We’re currently on our way to Kissimmee, FL to join Parallels Summmit, an annual conference from the people who make Plesk. We’re also taking exams in Plesk 10.4.4 so we’re studying it in-depth – I’ve been using the software for over two years now but never had formal training in it. Well here goes!
In preparation for the exam tomorrow I’ve come across something the instructor mentioned: namely the benefits of running PHP as a FastCGI application instead of an Apache module. Sadly I’ve also come across some drawbacks when using this option in regards to WordPress. I thought I’d mention those here, alongside how to avoid those.
UPDATE: Thanks to Boldock this problem can be fixed 😉
Apache Module vs. FastCGI
First of all let’s have a look at why you’d want to run PHP as anything other than an Apache module. More times than I can count I’ve had to tweak ownership or file permissions in WordPress installations to make WordPress read / write / amend files – it needs this to use many of the cool features, such image uploads or one-click upgrades.
If PHP is run as an Apache Module, then when WordPress creates a file it does this as the “apache” user. Similarly, when it needs overwrite files it needs those files to be writable by the Apache group, or the files need to be owned by “apache” (or they need to be 777 so that everyone can overwrite them – which is not good).
If PHP would instead be run as FastCGI, then the actual file owner of the account could let PHP write to it’s own files – they woulnd’t need to be “apache” owned nor writable. That’s great news. Imagine you had 100 websites and all files would be owned by “apache” – it would be a nightmare to track down if a script has gone awry which site it originated from. Therefore, FastCGI is a dream come true. If it would work properly that is.
The Drawbacks for WordPress
Turns out that there are also a couple of drawbacks in regards to WordPress when it comes to using this new Plesk feature:
I tried to install a theme via the ZIP uploader (Over Easy by Woo Themes, it’s 909k in size so not very big), and all I got was a reproducible 500 Internal Server Error. This did not happen when I switched PHP back to being run as an Apache Module.
Also, mobile posting via WordPress for iOS does not work for image sizes large and above. Small and medium sizes still work, but the app gives a “Blog returned invalid data” error – not so when run as an Apache Module.
This could be a bug in Plesk, this could be a memory problem somewhere – I’ll certainly bring it up at the summit. Maybe all uploads of a certain size have a problem, even though it’s not related to the PHP max memory sizes (if tested it with up to 6GB!).
The Solution
The reason this seems to be happening is that FastCGI is running low on memory. By default the Apache configuration does not include a statement to allocate enough memory, but we can do this by adding the following line to httpd.conf (thanks to Baldock for this tip):
FcgidMaxRequestLen 33554432
Restart Apache with “service httpd restart” and all your troubles go away.
Conclusion
FastCGI is a great idea in principle, and if your applications play ball then I’d vote for this option any time. However, if things don’t work out you need to find another way.
Adding the above to your apache config is one option, but only possible if you’re running a dedicated server or VPS. If that’s not the case, you can also switch PHP back to be run as standard CGI Application. It still works fine and provides site isolation over an Apache module.
There are a few other options you have: suPHP, mod_ruid2 and mpm-itk are things to look into, but that’s a bit more hard core to implement. See below for this suggestion from the Parallels Forum.
If everything else fails, I’m afraid you’re stuck with an Apache module and file permission hell.
Either way, stay sane…
Further Reading
Here are some useful links discussing this issue. I’ll add my own future findings on the comments below – feel free contribute.
- We’re discussing this topic in the WordPress Forum – check out an excellent guide by Luke America
- Paul’s blog Return True shows another alternative: we can use CGI instead of FastCGI
- FastCGI Homepage on the Apache Website
- Parallels Forum Thread showing two other options: mod_ruid2 and mpm-itk
Hi,
I compiled again and again, and now works with CGI :)…
… I hope it will work if I recompile again :).
I can say now, It works better, als only with Apache2!
Maybe it’s the engine.
Nice Weekend and Greedings Frank.
So the PHP files are all owned by the same web user that runs them? That is very convenient. But what a security nightmare – one tiny chink in the armour of one script, and you have a rampant hacker putting backdoors into every, single, PHP script on that site. There is a reason why you need to mess around with file and directory permissions to get a site running. That reason is security.
Your comment is a bit off-topic here, but isn’t that the point of running PHP as CGI module or using suPHP? So that every website is run as a separate user? Otherwise ALL websites would be run by Apache, and THAT is the security nightmare you’re talking about.
Thank you soooo much for this. I’ve been trying to figure out how to fix the memory limit error for weeks. Because it’s such a common error everybody just says “increase the limit” your solution worked!
Great to hear, thank you!