Require all granted
</Directory>
</VirtualHost>
default php-fpm pool:
[global]
pid = run/php-fpm.pid
error_log = log/php/error.log
[www]
user = user
group = user
listen = /var/run/php-fpm.sock
listen.owner = user
listen.group = user
listen.mode = 0660
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
access.log = /var/log/php/access.log
access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
chdir = /home/user/www
catch_workers_output = yes
security.limit_extensions = .php
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
In Cloudflare I set up a CNAME record pointing to xxx.domain.com:
All I get in browser is:
"File not found"
and in logs:
[proxy_fcgi:error] [pid 44810] [client xxx.xx.x.xxx] AH01071: Got error 'Primary script unknown\n'
I would appreciate a hint/push in right direction.
Thanks
In each of your virtual hosts you will need to place:
Place this right at the top of Virtual Hosts config so that it is not effected by anything that follows.
Each Virtual Host needs a different port so 9000 then 9001 then 9002 etc. These ports must match the ones you use in your pools eg
listen = 127.0.0.1:9001. You will need to match up the users etc too.This wiki provides further info: http://wiki.apache.org/httpd/PHP-FPM .
You say you are using
Apache 2.4, it is worth noting that you cannot use sockets prior to Apache 2.4.9, hence why I didn't use them in my example.If that can help, all you need for massive hosting under apache httpd is the mod_vhost_alias module, you only set up one generic virtualhost with can handle pretty all scenarios as explain on the apache documentation here: mod_vhost_alias
I'm using it myself to redirect all my productions client php from sub.domain.tld to my php-fpm production which is chrooted.
I've got a document root like /home/clientname(as sub ;-) )/www/
Then a proxypassmatch with fastcgi://host:port/%(1/2/etc depending what part of the name you're looking for)/www/
PS: you only need different pool/ports if you really planned to segment you calls to different types of php-fpm pools as in multiple environments (prod/development/demo/etc) or with multiple clients in the event of a trully worried mind about segmentation.
I hope my answer could help the op or another people if it's too late for the op ;-)