I would like to configure a Centos 7 Apache 2.4 Linode to use php-fpm to execute php as the file owner. The docs for earlier Centos6 / Apache2.2 don't work and the configurations I have seen for setting up Lamp servers on Centos7 just run as the apache user. Are there any good tutorials to do this, or can someone provide the configuration files and virtual host directives need to do so? Thanks.
Configure Centos7 Apache 2.4 php-fpm to run as user
apache-2.4centos7configurationphp-fpm
Best Answer
A partially educated self-response. php-fpm, unlike suphp, does not allow running as the script owner but instead allows setting up pools that specify a user and group to run as.
In Centos 7 with Apache 2.4, I found these declarations in /etc/php-fpm.d as www.conf. I created a duplicate of this file and put in one virtual hosts's username as user and group, and set the listen port to 9001 instead of 9000 (each requires a unique port on localhost socket). Then in each virtualhost declaration, you specify the same port with a line like below:
Note the above ProxyPassMatch is vulnerable to exploits, see CAVEATS in the Apache WIKI documentation at https://wiki.apache.org/httpd/PHP-FPM . Perhaps someone can provide a clear guide on how to avoid that exploit rather than leaving it as an exercise for the undereducated implementer ... I recall NGINX examples having similar problems even in what was considered solid example code that got copied by a lot of websites ...