When I do the same grep of my config files, I get one line you didn't:
/etc/apache2/mods-enabled/dir.conf:3: DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
Make sure this line in /etc/php5/apache2/php.ini
is set this way:
; Enable the PHP scripting language engine under Apache.
engine = On
If you change it, restart Apache:
sudo apache2ctl restart
mod_fastcgi (www.fastcgi.com) is a 3rd-party module whose directives have a "FastCgi" prefix.
mod_fcgid http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html is an Apache module whose directives have a "Fcgid" prefix.
I advise that you remove mod_fastcgi and go with mod_fcgid.
That's great news for PHP, because then you can dump apache mpm-prefork and go with the better mpm-worker, by not installing mod_php, instead use php as fast cgi. For debian, this means:
• Remove apache2-mpm-prefork and libapache2-mod-php5.
• Add apache2-mpm-worker, libapache2-mod-fcgid, and php5-cgi. With php5-cgi, you don't need a custom fast cgi wrapper, you can use the php command-line itself directly (notice the /usr/lib/cgi-bin/php5) below.
• For mod_fcgid with PHP, note that PHP as FastCGI has its own facility for terminating after handling so many requests (see PHP_FCGI_MAX_REQUESTS). FcgidMaxRequestsPerProcess helps avoid sending additional requests to the wrapper application after it has handled its limit.
• Inside each virtual host or at global scope:
FcgidInitialEnv PHP_FCGI_MAX_REQUESTS 200
FcgidMaxRequestsPerProcess 200
• Then inside Directory:
AddHandler fcgid-script .php
FcgidWrapper /usr/lib/cgi-bin/php5 .php
Options +ExecCGI
Best Answer
I use in Centos 6.10 for multiple folders in virtual host .conf definitioin file:
However, even though it doesn't parse php code the usual way it still outputs from a .php things such as variable declarations and text when doing echo e.g.
The above produces in web browser?
This could potentially expose some code to users which isn't ideal. The same happens when use OP's code.
Therefore, it's probably best to use the above in combination with the following in .htaccess:
The above will prevent access to any of the above file extensions but will allow other extensions such as images, css etc. to be accessed the usual way. The error when accessing .php: