Usually, PHP runs with the permissions of the Webserver Apache2, which has several disadvantages. One, that files created by the webpage will have different user permissions as the user the webpage belongs to. Also there’s a security concern, as webpages of other users on the server could access your data and configuration.
With Ubuntu 16.04 we used the Apache2 FastCGI module, which is no longer available from this how to. This here are the updated instructions for Fcgid.
In our environment we wanted to have a webserver which runs PHP with the permissions of the user the webpage belongs to. This is what we did (starting from a blank Ubuntu 18.04 installation):
apt install libapache2-mod-fcgid apache2 php-cgi apache2-suexec-pristine a2enmod userdir
Add the following to /etc/apache2/sites-available/default-ssl.conf:
<FilesMatch \.php$> AddHandler fcgid-script .php </FilesMatch>
Allow ExecCGI for userdir in /etc/apache2/mods-enabled/userdir.conf:
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec ExecCGI
In the user public_html directory create two files:
~USER/public_html/.htaccess:
FcgidWrapper /home/USER/public_html/.php-fastcgi.fcgi .php
~USER/public_html/.php-fastcgi.fcgi (must be executable and belong to the user):
#!/bin/sh PHP_FCGI_CHILDREN=4 PHP_FCGI_MAX_REQUESTS=5000 export PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS exec php-cgi
Have fun! Please don’t hesitate to leave a comment :-)