PHP is a scripting language that is especially suited for web pages. It's embedded in the HTML code and executes on the server when the page is loaded, replacing the PHP code with whatever dynamic contents it created. You will find many free applications for your web server based on PHP and the database MySQL. phpBB, WordPress and MediaWiki are only a few popular applications that build upon these components.
CompilingSUHOSIN is selected. This patch will add extra protection to PHP but it can also interfere with the functionality of some PHP applications. If that happens it's possible to tune the behaviour of Suhosin but don't disable it.
# cd /usr/ports/lang/php5 # make # make install clean # rehash
Pay close attention to the messages on the screen after make install finish.
*************************************************************** Make sure index.php is part of your DirectoryIndex. You should add the following to your Apache configuration file: AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps ***************************************************************
As you can see here you need to edit your main Apache configuration file /usr/local/etc/apache22/httpd.conf, so load it in your favourite editor and search for this section:
# # DirectoryIndex: sets the file that Apache will serve if a directory # is requested. # <IfModule dir_module> DirectoryIndex index.html </IfModule>
The comments should make it obvious what this is. The filename or filenames listed here is what Apache serves to a user if the requested url doesn't contain a filename. The files will be searched for in the order they appear here so you should insert index.php before index.html so the DirectoryIndex row looks like this:
DirectoryIndex index.php index.html
Then search for the section called <IfModule mime_module>. The last lines in that section looks like this:
#AddType text/html .shtml #AddOutputFilter INCLUDES .shtml </IfModule>
Add the two remaining rows from the output so the section looks like this instead:
#AddType text/html .shtml #AddOutputFilter INCLUDES .shtml AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps </IfModule>
One more row has been added to httpd.conf automatically. I'll show it here for reference. It's the program module Apache loads to add PHP functionality.
LoadModule php5_module libexec/apache22/libphp5.so
You can now save the file and exit the editor. A small test that no errors have occurred in the configuration never hurts.
# /usr/local/etc/rc.d/apache22 configtest Performing sanity check on apache22 configuration: Syntax OK
Install PHP extensions
# cd /usr/ports/lang/php5-extensions # make
Unfortunately, the options screen for this port doesn't enable many of the needed extensions by default. You should always check carefully what requirements the PHP applications have that you want to use, so you know what extensions to enable. Besides the default selection, you should at least enable the ones I list below since they are commonly used by PHP applications. Be prepared that this port will pull in quite a number of other ports and thus will take a while to compile.
When the application has finished compiling you install it as usual.
# make install clean
The installed extension modules are listed in /usr/local/etc/php/extensions.ini and the order matters. Some modules are dependent on others and if they're listed in the wrong order the web server may have problems starting. There's an easy way to check that the order is correct.
# php -v PHP 5.2.8 with Suhosin-Patch 0.9.6.3 (cli) (built: Jan 2 2009 07:12:31) Copyright (c) 1997-2008 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
If the output is free from error messages you're good to go but if you get any errors things get more difficult. Sometimes the error messages make it clear that you have to swap two modules in extensions.ini but most of the times it's not that easy. The only thing to do then is to start from the beginning of the file and deactivate one module at a time until the error disappears. When you find the faulty module you can try to move it around and see if that helps. Usually such errors are possible to solve by moving the module to the end of extensions.ini.
Adding additional extensions
I'll take this opportunity to show you how to change the configuration of an already installed port and how to reinstall it. The options you select are stored in /var/db/ports and whenever you upgrade a port, the settings here will be used automatically and you won't see the options screen again. To be able to change the options you must first deinstall the port and then explicitly call the options screen with the make command.
# cd /usr/ports/lang/php5-extensions # make deinstall # make config
Enable some additional options that could come in handy.
When you select OK, the new options are stored and you can now compile and install the port again as usual.
# make # make install clean
Don't forget to check the module order again with php -v before you continue.
You should now create the configuration file for PHP. The port includes two examples: /usr/local/etc/php.ini-dist, which is the default configuration and /usr/local/etc/php.ini-recommended, which is a more secure version. Use the default template and copy it to its proper place.
# cp /usr/local/etc/php.ini-dist /usr/local/etc/php.ini
Below is a list of recommended changes to the default settings. They're compiled from php.ini-recommended and by studying settings at major web hosting companies. Various security and performance discussions on the Internet also plays a part in these settings. There's no single optimal configuration for PHP, it all depends on your needs and your system but the suggested changes are a good start.
Default value Recommended value Comment short_open_tag On Off precision 12 14 output_buffering Off 4096 allow_call_time_pass_reference On Off memory_limit 128M 256M Must be larger than post_max_size. Use a smaller value if low on system RAM. error_reporting E_ALL & ~E_NOTICE E_ALL display_errors On Off log_errors Off On log_errors_max_len 1024 0 variables_order "EGPCS" "GPCS" register_long_arrays On Off register_argc_argv On Off post_max_size 8M 64M Must be larger than or equal to upload_max_filesize. magic_quotes_gpc On Off always_populate_raw_post_data Off On Uncomment this line in php.ini to enable. cgi.fix_pathinfo 0 1 Uncomment and change to 1. upload_max_filesize 2M 64MB Use a smaller value if low on system RAM. session.save_path /no value/ "/tmp" Uncomment. session.gc_divisor 100 1000 session.bug_compat_42 1 0 session.hash_bits_per_character 4 5 url_rewriter.tags -> "a=href,area=href,frame=src,input=src,form=fakeentry"
Create a small html file called phpinfo.php somewhere in your web folder with the following contents (remember to do it as your web user):
<?php phpinfo(); ?>
Restart Apache to make it all work.
# /usr/local/etc/rc.d/apache22 restart
If you browse to phpinfo.php that you just created, you should now see a nice status page describing all settings and capabilities of your PHP installation.
You have already activated the Suhosin patch but there is also a Suhosin extension which adds even more protection. It's not included in the extension meta-port but you should definitely install it.
# cd /usr/ports/security/php-suhosin # make # make install clean
Check with php -v after installation that it now reports the Suhosin extension as well as the patch and that no errors appeared.
# php -v PHP 5.2.8 with Suhosin-Patch 0.9.6.3 (cli) (built: Jan 2 2009 07:12:31) Copyright (c) 1997-2008 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies with Suhosin v0.9.27, Copyright (c) 2007, by SektionEins GmbH
Restart Apache to activate the new extension.
# /usr/local/etc/rc.d/apache22 restart
APC is the Alternative PHP Cache. It comes as yet another extension module and provides caching functionality for your PHP engine. It can be a major performance boost for your PHP applications if the pages they create are cached by the server. It has an options screen but you can use the default values.
# cd /usr/ports/www/pecl-APC # make # make install clean
After the installation, the output suggests a few additions to php.ini but I will suggest even more. Copy and paste the following lines and put them last in php.ini.
apc.enabled=1 apc.shm_segments=1 apc.shm_size=128 apc.ttl=7200 apc.user_ttl=7200 apc.num_files_hint=1024 apc.mmap_file_mask=/tmp/apc.XXXXXX apc.enable_cli=1
As always, check with php -v that the new extension didn't mess things up and then restart Apache if everything looks fine.
# php -v # /usr/local/etc/rc.d/apache22 restart
On some occasions php -v will output errors like "core dumped" or "segfault" and the Apache server will most likely have problems running. It turns out that it matters in what order the PHP extensions are listed in /usr/local/etc/php/extensions.ini. The ones shown below are particularly troublesome and if you experience any problems you should make sure their relative order is like this:
extension=recode.so extension=mysql.so extension=imap.so extension=sockets.so extension=pspell.so
More information to help you can be found at pingle.org.
- /usr/local/etc/php.ini is the configuration file for PHP.
- /usr/local/etc/php/extensions.ini is the configuration file for plugins to PHP but it isn't edited by hand but is populated by the meta-port lang/php5-extensions.
- make config can be used to reconfigure the options of a port.
- make deinstall is the correct way to uninstall a port.