Question

How to configure Apache and PHP-FPM to support multiple subdomains?

I have an Apache server that will have several subdomains running inside it, eg:

I installed Apache 2.4.41 and PHP-FPM 7.4 on Ubuntu 20.04 by following the commands below:

sudo apt install apache2
sudo apt install php libapache2-mod-php
sudo a2dismod php7.4
sudo a2dismod mpm_prefork
sudo a2enmod mpm_event
sudo apt install php-fpm
sudo apt install libapache2-mod-fcgid
sudo a2enconf php7.4-fpm
sudo a2enmod proxy
sudo a2enmod proxy_fcgi

I just did that, nothing more, PHP-FPM is running normally according to phpinfo().

By default the 000-default site is enabled on Apache and I can access it via IP. When creating a PHP and HTML file in the /var/www/html directory, I can access these files (PHP and HTML) normally, for example: http://EXAMPLE-IP/file.php

But when creating a subdomain and trying to access any PHP file, the error No input file specified. is always displayed. In the apache log, the message below is displayed:

AH01071: Got error 'Unable to open primary script: /var/www/html/subdomain.example.com/index.php (No such file or directory)'

AH01071: Got error 'Unable to open primary script: /var/www/html/subdomain.example.com/index-2.php (No such file or directory)'

But HTML files within the subdomain are always displayed correctly.

These are my configured VirtualHost:

000-default.conf

<VirtualHost *:80>
    ServerAdmin example@example.com
    DocumentRoot /var/www/html

    LogLevel notice core:info
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    ErrorLog syslog:local1

    Header append X-FRAME-OPTIONS "SAMEORIGIN"

</VirtualHost>

<VirtualHost *:80>
    ServerName MY-PUBLIC-IP
    Redirect 403 /
    ErrorDocument 403 "The operation had an error."
    DocumentRoot /var/www/html
</VirtualHost>

This is a subdomain (one of several):

subdomain.example.com

<VirtualHost *:80>
    ServerAdmin example@example.com
    ServerName subdomain.example.com
    ServerAlias subdomain.example.com
    DocumentRoot /var/www/html/subdomain.example.com
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    Header append X-FRAME-OPTIONS "SAMEORIGIN"

    RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>

<VirtualHost *:443>
    SSLEngine on

    SSLCertificateFile      /ssl-location/my-cert.crt
    SSLCertificateKeyFile   /ssl-location/my-cert.key
    SSLCertificateChainFile /ssl-location/my-cert-intermediary.crt

    Protocols h2 http/1.1

    # HSTS (mod_headers is required) (15768000 seconds = 6 months)
    Header always set Strict-Transport-Security "max-age=31536000"

    Header append X-FRAME-OPTIONS "SAMEORIGIN"

    <Directory /var/www/subdomain.example.com>
        Options None
        AllowOverride None
        Require all granted
    </Directory>

    ServerAdmin example@example.com
    ServerName subdomain.example.com
    ServerAlias subdomain.example.com
    DocumentRoot /var/www/html/subdomain.example.com
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

For security reasons, recommended by the OWASP documentation, I set in php.ini the value doc_root = /var/www/html/, but if I change it to doc_root = /var/www/html/subdomain.example.com, PHP files work on my subdomain, and /var/www/html files no longer.

How do I configure doc_root dynamically for these subdomains in PHP-FPM, without needing to have a dedicated physical server for each subdomain?

Note: This is my Apache FPM configuration file:

conf-enabled/php7.4-fpm.conf

# Redirect to local php-fpm if mod_php is not available
<IfModule !mod_php7.c>
<IfModule proxy_fcgi_module>
    # Enable http authorization headers
    <IfModule setenvif_module>
    SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
    </IfModule>

    <FilesMatch ".+\.ph(ar|p|tml)$">
        SetHandler "proxy:unix:/run/php/php7.4-fpm.sock|fcgi://localhost"
    </FilesMatch>
    <FilesMatch ".+\.phps$">
        # Deny access to raw php sources by default
        # To re-enable it's recommended to enable access to the files
        # only in specific virtual host or directory
        Require all denied
    </FilesMatch>
    # Deny access to files without filename (e.g. '.php')
    <FilesMatch "^\.ph(ar|p|ps|tml)$">
        Require all denied
    </FilesMatch>
</IfModule>
</IfModule>
Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hi there @ElTommy,

The configuration actually looks all good. The error indicates that the path might not be correct.

Do you see the index.php file when running an ls command:

ls -lah /var/www/html/subdomain.example.com

Feel free to share the output here. Regards, Bobby