Home » Php » php – php5 with mod_fcgid results in 500 error – probably wrong permissions

php – php5 with mod_fcgid results in 500 error – probably wrong permissions

Posted by: admin July 12, 2020 Leave a comment

Questions:

Every time I request a .php file I get the 500 error code.

I tried many different file permissions and searched the whole internet (or at least, it felt like this), but i couldn’t find anything helpful. (It’s not an easy to find suexec error or something like that. However I guess, it’s something with the permissions… and probably I just don’t know a/the certain point…)

/var/log/apache2/error.log (LogLevel info)

[Tue Sep 11 12:47:21 2012] [info] Init: Seeding PRNG with 648 bytes of entropy
[Tue Sep 11 12:47:21 2012] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Tue Sep 11 12:47:21 2012] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Tue Sep 11 12:47:21 2012] [info] Init: Initializing (virtual) servers for SSL
[Tue Sep 11 12:47:21 2012] [info] mod_ssl/2.2.16 compiled against Server: Apache/2.2.16, Library: OpenSSL/0.9.8o
[Tue Sep 11 12:47:21 2012] [notice] suEXEC mechanism enabled (wrapper: /usr/lib/apache2/suexec)
[Tue Sep 11 12:47:21 2012] [info] mod_fcgid: Process manager 30502 started
[Tue Sep 11 12:47:21 2012] [info] Init: Seeding PRNG with 648 bytes of entropy
[Tue Sep 11 12:47:21 2012] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Tue Sep 11 12:47:21 2012] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Tue Sep 11 12:47:21 2012] [info] Shared memory session cache initialised
[Tue Sep 11 12:47:21 2012] [info] Init: Initializing (virtual) servers for SSL
[Tue Sep 11 12:47:21 2012] [info] mod_ssl/2.2.16 compiled against Server: Apache/2.2.16, Library: OpenSSL/0.9.8o
[Tue Sep 11 12:47:21 2012] [notice] Apache/2.2.16 (Debian) mod_fcgid/2.3.6 mod_ssl/2.2.16 OpenSSL/0.9.8o configured -- resuming normal operations
[Tue Sep 11 12:47:21 2012] [info] Server built: Apr  1 2012 06:40:08
[Tue Sep 11 12:48:08 2012] [info] mod_fcgid: server wiheha.us.to:/var/www/wiheha/conf.d/php.fcgi(30603) started
[Tue Sep 11 12:48:08 2012] [warn] [client 192.168.2.109] (104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server
[Tue Sep 11 12:48:08 2012] [error] [client 192.168.2.109] Premature end of script headers: test.php
[Tue Sep 11 12:48:11 2012] [info] mod_fcgid: process /var/www/wiheha/conf.d/php.fcgi(30603) exit(communication error), terminated by calling exit(), return code: 255

My setup is: Apache/2.2.16 (Debian)

file structure:

drwxr-xr-x root   root    /var/
drwxr-xr-x root   root      www/
dr-xr-xr-x wiheha wiheha      wiheha/
dr-x------ wiheha wiheha        conf.d/
-r-x------ wiheha wiheha          php.fcgi
drwxr-xr-x wiheha wiheha        www/
-rw-r--r-- wiheha wiheha          favicon.ico
-rw-r--r-- wiheha wiheha          test.html
-rw-r--r-- wiheha wiheha          test.php

“wiheha” is a user btw:

wiheha:x:1005:1005::/var/www/wiheha:/bin/false
(adduser [...] --no-create-home --disabled-password --disabled-login [...])

/var/www/wiheha/conf.d/php.fcgi

#!/bin/sh
exec /usr/lib/cgi-bin/php

/var/www/wiheha/www/test.html

<!DOCTYPE html>
<html>
    (working, not much more than "lorem ipsum...")
</html>

/var/www/wiheha/www/test.php

<?php phpinfo(); ?>

/etc/apache2/sites-available/wiheha

<VirtualHost *:80>
    ServerName wiheha.us.to
    ServerAdmin [email protected]
    DocumentRoot /var/www/wiheha/www
    SuexecUserGroup wiheha wiheha
    <Directory /var/www/wiheha/www/>
        AllowOverride All
        Options +ExecCGI
        AddHandler fcgid-script .php
        FCGIWrapper /var/www/wiheha/conf.d/php.fcgi .php
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

Additional info:

# cat /etc/debian_version
6.0.5
# apachectl -V
Server version: Apache/2.2.16 (Debian)
Server built:   Apr  1 2012 06:40:08
Server's Module Magic Number: 20051115:24
Server loaded:  APR 1.4.2, APR-Util 1.3.9
Compiled using: APR 1.4.2, APR-Util 1.3.9
Architecture:   32-bit
Server MPM:     Worker
  threaded:     yes (fixed thread count)
    forked:     yes (variable process count)
Server compiled with....
 -D APACHE_MPM_DIR="server/mpm/worker"
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=128
 -D HTTPD_ROOT="/etc/apache2"
 -D SUEXEC_BIN="/usr/lib/apache2/suexec"
 -D DEFAULT_PIDLOG="/var/run/apache2.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="mime.types"
 -D SERVER_CONFIG_FILE="apache2.conf"
# /usr/lib/cgi-bin/php --version
PHP 5.3.3-7+squeeze14 with Suhosin-Patch (cgi-fcgi) (built: Aug  6 2012 20:08:51)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
    with Suhosin v0.9.32.1, Copyright (c) 2007-2010, by SektionEins GmbH

Quite long… I hope, this isn’t too much 😉

Please don’t mind wrong language, if something is wrong.
And yes, you should be able, to access the server: http://wiheha.us.to/

How to&Answers:

I (accidently) found the solution:
The fcgi script (and the directory containing it) has to be at least publicly executable (r-x–x–x / 511).

updated file structure:

drwxr-xr-x root   root    /var/
drwxr-xr-x root   root      www/
dr-xr-xr-x wiheha wiheha      wiheha/
dr-x--x--x wiheha wiheha        conf.d/
-r-x--x--x wiheha wiheha          php.fcgi
drwxr-xr-x wiheha wiheha        www/
-rw-r--r-- wiheha wiheha          favicon.ico
-rw-r--r-- wiheha wiheha          test.html
-rw-r--r-- wiheha wiheha          test.php

Answer:

Check the below also :

http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html

Special PHP considerations

By default, PHP FastCGI processes exit after handling 500 requests, and they may exit after this module has already connected to the application and sent the next request. When that occurs, an error will be logged and 500 Internal Server Error will be returned to the client. This PHP behavior can be disabled by setting PHP_FCGI_MAX_REQUESTS to 0, but that can be a problem if the PHP application leaks resources. Alternatively, PHP_FCGI_MAX_REQUESTS can be set to a much higher value than the default to reduce the frequency of this problem. FcgidMaxRequestsPerProcess can be set to a value less than or equal to PHP_FCGI_MAX_REQUESTS to resolve the problem.