Re: Apache 2.4 with event, PHP 8.0 fpm on FreeBSD 13, pool keeps dying

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



where have you stored the file info.php? Directory?


Deepak
"The greatness of a nation can be judged by the way its animals are treated - Mahatma Gandhi"


"Plant a Tree, Go Green"



On Fri, Jul 15, 2022 at 10:34 AM David Mehler <dave.mehler@xxxxxxxxx> wrote:
Hello,

I'm trying to run Apache 2.4 with event mpm, PHP 8.0 fpm on a FreeBSD
13 system. To test I've got a PHP info file but when I atempt to load
it I'm getting a 5xx file not found message. Checking the PHP fpm and
other logs it looks like my pool is dying and restarting very quickly.
My configuration minus comments is below including logs.

I'd appreciate any assistance.

Thanks.
Dave.

#cat example.com.conf
# The example.com http virtual host
<VirtualHost *:80>
# Redirects all http port 80 traffic to https port 443
RewriteEngine On
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>

# The example.com https virtual host
<VirtualHost *:443 [2600:3c03:e000:1aa:abcd::2073]:443>
ServerAdmin webmaster@xxxxxxxxxxx
ServerName example.com
ServerAlias www.example.com
DocumentRoot "/usr/vhosts/example.com/htdocs/"
# I have tried both with and without this next line, doesn't seem to
make a difference
        ProxyPassMatch ^/(.*\.php)$
fcgi://127.0.0.1:9000/usr/local/www/site1/public_html/$1

ErrorLog /usr/vhosts/example.com/logs/error.log
CustomLog /usr/vhosts/example.com/logs/access.log combined
ExpiresActive on
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/webp "access plus 1 month"

# TLS Configuration
# RSA
SSLEngine on
SSLCertificateFile "/usr/local/etc/ssl/acme.sh/example.com/fullchain.crt"
SSLCertificateKeyFile
"/usr/local/etc/ssl/acme.sh/example.com/private/server.key"

# ECDSA
SSLCertificateFile "/usr/local/etc/ssl/acme.sh/example.com_ecc/fullchain.crt"
SSLCertificateKeyFile
"/usr/local/etc/ssl/acme.sh/example.com_ecc/private/server-ec256.key"

# Support OCSP Stapling
SSLCACertificateFile "/usr/local/etc/ssl/acme.sh/example.com/cacert.crt"
SSLUseStapling on

ErrorDocument 404 /errordocs/error404.html
    ErrorDocument 500 /errordocs/error50x.html
    ErrorDocument 501 /errordocs/error50x.html
    ErrorDocument 502 /errordocs/error50x.html
    ErrorDocument 503 /errordocs/error50x.html
    ErrorDocument 504 /errordocs/error50x.html

    <Files "error404.html">
        <If "-z %{ENV:REDIRECT_STATUS}">
            RedirectMatch 404 ^/errordocs/error404.html$
        </If>
    </Files>

    <Files "error50x.html">
        <If "-z %{ENV:REDIRECT_STATUS}">
            RedirectMatch 404 ^/errordocs/error50x.html$
        </If>
    </Files>

H2Direct on
Protocols h2 h2c http/1.1

<Directory "/usr/vhosts/example.com/htdocs/">
 Options FollowSymLinks
SSLRequireSSL
AllowOverride None
SetOutputFilter DEFLATE
SetEnvIfNoCase Request_URI "\.(?:gif|jpe?g|png)$" no-gzip
Require all granted
</Directory>
</VirtualHost>

#cat ../modules.d/030_php-fpm.conf
<IfModule proxy_fcgi_module>
<IfModule dir_module>
DirectoryIndex index.php
</IfModule>
<FilesMatch "\.(php|phtml|inc)$">
SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>
</IfModule>

#cat /usr/local/etc/php-fpm.conf
[global]
pid = run/php-fpm.pid
error_log = log/php-fpm.log
syslog.facility = daemon
syslog.ident = php-fpm
log_level = notice
emergency_restart_threshold = 2
emergency_restart_interval = 30
process_control_timeout = 60
process.max = 128
daemonize = yes
include=/usr/local/etc/php-fpm.d/*.conf

#cat php-fpm.d/www.conf
[www]
user = www
group = www
listen = 127.0.0.1:9000
listen.backlog = -1
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.max_requests = 500
request_terminate_timeout = 300
security.limit_extensions = .php

#sockstat -4|grep 80
www      httpd      93392 3  tcp4   172.16.21.4:80        *:*
root     httpd      93169 3  tcp4   172.16.21.4:80        *:*

#sockstat -4|grep 443
www      httpd      93392 4  tcp4   172.16.21.4:443       *:*
root     httpd      93169 4  tcp4   172.16.21.4:443       *:*

#sockstat -4|grep 9000
www      php-fpm    97114 5  tcp4   127.0.0.1:9000        *:*
www      php-fpm    69517 5  tcp4   127.0.0.1:9000        *:*
root     php-fpm    68909 7  tcp4   127.0.0.1:9000        *:*

The following logs show atempts to pull https://example.com/info.php
#tail -f /var/log/httpd-error.log
[Thu Jul 14 22:13:37.968678 2022] [:notice] [pid 92921:tid
34372395008] ModSecurity: Status engine is currently disabled, enable
it by set SecStatusEngine to On.
[2022-07-14 22:13:38.001775] [ssl:warn] - - AH01873: Init: Session
Cache is not configured [hint: SSLSessionCache]
[2022-07-14 22:13:38.014566] [mpm_event:notice] - - AH00489:
Apache/2.4.54 (FreeBSD) OpenSSL/1.1.1o-freebsd configured -- resuming
normal operations
[2022-07-14 22:13:38.014640] [core:notice] - - AH00094: Command line:
'/usr/local/sbin/httpd -D NOHTTPACCEPT'

 #cat /var/log/php-fpm.log
[14-Jul-2022 22:14:29] NOTICE: [pool www] child 97114 started
[14-Jul-2022 22:25:17] WARNING: [pool www] child 97114 exited with
code 1 after 647.455507 seconds from start
[14-Jul-2022 22:25:17] NOTICE: [pool www] child 33415 started

#tail -f /var/log/php-fpm.log
[14-Jul-2022 19:28:06] WARNING: [pool www] child 79787 exited with
code 1 after 5.163854 seconds from start
[14-Jul-2022 19:28:06] NOTICE: [pool www] child 80268 started
[14-Jul-2022 19:56:37] WARNING: [pool www] child 80268 exited with
code 1 after 1710.418178 seconds from start
[14-Jul-2022 19:56:37] NOTICE: [pool www] child 79931 started
[14-Jul-2022 19:56:38] WARNING: [pool www] child 79931 exited with
code 1 after 1.087571 seconds from start
[14-Jul-2022 19:56:38] NOTICE: [pool www] child 80050 started
[14-Jul-2022 22:14:29] WARNING: [pool www] child 80050 exited with
code 1 after 8271.738229 seconds from start
[14-Jul-2022 22:14:29] NOTICE: [pool www] child 97114 started
[14-Jul-2022 22:25:17] WARNING: [pool www] child 97114 exited with
code 1 after 647.455507 seconds from start
[14-Jul-2022 22:25:17] NOTICE: [pool www] child 33415 started
[14-Jul-2022 22:26:56] WARNING: [pool www] child 33415 exited with
code 1 after 99.012734 seconds from start
[14-Jul-2022 22:26:56] NOTICE: [pool www] child 39965 started
[14-Jul-2022 22:27:34] WARNING: [pool www] child 39965 exited with
code 1 after 37.896866 seconds from start
[14-Jul-2022 22:27:34] NOTICE: [pool www] child 41537 started

# cat error.log
[2022-07-14 22:14:29.944156] [proxy_fcgi:error] xxx.xxx.xxx.xxx:53446
YtDNhUBXweelCEHVKI1z7AAAEwk AH01067: Failed to read FastCGI header
[2022-07-14 22:14:29.944242] [proxy_fcgi:error] xxx.xxx.xxx.xxx:53446
YtDNhUBXweelCEHVKI1z7AAAEwk AH01075: Error dispatching request to :
[2022-07-14 22:25:17.335654] [ssl:error] - - AH01936:
stapling_check_response: response times invalid
[2022-07-14 22:25:17.335803] [ssl:error] - - AH01943:
stapling_renew_response: error in retrieved response!
[2022-07-14 22:25:17.412204] [proxy_fcgi:error] xxx.xxx.xxx.xxx:53467
YtDQDUBXweelCEHVKI1z8AAACwk AH01067: Failed to read FastCGI header
[2022-07-14 22:25:17.412280] [proxy_fcgi:error] xxx.xxx.xxx.xxx:53467
YtDQDUBXweelCEHVKI1z8AAACwk AH01075: Error dispatching request to :

#ls -l info.php
-rw-r--r--  1 root  www  20 Jul 12 15:33 info.php

#cat info.php
<?php
phpinfo();
?>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux