Setup Apache with PHP FPM

This lesson will include creating an user for the project, configure a fpm pool to use fast cgi and enabling apache mods and create an apache config to use fast cgi

If you are following along with WSL

make sure you have your servers running apache2, mysql, php7.3-fpm

Create a new User

This will create a new user "pimcorecasts" and then switch to the created user. Afterwards creating a index.php file in the www/web directory in the users home directory.

useradd -m -g users -s /bin/bash pimcorecasts  
passwd pimcorecasts  
su pimcorecasts  
cd ~  
mkdir www  
cd www
mkdir web
echo "<?php phpinfo(); " > web/index.php  
exit  

Create a FPM pool file

Now we create a new pool file in /etc/php/php7.3/fpm/pool.d/ with the following content:

[pimcorecasts]  
prefix = /home/$pool  
user = $pool  
group = users  

listen = 127.0.0.1:9001  

pm = dynamic  
pm.max_children = 50  
pm.start_servers = 5  
pm.min_spare_servers = 5  
pm.max_spare_servers = 20  
pm.max_requests = 1  

slowlog =/var/log/php-fpm-$pool.slow.log  
request_slowlog_timeout = 30s  

chdir = /home/$pool/www  

Check your Apache Mods

now we will remove and add apache modules with the following two commands:

a2dismod -f cgi autoindex mpm_worker mpm_prefork  
a2enmod rewrite actions alias status filter expires headers setenvif proxy proxy_fcgi socache_shmcb mpm_event ssl http2

Create the apache configuration

first we disable the default configuration:

rm /etc/apache2/sites-enabled/000-default.conf  

now we create our own apache configuration file

nano /etc/apache2/sites-enabled/0-pimcorecasts.conf

Contents of the file:

<VirtualHost *:80>   
        ServerName localhost  

        DocumentRoot /home/pimcorecasts/www/  

        ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9001/home/pimcorecasts/www/$1  

        <Directory /usr/lib/cgi-bin>  
                Options ExecCGI FollowSymLinks  
                SetHandler fastcgi-script  
                Require all granted  
                SetEnv HOME /home/pimcorecasts/www  
                SetEnv HTTP_HOME /home/pimcorecasts/www  
        </Directory>  

        <Directory /home/pimcorecasts/www>  
                Options FollowSymLinks  
                AllowOverride All  
                Require all granted  
        </Directory>  

        RewriteEngine On  

        # THE FOLLOWING NEEDS TO BE THE VERY LAST REWRITE RULE IN THIS VHOST  
        # this is needed to pass the auth header correctly - fastcgi environment  
        RewriteRule ".*" "-" [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]  
</VirtualHost>

Some basic apache security measures

Edit your security configuration of your apache server

nano /etc/apache2/conf-enabled/security.conf

Change the following values inside the configuration

ServerTokens Prod
ServerSignature Off
Comments (0)
  • No Comments
If you want to participate in the discussions. Please log in or consider registering