I have an Apache server that will have several subdomains running inside it, eg:
I installed Apache 2.4.41 and PHP-FPM 7.4 on Ubuntu 20.04 by following the commands below:
sudo apt install apache2
sudo apt install php libapache2-mod-php
sudo a2dismod php7.4
sudo a2dismod mpm_prefork
sudo a2enmod mpm_event
sudo apt install php-fpm
sudo apt install libapache2-mod-fcgid
sudo a2enconf php7.4-fpm
sudo a2enmod proxy
sudo a2enmod proxy_fcgi
I just did that, nothing more, PHP-FPM is running normally according to phpinfo()
.
By default the 000-default site is enabled on Apache and I can access it via IP. When creating a PHP and HTML file in the /var/www/html directory, I can access these files (PHP and HTML) normally, for example: http://EXAMPLE-IP/file.php
But when creating a subdomain and trying to access any PHP file, the error No input file specified. is always displayed. In the apache log, the message below is displayed:
AH01071: Got error 'Unable to open primary script: /var/www/html/subdomain.example.com/index.php (No such file or directory)'
AH01071: Got error 'Unable to open primary script: /var/www/html/subdomain.example.com/index-2.php (No such file or directory)'
But HTML files within the subdomain are always displayed correctly.
These are my configured VirtualHost:
000-default.conf
<VirtualHost *:80>
ServerAdmin example@example.com
DocumentRoot /var/www/html
LogLevel notice core:info
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ErrorLog syslog:local1
Header append X-FRAME-OPTIONS "SAMEORIGIN"
</VirtualHost>
<VirtualHost *:80>
ServerName MY-PUBLIC-IP
Redirect 403 /
ErrorDocument 403 "The operation had an error."
DocumentRoot /var/www/html
</VirtualHost>
This is a subdomain (one of several):
<VirtualHost *:80>
ServerAdmin example@example.com
ServerName subdomain.example.com
ServerAlias subdomain.example.com
DocumentRoot /var/www/html/subdomain.example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Header append X-FRAME-OPTIONS "SAMEORIGIN"
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /ssl-location/my-cert.crt
SSLCertificateKeyFile /ssl-location/my-cert.key
SSLCertificateChainFile /ssl-location/my-cert-intermediary.crt
Protocols h2 http/1.1
# HSTS (mod_headers is required) (15768000 seconds = 6 months)
Header always set Strict-Transport-Security "max-age=31536000"
Header append X-FRAME-OPTIONS "SAMEORIGIN"
<Directory /var/www/subdomain.example.com>
Options None
AllowOverride None
Require all granted
</Directory>
ServerAdmin example@example.com
ServerName subdomain.example.com
ServerAlias subdomain.example.com
DocumentRoot /var/www/html/subdomain.example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
For security reasons, recommended by the OWASP documentation, I set in php.ini the value doc_root = /var/www/html/
, but if I change it to doc_root = /var/www/html/subdomain.example.com
, PHP files work on my subdomain, and /var/www/html
files no longer.
How do I configure doc_root dynamically for these subdomains in PHP-FPM, without needing to have a dedicated physical server for each subdomain?
Note: This is my Apache FPM configuration file:
conf-enabled/php7.4-fpm.conf
# Redirect to local php-fpm if mod_php is not available
<IfModule !mod_php7.c>
<IfModule proxy_fcgi_module>
# Enable http authorization headers
<IfModule setenvif_module>
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
</IfModule>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm.sock|fcgi://localhost"
</FilesMatch>
<FilesMatch ".+\.phps$">
# Deny access to raw php sources by default
# To re-enable it's recommended to enable access to the files
# only in specific virtual host or directory
Require all denied
</FilesMatch>
# Deny access to files without filename (e.g. '.php')
<FilesMatch "^\.ph(ar|p|ps|tml)$">
Require all denied
</FilesMatch>
</IfModule>
</IfModule>
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi there @ElTommy,
The configuration actually looks all good. The error indicates that the path might not be correct.
Do you see the
index.php
file when running anls
command:Feel free to share the output here. Regards, Bobby