4

I'm not certain if this is a php, apache, or iptables configuration issue but I receive the following error when trying to access a .php file. Please let me know if you need more information to help me diagnose, I'm at a loss for what to check next. Thank you.

error.log:

[Thu May 08 16:43:15.392784 2014] [proxy:error] [pid 23112] (111)Connection refused: AH00957: FCGI: attempt to connect to 127.0.0.1:9000 (*) failed [Thu May 08 16:43:15.392891 2014] [proxy_fcgi:error] [pid 23112] [client 74.164.254.206:52788] AH01079: failed to make connection to backend: 127.0.0.1

I followed this guide and an running PHP 5.5.9 and Apache 2.4.7

I do have the mod_proxy and mod_proxy_so modules loaded:

# grep LoadModule /etc/apache2/apache2.conf LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so LoadModule proxy_fcgi_module /usr/lib/apache2/modules/mod_proxy_fcgi.so

Here is the ProxyPassMatch directive: 

ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/$1

I have also tried to use UDS with the following directive, but the apache config test complains about an absolute url:

ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/var/run/php5-fpm.sock|fcgi://127.0.0.1:80/path/to/root/

Here is iptables -L

Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere REJECT all -- anywhere 127.0.0.0/8 reject-with icmp-port- unreachable ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:finger ACCEPT tcp -- anywhere anywhere tcp dpt:smtp ACCEPT tcp -- anywhere anywhere tcp dpt:urd ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s ACCEPT tcp -- anywhere anywhere tcp dpt:imap2 ACCEPT tcp -- anywhere anywhere tcp dpt:imaps ACCEPT tcp -- anywhere anywhere tcp dpt:submission ACCEPT tcp -- anywhere anywhere tcp dpt:webmin ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh ACCEPT icmp -- anywhere anywhere LOG all -- anywhere anywhere limit: avg 5/min burst 5 LOG level debug prefix "iptables denied: " DROP all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination DROP all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere
Improve this question
2
  • Check if php-fpm not running via socket. Try netstat -tulpn | grep 9000 Commented May 9, 2014 at 2:38
  • Thanks @masegaloeh. It was not running so I looked at pool.d/www.conf and, sure enough, it was not listening on 127.0.0.1:9000. It's working after editing it. If you care to phrase that as an answer I'll accept. Commented May 9, 2014 at 13:31

2 Answers 2

Reset to default
5

Check if PHP-FPM is running. The error log says that apache can't make connection to 127.0.0.1:9000. Make it running and (maybe) the error will go.

Also check if PHP-FPM running via socket. Maybe it's running but not listening in TCP/IP stack.

Improve this answer
2
  • 2
    Thanks - php-fpm was set to listen to the .sock so modifying the pool.d/www.conf file to have listen=127.0.0.1:9000 solved it. Commented May 9, 2014 at 14:37
  • service rh-php71-php-fpm restart fixed it for me Commented Nov 14, 2022 at 17:40
3

Per Chris's comment, I just wanted to add if apache/php does support socket connections (looks like if apache > 2.4.10, it can support it), you can also change to use that in your apache config. I checked the php vi /etc/php/7.0/fpm/pool.d/www.conf file to see what socket listening to in the listen line:

listen = /run/php/php7.0-fpm.sock

Then added that to my /etc/apache2/sites-enabled/000-default.conf file (or whatever website you want to enable on)...

<FilesMatch \.php$> # 2.4.10+ can proxy to unix socket # SetHandler "proxy:unix:/var/run/php?-fpm.sock|fcgi://localhost/" # Else we can just use a tcp socket: # SetHandler "proxy:fcgi://127.0.0.1:9000" SetHandler "proxy:unix:/run/php/php7.0-fpm.sock|fcgi://localhost/" </FilesMatch>

Then restart the web server and then index.php shows up for me:

sudo service apache2 restart
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.