hi,
i'm trying to setup php-fpm (5.3.13) with apache 2.2 and mod_fastcgi for
shared hosting.
i want to be as "secure" as possible so i want to have the following in
php-fpm.conf (or included files):
listen = /srv/www/someusershome/php-fpm.sock
listen.owner = someuser
listen.group = somegroup
listen.mode = 0600
now "listen.mode = 0600" seems to be a problem. my apache/fastcgi conf
looks like this:
### server config ###
FastCgiWrapper /usr/lib/apache2/suexec
AddHandler php5-fcgi .php
Action php5-fcgi /fcgi-bin/php5.external
Alias /fcgi-bin/php5.external /php5.external
<Location "/fcgi-bin/php5.external">
Order Deny,Allow
Deny from All
Allow from env=REDIRECT_STATUS
</Location>
### virtual host ###
SuexecUserGroup someuser somegroup
FastCgiExternalServer /php5.external \
-socket /srv/www/someusershome/php-fpm.sock \
-user someuser -group somegroup
as i said, this only works with "listen.mode = 0666", not with
"listen.mode = 0600".
error_log says:
(13)Permission denied: FastCGI: failed to connect to server
"/php5.external": connect() failed, referer: http://www.somedomain.com
in google i can only find tutorials for nginx where "0600" seems to be
possible. i hope i can achieve this with apache/mod_fastcgi too.
thx for any advice
matthias