These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for Apache is not running php file when using cgi/fcgi on the new forum.
Hi,
I have a fresh VPS with Ubuntu 12.04, on which I installed Virtualmin (with the install script). I also have upgrading Ubuntu source repositories, to install php 5.4.11. I have re-check webmin configuration and everything is fine.
When I try to access to a page, on a virtual server configurer with cgi or fcgi, my browser ask me to download the php file (even after clearing my browser's cache).
It only works with mod_php.
I have read that thread : http://www.virtualmin.com/node/21082, but it didn't help much.
What should I check / change, to make it work with fcgi mode ?
Thanks
Jerome
So just to verify, are you saying that you commented out the SetHandler lines mentioned in that other post?
That's usually the cause of what you're seeing.
Also, if you go into System Settings -> Re-Check Config, does it notice any problems?
-Eric
They were not commented, after upgrading to php 5.4.x I guess. But I got the warning when I re-checked the config, so I commented those lines. No more problems are shown by the "Re-Check Config".
After digging a bit more I found the problem :
at the end of my vhost.conf files, there was the following lines :
RemoveHandler .php RemoveHandler .php5 php_admin_value engine Off
Once I removed them, it starts working properly.
Hmm, that's actually not a good thing... that means that something is forcing mod_php mode, which is a security concern.
If your domains are set to use CGI or FCGID, then you should be able to keep "php_admin_value engine Off" in your Apache config.
-Eric
ah ! Too bad, I thought I had found the problem !
Do you have any suggestion of what could force "mod_php" ?
As I am the only one to have access to this server, is that a security issue that I should really care about ?
Thanks
Some update !
I have compared Apache modules between my old and my new VPS.
The only difference was the new module php5_cgi, so I disabled it and put back "php_admin_value engine Off" in my vhost config.
And it works !
Maybe something is missing in my config to make php5_cgi to work, but I dont't think I need it.
Hello,
For those stil using .php3 filenames, you should modify the apache2 domainname.conf file. (/etc/apache2/sites-available/ for ubuntu 12.04)
whithout this, pages are loaded as files in the browser.
like this :
AddHandler fcgid-script .php AddHandler fcgid-script .php3 AddHandler fcgid-script .php5 FCGIWrapper /home/opalesurfcasting/fcgi-bin/php5.fcgi .php FCGIWrapper /home/opalesurfcasting/fcgi-bin/php5.fcgi .php3 FCGIWrapper /home/opalesurfcasting/fcgi-bin/php5.fcgi .php5
and this :
RemoveHandler .php RemoveHandler .php3 RemoveHandler .php5
Greatings,
Eric
I was researching and investigating for hours and was about to do a major rollback when I found your post.
On Ubuntu 10.04 I had updated PHP to 5.4.13 and then experienced the very same symptoms that you've described.
Disabling php5_cgi finally did the trick!
Actually php5_cgi.conf also includes that
SetHandler application/x-httpd-php
line which needs to be commented out.Obviously the new php install had enabled this module by default.
This did it to me too.
I had upgraded my system according to debian squeezy to wheezy guide on virtualmin pages, i guess the mod got enabled by default at some point.
Well, that was one 10 hours well spent on figuring out what the heck is going on :)
It seems that after an update, i had the same issue. Are you guys planing on a fix for this issue?
Hi Guys,
How did you disable php5_cgi?
Hi,
You have to go on Webmin page, then Servers -> Apache Webserver. Click on "Global Configuration" tab, and choose "Configure Apache Modules".
On that page just uncheck the module and save.
Thanks for your post. It addressed my symptoms and was the easiest solution offered.
Thanks,
The "Servers -> Apache Webserver" -- Click on "Global Configuration" -- "Configure Apache Modules". -- uncheck the module and save. (rebooted, just in case) solved my problem trying to install Drupal 8 (beta4). Now the server executes the php files instead of trying to download them.
System: Ubuntu Linux 12.04.4 (64 bits) (virtual machine) Virtualmin 4.12.gpl GPL PHP 5.4.36-1
Gustavo (Posting from Madrid)
PS. I had to install as well the gd extension, but that's another tale.
Thx, I have no "config apache modules" option on the global config screen as per screenshot. Would you know where this is? :)
PS meh: http://www.virtualmin.com/node/14307
Howdy,
Yeah, that option may not exist in Webmin on CentOS... but that just means you'd need to manually edit your Apache config, and comment out the line that's loading the module you no longer want.
-Eric
I just like to add something for those that are experiencing the same thing.
I have upgraded to PHP 5.4 and MySQL 5.5 on my CentOS 6.4 (I know this isn't recommended but I needed to test if MySQL 5.5 had performance advantage over 5.1) After that php files started to download on the browser instead of executing. In my case this was fixed by editing this file
/etc/httpd/conf.d/php.conf
I changed this line:
SetHandler application/x-httpd-php
into this:
SetHandler application/x-httpd-php5
Then restart Apache.
Also, isn't "Configure Apache Modules" similar to "Re-configure Known Modules"? If so, you can click "Module Config" on Apache page then set Always detect Apache modules automatically? to "No" so that the extra option appears.
The solution that worked for me was to edit /etc/httpd/conf.d/php.conf
and replace these three lines:
<FilesMatch \.php$>
SetHandler application/x-httpd-php
</FilesMatch>
with:
AddHandler php5-script .php
More info: http://ilovevirtualmin.com/tag/virtualmin-upgrade-php-5-3-to-php-5-4/
FINALLY this solved my problem thanks for sharing
From the last post... have solved my problem with change in php.conf from filesmatch.... to addhandler...
I'm fear now with possible to someone download my php code.
There is anyway to block this download if something fail? That makes me to try abandon php. Hard security problem... SO HARD!
Howdy,
If you don't need mod_php, you can disable mod_php within Apache.
That would make it so that the php.conf is no longer used at all, and also frees up a decent amount of RAM within Apache.
-Eric
I'll try to do it.
As I see, everyone always says to use fcgi, best performance and best security.
But the biggest problem is... When I go to sleep, this problem pass in my dreams. Someone will download my php code! (LOL)
I have found a lot of tutorials of "forbiden php to be downloaded" but no one works in my case.
I'll try to disable the mod_php like you said!
Thank you!
I ran into this issue when upgrading from Ubuntu 12.04 to 14.04. Apache went from 2.2 to 2.4 and it installed the file /etc/apache2/conf-enabled/php5-cgi.conf which overrides the per-vhost AddHandler declarations via a SetHandler declaration. Solution is to run sudo a2disconf php5-cgi and restart Apache to disable that default configuration.