{"id":4349,"date":"2012-08-01T10:10:51","date_gmt":"2012-08-01T17:10:51","guid":{"rendered":"http:\/\/www.ait-pro.com\/aitpro-blog\/?p=4349"},"modified":"2014-02-25T07:47:14","modified_gmt":"2014-02-25T14:47:14","slug":"php5-3-x-php5-4-x-user-ini-file-does-not-work-known-php5-3-x-user-ini-fastcgi-wordpress-zend-issue","status":"publish","type":"post","link":"https:\/\/www.ait-pro.com\/aitpro-blog\/4349\/misc-projects\/wordpress-tips-tricks-fixes\/php5-3-x-php5-4-x-user-ini-file-does-not-work-known-php5-3-x-user-ini-fastcgi-wordpress-zend-issue\/","title":{"rendered":"PHP5.3.x – PHP5.4.x .user.ini File Does Not Work – Known PHP5.3.x .user.ini FastCGI WordPress Zend Apache Issue"},"content":{"rendered":"
\n

This post is an ongoing work in progress stating the known factors and problems with Shared Hosting, WordPress, FastCGI, .user.ini files, Zend and PHP5.3.x and of course newer versions of PHP.\u00a0<\/p>\n

Update – 2-9-2014: <\/strong><\/span>FastCGI Server config solution<\/a><\/p>\n

Update – 12-11-2013: <\/span><\/strong>\u00a0Been a while since I messed around with this on Go Daddy. \u00a0I am very happy to report that I am using PHP5.3.x with ZendGuard Loader on Go Daddy without any issues or problems. \u00a0http:\/\/forum.ait-pro.com\/forums\/topic\/go-daddy-php5-3-php-ini-file-zendguard-loader\/<\/a><\/p>\n

Update – 4-1-2013:<\/strong> <\/span>\u00a0It appears that most web hosts are not choosing to use FastCGI and .user.ini files instead of php.ini files by default for PHP5.3.x and higher versions. \u00a0I assume this is because of the known problematic issues that come with FastCGI and PHP applications such as WordPress, Joomla, etc. \u00a0In regards to BPS Pro directly I have noticed that using the automated P-Security php.ini tools to create custom php.ini files causes the custom php.ini file to be ignored\/rejected or worse. \u00a0At this time the best method to create a custom php.ini file if your PHP Server version is 5.3.x or higher is to manually create the custom php.ini file using the setup steps in this Forum Topic: \u00a0http:\/\/forum.ait-pro.com\/forums\/topic\/custom-php-ini-file-setup-php5-3-x\/<\/a>. \u00a0<\/p>\n

To simplify this setup a new tool will be added to P-Security that will copy the Server’s Default php.ini file to the Document Root folder. \u00a0Manually editing of the custom php.ini file will still be required since automating this process causes the Server to reject\/ignore the custom php.ini file, but a simpler manual editing method will created when the new tool is created in P-Security. \u00a0Pending for BPS Pro 5.8.<\/p>\n

Real World Scenario\/Problems for a website on Shared Hosting, using PHP5.3.x and not using FastCGI<\/span><\/strong><\/span><\/p>\n

The ini_set function offers a very limited amount of directive settings that can be changed using ini_set. \u00a0Several php.ini options that will allow a website owner to significantly increase their website security cannot be changed\/set using ini_set. \u00a0zend_extensions and extensions cannot be changed\/set using ini_set, which means the user could not add things such as the ionCube Loader using ini_set. \u00a0Max file upload size also cannot be changed\/set using ini_set, which means the user cannot change or control whether file uploads are allowed or not and also change the max upload file size limit for file uploads. \u00a0Would the website owner need to call their web host in order to increase the max file upload size limit? \u00a0And would the web host perform such a request?<\/p>\n

GoDaddy has FastCGI integrated into PHP5.3.x by default and has configured the Server to still allow php.ini files to be recognized on the website owner’s website when using PHP5.3.x. \u00a0So a .user.ini file would not be required, which is the typical requirement for PHP5.3.x. \u00a0So the question remains is the\u00a0\u00a0FcgidMaxRequestLen directive set to the default setting of 128Kb \/\u00a0131072 bytes or is it set to a higher limit.<\/p>\n

Possible Long Term Web Host Solution to the FastCGI, PHP5.3.x problem on Shared Hosting<\/strong><\/span><\/p>\n

It looks like a possible long term solution is available and would require that Hosts include FcgidMaxRequestLen 33554432 (or other similar and relevant size settings) as a standard setting in the Server’s httpd.conf file for Shared Hosting. \u00a0This of course places the burden on the Host to make this change. I have not personally tested this, but it appears to be a logical working solution. \u00a0<\/p>\n

Previous Conclusion:<\/strong> <\/span>\u00a0Overall what I see is that either WordPress website owners will have to completely sacrifice the capability to be able to change ALL directive settings (an alternative solution using ini_set in the wp-config.php file (see below examples) allows setting most directive settings) for their websites if they are using PHP5.3.x and newer versions of PHP if they do not choose FastCGI. \u00a0The problem with choosing FastCGI is that FastCGI causes intermittent 500 Internal Server Errors for WordPress websites and apparently other PHP based apps as well. \u00a0Reverting back to PHP5.2.x allows the use of php.ini files instead of .user.ini files, but this is obviously not a good long term solution. \u00a0This post covers the known problematic issues and will hopefully at some point result in a long term permanent solution for this issue. \u00a0<\/p>\n

If you have VPS or Dedicated Hosting none of these issues apply to you – please skip to the VPS and Dedicated Hosting<\/strong><\/span> section below.<\/p>\n

The Factors Involved:<\/span><\/strong><\/span><\/p>\n

Apache mod_fcgid –\u00a0<\/strong><\/span>FastCGI protocol. \u00a0See\u00a0“Special PHP considerations…” section.<\/p>\n

FastCGI and WordPress –<\/strong><\/span> WordPress does not work well with FastCGI because\u00a0FastCGI application output is buffered by default. \u00a0The result of using FastCGI with WordPress is that a WordPress website will experience intermittent 500 Internal Server Errors.<\/p>\n

PHP5.3.x – PHP5.4.x .user.ini files –<\/span><\/strong>\u00a0PHP5.3.x – PHP5.4.x uses .user.ini files by default instead of php.ini files ONLY if your Server is using CGI\/FastCGI. \u00a0This does not apply if your server is using Dynamic Shared Objects (DSO)\u00a0\/ mod_php \/ Apache. \u00a0The standard traditional method of adding php_flag and php_value directives into an .htaccess file still apply when using PHP5.3.x – PHP5.4.x with DSO \/ mod_php \/ Apache.<\/p>\n

“These files are processed only by the CGI\/FastCGI SAPI. This functionality obsoletes the PECL htscanner extension. If you are using Apache, use .htaccess files for the same effect.”<\/p>\n

Zend .user.ini GUI options –<\/strong> <\/span>Zend Servers include .user.ini directive options within the GUI by default to work with PHP5.3.x and future versions of PHP. \u00a0The directives below can also be added to the Server’s php.ini file. \u00a0Not to be confused with the new .user.ini file usage, which is strictly on the user’s website \/ Hosting Account end. \u00a0Example: \u00a0A Server’s php.ini file will be located in a Protected Server folder location (\/usr\/local\/lib\/php.ini) and a .user.ini file will be located under the website owner’s Hosting Account folders (\/xxxx\/public_html\/.user.ini).<\/p>\n

;;;;;;;;;;;;;;;;;;;;
; php.ini Options ;
;;;;;;;;;;;;;;;;;;;;
; Name for user-defined php.ini (.htaccess) files. Default is “.user.ini”
;user_ini.filename = “.user.ini”<\/p>\n

; To disable this feature set this option to empty value
;user_ini.filename =<\/p>\n

; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes)
;user_ini.cache_ttl = 300<\/p>\n

The PHP5.3.x – PHP5.4.x .user.ini Dilemma for WordPress Websites<\/span><\/strong><\/span><\/p>\n

If you have a WordPress website and you switch to FastCGI to allow a .user.ini file to work on your website then you can expect that your website will experience intermittent 500 Internal Server Errors due to the known output buffering problem with WordPress and FastCGI. \u00a0This is obviously not a viable solution to switch to FastCGI. So what can you do if you have a WordPress website on Shared Hosting (VPS and Dedicated Hosting allows you direct access to your Server’s php.ini file so you would not be using a .user.ini file) and you need to change \/ modify your directive settings?<\/p>\n

Solutions \/ Options\u00a0<\/span><\/strong><\/span><\/p>\n

Revert back to PHP5.2.x:<\/strong><\/span> \u00a0If your web host allows you to switch back to PHP5.2.x in your host control panel then this is the best solution at this time if you need to be able to change directive settings in a php.ini file such as increasing file upload size limits, increasing memory limits, increasing your website security, but most importantly to be able to use disable_functions and zend directives. \u00a0The obvious problem with this is PHP is moving forward with releasing newer versions of PHP. \u00a0So this is obviously not a good long term solution.<\/p>\n

Alternative Solution:<\/strong><\/span> \u00a0If you are unable to switch back to PHP5.2.x from PHP5.3.x you can use the PHP ini_set() functions in your WordPress wp-config.php file to allow you to control some directive settings for your website. \u00a0NOTE:<\/strong> <\/span>\u00a0There are a several directive settings that you cannot add using this method and the most important directive that cannot be added using this ini_set() method is disable_functions. \u00a0Not being able to add zend directives using this method is another concern as I have come across a fair amount of web hosts who have the Zend Engine installed\/enabled, but the relative Optimizer(PHP5.2.x)\u00a0 \/ Guard(PHP5.3.x) extensions are not loaded by default, which means they are not in use at all. \u00a0So in these cases you would not be able to correct a web host’s mistake (in the case of PHP5.2.x with Zend Optimizer should always be loaded by default and PHP5.3.x with Zend Guard Loader is of course completely an optional decision) of not adding the extensions by adding the correct extensions in your own relative php.ini (PHP5.2.x)\/ .user.ini (PHP5.3.x) file. \u00a0Also you cannot turn file uploads on or off or change the allowed max size limits of file uploads.<\/p>\n

Directive value\/settings that can be changed using ini_set<\/strong><\/span><\/p>\n

@error_reporting(E_ALL|E_STRICT);\r\n@ini_set('log_errors','On');\r\n@ini_set('error_log','\/path\/to\/php_error_log'); \/\/ add the actual path to your php error log\r\n@ini_set('log_errors_max_len','1024');\r\n@ini_set('ignore_repeated_errors','On');\r\n@ini_set('ignore_repeated_source','Off');\r\n@ini_set('memory_limit','64M');\r\n@ini_set('allow_url_include','Off');\r\n@ini_set('display_errors','Off');\r\n@ini_set('display_startup_errors','Off');\r\n@ini_set('engine','On');\r\n@ini_set('implicit_flush','Off');\r\n@ini_set('max_execution_time','30');\r\n@ini_set('magic_quotes_runtime','Off');\r\n@ini_set('report_memleaks','On');\r\n@ini_set('mysql.trace_mode','Off');\r\n@ini_set('mysql.connect_timeout','30');\r\n@ini_set('define_syslog_variables','Off');\r\n<\/pre>\n
NOTE:<\/strong> <\/span>\u00a0I have seen that a couple of Hosts disable the ini_set function in the Server’s php.ini file with the disable_functions directive. \u00a0If your Host has disabled ini_set then you will need to contact them to remove this function from the disabled_functions directive. \u00a0This function should not be disabled by default.<\/p>\n
Looking at Apache and mod_fcgid directly<\/strong><\/span><\/p>\n
“Any program assigned to the handler fcgid-script is processed using the FastCGI protocol; mod_fcgid starts a sufficient number instances of the program to handle concurrent requests, and these programs remain running to handle further incoming requests. This is significantly faster than using the default mod_cgi or mod_cgid modules to launch the program upon each request. However, the programs invoked by mod_fcgid continue to consume resources, so the administrator must weigh the impact of invoking a particular program once per request against the resources required to leave a sufficient number of instances running continuously.”<\/p>\n
“Special PHP considerations<\/p>\n
By default, PHP FastCGI processes exit after handling 500 requests, and they may exit after this module has already connected to the application and sent the next request. When that occurs, an error will be logged and 500 Internal Server Error will be returned to the client. This PHP behavior can be disabled by setting PHP_FCGI_MAX_REQUESTS to 0, but that can be a problem if the PHP application leaks resources. Alternatively, PHP_FCGI_MAX_REQUESTS can be set to a much higher value than the default to reduce the frequency of this problem. FcgidMaxRequestsPerProcess can be set to a value less than or equal to PHP_FCGI_MAX_REQUESTS to resolve the problem.
PHP child process management (PHP_FCGI_CHILDREN) should always be disabled with mod_fcgid, which will only route one request at a time to application processes it has spawned; thus, any child processes created by PHP will not be used effectively. (Additionally, the PHP child processes may not be terminated properly.) By default, and with the environment variable setting PHP_FCGI_CHILDREN=0, PHP child process management is disabled.
The popular APC opcode cache for PHP cannot share a cache between PHP FastCGI processes unless PHP manages the child processes. Thus, the effectiveness of the cache is limited with mod_fcgid; concurrent PHP requests will use different opcode caches.”<\/p>\n
Source:<\/strong><\/span> \u00a0http:\/\/httpd.apache.org\/mod_fcgid\/mod\/mod_fcgid.html<\/a><\/p>\n
“FastCGI is a protocol for interfacing interactive programs with a web server. FastCGI is a variation on the earlier Common Gateway Interface (CGI); FastCGI’s main aim is to reduce the overhead associated with interfacing the web server and CGI programs, allowing a server to handle more web page requests at once.”<\/p>\n
Source:<\/strong><\/span> \u00a0http:\/\/en.wikipedia.org\/wiki\/FastCGI<\/a><\/p>\n
Summary – apparently this is a problem for other PHP apps such as Joomla etc as well and “Special PHP considerations” explains why that is<\/strong><\/span><\/p>\n
It appears that a long term solution could be that if Host’s use\/configure\u00a0FcgidMaxRequestLen 33554432 as a standard in the httpd.conf file then maybe this is all that would be needed. \u00a0That still leaves the question of the APC opcode cache sharing trade-off. \u00a0I have not personally tested this solution below, but it makes logical sense. \u00a0Still researching ….<\/p>\n
Note:<\/strong> <\/span>\u00a0If the Suhosin-Extension (not the Patch) is installed on your Server then – “Suhosin\u2018s features are all configured through the php.ini configuration file.” \u00a0I assume that Suhosin directives will work in a .user.ini file, but I have not been able to confirm this. \u00a0Suhosin directives cannot be added\/changed\/modified using ini_set.<\/p>\n
Note:<\/strong><\/span>\u00a0 If your Server is using PHP5.3.x and you have an application that needs ionCube and if the ionCube loader extension is not loaded by default in your host Server’s php.ini file and you are not using FastCGI then since this is a zend directive you cannot use ini_set and .user.ini files will not work you will need to contact your web host to have them add the appropriate ionCube loader extension (see below) in the Server’s default php.ini file. \u00a0Or of course you can revert back to PHP5.2.x and then create your own custom php.ini file and add the ionCube Loader extension to your custom php.in file.<\/p>\n
ioncube_loader_lin_5.2.so
ioncube_loader_lin_5.3.so
ioncube_loader_lin_5.4.so<\/p>\n
VPS and Dedicated Hosting – Using WordPress and FastCGI together without problems – Possible long term solution for Shared Hosting as well?<\/strong><\/span><\/p>\n
I have now come across this info below in several places while googling and it appears to be a working solution to using WordPress and FastCGI. \u00a0And actually if your Host includes this solution as a standard then maybe this is all that would be needed to permanently solve the issue. \u00a0That still leaves the question of the\u00a0APC opcode cache sharing\u00a0trade-off. \u00a0I have not personally tested this solution below, but it makes logical sense.<\/p>\n
“The reason this seems to be happening is that FastCGI is running low on memory.\u00a0<\/p>\n
By default the Apache configuration does not include a statement to allocate enough memory, 
but we can do this by adding the following line to httpd.conf (thanks to Baldock for this tip):<\/p>\n
FcgidMaxRequestLen 33554432″<\/p>\n
Source:<\/strong><\/span> \u00a0http:\/\/wpguru.co.uk\/2012\/02\/the-problem-with-running-php-as-fastcgi-application\/<\/a><\/p>\n
 <\/p>\n
Previous Testing Results on GoDaddy Hosting using a FastCGI handler & PHP5.2.x<\/strong><\/span><\/p>\n
Using the GoDaddy handler for FastCGI: \u00a0AddHandler x-httpd-php5 .php<\/p>\n
Results:<\/strong><\/span><\/p>\n
Intermittent 500 Internal Server Errors – site was inaccessible for periods lasting up to 15 minutes.
Significant increase in page load speed – fluctuated between an increase of 1-6 seconds compared to using CGI handlers.\u00a0<\/p>\n
GoDaddy Handlers for CGI (not FastCGI):\u00a0<\/strong><\/span>
AddHandler x-httpd-php5-cgi .php
AddHandler x-httpd-php5-cgi .php5\u00a0<\/p>\n
Current Results 12-11-2013:<\/span><\/strong><\/p>\n
Been a while since I messed around with this on Go Daddy. \u00a0I am very happy to report that I am using PHP5.3.x with ZendGuard Loader on Go Daddy without any issues or problems. \u00a0http:\/\/forum.ait-pro.com\/forums\/topic\/go-daddy-php5-3-php-ini-file-zendguard-loader\/<\/a><\/p>\n
<\/a><\/p>\n
Results 2-9-2014: \u00a0Email from an associate who was experiencing many different issues with his Dedicated Server crash\/rebooting during PHP processing that required a bit more juice from the Server briefly.\u00a0<\/span><\/strong><\/span><\/p>\n
Solved it…here is the settings that made it work maybe you can add it to the thread in the forum:<\/p>\n
in the post VirtualHosts include:<\/p>\n
<IfModule mod_fcgid.c>\r\nFcgidIdleScanInterval 1\r\nFcgidErrorScanInterval 3\r\nFcgidBusyScanInterval 120\r\nFcgidBusyTimeout 240\r\nFcgidProcessLifeTime 10\r\nFcgidMaxRequestsPerProcess 500\r\nFcgidMaxProcesses 45\r\nFcgidConnectTimeout 240\r\nFcgidIOTimeout 240\r\nFcgidIdleTimeout 240\r\nFcgidMaxRequestLen 15728640\r\n<\/IfModule><\/pre>\n
cheers!<\/p>\n
Phil<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
This post is an ongoing work in progress stating the known factors and problems with Shared Hosting, WordPress, FastCGI, .user.ini files, Zend and PHP5.3.x and of course newer versions of PHP.\u00a0 Update – 2-9-2014: FastCGI Server config solution Update – 12-11-2013: \u00a0Been a while since I messed around with this on Go Daddy. \u00a0I am […]<\/p>\n","protected":false},"author":167,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_links_to":"","_links_to_target":""},"categories":[13],"tags":[523,522,520,519,518,521],"class_list":["post-4349","post","type-post","status-publish","format-standard","hentry","category-wordpress-tips-tricks-fixes","tag-apache-fastcgi-500-errors","tag-cgi-user-ini-problems","tag-fastcgi-user-ini-problems","tag-php5-3-x-user-ini-problems","tag-user-ini-wordpress","tag-zend-user-ini-problems"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/posts\/4349","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/users\/167"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/comments?post=4349"}],"version-history":[{"count":0,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/posts\/4349\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/media?parent=4349"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/categories?post=4349"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ait-pro.com\/aitpro-blog\/wp-json\/wp\/v2\/tags?post=4349"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}