Solved Apache & php

VladiBG · Mar 25, 2026

balanga said:
Hope can I tell if I have set up sockets correctly?

ls -l /var/run/php-fpm.sock does not find anything. Should it get created when you start fpm?

Yes the socket is created when the php-fpm is started.

ssl_module is for https when you have valid SSL certificate
socache_shmcb_module is shared cache provider if you don't plan to use it don't enable it.

balanga · Mar 25, 2026

VladiBG said:
Yes the socket is created when the php-fpm is started.

Thanks for that. It looks like my update to /usr/local/etc/php-fpm.d/www.conf wasn't done properly.

I've changed it, restarted and it exists now.

Alain De Vos · Mar 25, 2026

There are people who claim, socket more secure than a port on 127.0.0.1. But then 127.0.0.1 is not routable

Espionage724 · Mar 25, 2026

Alain De Vos said:
There are people who claim, socket more secure than a port on 127.0.0.1.

Maybe file permissions vs network stack security?

Can things reading on localhost see other things? (not sure how to word that better

but can nginx see PHP-FPM on 127.0.0.1:9002 if only 9001 is specified in a nginx conf, or able to see a random game server on 8083? is stuff on localhost isolated or free-for-all readable?)

Using sockets might imply trusting the OS's file permissions handling while localhost trusts the network stack. I like the idea of localhost more when running services are all trusted (I'd also rather not guess chmod for sockets and hope it's good

) but heard something like file access to sockets being faster than localhost (maybe a disk IO/cache/RAM fetch is faster than CPU localhost query?)

balanga · Apr 9, 2026

VladiBG said:
php-fpm requires mod_mpm_event, mod_proxy, mod_proxy_fcgi

/usr/local/etc/apache24/httpd.conf

/usr/local/etc/php-fpm.d/www.conf

/usr/local/etc/apache24/Includes/php-fpm.conf

------OR------

/usr/local/etc/apache24/modules.d/030_php-fpm.conf

Code:

<IfModule proxy_fcgi_module> <IfModule dir_module> DirectoryIndex index.php </IfModule> <FilesMatch "\.(php|phtml|inc)$"> SetHandler "proxy:fcgi://127.0.0.1:9000" </FilesMatch> </IfModule>

If you want to use socket

Code:

<IfModule proxy_fcgi_module> <IfModule dir_module> DirectoryIndex index.php </IfModule> <FilesMatch \.php$> SetHandler proxy:unix:/var/run/php-fpm.sock|fcgi://localhost/ </FilesMatch> </IfModule>

For JAIL usage

Any idea why I get the following error when using php_fpm?

Code:

Performing sanity check on php-fpm configuration:
[09-Apr-2026 00:58:03] ERROR: [/usr/local/etc/php-fpm.d/www.conf:1] unknown entry 'listen'
[09-Apr-2026 00:58:03] ERROR: Unable to include /usr/local/etc/php-fpm.d/www.conf from /usr/local/etc/php-fpm.conf at line 1
[09-Apr-2026 00:58:03] ERROR: failed to load configuration file '/usr/local/etc/php-fpm.conf'
[09-Apr-2026 00:58:03] ERROR: FPM initialization failed
/usr/local/etc/rc.d/php_fpm: WARNING: failed precmd routine for php_fpm
Command: service php_fpm start failed!

/usr/local/etc/php-fpm.d/www.conf:-

Code:

listen = /var/run/php-fpm.sock
listen.owner = www
listen.group = www
listen.mode = 0660

I can't figure this out. Everything looks ok to me.

Is this a complaint about the contents of the file or its location? Or something else.?

VladiBG · Apr 9, 2026

Delete the file and type it again.
Or directly edit /usr/local/etc/php-fpm.d/www.conf

balanga · Apr 9, 2026

VladiBG said:
Delete the file and type it again.
Or directly edit /usr/local/etc/php-fpm.d/www.conf

With the same contents?

VladiBG · Apr 9, 2026

use the /usr/local/etc/php-fpm.d/www.conf.default as template

balanga · Apr 9, 2026

This is what I got after deleting the file and recreating it and starting php_fpm

Code:

Performing sanity check on php-fpm configuration:
[09-Apr-2026 10:56:28] WARNING: Nothing matches the include pattern '/usr/local/etc/php-fpm.d/*.conf' from /usr/local/etc/php-fpm.conf at line 142.
[09-Apr-2026 10:56:28] ERROR: No pool defined. at least one pool section must be specified in config file
[09-Apr-2026 10:56:28] ERROR: failed to post process the configuration
[09-Apr-2026 10:56:28] ERROR: FPM initialization failed
/usr/local/etc/rc.d/php_fpm: WARNING: failed precmd routine for php_fpm

Later I posted what ChatGPT suggested and that worked, although I changed listen to socket.

Code:

[www]

; User/group
user = www
group = www

; Listen (choose ONE)
listen = 127.0.0.1:9000
; listen = /var/run/php-fpm.sock

; Permissions (for socket only)
listen.owner = www
listen.group = www
listen.mode = 0660

; Process manager
pm = dynamic
pm.max_children = 10
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

; Logging
access.log = /var/log/php-fpm.access.log
slowlog = /var/log/php-fpm.slow.log
request_slowlog_timeout = 5s

; Security / env
clear_env = no

; File limits
rlimit_files = 1024

; Status page
pm.status_path = /status

; Ping (health check)
ping.path = /ping
ping.response = pong

Is there anything you would change?

Alain De Vos · Apr 9, 2026

Check this for php-fpm.conf.
Its best almost empty:

Code:

cat php-fpm.conf | grep -Ev '^;|^$'

Code:

[global]
pid = run/php-fpm.pid
include=/usr/local/etc/php-fpm.d/*.conf

-------------------------------------------------------------------------------------------------------------------------
Then in php-fpm.d , www.conf

Code:

cat www.conf | grep -Ev '^;|^$'

Code:

[www]
user = www
group = www
; listen = 127.0.0.1:9000
; listen = /var/run/php-fpm.sock
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

Enable one of the two listens

VladiBG · Apr 9, 2026

You should just copy the template file and enable what you need from it.

balanga · Apr 9, 2026

Here's a script that I have use to install apache with php-fm in a (iocage) jail
Any comments appreciated.

sh:

JAIL='apache'
BASE='/zroot/iocage/jails/'$JAIL'/root/usr/local'

cat <<EOF > $JAIL.json
{
    "pkgs": [
    "apache24",
    "php85-extensions"
    ]
}
EOF
iocage create -r latest -p ./$JAIL.json -n $JAIL vnet=on dhcp=on
iocage start $JAIL

#configure php

cat <<EOF > apache.scr
/ mpm_event_module /s/^#//g
/ mpm_prefork_module /s/^/#/g
/ proxy_module /s/^#//g
/ proxy_fcgi_module /s/^#//g
/ socache_shmcb_module /s/^#//g
/ ssl_module /s/^#//g
EOF

sed -f apache.scr /${BASE}/etc/apache24/httpd.conf.sample > /${BASE}/etc/apache24/httpd.conf
rm apache.scr

cat <<EOF > ${BASE}/etc/apache24/modules.d/030_php-fpm.conf
<IfModule proxy_fcgi_module>
    <IfModule dir_module>
        DirectoryIndex index.php
    </IfModule>
    <FilesMatch \.php$>
        SetHandler proxy:unix:/var/run/php-fpm.sock|fcgi://localhost/
    </FilesMatch>
</IfModule>
EOF

cat <<EOF > /${BASE}/etc/php-fpm.d/www.conf
[www]

; User/group
user = www
group = www

; Listen (choose ONE)
; listen = 127.0.0.1:9000
listen = /var/run/php-fpm.sock

; Permissions (for socket only)
listen.owner = www
listen.group = www
listen.mode = 0660

; Process manager
pm = dynamic
pm.max_children = 10
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

; Logging
access.log = /var/log/php-fpm.access.log
slowlog = /var/log/php-fpm.slow.log
request_slowlog_timeout = 5s

; Security / env
clear_env = no

; File limits
rlimit_files = 1024

; Status page
pm.status_path = /status

; Ping (health check)
ping.path = /ping
ping.response = pong
EOF

echo '<?php phpinfo(); ?>' > /${BASE}/www/apache24/data/index.php

iocage exec $JAIL sysrc apache24_enable=YES
iocage exec $JAIL sysrc php_fpm_enable=YES

iocage exec $JAIL service apache24 start
iocage exec $JAIL service php_fpm start