Project

General

Profile

FrequentlyAskedQuestions » History » Revision 55

Revision 54 (hoffie, 2007-12-30 12:49) → Revision 55/83 (hoffie, 2007-12-30 13:05)

= FAQs = 

 [[PageOutline(2-3,Frequently Asked Questions,inline)]] 

 == Where to get help? == 

 IRC: [http://www.freenode.net/ freenode],    channel [irc://irc.freenode.net/lighttpd #lighttpd] 

 Mailing list: [http://trac.lighttpd.net/trac/wiki/WikiStart#Community details], [http://news.gmane.org/gmane.comp.web.lighttpd archive]. 

 == General == 

 === How do I bind to more than one address? === 

 Use server.bind and server.port to bind to the first port and then the $SERVER!["socket"] conditional to bind to the rest (it will 'magically' bind to the specified socket). 

 Example that exposes /server-status to an internal IP only (note that it's perfectly valid to leave the body of the conditional empty): 
 {{{ 
 server.port = 80 
 server.bind = "192.0.2.1" 

 $SERVER["socket"] == "192.168.2.100:80" { 
    status.status-url = "/server-status" 
 } 
 }}} 

 This can also be combined with [wiki:Docs:SSL SSL]. 

 === What kind of environment does server.error-handler-404 set up? === 

 The environment (which is relevant when using CGI or FastCGI) is quite normal, but observe the following: 

  * The REQUEST_URI is the original request, and has nothing to do with where the redirect points to. 
  * QUERY_STRING is ''not'' set, so you have to parse the REQUEST_URI yourself to get it. 
  * Likewise, PATH_INFO isn't set. 
  * SCRIPT_NAME is set according to the handler, not according to the original URI. 

 === Why is server.error-handler-404 serving 200 instead of 404? === 

 Quote from Jan: 
 {{{ 
 Yes. As we handle the error we generate a something new. If you just 
 want to send a custom-404 errorpage, there is server.errorfile-prefix 
 }}} 
 For further information read the server.errorfile-prefix entry [wiki:Docs:Configuration in configuration info]. 

 === How do I protect a directory with a password? === 

 Look in the doc/authentication.txt 

 If you're converting from Apache, htpasswd authentication backend is what you're looking for. 

 See also [wiki:HowToAuthenticationFromMultipleFiles] 

 === Can I use Apache Modules with lighttpd? === 

 No, apache modules are not compatible with lighttpd. 

 === Can I use SVN over WebDAV with lighttpd? === 

 No, use apache.    If you would like, you can proxy requests to apache through lighttpd. 

 === What is lighttpd's equivalent to Apache's "Options +!MultiViews"? === 

 See [wiki:MigratingFromApache#MultiViews] 

 == FastCGI == 

 === Where is the spawn-php program/script available from? it's mentioned in docs but not available in the distributed package (1.3.7)    === 

 If you install lighttpd (http://lighttpd.net/download/INSTALL), the spawn-fcgi binary is installed automatically (to /usr/bin/spawn-fcgi by default). 

 The spawn-php.sh script can be found here: http://www.lighttpd.net/download/spawn-php.sh 

 === Is there an su-exec wrapper available? === 

 Not officially, but Sune Foldager coded one especially for lighttpd which you can grab [http://cyanite.org/projects/execwrap/ here]. It's very easy to use, but has not yet been extensively tested so a little caution is advised. On the other hand, the source is very small so it's easy to get a security overview. Instructions and usage examples (with lighttpd) are in the [http://cyanite.org/projects/execwrap/READ_ME README]. 

 === How do I exclude a certain directory from FastCGI? === 

 {{{ 
 $HTTP["url"] !~ "^/no-fcgi/" { 
 # to exclude multiple directories: $HTTP["url"] !~ "^/(?:no-fcgi1|foo/no-fcgi2|bar)/" { 
    fastcgi.server = ( "/" => ... ) 
 } 
 }}} 

 You '''can''' **can** also use server.error-handler-404 to redirect all non-existent files to FastCGI (see LighttpdOnRails for an example), but you should not. It is known to have unexpected side effects and is more a hack than a real solution. Use mod_magnet whenever you need such changes, darix provides very good scripts (which should fit a lot of web apps) at his [http://pixel.global-banlist.de./ website]. 

 === I get the error "No input file specified" when trying to use PHP === 
 Sadly, this error message can mean a lot of things. A common explanation attempt: PHP is unable to locate or open the file which it is supposed to parse. This can have a lot of reasons: 
   * You forgot to add '''cgi.fix_pathinfo=1 to your php.ini''' file 
     

 See the comments in the [http://www.php.net/manual/de/security.cgi-bin.php PHP docs]. The issue here is that the environment variable SCRIPT_FILENAME is not being passed to PHP. 
   * Make sure 

 Double check that you did not set '''doc_root or userdir in php.ini''', or if you have set it, make sure it has the correct value (doc_root should match lighttpd's server.document-root option this line in this case) 
   * If open_basedir is set, make sure your php.ini:  
 {{{ 
 cgi.fix_pathinfo=1 
 }}} 

 Note also that doc_root in php.ini must be the requested file is below one of the directories which is specified there. In the past PHP parsed files which were not inside open_basedir same as well, but this security problem was fixed (in php-5.2.3 or so). 
   * server.document.root in lighttpd-inc.conf. 

 If you are running PHP with different permissions than lighttpd (spawn-fcgi with -u/-g, execwrap, suexec, ...), via spawn-fcgi, you might also want to check you are running as a user/group that PHP can really read the file 

 fast cgi scripts. If you are unable to find / fix this is not the problem, case you can use [wiki:HowToReportABug#strace strace] to see if it is a (OS-related) permission problem (look out for stat*(...YOURFILE...) = RETURNCODE). It might help to set max-procs to 1 and PHP_FCGI_CHILDREN as well (see [wiki:Docs:ModFastCGI mod_fastcgi docs) in that case, so that you can easily attach strace to will also get the correct php-cgi process. "No input file specified" message. 

 === How many php CGI processes will lighttpd spawn? === 

 lighttpd has three configuration options that control how many php-cgi processes will run: 

  * PHP_FCGI_CHILDREN (defaults to 1) 8 before 4.3.0, 0 after; see below) 
  * max-procs min-procs (default 4) 
  * min-procs is completely ignored in recent lighttpd releases (there is no adaptive spawning anymore) max-procs (default 4) 

 When lighttpd starts, it will launch max-procs min-procs parent php processes.    Each parent process then pre-forks PHP_FCGI_CHILDREN child processes.    For example, if min- and max-procs are 4 and PHP_FCGI_CHILDREN is 16, lighttpd will start max-procs x ( PHP_FCGI_CHILDREN 4 + 1). In our case: 4 * ( x 16 + 1 ) = 68 (4 watcher processes. 

 To disable lighttpd's process control, set min-procs and max-procs to 1 and set PHP_FCGI_CHILDREN to the number of processes which do not handle requests, 64 real php backends which serve requests). 

 If you are using an opcode cache such as eAccelerator, XCache or similar it's advisable want to keep max-procs at a very low number (1 is perfectly fine) spawn. 

 In the case of lighttpd 1.4, php 4.3, and raise PHP_FCHI_CHILDREN instead. Those opcode caches eAccelerator 0.9.3 on Linux, eAccelerator will create a separate memory space for each parent process, otherwise, which is not what one would call "efficient memory usage" in that case.. process.    If you leave min- and max-procs at 4, you'll end up with four separate opcode memory cache segments. eAccelerator caches.    However, if a php parent segfaults, you'll still have three groups available to respond to queries.    For this reason, Jan recommends setting min- and max-procs to 2. 

 After PHP 4.3.0, PHP_FCGI_CHILDREN defaults to 0.    If left at 0, PHP will not pre-fork any children, so only min-procs parents will handle requests. 

 PHP 5 seems to start one parent process and one child per min/max-procs and PHP_FCGI_CHILDREN defaults to 1.    What I suggest is splitting the number of processes you want between min/max-procs and PHP_FCGI_CHILDREN. The number of processes spawned = min/max-procs*(PHP_FCGI_CHILDREN+1). For my setup, I have min-procs and max-procs=2 and PHP_FCGI_CHILDREN=4. 

 Note that setting PHP_FCGI_MAX_REQUESTS is recommended to avoid possible memory leak side-effects. 

 === What does %1/$1 mean? === 

 It's just "lighty speak" for [http://www.regular-expressions.info/brackets.html backreferences]. (See doc/rewrite.txt and doc/redirect.txt.) 

 %n is used to denote a backreference on the conditional, and $n is used to backreference on the redirect/rewrite regex. If you need to learn about regexen, [http://www.regular-expressions.info/ Regular-Expressions.info] is as good a place to start as any. 

 === What does "(server.c.XXX) connection closed - write-request-timeout: YY" in my error log mean? === 

 This error means that a client connection has timed out and lighttpd has closed the connection. This error on its own is not something to worry about as it can occur regularly during the course of normal site operation.    The default timeout is 360 seconds and can be set using [http://lighttpd.net/documentation/configuration.html server.max-write-idle]. 

 === Why: 'unexpected end-of-file (perhaps the fastcgi process died)'? or random '500 - Internal Server Error' === 
 If you are using fastcgi with PHP then this may be caused by using PHP extensions that are unstable.    For example the following configuration caused my lighttpd install to respond sometimes to indentical queries with '500 - Internal Server Error' and sometimes with the page requested.    The issue was fixed by removing the APD 'extension' line in the relevant PHP    configuration file. 
 {{{ 
 PHP 5.1.6-pl6-gentoo (cgi-cgi) (built: Feb    8 2007 11:14:58) 
 Zend Engine v2.1.0, Copyright (c) 1998-2006 Zend Technologies 
   with Advanced PHP Debugger (PAD) v0.9, , by George Schlossnagle 
 }}} 

 Note that in php5.2.5 there is also this bug 

 http://bugs.php.net/bug.php?id=43295  

 which has similar symtoms, but needs a patch to php 

 http://cvs.php.net/viewvc.cgi/php-src/main/SAPI.c?r1=1.202.2.7.2.15&r2=1.202.2.7.2.16&pathrev=PHP_5_2&diff_format=u  

 or wait until 5.2.6 since the patch is committed to php's CVS by dimitry. 


 == SSL == 
 === Microsoft Internet Explorer reports "bad data from server" when surfing an SSL-enabled Lighttpd site === 
 This is most likely because of some known bugs in the implementation of SSL in some versions of MSIE.  

 The current solution (equivalent of using !SetEnvIf in Apache) is using the following configuration snippet: 
 {{{ 
 $HTTP["useragent"] =~ "MSIE" { 
   server.max-keep-alive-requests = 0 
 } 
 }}} 
 (from http://article.gmane.org/gmane.comp.web.lighttpd/3447) 


 == MacOSX == 
 === Lighttpd crashes when using server.event-handler="poll" in MacOSX === 
 Configure lighttpd to use kqueue as the event-handler: 

 {{{ 
   server.event-handler = "freebsd-kqueue" 
 }}} 
  
 See Also: [wiki:server.event-handlerDetails server.event-handler option]