fcgid x-httpd-php-source highlighting

The new way running PHP on apache not as a module but over fcgid can increase the performance on a multicore CPU system and it is possible to run the PHP process not as the apache user (often www-data), but for example as the ftp user. So when apache creates a file the owner is not www-data, but the ftp user.
I’ve seen many setups allowing ExecCGI  for the vhost. That is a bad practice. It is much better allow it only for the needed files.

<VirtualHost *:80>
    ServerName example.local
    DocumentRoot "/Users/mario/www"
    CustomLog "C:\nul" common
    <IfModule fcgid_module>
        FcgidPassHeader Authorization
        <Files ~ "\.php$">
            Options ExecCGI
            AddHandler fcgid-script .php
            FcgidWrapper "C:/users/mario/php5/php-cgi.exe" .php
        </Files>
    </IfModule>
    <Directory "/Users/mario/www>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

With the module it was possible to highlight PHP file with x-httpd-php-source. That option is not available with fcgid. So I had to think how to enable with but not going back to the module which often crashed my apache.

 

What works is to use the php parameters on the command line.

        <Files ~ "\.phps$">
            Options ExecCGI
            AddHandler fcgid-script .php
            FcgidWrapper "C:/users/mario/php5/php-cgi.exe -s" .php
        </Files>

 

A full example on Windows.

<IfModule fcgid_module>
    FcgidConnectTimeout 10
    FcgidMaxProcesses 300
    FcgidMaxProcessesPerClass 300
    FcgidOutputBufferSize 64
    ProcessLifeTime 0
    FcgidMaxRequestsPerProcess 0
    FcgidMinProcessesPerClass 0
    FcgidFixPathinfo 0
    FcgidProcessLifeTime 0
    FcgidZombieScanInterval 20
    FcgidMaxRequestLen 536870912
    FcgidIOTimeout 120
    FcgidTimeScore 3
</IfModule>

<VirtualHost *:80>
    ServerName example.local
    DocumentRoot "/Users/mario/www"
    CustomLog "C:\nul" common
    <IfModule fcgid_module>
        FcgidInitialEnv PHPRC "C:\\Users\mario\\php5"
        FcgidInitialEnv PATH "C:\\Users\mario\\php5;C:\\WINDOWS\\system32;C:\\WINDOWS;C:\\WINDOWS\\System32\\Wbem;"
        FcgidInitialEnv SystemRoot "C:\\Windows"
        FcgidInitialEnv SystemDrive "C:"
        FcgidInitialEnv TEMP "C:\\WINDOWS\\TEMP"
        FcgidInitialEnv TMP "C:\\WINDOWS\\TEMP"
        FcgidInitialEnv windir "C:\\WINDOWS"
        FcgidPassHeader Authorization
        <Files ~ "\.php$">
            Options ExecCGI
            AddHandler fcgid-script .php
            FcgidWrapper "C:/users/mario/php5/php-cgi.exe" .php
        </Files>
        <Files ~ "\.phps$">
            Options ExecCGI
            AddHandler fcgid-script .php
            FcgidWrapper "C:/users/mario/php5/php-cgi.exe -s" .php
        </Files>
    </IfModule>
    <Directory "/Users/mario/www>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

On Linux is is just a little different

 

FCGIWrapper /usr/bin/php5-cgi .php

and only

FcgidPassHeader Authorization

PHP sort array by key

Sorting an array by Key.

<?php
/*
Array
(
    [0] => Array
        (
            [hashtag] => a7e87329b5eab8578f4f1098a152d6f4
            [title] => Flower
            [order] => 3
        )

    [1] => Array
        (
            [hashtag] => b24ce0cd392a5b0b8dedc66c25213594
            [title] => Free
            [order] => 2
        )

    [2] => Array
        (
            [hashtag] => e7d31fc0602fb2ede144d18cdffd816b
            [title] => Ready
            [order] => 1
        )
)
*/
function aasort (&$array, $key) {
	$sorter = array();
	$ret = array();
	reset($array);
	foreach ($array as $ii => $va) {
	    $sorter[$ii] = $va[$key];
	}
	asort($sorter);
	foreach ($sorter as $ii => $va) {
	    $ret[$ii] = $array[$ii];
	}
	$array = $ret;
}
aasort($your_array,"order");
?>

Apache 2.4 global IP blocking list for all vhosts

It is a pain in the ass to set a bunch of IP adresses in each vhost or where ever you need it. But with Apache 2.4 it is quiet easy to have a global list and use that anywhere in your config.

 

Define BADIPS "188.40 46.4 176.9 46.166 46.21 78.46 91.207.7.21 0.0.0.0 91.207.7.182"
<VirtualHost *:80>
    ServerName mariobrandt.de
    ServerAlias www.mariobrandt.de
    DocumentRoot /var/www/
    FileETag MTime Size
    <Directory /var/www/>
        Options Indexes FollowSymLinks Multiviews ExecCGI
        AllowOverride None
    <RequireAll>
    Require all granted
    Require not ip ${BADIPS}
    </RequireAll>
        AddHandler fcgid-script .php
        FCGIWrapper /usr/bin/php5-cgi .php
    </Directory>
    ErrorLog /var/log/apache2/mario_error.log
    LogLevel warn

    CustomLog /var/log/apache2/mario_access.log combined

</VirtualHost>

virtualbox not identified network

When you install Virtualbox on Windows Vista or Windows 7 it will install an additional virtual network adapter on the host system. This “Virtualbox Host-Only Adapter” causes the Windows network detection to show an additional “unidentified” network. And while this “unidentified” network is present the windows firewall settings will stay on “Public”. This behavior is undesirable because you want to be able to switch your firewall settings based on your location (home/work/public).

virtualbox not identified network

The solution: Edit your registry and make that networks a NdisDeviceType.  Open regedit and navigate to HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}
Browse through the subkeys (named 0000, 0001, etc) until you find the subkey containing the virtualbox network adapter, this is the one where the “
DriverDesc” key has “VirtualBox Host-Only Ethernet Adapter” as value.  Add a new DWORD value with a name of “*NdisDeviceType” and a value of “1” Disable en re-enable the virtuabox host-only network adapter.

Why that works? From http://msdn.microsoft.com/en-us/library/bb201634.aspx

*NdisDeviceTypeThe type of the device. The default value is zero, which indicates a standard networking device that connects to a network. Set *NdisDeviceType to NDIS_DEVICE_TYPE_ENDPOINT (1) if this device is an endpoint device and is not a true network interface that connects to a network. For example, you must specify NDIS_DEVICE_TYPE_ENDPOINT for devices such as smart phones that use a networking infrastructure to communicate to the local computer system but do not provide connectivity to an external network.

 

mod_fcgid is polluting my error log on windows

Well I really like mod_fcgid with PHP on my Apaches on Windows. But since every time a PHP process get it’s signal to die, mod_fcgid creates on windows an entry in the error log cause the graceful stop always fails.

There in a patch for that! I made a bug report (54597), but it didn’t go in the code yet.  If you wanna patch it yourself, here it is.

--- modules/fcgid/fcgid_pm_main.c	(revision 1448988)
+++ modules/fcgid/fcgid_pm_main.c	(working copy)
@@ -333,10 +333,17 @@ 
                                   current_node->proc_pool);
         }
         else {
+#ifndef WIN32
             ap_log_error(APLOG_MARK, APLOG_WARNING, 0, main_server,
                          "mod_fcgid: process %" APR_PID_T_FMT
                          " graceful kill fail, sending SIGKILL",
                          current_node->proc_id.pid);
+#else
+            ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, main_server,
+                         "mod_fcgid: process %" APR_PID_T_FMT
+                         " graceful kill fail, sending SIGKILL",
+                         current_node->proc_id.pid);
+#endif
             proc_kill_force(current_node, main_server);
         }
     }