A Stone Bell

Deep and Sonorous, or maybe just a Dull Thud?


Running PHP securely under apache

The equipel Virtual Host Definition File

This is the actual, full virtual host file from my server /etc/apache2/sites-enabled/equipel.co.uk.conf


<VirtualHost *:80>
  ServerAdmin webmaster@everiware.co.uk
  ServerName equipel.co.uk
  ServerAlias www.equipel.co.uk
  ErrorLog /var/log/apache2/equipel.co.uk-error_log
  CustomLog /var/log/apache2/equipel.co.uk-error_log combined
  ServerSignature Email

  RewriteEngine On

  <Directory /usr/lib/cgi-bin>
    Require all granted

  AddHandler php7-fcgi-equipel.co.uk .php
  Action php7-fcgi-equipel.co.uk /php7-fcgi-equipel.co.uk virtual
  Alias /php7-fcgi-equipel.co.uk /usr/lib/cgi-bin/php7-fcgi-equipel.co.uk
 FastCgiExternalServer /usr/lib/cgi-bin/php7-fcgi-equipel.co.uk  -socket /run/php/php7.0-fpm.equipel.co.uk.sock  -pass-header Authorization -flush

  DocumentRoot /var/www/equipel.co.uk/htdocs
   <Directory /var/www/equipel.co.uk/htdocs>
      <FilesMatch “.+\.ph(p[345]?|t|tml)$”>
         SetHandler php7-fcgi-equipel.co.uk
    Options +Indexes +FollowSymLinks +MultiViews
    AllowOverride All
    Order allow,deny
    allow from all


Just asfter the RewriteEngine On normally I’d also have

RewriteCond %{HTTP_HOST} ^www\.equipel\.co\.uk
RewriteRule ^(.*)$ http://equipel.co.uk/$1 [R=301,L]

To change any www.equipel.co.uk queries from a browser to plain equipel.co.uk ones, but this is a WordPress site with a complicated .htaccess to do its own rewriting, so I just had to enable Apache rewrites and left it at that.

It’s a shame that you can’t simple put comments into an virtual host file, except by “cheating”, which is another article.

Does the use of AddHandler php7-fcgi-equipel.co.uk .php mean that the FilesMatch “.+\.ph(p[345]?|t|tml)$ is pvrkill? I think it does and I should find out and I’ll revise this article.

- No Comments on this Post -