I have CentOS 7, with Apache 2.4.46. I have done pretty much every thing available on internet. I am getting the below error
The mpm module (prefork.c) is not supported by mod_http2. The mpm
determines how things are processed in your server. HTTP/2 has more
demands in this regard and the currently selected mpm will just not
do. This is an advisory warning. Your server will continue to work,
but the HTTP/2 protocol will be inactive.
My apache is running from /usr/local/apache2/.
I have seen, I may need to use php-fpm module to run this.
I have made changes on my live server and It is kinda stuck now. Though work impact is very less but I really want to learn what wrong am I doing
You would need to:
Disable mod_mpm_prefork
Disable mod_php (disable the php module, what ever it's named, example: libphp7)
Enable mod_mpm_event
Enable mod_http2
Enable mod_proxy
Enable mod_proxy_fcgi
Enable mod_setenvif
Install PHP-FPM using yum install php-fpm, or you might need to specify the version yum install php7-fpm or php8-fpm, and then start the PHP-FPM service after installation of that, using systemctl start php-fpm or php7-fpm/php8-fpm.
Add the following to Apache configuration:
<FilesMatch "*\.php">
SetHandler "proxy:fcgi://localhost:9000"
</FilesMatch>
If it is running as an UNIX socket, you would need to change it to:
<FilesMatch "*\.php">
SetHandler "proxy:unix:/path/to/php-fpm.sock|fcgi://localhost:9000"
</FilesMatch>
Restart Apache
Related
I'm having trouble setting Lucce to run on Apache in a CentOS 9 machine.
The steps I've followed are bellow:
Installed .run file from https://downloads.lucee.org
Left the default for apachectl, httpd conf and http modules (I've already checked and it seems they're correct, I can provide the values if you need)
Set Tomcat to run on port 8888, the default value (tomcat is in fact running because i can access it externally)
Accepted to install Apache connector
Accepted to install mod_cfml
Then, when Lucee is being installed, I get a post-install step error, mentioning that the installation may not complete correctly:
Error running /opt/lucee/sys/install_mod_proxy.sh -m install -t 8888 -f
/etc/httpd/conf/httpd.conf -c /usr/sbin/apachectl: apachectl: The "-M" option is
not supported.
apachectl: The "-M" option is not supported.
But the installation process ends and everything seems to be fine.
Tomcat is running (I can access through domain.com:8888)
Proxy is added to httpd.conf file with the following rules
<IfModule mod_proxy.c>
ProxyPreserveHost On
ProxyPassMatch ^/(.+\.cf[cm])(/.*)?$ http://127.0.0.1:8888/$1$2
ProxyPassMatch ^/(.+\.cfml)(/.*)?$ http://127.0.0.1:8888/$1$2
# optional mappings
#ProxyPassMatch ^/flex2gateway/(.*)$ http://127.0.0.1:8888/flex2gateway/$1
#ProxyPassMatch ^/messagebroker/(.*)$ http://127.0.0.1:8888/messagebroker/$1
#ProxyPassMatch ^/flashservices/gateway(.*)$ http://127.0.0.1:8888/flashservices/gateway$1
#ProxyPassMatch ^/openamf/gateway/(.*)$ http://127.0.0.1:8888/openamf/gateway/$1
#ProxyPassMatch ^/rest/(.*)$ http://127.0.0.1:8888/rest/$1
ProxyPassReverse / http://127.0.0.1:8888/
</IfModule>
mod_cfml is loaded in httpd.conf file
LoadModule modcfml_module modules/mod_cfml.so
CFMLHandlers ".cfm .cfc .cfml"
ModCFML_SharedKey "{{ shared_key_here }}"
LogHeaders false
LogHandlers false
LogAliases false
VDirHeader false
In the end I restarted Lucee and Apache services and created a index.cfm file in /var/www/html, but when I try o access it I get a 503 error.
The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
Catalina.out logs from tomcat and error_logs from apache dont give me any hints on whats happerning.
Can anyone point me any direction to solve this?
Any additional info you may need in order to help me fell free to ask.
Thanks.
So I found that my machine had SE (Security Enhanced) enabled, and there was a setting that prevented the request to be correctly proxied to tomcat, which is httpd_can_network_connect.
I had to run /usr/sbin/setsebool httpd_can_network_connect true in order to make it work, after this and restarting httpd service, everything was ok!
We have Apache 2.4.34 on a Red Hat Linux Server and I need to remove Server: Apache from the response header.
Is there any easy way to do that without mod_security?
If we need to do it with mod_security only, I have checked the Apache 2.4 documentation and it appears Apache 2.4 wont come with mod_security by default.
Can any one tell me the detailed steps how to install mod_security on Red Hat Linux?
Does mod_security have to be separate from Apache?
How we can configure or make Apache 2.4 to use mod_security?
Do we just need to configure in httpd.conf the same as we load other modules?
I'm using mod_proxy_fcgi with apache 2.4 on a debian Jessie with my C++ application which does ServerSentEvents with libfcgipp.
My problem is, that apache still buffers my response data. I confirmed that it isn't buffered by the libfcgipp library by using wireshark: After starting the fcgi application via spawn-fcgi, the data gets send to the apache web server as soon as possible. But in my browser (which I use for testing, later there will be a C++ client) it only shows up after I "killed"/closed the sending request in the server application.
So I assume I need to disable buffering for either apache or mod_proxy_fcgi (or both). But I cannot find the appropriate documentation on how to do this.
As the result of a subsequent discussion on the httpd-dev mailing list, support for flushpackets and flushwait was added to mod_proxy_fcgi in r1802040 and backported for Apache 2.4.31 in r1825765. If you are using Apache 2.4.31 or later, you can disable buffering using <Proxy flushpackets=on> as described in the BigPipe documentation:
<FilesMatch "\.php$">
# Note: The only part that varies is /path/to/app.sock
SetHandler "proxy:unix:/path/to/app.sock|fcgi://localhost/"
</FilesMatch>
# Define a matching worker.
# The part that is matched to the SetHandler is the part that
# follows the pipe. If you need to distinguish, "localhost; can
# be anything unique.
<Proxy "fcgi://localhost/" enablereuse=on flushpackets=on max=10>
</Proxy>
Note: flushpackets and flushwait are currently only included in the Apache mod_proxy_fcgi documentation for trunk because r1808129 has not been backported to the 2.4.x branch.
A few notes, since I just spent the past few hours experimenting to find the answer to this question:
It's not possible to entirely disable output buffering when using mod_proxy/mod_proxy_fcgi, however, you can still have responses streamed in chunks.
It seems, based on my experimentation, that chunks have to be at least 4096 bytes before the output will be flushed to the browser.
You can disable output buffering with the mod_fastcgi or mod_fcgi module, but those mods aren't as popular/widely used with Apache 2.4.
If you have mod_deflate enabled and don't set SetEnv no-gzip 1 for the virtualhost/directory/etc. that's streaming data, then gzip will not allow the buffer to flush until the request is complete.
I was testing things out to see how to best use Drupal 8's new BigPipe functionality for streaming requests to the client, and I posted some more notes in this GitHub issue.
I'm installing Apache 2.4.7 with PHP5 and I use fcgid and suexec.
I read that some people use PHP-FPM with fastcgi, but I don't know if they are speaking about the old fastcgi or the new fcgid.
Anyway, I want to know if my configuration of fcgid without PHP-FPM is correct or I need to install and configure PHP-FPM to have all the functionality?
Which is the advantage and disadvantage of putting fcgid and PHP-FPM together, in the case that it is correct?
I've been able to rather easily get facebooks hhvm working from prebuilt debian packages as well as compile it, and afterwards to run it behind apache as a proxy. The problem with the proxy setup is though, that I can't get response headers other than http status code 200 - like 304 for example - through. It's not the proxy config of apache, but something wrt hhvm and apache interact, or even in hhvm.
Anyway, HHVM officially stopped supporting the standalone server, and they're moving over to fastcgi, and as all of our servers are running Debian, I don't have access to mod_proxy_fastcgi without compiling it (the only backports I found of apache 2.4 don't have mod_proxy_fastcgi backported unfortunately).
So I'm currently trying to get HHVM to run behind the old mod_fastcgi with apache 2.2. But currently I'm only getting "connect() failed" in the error log of apache, while hhvm is listening on :::1080
The important part of my apache config is
RemoveHandler application/x-httpd-php
FastCgiExternalServer /home/www/hhvm/hostname/htdocs/php5.fcgi -flush -host ip6-localhost:1080
AddType application/x-hhtpd-fastphp5 .php
Action application/x-httpd-fastphp5 /php5.fcgi
Alias /php5.fcgi /home/www/hhvm/hostname/htdocs/php5.fcgi
netstat also lists hhvm as listening on :::1080 and I can connect to it via telnet
Any Ideas on what I need to change so it works?
Looks like a IP6 port problem. Try \[ip6-localhost\]:1080 . Not sure if this has side effects in Apache.
How do ports work with IPv6?