Score:0

Getting 503 with apache proxy_fcgi_module [SOLVED]

sa flag

I'm using CentOS 9 Stream on a VM, trying to setup my apache server to be able to show php content on the web. The server works fine when its just html, but I'm getting these errors (503 in the browser) when I try it with php. My httpd.conf is basically the bare minimum to run a server with virtual hosts, and the only thing I added was the SetHandler for the php files. I'm not very familar with php, but from my understanding what it does is when the server gets a requiest for a php file it calls the php-fpm service to handle it.

Both the httpd and php-fpm services are running and I set the SELinux bool httpd_can_network_connect to 1 as I read this could result in a 503.

/var/log/httpd/error.log says:

[proxy:error] [pid 4807:tid 4812] (111)Connection refused: AH00957: FCGI: attempt to connect to [::]:8000 (*) failed
[proxy_fcgi:error] [pid 4807:tid 4812] [client 192.168.122.1:60494] AH01079: failed to make connection to backend: (null)

my httpd.conf:

Listen                  80
Listen                  8080
User                    apache
Group                   apache
ServerRoot              /etc/httpd
ErrorLog                /var/log/httpd/error.log


LoadModule              mpm_event_module        modules/mod_mpm_event.so
LoadModule              systemd_module          modules/mod_systemd.so
LoadModule              unixd_module            modules/mod_unixd.so
LoadModule              authz_core_module       modules/mod_authz_core.so
LoadModule              dir_module              modules/mod_dir.so

LoadModule              proxy_module            modules/mod_proxy.so
LoadModule              proxy_fcgi_module       modules/mod_proxy_fcgi.so


<Directory />
        Require all denied
</Directory>

<Directory /var/www/html>
        Require all granted
</Directory>

<Directory /srv/www>
        Require all granted
</Directory>


<VirtualHost 192.168.122.60:80>
        DocumentRoot "/var/www/html"
        DirectoryIndex  index.html
</VirtualHost>

<VirtualHost 192.168.122.60:8080>
        DocumentRoot "/srv/www"
        DirectoryIndex  index.php

        <FilesMatch \.php$>
            SetHandler "proxy:fcgi:/run/php-fpm/www.sock"
        </FilesMatch>
</VirtualHost>

and my www.conf:

listen = /run/php-fpm/www.sock
listen.owner = apache
listen.group = apache
listen.allowed_clients = 127.0.0.1

SOLUTION: As AlexD pointed out the problem was apache was trying to connent through localhost instead of the socket. I was able to make it work by either changing my config files to listen on 127.0.0.1:9000 If I want to use the unix socket I have to change the httpd.conf like this:

<Proxy "unix:/run/php-fpm/www.sock|fcgi://php-fpm">
   ProxySet disablereuse=off
</Proxy>

<FilesMatch \.php$>
   SetHandler proxy:fcgi://php-fpm
</FilesMatch>

Found this config here: https://tecadmin.net/install-apache-php-fpm-centos-8/

Score:0
jp flag

The error message (111)Connection refused: AH00957: FCGI: attempt to connect to [::]:8000 (*) failed indicates that your Apache is attempting to connect to a backend on a TCP port 8000 while your PHP-FPM is listening on a unix socket /run/php-fpm/www.sock. You probably forgot to restart Apache.

bejgli avatar
sa flag
I restarted httpd after every config change. How else could I fix this if this is the problem? At least I understand the problem a little bit better, thanks!
jp flag
If you restarted Apache then the config you posted doesn't match the running configuration for some reason.
bejgli avatar
sa flag
I changed to config files to listen on 127.0.0.7:9000 and I was able to get to my site. With port 8000 the php-fpm service wouldnt start.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.