PHP 7 is here with 16.04

Kushal Dev kushaldeveloper at gmail.com
Mon May 16 18:23:51 UTC 2016 

I am resending this message because the previous email I sent was too big.
I've removed the unnecessary attachment and only included the exact
text of the page with this email.

I'd also like to discuss removing the "old procedure" from the page
but that's for another conversation.

Sincerely,
-------------- next part --------------
## page was renamed from PHPasCGI

== Purpose ==
When completed, this procedure allows users to securely run PHP files from {{{~/public_html/}}} to manipulate their own files.

== Procedure ==
Do not use the method in the Old Procedure section for setting up PHP interpretation in users' home directories -- the old procedure uses an insecure and performance-wasting method for achieving this goal. If all you are seeking is to enable PHP scripts in users' personal {{{public_html}}} directories, simply do the following:

{{{
sudo apt-get install php5
sudo a2enmod php5
}}}

If you're using the latest version of Ubuntu (16.04 or later), consider using PHP7.0 instead of PHP5. To do so, check if you already have PHP installed. 

{{{
php --version 
}}}

If you do not have PHP already installed, you will likely see a message such as 

{{{
$ php --version
The program 'php' can be found in the following packages:
 * php7.0-cli
 * hhvm
Try: sudo apt install <selected package>
}}}

To install PHP from the Ubuntu repositories, 

{{{
sudo apt install php
}}}

If you already have PHP installed, you will likely see something like 

{{{
$ php --version
PHP 7.0.4-7ubuntu2 (cli) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies
    with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies
}}}

At this point, Apache and PHP are installed and ready to go. A recent update to the Lucid distribution, however, requires a slight change to {{{/etc/apache2/mods-available/php5.conf}}} to re-enable interpretation in users' home directories -- previous distributions do not require this change. Simply open up this file in your favorite editor as root (a simple {{{sudo gedit /etc/apache2/mods-available/php5.conf}}} will suffice) and comment out (or remove) the following lines:

{{{
    <IfModule mod_userdir.c>
        <Directory /home/*/public_html>
            php_admin_value engine Off
        </Directory>
    </IfModule>
}}}

If you don't see anything starting with PHP in {{/etc/apache2/mods-available}}, you likely need to install {{libapache2-mod-php}}. Run 

{{{
sudo apt install libapache2-mod-php
}}}

After running it, you should see phpx.conf and phpx.load where x is the current PHP version. For example, at the time of this writing, I see {{php7.0.conf and php7.0.load}}. Edit the conf file as shown above. 

Once this has been done, restart apache2 with the usual {{{sudo /etc/init.d/apache2 restart}}} and PHP should be successfully installed and working.

Make sure you have userdir enabled. If it is not enabled, run the following to enable it 

{{{
 sudo a2enmod userdir
}}}

'''Security note:''' Running PHP scripts in users' home directories was not disabled for a frivolous reason -- PHP is a full programming language, and as such, can be used by attackers in nefarious ways. Ideally, the PHP engine should only be enabled for users you (the system administrator) trust, and even then sparingly. To do this, instead of removing the above lines, create a file (as root) called {{{/etc/apache2/conf.d/php-in-homedirs.conf}}} with the following contents:

{{{
    <IfModule mod_userdir.c>
        <Directory /home/$USERNAME/public_html>
            php_admin_value engine On
        </Directory>
    </IfModule>
}}}

Simply replace the {{{$USERNAME}}} with the user name of the user you wish to allow PHP access to. Also note that the {{{<Directory>}}} section may be repeated as many times as is necessary. Save the file, and restart Apache with a {{{sudo /etc/init.d/apache2 restart}}} and PHP should only be enabled for the users listed in this file. See the Apache documentation on the {{{Directory}}} tag for more information.

== Old Procedure ==

'''Note:''' The below method for allowing all users to exec their own PHP scripts as themselves is dangerous both to the users' data, and possibly the system itself -- especially if it is enabled system-wide. As a result, it should be avoided at all costs.


Install Apache 2, PHP 5, and support for executing pseudo-binaries.
{{{
sudo apt-get install apache2 php5-cgi binfmt-support
}}}

Configure PHP 5 to run .php scripts from the shell.
{{{
sudo update-binfmts --install PHP /usr/bin/php5-cgi --extension php
}}}

Enable necessary Apache modules.

{{{
sudo a2enmod rewrite
sudo a2enmod suexec
sudo a2enmod include
sudo a2enmod userdir
}}}

Enable Apache's handling of PHP files. Add the following line to /etc/apache2/apache2.conf
{{{
AddHandler cgi-script .php
}}}

Configure the userdir module. Uncomment the following lines in /etc/apache2/apache2.conf.
{{{
UserDir public_html
UserDir disabled root

<Directory /home/*/public_html>
	AllowOverride FileInfo AuthConfig Limit
	Options Indexes SymLinksIfOwnerMatch IncludesNoExec
</Directory>}}}

Add the ExecCGI option. The block should now appear as below.
{{{
UserDir public_html
UserDir disabled root

<Directory /home/*/public_html>
	AllowOverride FileInfo AuthConfig Limit
	Options Indexes SymLinksIfOwnerMatch IncludesNoExec ExecCGI
</Directory>}}}

Reload the Apache configuration.
{{{
sudo /etc/init.d/apache2 force-reload
}}}

More information about the ubuntu-doc mailing list