Child pages
  • Variants connecting Apache with PHP5-FPM

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: HTTP Basic auth not supported by SetHandler variant

...

More secure? (I think FilesMatch only to existing files that really end in ".php", but I'm not 100% sure yet)

Disadvantages

Not sure yet.HTTP Basic Authentication does not work for PHP scripts. Cookie auth works.

ProxyPass approach

To avoid what looks like a "subdirectory move" to Rewrite, one might use ProxyPassMatch (or LocationMatch + ProxyPass) instead of FastCgiExternalServer and Action, as proposed in https://wiki.apache.org/httpd/PHP-FPM

...

Security risks, see bottom of https://wiki.apache.org/httpd/PHP-FPM

Not sure if HTTP Basic Authentication works for PHP script.

FastCgiExternalServer / Action approach

Advantages 

Works before Apache 2.4.10

HTTP Basic Authentication works for PHP scripts.

Definitely evaluated late enough to allow for .htaccess Rewrite orgies, but works as a Rewrite itself which can lead to Rewrite loops.

 

Disadvantages

Complicated to configure. 

Works as a Rewrite itself which can lead to Rewrite loops.

 

Details

This was the first almost-satisfying approach I found, but it has major disadvantages.

...