Apache2.4 comes loaded with new features, especially regarding performance, RAM consumption, and modularization. To make it work, we must update our old legacy config to be compatible with the new version of Apache. This is a somewhat traumatic step, but it will be worth it in the long run.
We compile PHP with Apache2 and FPM support:
dev-lang/php apache2 berkdb bzip2 cli crypt ctype curl curlwrappers exif fileinfo filter ftp gd gdbm hash iconv imap intl json mysql mysqli nls odbc pdo phar posix readline session simplexml soap sockets sqlite3 ssl sysvipc threads tokenizer unicode xml xmlreader xmlrpc xmlwriter zip zlib threads fpm cgi truetype bcmath
We configure the PHP version:
PHP_TARGETS="php5-6"
PHP_INI_VERSION="production"
We compile the PHP selector with FPM support:
We compile PHP:
We configure the FPM process:
[global]
error_log = /var/log/php-fpm.log
include=/etc/php/fpm-php5.6/pool.d/*.conf
vi /etc/php/fpm-php5.6/pool.d/alfaexploit.conf
[alfaexploit]
user = alfaexploit
group = alfaexploit
listen = /var/run/php-fpm_alfaexploit.sock
listen.owner = apache
listen.group = apache
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.status_path = /status
ping.path = /ping
ping.response = pong
php_admin_value[date.timezone] = Europe/Madrid
php_admin_value[open_basedir] = /var/www/alfaexploit
php_admin_value[expose_php] = Off
php_admin_value[display_errors] = Off
We add the user and start FPM:
/etc/init.d/php-fpm start
rc-update add php-fpm default
We change the permissions of the document root:
We configure the vhost:
Listen 80
<VirtualHost *:80>
ServerAdmin sys@alfaexploit.com
DocumentRoot /var/www/alfaexploit
ServerName www.alfaexploit.com
ErrorLog /var/log/apache2/alfaexploit.error_log
CustomLog /var/log/apache2/alfaexploit.access_log combined
DirectoryIndex index.php index.htm index.html
AddHandler application/x-httpd-php .php .php5 .phtml
AddHandler application/x-httpd-php-source .phps
<FilesMatch ".php$">
SetHandler "proxy:unix:///var/run/php-fpm_alfaexploit.sock|fcgi://localhost/"
</FilesMatch>
<Proxy fcgi://localhost/ enablereuse=on max=10>
</Proxy>
<Directory "/var/www/alfaexploit">
Options -Indexes +FollowSymLinks
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
We configure Apache:
APACHE2_OPTS="-D SSL -D LANGUAGE -D PHP5 -D PROXY"
We fix an error in the config:
modules/libphp5.so –> modules/mod_php.so
<IfDefine PHP5>
# Load the module first
<IfModule !mod_php5.c>
#LoadModule php5_module modules/libphp5.so
LoadModule php5_module modules/mod_php.so
</IfModule>
# Set it to handle the files
# NOTE: Avoiding AddHandler/AddType for security (bug #538822)
# NOTE: Please read the related news item!
<FilesMatch ".(php|php5|phtml)$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch ".phps$">
SetHandler application/x-httpd-php-source
</FilesMatch>
DirectoryIndex index.php index.phtml
</IfDefine>
We make sure we have the mod_unixd, mod_ssl, and mod_proxy modules loaded:
LoadModule unixd_module modules/mod_unixd.so
<IfDefine SSL>
LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
</IfDefine>
<IfDefine PROXY>
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
</IfDefine>
We comment out the following directives as they are considered deprecated:
#NameVirtualHost *:80
#NameVirtualHost *:443