Evren Yurtesen Advertisement
Home arrow Articles arrow Easiest way to enable mod_fastcgi+php on H-Sphere
Thursday, 20 November 2008
  
 
Main Menu
Home
News
Blog
Articles
Links
Downloads
Contact Us
Search
News Feeds
FAQs
Newsflash

The http://dev.yurtesen.com is officially opened! You can register and submit your articles and guides. We will examine them and publish.
 
Easiest way to enable mod_fastcgi+php on H-Sphere Print
Written by Evren Yurtesen   
Wednesday, 07 June 2006
In this article we will discuss how to install and enable mod_fastcgi+php on our H-Sphere web servers. This applies to 2.5+ versions of H-Sphere

NOTE:
If you are not using webshell, you can disable mod_php modules completely. The reason webshell says that it wont work with safe_mode. Normally this is disabled with a "php_admin_flag safe_mode Off" however since php_admin_flag options are not working with mod_fastcgi+php it fails working.
If you dont use safe_mode then you can disable mod_php totally without worrying about webshell. The intructions for that kind of setup is also below.

1- Install mod_fastcgi:

Download latest mod_fastcgi from http://www.fastcgi.com/dist/ and extract.

Enter fastcgi directory and run:

/hsphere/shared/apache/bin/apxs -o mod_fastcgi.so -c *.c
/hsphere/shared/apache/bin/apxs -i -n fastcgi mod_fastcgi.so

2- Create custom apache.conf to enable mod_fastcgi+php using the instructions from the URL below.
http://www.psoft.net/HSdocumentation/sysadmin/conf_file_template_customization.html#apache

-> Add this line below php's LoadModule statement
-> DO NOT disable the php modules if you use webshell and you want safe_mode

LoadModule fastcgi_module libexec/mod_fastcgi.so

-> Add this line below php's AddModule statement
-> DO NOT disable the php modules. They are needed for webshell etc.

AddModule mod_fastcgi.c

-> Add these lines after AddModule statements.

<IfModule mod_fastcgi.c>
  FastCgiWrapper /hsphere/shared/apache/bin/suexec
  FastCgiConfig -singleThreshold 1
  #Use this if you want webshell to continue working (DONT disable mod_php)
  #The reason this works is that more specific entry overrides general
  #mod_php entries. Thus entries in lsrv.conf are overridden for users
  <Directory "/hsphere/local/home">
    AddType application/x-httpd-fastphp .php .php3 .phps
  </Directory>
  #Use this AddType instead of the above one if you dont need webshell
  #and want safe_mode. However you should also disable AddType values
  #in lsrv.conf (using templates) to achieve success.
  # AddType application/x-httpd-fastphp .php .php3 .phps
  Action application/x-httpd-fastphp /fastcgi/php-cgi
</IfModule>

-> Add these lines under cgi-bin alias "/hsphere/shared/apache/cgi-bin/" in httpd.conf

ScriptAlias /fastcgi/ "/hsphere/local/fastcgi/"
<Directory "/hsphere/local/fastcgi">
  SetHandler fastcgi-script
</Directory>

4- Create /hsphere/local/fastcgi directory and populate it with the version of php-cgi you want to use.

mkdir /hsphere/local/fastcgi
cd /hsphere/local/fastcgi

ln /hsphere/shared/php4/bin/php-cgi php-cgi
or depending on PHP version you use
ln /hsphere/shared/php5/bin/php-cgi php-cgi

5- Change the owner of the files so the user processes can write to the files previously owned by 'httpd'

masschange.sh
----------------------------------------------
#!/bin/sh

cd "/hsphere/local/home/"

/bin/ls -1|while read user
do
  /usr/sbin/chown -R "$user:$user" "$user"
done
----------------------------------------------

OTHER NOTES:
* This enables PHP globally for all accounts, you cant set which php version to use from CP.
* This disables all php_admin_flag and php_admin_value settings in user vhost's. But this is not a problem since there are none normally. Only problem is webshell but the workaround is mentioned above.
* It is recommended to enable safe_mode and safe_mode_exec_dir otherwise your users can still run system commands and try to do things which they are not suppose to!
* It is also recommended to disable allow_url_fopen since this is the most used function by intruders.
* If you enable safe_mode, you can populate applications needed by your users to /usr/local/safebin but be careful at what you put there. To enable safe_mode and disable allow_url_fopen: -> Create a /usr/local/safebin directory -> Set the following in php.ini (with template instructions) safe_mode = On safe_mode_exec_dir = /usr/local/safebin allow_url_fopen = Off

Performance of mod_fastcgi+PHP compared to suPHP:

Command Used:
/hsphere/shared/apache/bin/ab -n 1000 -c 20 http://MY_FAVOURITE_SITE/phpinfo.php

#With mod_fastcgi
Server Software:        Apache/1.3.36
Server Hostname:        MY_FAVOURITE_SITE
Server Port:            80

Document Path:          /phpinfo.php
Document Length:        46097 bytes

Concurrency Level:      20
Time taken for tests:   8.323 seconds
Complete requests:      1000
Failed requests:        0
Broken pipe errors:     0
Total transferred:      46362000 bytes
HTML transferred:       46097000 bytes
Requests per second:    120.15 [#/sec] (mean)
Time per request:       166.46 [ms] (mean)
Time per request:       8.32 [ms] (mean, across all concurrent requests)
Transfer rate:          5570.35 [Kbytes/sec] received

Connnection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0     1    3.0      1    30
Processing:    39   164  312.1    111  2396
Waiting:       32   163  312.1    111  2396
Total:         39   165  312.1    111  2396

Percentage of the requests served within a certain time (ms)
  50%    111
  66%    112
  75%    112
  80%    115
  90%    179
  95%    227
  98%   2282
  99%   2341
 100%   2396 (last request)

#With mod_suphp
Server Software:        Apache/1.3.36
Server Hostname:        MY_FAVOURITE_SITE
Server Port:            80

Document Path:          /phpinfo.php
Document Length:        47171 bytes

Concurrency Level:      20
Time taken for tests:   98.370 seconds
Complete requests:      1000
Failed requests:        0
Broken pipe errors:     0
Total transferred:      47528860 bytes
HTML transferred:       47244728 bytes
Requests per second:    10.17 [#/sec] (mean)
Time per request:       1967.40 [ms] (mean)
Time per request:       98.37 [ms] (mean, across all concurrent requests)
Transfer rate:          483.16 [Kbytes/sec] received

Connnection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    57  138.8      0  1254
Processing:    94  1881  849.5   1859  5259
Waiting:       94  1877  849.6   1851  5259
Total:         94  1938  856.0   1966  5259

Percentage of the requests served within a certain time (ms)
  50%   1966
  66%   2230
  75%   2401
  80%   2510
  90%   2847
  95%   3186
  98%   3811
  99%   4483
 100%   5259 (last request)

Example apache log entries:

[Wed Jun  7 21:17:53 2006] [notice] Apache/1.3.36 (Unix) mod_fastcgi/2.4.2 mod_throttle/3.1.2 FrontPage/5.0.2.2623 mod_psoft_traffic/0.1 mod_ssl/2.8.26 OpenSSL/0.9.7d configured -- resuming normal operations

[Wed Jun  7 21:18:28 2006] [warn] FastCGI: (dynamic) server "/hsphere/local/fastcgi/php-cgi" (uid 1039, gid 1039) started (pid 44735)

[Wed Jun  7 21:19:27 2006] [warn] FastCGI: (dynamic) server "/hsphere/local/fastcgi/php-cgi" (uid 1004, gid 1004) started (pid 44809)

[Wed Jun  7 21:27:56 2006] [warn] FastCGI: (dynamic) server "/hsphere/local/fastcgi/php-cgi" (pid 44809) termination signaled

[Wed Jun  7 21:27:56 2006] [warn] FastCGI: (dynamic) server "/hsphere/local/fastcgi/php-cgi" (pid 44809) terminated due to uncaught signal '15' (Terminated) 

-> We set the idle percentage to 1% so if the process is idle for over 5min, it releases the memory it used etc. Thus, the termination entries in the logs are normal.

Last Updated ( Wednesday, 14 March 2007 )
 
< Prev   Next >
[ Back ]
Google Search
Donate For My Work

Amazon Search


 
Top!
© 2008 Evren Yurtesen
Joomla! is Free Software released under the GNU/GPL License.
 Top!