Jump to content

ProcessWire .htaccess vs. cPanel MultiPHP Manager + MultiPHP INI Editor


Jonathan Lahijani
 Share

Recommended Posts

I have a site where the webhost uses cPanel.

Inside cPanel, I did the following:

  1. modified the settings of cPanel MultiPHP Manager to be PHP 7.2 (instead of an older 7.0).
  2. modified the settings of cPanel MultiPHP INI Editor to change some various PHP settings, like upload_max_size

As a result, cPanel appends the following to ProcessWire's main .htaccess file:

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php72” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php72 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php7_module>
   php_flag display_errors Off
   php_value max_execution_time 120
   php_value max_input_time 60
   php_value max_input_vars 1000
   php_value memory_limit 128M
   php_value post_max_size 64M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php72"
   php_value upload_max_filesize 64M
   php_flag zlib.output_compression Off
</IfModule>
<IfModule lsapi_module>
   php_flag display_errors Off
   php_value max_execution_time 120
   php_value max_input_time 60
   php_value max_input_vars 1000
   php_value memory_limit 128M
   php_value post_max_size 64M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php72"
   php_value upload_max_filesize 64M
   php_flag zlib.output_compression Off
</IfModule>
# END cPanel-generated php ini directives, do not edit

Now normally that wouldn't be a problem, but I like to have my development server .htaccess and production server .htaccess be the exact same and use conditionals so that some code is executed on development and some on production as needed.

If I take that block and add it to my development .htaccess file, I cannot log into ProcessWire's admin ('request was forged' error).  That's probably because of the session.save_path override.

So I thought about wrapping that cPanel code block like this:

<If "%{HTTP_HOST} == 'www.my-production-domain.com'">
# cpanel code from above goes here...
</If>

That works on both development and production.  But a problem occurs when I make additional updates on the production server cPanel MultiPHP Manager or MultiPHP INI Editor.  Instead of cPanel just changing the code between the <If></If> block, it will append it to the end of the file again (and remove the original code inside <If></If>, so the result would look like this:

<If "%{HTTP_HOST} == 'www.my-production-domain.com'">
# this is now empty. :(
</If>

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php7_module>
   php_flag display_errors Off
   php_value max_execution_time 120
   php_value max_input_time 60
   php_value max_input_vars 1000
   php_value memory_limit 128M
   php_value post_max_size 64M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php72"
   php_value upload_max_filesize 64M
   php_flag zlib.output_compression Off
</IfModule>
<IfModule lsapi_module>
   php_flag display_errors Off
   php_value max_execution_time 120
   php_value max_input_time 60
   php_value max_input_vars 1000
   php_value memory_limit 128M
   php_value post_max_size 64M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php72"
   php_value upload_max_filesize 64M
   php_flag zlib.output_compression Off
</IfModule>
# END cPanel-generated php ini directives, do not edit

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php72” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php72 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit

I'd prefer for that to not happen.

Does anyone know of a smart way around this?  I could have 2 .htaccess files (one for development, one production) and do the necessary file renaming in my deployment script, but then I have to maintain 2 copies which I don't want to do since there would be code repetition.

I'm not very advanced with htaccess so any ideas that I can look into would be helpful.

Link to comment
Share on other sites

To my best knowledge there's no easy way around this, except for not using the MultiPHP Manager in the first place... which might not be an option for your use case ?

Some (possibly awful) ideas you could try:

  • Perhaps you could disable overriding PHP settings via htaccess on your dev server by defining more restrictive AllowOverride option in your virtual host? AllowOverride also works on a per-directory basis, so I believe you could disable these for this particular site only, in case you're hosting multiple sites on this environment.
  • How 'bout manually creating matching directory (/var/cpanel/php/sessions/ea-php72) on your dev server for storing sessions for this site?
  • It sounds to me like cPanel will make these modifications automatically. If it also remembers all values somehow (in database or some other config file) and then repopulates them on first request or something, perhaps you could manage just one version and let cPanel work it's magic automatically after deployment? Not sure if that's exactly how it works, and whether that's feasible in the first place also depends on what your dev/deployment workflow looks like... ?

It'd be great if the folks at cPanel provided some way to decide where specifically these rules should go, but I guess that'd be a new feature request. Based on some googling it also looks like when they introduced the automatic modification part, they broke quite a few sites in the process. Not cool ?

  • Like 1
Link to comment
Share on other sites

Thanks for your suggestions Teppo.

To keep things simple, I went with just creating /var/cpanel/php/sessions/ea-php72 on my dev server (Ubuntu via WSL2), as well as ea-php73, ea-php71, ea-php70, ea-php80 just to be future proof.  I removed the wrapping <If "%{HTTP_HOST} == 'www.my-production-domain.com'">...</If> conditional as well.  It works perfectly.

I had to make sure to give those directories the correct ownership (www-data:www-data in my case):

sudo chown -R www-data:www-data /var/cpanel

 

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...