|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #67606 FPM with mod_fastcgi/apache2.4 is broken after db537b1f commit
Submitted: 2014-07-11 07:36 UTC Modified: 2014-08-14 17:56 UTC
Avg. Score:3.0 ± 2.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: Assigned: dzuelke (profile)
Status: Closed Package: FPM related
PHP Version: 5.6.0RC2 OS: Linux
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
New email:
PHP Version: OS:


 [2014-07-11 07:36 UTC]
As reported in

Reverting db537b1f fixes the issue.

Test script:
mod_fastcgi configuration:

AddHandler php5-fcgi .php
Action php5-fcgi /php5-fcgi
Alias /php5-fcgi /usr/lib/cgi-bin/php5-fcgi
FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -socket /var/run/php5-fpm.sock -pass-header Authorization

Expected result:
Page interpreted and loaded.

Actual result:
After the upgrade, every PHP page displays "file not found" and I get this error in /var/log/apache2/error.log:

FastCGI: server "/usr/lib/cgi-bin/php5-fcgi" stderr: Primary script unknown


Add a Patch

Pull Requests

Pull requests:

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2014-07-11 14:26 UTC] dz at heroku dot com
He says he can't use mod_proxy_fcgi, because the Authorization header is stripped by mod_proxy, but this is documented behavior.

He should simply add

SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1

to his config.

With (or Apache 2.4.10+) and 5.6.0RC2+, there are no more issues like double slashes or errors when rewriting to PATH_INFO (see PR link below).

The "break" in question was caused by; it fixes the issue described in

It also makes obsolete

mod_fastcgi is old, crappy, unmaintained, deprecated stuff. People should use mod_proxy_fcgi with Apache 2.4.

I'll try and see if I can figure out a way of fixing the original issue without causing the breakage described here (need to get mod_fastcgi working first, which isn't trivial unfortunately).
 [2014-07-11 15:38 UTC]
-Assigned To: +Assigned To: dzuek
 [2014-07-11 15:38 UTC]
David: the original premise on that pull request was that the removed parts shouldn't really affect existing installations:
"Clearly, neither applies in the case of FastCGI, so both are safe to delete."
I would be glad if we could keep the compatibility with mod_fastcgi.
 [2014-07-11 15:47 UTC] dz at heroku dot com
Yes, agreed, I'm looking into it. Building mod_fastcgi with recent Apache versions is actually a bit of a challenge, but no worries, we'll get there. Expect an updated patch soon; I want to get a fix into RC3.

Who is that "dzuek" assignee guy though? ;)
 [2014-07-11 16:04 UTC] dz at heroku dot com
To explain the issue a bit, the breakage seems to stem from intentionally broken or non-existant paths handed to mod_fastcgi so it somehow knows to pass stuff to PHP-FCGI (it's all quite hacky, as many comments on the Interwebs point out).

In more recent versions of Debian, apparently php-fcgi is the FPM, not the CGI binary. That's why the FPM change affects this. People are using this approach because it was documented before FPM existed.

The code that my PR removed basically inadvertently fixed up those paths even though it was meant to address something totally different.

Will report back with more findings.
 [2014-07-14 08:32 UTC]
-Assigned To: dzuek +Assigned To: dzuelke
 [2014-07-14 08:34 UTC]
thanks for the heads-up!
 [2014-07-14 08:40 UTC]

1) Debian has patched mod_fastcgi that works with Apache 2.4 if you need compilable source code:

2) I am not saying this has to be fixed in FPM, if you can come up with fix for mod_fastcgi, I think it be sufficient.

Also "php-fcgi" is just a placeholder, it could be named "queen-of-england" and it would work the same.  It just have to match the other parts of the config file and the important part is the "FastCgiExternalServer".

 [2014-08-09 06:39 UTC] dz at heroku dot com
Fixed in
 [2014-08-14 17:34 UTC] dz at heroku dot com
This has been merged in 844e2e81f56fca1f49c73df4e15866cd1ba37f30, so this issue can be closed.
 [2014-08-14 17:56 UTC]
-Status: Assigned +Status: Closed
 [2014-08-14 17:56 UTC]
Thank you for your bug report. This issue has already been fixed
in the latest released version of PHP, which you can download at

 [2014-08-29 10:00 UTC] dz at heroku dot com
Ported to 5.4 in ee275e34c8b303945945c650d4bc90dcc2ac0b17 / b206b0e29d2cf9a41b94befedfefd806a71d0846 and merged to 5.5 in e55c641792df2caf813b5df3272144974e4d8fc7
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Wed Jun 12 18:01:34 2024 UTC