PHP Handlers :-
In order to run a PHP site, the server must interpret the PHP code and generate a page most probably in HTML format that should be easily readable by the browser, when visitors access the website.A PHP handler actually loads the libraries so that they can be used for interpretation of PHP code.
There are multiple different handlers that can be used for loading PHP :-
- CGI
- DSO
- suPHP
-FastCGI.
Each handler delivers the libraries through different files and implementations. Each file and implementation affects Apache’s performance, because it determines how Apache serves PHP.
It is essential for your server’s performance that you select the handler that fits your situation. Selecting the right handler is just as important as the PHP version itself. One handler is not necessarily always better than another; it depends on your unique setup.
How to change the handler
Changing the handler on cPanel is very easy to do and only takes seconds. Log into WHM and navigate to:Main >> Service Configuration >> Configure PHP and SuExec
You simply select your PHP handler choice from the drop-down menu. Then hit “Save New Configuration”.
Most of the time, changing settings through WHM panel doesn't work. The only solution for this situation is :
# /scripts/easyapache
PHP handlers :-
* DSO (mod_php)
Apache 1.3 introduced a method to load the modules dynamically called as Dynamic Sharing Object (DSO ) running in an Apache web server. DSO allows to load additional modules to apache webserver anytime without recompiling an entire server.PHP as an Apache module is DSO.
It is also know as mod_php.
It runs PHP as an Apache module. This means that PHP scripts will run as the Apache user, which is the user: ‘nobody’.
Merits :-
- DSO is an older configuration
- Actually considered as the fastest PHP handler.
- Optimal utilization of resource usage.
-Additional modules can be added without recompilation of server-
De-Merits :-
- Files created by PHP scripts will have ownership as "NOBODY" - the situation is more prone to website compromise by an attacker. If an hacker finds an exploit in PHP script. This will give them the ability to modify files outside of that user’s account. This is really worst.
-Websites that need to upload files through PHP may face permission issues, due to conflicts settings of permissions.
- OS Platform restriction, since dynamic loading is not supported by some OS.
More Information
CGI
CGI stands for: Common Gateway Interface. CGI handler will run PHP as a CGI module. CGI still runs PHP processes as the Apache ‘nobody’ user. However, if you have suEXEC enabled, it will allow you to see the user that made the request.CGI is considered as Neither Secure Nor Fast. CGI is never recommended.
http://docs.cpanel.net/twiki/bin/view/AllDocumentation/WHMDocs/MorePhphandlers
suPHP
suPHP stands for Single user PHP. suPHP also runs PHP as a CGI module instead of an Apache module. The main difference, and the advantage of having suPHP, is that with suEXEC enabled it runs the PHP scripts as the user calling them, rather than as the 'nobody' user.suPHP is typically the default handler and is recommended by cPanel for serving PHP because you will be able to see which user owns the account that is running the PHP script.
suPHP is beneficial in that if you are using a file upload tool on your site (such as an automatic updater or theme/plug-in installer for WordPress), the files will already have the right ownership & permissions. Uploading and other WordPress functions will not work without suPHP or FastCGI.
Merits :-
- The security difference between suPHP and DSO is that suPHP confines an intruder to the particular user that he/she has affected. The exploit can't cross accounts, however it can affect every single file the user owns as opposed to just the files writable by the webserver.
- suPHP also offers a security advantage that any php script that is not owned by the particular user (such as another account or root) will not be executable.
De-Merits :-
- suPHP generally runs a much higher CPU load. In addition, you CANNOT use an Opcode Cache (such as eAccelerator, Xcache or APC) with suPHP. It is strongly recommend that you install a caching plug-into supplement. If you find that your server is still continually struggling with CPU usage, you will want to consider switching to DSO or FastCGI.
FastCGI
FastCGI also called as FCGI or mod_fcgid it is similar to suPHP and/or is a high performance variation of CGI. It has the security/ownership benefits of suPHP in that PHP scripts will run as the actual cPanel user as opposed to ‘nobody’.The difference with FastCGI is that it can drastically save on CPU performance and give speeds close to that of DSO. It can also be used with an opcode cacher like eAccelerator or APC, which can help further speed the loading of pages.
De-Merits :-
- FastCGI has a high memory usage. ( because rather than creating the PHP process each time it is called, like suPHP, it keeps a persistent session open in the background).
Go through below Image that will depict the PHP Handler :-
How to check current PHP Handler on server :-
# /usr/local/apache/bin/rebuild_phpconf --current
How to enable mod_fcgid on Shared/Reseller Server :-
Simply add
"AddHandler fcgid-script" and the extension you want into your .htaccess file
AddHandler fcgid-script .php
The apache MPM must be tuned properly first. Prefork should not be used with FastCGI.
Standard Config
Be sure to modify these settings as applicable for the environment
you are installing fastcgi in. These directives go in the
pre_virtualhost_global.conf
<IfModule
mod_fcgid.c>
FcgidIdleTimeout 3600
FcgidIdleScanInterval 480
FcgidBusyTimeout 1800
FcgidBusyScanInterval 480
FcgidZombieScanInterval 12
FcgidErrorScanInterval 12
FcgidProcessLifeTime 0
# Change the rate at which new FastCGI processes are spawned under load. Higher=faster
FcgidSpawnScoreUpLimit 10
# Higher number = spawning more FastCGI processes decreases the spawn rate (controls runaway
FcgidSpawnScore 1
# Higher number = terminating FastCGI processes decreases the spawn rate (controls runaway)
FcgidTerminationScore 2
# Increase the FastCGI max request length for large file uploads (needed for some sites)
FcgidMaxRequestLen 1073741824
FcgidMaxRequestsPerProcess 100000
#FcgidMinProcessesPerClass 3
FcgidMaxProcessesPerClass 16
FcgidMaxProcesses 64
FcgidIOTimeout 1800
</IfModule>
FcgidIdleTimeout 3600
FcgidIdleScanInterval 480
FcgidBusyTimeout 1800
FcgidBusyScanInterval 480
FcgidZombieScanInterval 12
FcgidErrorScanInterval 12
FcgidProcessLifeTime 0
# Change the rate at which new FastCGI processes are spawned under load. Higher=faster
FcgidSpawnScoreUpLimit 10
# Higher number = spawning more FastCGI processes decreases the spawn rate (controls runaway
FcgidSpawnScore 1
# Higher number = terminating FastCGI processes decreases the spawn rate (controls runaway)
FcgidTerminationScore 2
# Increase the FastCGI max request length for large file uploads (needed for some sites)
FcgidMaxRequestLen 1073741824
FcgidMaxRequestsPerProcess 100000
#FcgidMinProcessesPerClass 3
FcgidMaxProcessesPerClass 16
FcgidMaxProcesses 64
FcgidIOTimeout 1800
</IfModule>
The
min and max process settings may need to be tuned. The per class limits can be
uncommented if they are needed.
No comments:
Post a Comment