I installed Apache 2.4.41 and PHP-FPM 7.4 on Ubuntu 20.04 by following the commands below:
sudo apt install apache2
sudo apt install php libapache2-mod-php
sudo a2dismod php7.4
sudo a2dismod mpm_prefork
sudo a2enmod mpm_event
sudo apt install php-fpm
sudo apt install libapache2-mod-fcgid
sudo a2enconf php7.4-fpm
sudo a2enmod proxy
sudo a2enmod proxy_fcgi
By default the 000-default site is enabled on Apache and I can access it via IP. When creating a PHP and HTML file in the /var/www/html directory, I can access these files normally, eg: http://EXAMPLE-IP/file.php
But when creating a subdomain and trying to access the PHP file, the error No input file specified. is always displayed. In the apache log the message below is displayed:
AH01071: Got error 'Unable to open primary script: /var/www/html/subdomain.example.com/index.php (No such file or directory)'
AH01071: Got error 'Unable to open primary script: /var/www/html/subdomain.example.com/index-2.php (No such file or directory)'
But HTML files within the subdomain are displayed correctly.
These are my configured VirtualHost:
000-default.conf
<VirtualHost *:80>
ServerAdmin example@example.com
DocumentRoot /var/www/html
LogLevel notice core:info
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ErrorLog syslog:local1
Header append X-FRAME-OPTIONS "SAMEORIGIN"
</VirtualHost>
<VirtualHost *:80>
ServerName MY-PUBLIC-IP
Redirect 403 /
ErrorDocument 403 "The operation had an error."
DocumentRoot /var/www/html
</VirtualHost>
subdomain.example.com
<VirtualHost *:80>
ServerAdmin example@example.com
ServerName subdomain.example.com
ServerAlias subdomain.example.com
DocumentRoot /var/www/html/subdomain.example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Header append X-FRAME-OPTIONS "SAMEORIGIN"
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /ssl-location/my-cert.crt
SSLCertificateKeyFile /ssl-location/my-cert.key
SSLCertificateChainFile /ssl-location/my-cert-intermediary.crt
Protocols h2 http/1.1
# HSTS (mod_headers is required) (15768000 seconds = 6 months)
Header always set Strict-Transport-Security "max-age=31536000"
Header append X-FRAME-OPTIONS "SAMEORIGIN"
<Directory /var/www/subdomain.example.com>
Options None
AllowOverride None
Require all granted
</Directory>
ServerAdmin example@example.com
ServerName subdomain.example.com
ServerAlias subdomain.example.com
DocumentRoot /var/www/html/subdomain.example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
conf-enabled/php7.4-fpm.conf
# Redirect to local php-fpm if mod_php is not available
<IfModule !mod_php7.c>
<IfModule proxy_fcgi_module>
# Enable http authorization headers
<IfModule setenvif_module>
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
</IfModule>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm.sock|fcgi://localhost"
</FilesMatch>
<FilesMatch ".+\.phps$">
# Deny access to raw php sources by default
# To re-enable it's recommended to enable access to the files
# only in specific virtual host or directory
Require all denied
</FilesMatch>
# Deny access to files without filename (e.g. '.php')
<FilesMatch "^\.ph(ar|p|ps|tml)$">
Require all denied
</FilesMatch>
</IfModule>
</IfModule>
What could be happening for him not to read the PHP files inside that subdomain?
For security (following the CIS Benchmark document), I edited the ports file in Apache2 to only allow the public and local server IPs to be used to access the server. But leaving just Listen 80 and Listen 443 had no effect.
source https://stackoverflow.com/questions/67909722/php-fpm-and-apache-error-no-input-file-specified-in-subdomains
Hello, my name is Muhammad Athar. I'm a 17 year old student. I'm a Web Developer, Designer and Freelancer.
No comments:
Post a Comment