SiteHost

Upgrading Apache Image from v1 to v2

In late 2018 we updated many of our Cloud Container images bringing the release of the 2.X.X versions. These images included an upgrade to Ubuntu Bionic (18.04), newer versions of PHP, Node, Apache and more. The big change and what this article is about is the switch in Apache from using the FastCGI module to the proxy_fcgi module.

We won't get into the technical details here of what led to this change but in short it requires a few configuration changes on when updating to a version 2.x.x image. For containers that use our official Apache images we automate this process for you, but it's still worth understanding what we change just in case something goes wrong. If however you use a custom image you will need to follow these steps manually yourself.

1. PHP Idle Timeout

In the /container/config/apache/mods-available/fastcgi.conf file, look for the following line:

FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -socket /var/run/php5-fpm.sock -idle-timeout 60 -pass-header Authorization

Get the value after the -idle-timeout parameter (in this case: 60) and note it down, you'll need this soon.

2. Remove FastCGI Configuration Files

The following files need to be removed:

/container/config/apache/mods-available/fastcgi.conf
/container/config/apache/mods-available/fastcgi.load
/container/config/apache/mods-enabled/fastcgi.conf
/container/config/apache/mods-enabled/fastcgi.load

3. Add New proxy_fcgi Configuration

a) Add CGIPassAuth on line inside the root Directory directive. If you have multiple Directory directives and are not sure which directive to add, you can append it to every Directory directives in the configuration file. For instance: 

<Directory /var/www/html/public>
    Options -Indexes +FollowSymLinks
    AllowOverride All
    Require all granted
    CGIPassAuth on
</Directory>

b) Add ProxyTimeout %value% line in the VirtualHost directive. The %value% is the one that you get in the first step. For example: 

ProxyTimeout 60

c) Add <FilesMatch> block in the VirtualHost directive. This allows Apache to set the PHP handler and passes all requests for PHP script to the specified FastCGI server using reverse proxy: 

<FilesMatch "\.php$">
    SetHandler "proxy:unix:/var/run/php5-fpm.sock|fcgi://localhost"
</FilesMatch>

This is the final example configuration:

<VirtualHost *:80>
    #ServerName www.example.com

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html/public

    # Fix for HTTPoxy
    RequestHeader unset Proxy early

    <Directory /var/www/html/public>
        Options -Indexes +FollowSymLinks
        AllowOverride All
        Require all granted
        CGIPassAuth on
    </Directory>

    ProxyTimeout 60

    <FilesMatch "\.php$">
        SetHandler "proxy:unix:/var/run/php5-fpm.sock|fcgi://localhost"
    </FilesMatch>

    SetEnvIf X-Forwarded-Proto https HTTPS=on

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

The steps above apply for all files the in /container/config/apache/sites-enabled/ folder