PHP-FPM – config improvements

We’ve already installed Nginx web server, PHP, run wrappers and configure php.ini settings. Next step will be some small improvements on global PHP-FPM configuration and also, additional settings on websites wrappers. Today we will edit /etc/php-fpm/version/fpm/php-fpm.conf file. It’s PHP-FPM main configuration file. Not PHP like php.ini from last chapter, but for FastCGI Process Manager. There is no time for unnecessary descriptions, let’s edit this file.

Nginx installation and first configuration

Nginx virtual host configuration

Use PHP-FPM with Nginx

Describe and change php.ini settings

PHP-FPM – config improvements

Use strong Nginx encryption settings

Nginx optimizations, tips and tricks (work in progress)

php-fpm.conf file

First step is to decrease logging level. Default is notice – not but, I like to have logs and possibility to check everything, but notice means a lot of completely unnecessary logs and troubles with filtering. I recommend to use higher level – warning, or if you want, error.

These three settings prevent our PHP-FPM processes to corruptions, memory leaks or unwanting suspending. PHP will automatically restart such processes and free memory if it will needed. You can change time limits, but there are default, secure values. Important note: it’s default, but default configuration has disable this feature (limits are commented).

Edit wrappers config files

Next step is to set some additional settings on our wrappers, so, fox example /etc/php/your-version/fpm/pool.d/mywebsite.conf:

If you have a lot of webistes with different wrappers, you do not have to write this website/wraper name every and every time in wrapper configuration. You can use $pool variable to to this. It’s very comfortable to create new wrappers with the same settings – just change first line.

Second, and last thing is to set open_basedir for each wrapper. This setting limit PHP to use this and nested directory, but not any in higher level – for security purporses and isolate all website in their directories. Simple, but very effective. As you can see, it’s very simple to overwrite global php.ini configuration using php_admin_value array. You can simply create completely different environments with one global PHP.

Happy New Year!