I have migrated some sites from CentOS6.02, Apache 2.2 with a dedicated machine… to Ubuntu 14.04 LTS with default distro comes with Apache 2.4.7 (Linode servers), some sites on their own IP before moved to a shared IP on the same linode (small sites with very little content or CPU requirements I ganged together on the same cloud server/shared IP)
Back up the sites in VirtualMin… SCP over to the new box, restore; tweak some database settings and mostly things are working well.
But I have one little site that has a “pesky” problem with PHP. I’m running Dokuwiki on this server in
Dokuwiki is a PHP CMS and I Love its ACL model… but even though I have set all directories to be properly owned owner “mywikidomain” and all permissions look exactly the same as on the old box (644 for all the editable wiki pages) and I have the ACL set up for admin to be able to edit any page… Dokuwiki is saying “this page is read only…”
When I try to edit any page and tail the error_log we see:
[Fri May 15 18:19:20.763407 2015] [access_compat:error] [pid 17219] [client 22.214.171.124:62559] AH01797: client denied by server configuration: /home/mywikidomain/public_html/tryit/data/security.png, referer: http://mywikidomain.org/tryit/doku.php?id=visitor_care:visitor_calendar&do=admin
[Fri May 15 18:21:57.798944 2015] [core:error] [pid 17203] [client 126.96.36.199:60842] AH00082: an unknown filter was not added: includes
After further research on those php sites I migrated that are working… I note that after the migration…and restore with Virtual min… the PHP execution mode is set FCGId on the sites that are working.
I can also see in these httpd.conf directives for those sites for the public_html site and the cgi-bin
AddHandler fcgid-script .php
AddHandler fcgid-script .php5
FCGIWrapper /home/domainthatworks/fcgi-bin/php5.fcgi .php
FCGIWrapper /home/domainthatworks/fcgi-bin/php5.fcgi .php5
these are running fine and really fast on the new Linode SSD drives…
Now… mywikidomain has moved from being on it’s own IP to a shared IP and after restore we see the PHP execution mode is set to mod_php run as Apache Owner… I am pretty certain this is the root of my permissions problems with Dokuwiki…
Switching to FCGId seems like the obvious thing to do… But when I try to do that from inside the VirtualMin Website Options panel, I get this error:
“Changing PHP execution mode to FCGId (run as virtual server owner) …
Failed to save website options : No section found for mod_fcgid directives”
This does not make sense, because there is a section in the httpd.conf which I can see if I go to the configure web site GUI area and edit directives… we see this:
Options -Indexes +IncludesNOEXEC +SymLinksifOwnerMatch +ExecCGI
Require all granted
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
AddType application/x-httpd-php5 .php5
AddType application/x-httpd-php .php
I suppose I could be brave and try to just add the above lines (from the sites that work) manually to the httpd.conf directives manually and remove the AddType application lines and pray that it works… but… (hehe) “If you don’t know what you are doing, stop!”
I already messed with the assigned SUEXEX user and group ID’s (which are different on this virtual server for some reason… SuexecUserGroup “#1009” “#1004” when they are both the same on all other servers we have migrated using Virtualmin… ) I tried manually changing the group to #1009 and broke execution of all my other CGI’s (ha!) and so I put it back to #1004. I add this because it is the one other thing that is different from all the sites that do work.
And now I am “gun shy” about manually editing the directives to get PHP to execute.
So bottom line: How do I switch the execution mode for PHP to FCGId on this server and why does it fail to find the section (which is clearly there) when we attempt to do so? the string “public_html” is there in that pane as you would expect when I click “save” after clicking on the radio button to choose FCGId