error reading data from FastCGI server

We built a new server and have been moving our sites over using virtualmin backup and restore. ubuntu 12.04 to 14.04 php 5.3.10 to 5.5.9 mysql 5.5.47 for both old & new.

Most issues were minor but one site shows "Internal Server Error" on webpage when it has to do a database access. In "virtualmin->logs and reports->Apache Error Log", it has a bunch of "mod_fcgid: error reading data from FastCGI server" errors.

On virtualmin\your virtual server\server configuration\website options\, if we set "PHP script execution mode" to "Apache mod_php" it works but this says it is less secure than "FCGId (run as virtual server owner)" so we'd prefer to be able to change it back. change which We haven't had this problem with any of our other websites that use php/mysql (mostly just had to add new mysql user/password and in some cases delete local outdated copies of php.ini).

Update: Tried changing "PHP script execution mode" to "CGI wrapper (run as virtual server owner)" setting, and the webpage error changed to: The requested URL /cgi-bin/php5.cgi/lists/WaitList_Add_Form.php was not found on this server. 1. On our server, php5.cgi is a text file, not a folder.
2. WaitList_Add_Form.php is in subfolder "lists" of the directory that contains "reservations.html" which calls it.

Status: 
Active

Comments

Howdy -- do you get a better or more descriptive error message by changing it to CGI? CGI is as secure as FCGID, but it also tends to provide better errors. Sometimes FCGID errors can be a bit too generic to be helpful.

Tried changing "PHP script execution mode" to "CGI wrapper (run as virtual server owner)" setting.

The apache message was shorter, but the webpage error was more helpful: The requested URL /cgi-bin/php5.cgi/lists/WaitList_Add_Form.php was not found on this server.

On our server, php5.cgi is a text file, not a folder. WaitList_Add_Form.php is in subfolder "lists" of the directory that contains "reservations.html" which calls it.

Ah, try running these two commands:

a2enmod cgi
service apache2 restart

After that, does changing it to CGI work properly (or offer a different error message)?

Just the original unhelpful "Internal Server Error".

The apache server error log for this site was more useful.

found several of this message:

"error reading data from FastCGI server"

followed by several:

"[Mon Mar 21 16:22:51.576075 2016] [cgi:error] [pid 14077] [client 63.142.200.58:40375] AH01215: PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php5/20121212/imap.so' - /usr/lib/php5/20121212/imap.so: cannot open shared object file: No such file or directory in Unknown on line 0"

Okay, it looks like it's trying to load a PHP module that either isn't installed, or isn't in the module path.

Do you need the PHP IMAP module?

If not, you could always disable that in $HOME/etc/php.ini.

Or if you do need it, you could verify that the php5-imap package is installed.

Commented out the IMAP line and restarted apache. Same error message: mod_fcgid: error reading data from FastCGI server on the fcgid option

and: malformed header from script 'php5.cgi': Bad header with the CGI option.

We may need to try out a more basic PHP page here, just to verify that PHP is working properly with this domain.

What happens if you create a file named "test.php" in the public_html folder for this domain, and you add in the following:

<?php phpinfo(); ?>

When accessing that from a browser, do you see the phpinfo output? Or do you receive an error?

phpinfo printout works fine with no errors

Okay, that is both good news, and bad news :-)

That's good, because it means PHP is working properly.

That's bad news, because something about that particular web app for that domain isn't working properly.

And unfortunately, it's not providing a very good error message, so it's difficult to say what the actual problem is.

Is there a way that you could enable additional log output for this particular web app?

You could also try disabling some of the plugins it's using, to see if perhaps one of those is the culprit.

Our web developer is currently out of town. What are the security risks with keeping "PHP script execution mode" set at "Apache mod_php (run as Apache's user)" and how can they be minimized?

I had forgotten that you mentioned above that it did work in mod_php.

One option there, is to try resetting the permissions of this particular Virtual Server. It's possible you could be seeing a file or directory permission issue.

That can be done by going into Limits and Validation -> Validate Virtual Servers -> Fix Permissions. There, try correcting the permissions for just the one domain that you're having this problem with.

After that, are you then able to use FCGID or CGI?

Tried "Limits and Validation -> Validate Virtual Servers -> Fix Permissions.". still "internal server error" unless in mod_php mode.

Did some more testing: In any mode but mod_php, there is a server error whenever I try to load files with the php extension, even if it is something simple like php test info or the current time/date. Same behaviour if you take an html file and change ".html" to ".php" (so no actual php code).

Found solution!

Removed "[site folder]/etc/php5/php.ini" so php looks for global copy for the current php version.

Getting close on this new server. We are seeing one other error in the apache log file: Name-based SSL virtual hosts only work for clients with TLS server name indication support is this something we need to worrry about?

Ah, sounds like there may have been some kind of configuration in the PHP ini that wasn't compatible with your web app. I'm glad you were able to figure out that removing it would get things going!

Regarding that SSL error -- which error log is that showing up in, is that the system-wide Apache error log, or is it one that belongs to a particular domain?

It is in the system-wide apache error log.

configuration in the PHP ini that wasn't compatible with your web app

It was actually the php.ini file itself that was the problem (no files with php extension would load, even if just html), presumably because it was created for an earlier php version.