Differences between revisions 6 and 7
Revision 6 as of 2009-08-18 12:42:12
Size: 6322
Editor: monster05
Comment:
Revision 7 as of 2009-10-08 13:28:49
Size: 6325
Editor: heman
Comment:
Deletions are marked like this. Additions are marked like this.
Line 17: Line 17:
`/usr/galen/netvar/apache/logs/error_log.people` `/usr/galen/netvar/apache/logs/error_log.people_ee_ssl` `/usr/galen/netvar/apache/logs/error_log.people`

`/usr/galen/netvar/apache/logs/error_log.people_ee_ssl`

Running PHP applications

Another option for creating dynamic Web content is PHP - the PHP: Hypertext Preprocessor, a very popular HTML-embedded scripting language (see http://www.php.net).

In April 2005, we implemented some changes affecting the integration of PHP into the Apache Web server. With many installations, PHP runs as a module (libphp4.so or libphp5.so) within Apache. While this is good for performance reasons, it has some serious drawbacks as far as Web server security is concerned - every PHP application runs under the same account (in our case, it's the httpd user). Other users on the people.ee.ethz.ch Web server might therefore interfere with your PHP applications, all your PHP files have to be readable by the httpd user, safe mode needs to be enabled in order to prevent further damage etc. ... but fortunately, all this no longer applies to the setup on the people.ee.ethz.ch Web server. We're now using mod_fastcgi to link PHP to Apache.

The following list of questions and answers should help to clear things up.

My PHP application doesn't work. What should I do?

The first thing you should do is to have a look at the error log file written by Apache. You can find the error log files under

/usr/galen/netvar/apache/logs/error_log.people

/usr/galen/netvar/apache/logs/error_log.people_ee_ssl

These directories (automounted by NFS) might not be available on all UNIX workstations; if you can't find them simply log in to galen (with ssh people.ee.ethz.ch), where they are available under /var/log/apache.

Can I have my own PHP settings (php.ini)?

Yes you can. That's one of the advantages of our setup.

Create a .php subdirectory in your home directory (mkdir ~/.php) and put a php.ini file in this subdirectory. For a list of the parameters you can set in php.ini, have a look at http://www.php.net/manual/en/ini.php

Please note that PHP only reads the settings from your php.ini when the PHP interpreter starts for the first time, so to make sure your changes to your php.ini become effective, you can either wait for the next day (see the question below about the lifetime of your PHP processes) or manually kill your current PHP process(es) - they are automatically restarted by mod_fastcgi:

joe@galen:~> pkill -u $USER -f php 

You can use pgrep -u $USER -fl php to see whether you have any persistent PHP processes running. And make sure that you are running this command on the people.ee.ethz.ch Web server itself (i.e. on galen).

What about PHP security (file permissions etc.)?

Security has definitely improved with the new setup. You no longer have to make your PHP scripts (with passwords for database access or similar) readable for the httpd user, nor does a directory have to be writable for httpd. You can set the permissions for your .php files to a mode as tight as 0400 (-r--------, for read-only access) or 0600 (-rw-------, read-write access). No fiddling with ACLs (setfacl) is required any more.

Note that we still recommend to run your PHP applications under safe mode (see http://www.php.net/manual/en/features.safe-mode.php). After all, the PHP code now runs with the rights of your account, and you have to take the responsibility for the proper use for this (cf. http://computing.ee.ethz.ch/overview/rules.en.html).

To enable safe mode, put this line into your ~/.php/php.ini file:

safe_mode = On

and then restart your PHP process, if necessary (see above).

To learn more about PHP and security we recommend these URLs as starting points:

How long will "my" PHP process survive?

There is no exact answer to this question. The minimum lifetime of your PHP process depends on how many other users have concurrent PHP processes running (with the current setting, mod_fastcgi will probably first kill those which have been idle for the longest amount of time). Depending on our experience with the platform, we might modify these settings from time to time, so we can't really give you an exact answer, as stated above. The maximum lifetime of a PHP process, BTW, is 24 hours - at 0:10 a.m. every day Apache's log files are rotated, which will also result in your PHP process being shut down.

Why does my PHP based page take so long to show up in the browser?

Probably because it's the first time you open the page on this very day. Apache first checks if there is already a PHP process available which runs under your account, and if it doesn't find one, there is some overhead to get an initial process started. After the first request to a PHP based page on your Web site, the PHP performance should be much higher.

How can I use/install additional PEAR modules?

With our PHP installation, we're providing basic PEAR modules. If you require additional modules for your project, follow these steps in your login shell:

# switch to your home directory
cd ~
# download PEAR installer
wget -O installer.php http://pear.php.net/go-pear
# run the installer
php installer.php
# the installer asks for a install prefix, we recommend /home/YOURUSERNAME/pear.
# the installer will put the pear binary (used to install modules) into the 'bin' directory
# below the install prefix. either add that directory to your PATH environment or
# call it with the absolute path to install packages, e.g. to install the HTTP_Client package:
pear install HTTP_Client
# to make your PHP application find the additional PEAR packages, you can either
# A) modify /home/YOURUSERNAME/.php/php.ini and set the include_path to let it
#      point to /home/YOURUSERNAME/pear/PEAR or
# B) do it inside your scripts, e.g.
# <? set_include_path(get_include_path().PATH_SEPARATOR.'/home/YOURUSERNAME/pear/PEAR'); ?>

Web/Homepage/PHP (last edited 2022-07-15 12:03:03 by stroth)