Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Set up and access the PHP-FPM status page in Bitnami LAMP stack

I'd like to see the PHP-FPM status page on a Bitnami LAMP stack system.

However, when I try I get a blank page, or an error saying:

Request exceeded the limit of 10 internal redirects due to probable configuration error.

So what do I need to do to get it working?

like image 319
caponica Avatar asked Feb 07 '23 23:02

caponica


1 Answers

There are two parts to this answer.

The first is that you need to enable the status page handler in the PHP-FPM configuration and then you need to set up Apache to route a given URL through to that handler.

To set up PHP-FPM:

cd /path/to/bitnami
cd php/etc
sudo nano php-fpm.conf

(Or whatever command to use your favourite editor. Also, you might not need sudo if you've installed bitnami as the current user instead of using a Bitnami AMI which leaves this file with root ownership.)

In the file, find the line

;pm.status_path = /status    

And change it to:

pm.status_path = /php_fpm_status

Save the file. (In nano, CTRL-X, then Y to confirm)

Then set up a handler in Apache:

Find the Apache config for the domain that you want to serve the status page. By default I think that file is something like /path/to/bitnami/apache2/conf/bitnami/bitnami.conf but you've probably changed it if you have a live server with vhosts.

In the config you need to add:

<VirtualHost xxx>
  ...
  <LocationMatch "/php_fpm_status">
    SetHandler "proxy:fcgi://www-fpm"
  </LocationMatch>
  ...
</VirtualHost>

Restart things:

sudo /path/to/bitnami/ctlscript.sh restart

Then open your new location in a web browser or curl it:

curl ip.add.re.ss/php_fpm_status

And you should see the PHP-FPM status, something like:

pool:                 www
process manager:      ondemand
start time:           21/May/2016:20:28:57 +0000
start since:          13
accepted conn:        1
listen queue:         0
max listen queue:     0
listen queue len:     0
idle processes:       0
active processes:     1
total processes:      1
max active processes: 1
max children reached: 0
slow requests:        0

So far so good, but any man and his malicious monkey can now view your FPM status, so lets lock it down by IP address.

You can use any IP (e.g. your personal IP) by following the format below. On Amazon EC2 we can also restrict the request to only ones originating from the server's own private IP address (not the publicly visible EIP). So if the private IP is 10.0.0.1:

<VirtualHost xxx>
  ...
  <LocationMatch "/php_fpm_status">
    Require ip 10.0.0.1
    SetHandler "proxy:fcgi://www-fpm"
  </LocationMatch>
  ...
</VirtualHost>

Restart Apache and you should still be able to access the status via the command line using curl 10.0.0.1/php_fpm_status but any remote request to the URL will give a 403 Forbidden response.

(You can also password protect the page or do other fancy things, but IP lockdown is enough for this basic example)

Enjoy! And if there is a better way to do any of this then please share the wisdom :-)

like image 151
caponica Avatar answered Feb 10 '23 09:02

caponica