Any program assigned to the handler fcgid-script
is processed
using the FastCGI protocol;
The pool of fcgid-invoked programs is shared between all httpd workers. Configuration directives below let the administrator tune the number of instances of the program that will run concurrently.
Specific executables are assigned this handler either by having a name containing an extension defined by the AddHandler directive, or with an override using the SetHandler directive (e.g., for all files in a specific directory such as cgi-bin).
Some changes have been made in the ASF release of mod_fcgid which can affect existing configurations. All documentation refers to new names for the directives. (The old names still work but are now deprecated.) Please read the Upgrade Notes for details.
For an introduction to using CGI scripts with Apache, see the generic tutorial on Dynamic Content with CGI.
The following changes have been made in the ASF release of mod_fcgid and should be considered when upgrading from the original version by Ryan Pan (Pan Qingfeng).
Old Name | New Name |
---|---|
The core directive ErrorDocument
allows the user to specify custom error pages for specific HTTP error codes.
An important note must be made: if the error page is generated by the fastcgi script, mod_fcgid
will
pass the response down to the output filter chain bypassing the Apache's
ErrorDocuments. Conversely, if the error is generated by Apache itself (for example, a HTTP 404
due to a missing resource) then the ErrorDocument set will be used.
This behaviour is the most conservative one to interfere as little as
possible with the fastcgi's response generation logic. mod_proxy
shows the same
behaviour but it offers
ProxyErrorOverride
to force the use of ErrorDocuments, meanwhile mod_fcgid
does not.
A common workaround is to instruct the fcgi script to generate the ErrorDocuments
to have full control of the response content.
The examples assume that mod_fcgid and other necessary modules are loaded into the server already, either built-in or via the LoadModule directive.
Additionally, the example configurations provide full access to the applications using access control directives which work with Apache 2.0 and 2.2. These directives are not appropriate for all environments, and they do not work for development levels of Apache HTTP Server (Subversion trunk).
The first example is a very simple Perl FastCGI application, and its configuration directives. This is typical for FastCGI applications which require no special configuration.
PHP applications are usually configured using the
PHP_FCGI_MAX_REQUESTS
or anything else. (Environment variables can also be set with
Here is an example that uses a wrapper script to invoke PHP:
By default, PHP FastCGI processes exit after handling 500
requests, and they may exit after this module has already
connected to the application and sent the next request. When that
occurs, an error will be logged and 500 Internal Server
Error
will be returned to the client. This PHP behavior
can be disabled by setting PHP_FCGI_MAX_REQUESTS
to
0, but that can be a problem if the PHP application leaks
resources. Alternatively, PHP_FCGI_MAX_REQUESTS
can
be set to a much higher value than the default to reduce the
frequency of this problem.
PHP_FCGI_MAX_REQUESTS
to resolve the problem.
PHP child process management (PHP_FCGI_CHILDREN
)
should always be disabled with mod_fcgid, which will only route
one request at a time to application processes it has spawned;
thus, any child processes created by PHP will not be used
effectively. (Additionally, the PHP child processes may not be
terminated properly.) By default, and with the environment
variable setting PHP_FCGI_CHILDREN=0
, PHP child
process management is disabled.
The popular APC opcode cache for PHP cannot share a cache between PHP FastCGI processes unless PHP manages the child processes. Thus, the effectiveness of the cache is limited with mod_fcgid; concurrent PHP requests will use different opcode caches.
mod_fcgid has several types of controls which affect the creation of additional application processes:
Type of control | Directive |
---|---|
global limit on number of processes | |
limit on number of processes per application | |
limit on rate of spawning new application processes |
mod_fcgid has several types of controls which affect the termination of existing application processes:
Type of control | Directive |
---|---|
termination after an idle period | |
termination after it handles a certain number of requests | |
termination after a certain lifetime |
Several of the directives control processing for a process class. A process class is the set of processes which were started with the same executable file and share certain other characteristics such as virtual host and identity. Two commands which are links to or otherwise refer to the same executable file share the same process class.
Certain settings or other concepts that depend on the virtual host,
such as
Information about each process will be displayed in the
Access checking or, more formally, access control, is a procedure which verifies that the client is allowed to access a resource, using some mechanism other than authentication and authorization.
Key environment variables passed to the application for access checking are:
FCGI_APACHE_ROLE
ACCESS_CHECKER
; by checking the current role,
the same FastCGI application can handle multiple stages of request
processingThe application must output a Status
line to indicate
the result of the check.
Before 2.3.6, only one FastCGI application of any type (AAA or handler) can be used for a particular request URI. Otherwise, the wrong FastCGI application may be invoked for one or more phases of request processing.
This directive controls whether or not other access checkers
are allowed to run when this module has an access checker configured
and it fails a request. If this directive is On
(default)
and a FastCGI access checker returns a failure status, a failure is
returned to the client without giving other access checkers a chance to
allow access. If this directive is Off
, other access
checkers will be called.
Authentication is the procedure which verifies that the user is who they claim they are. This directive specifies the full path to a FastCGI application which will handle authentication for a particular context, such as a directory.
Key environment variables passed to the application on authentication are:
REMOTE_USER
REMOTE_PASSWD
FCGI_APACHE_ROLE
AUTHENTICATOR
; by checking the current role,
the same FastCGI application can handle multiple stages of request
processingThe application must output a Status
line to indicate
the result of authentication.
Before 2.3.6, only one FastCGI application of any type (AAA or handler) can be used for a particular request URI. Otherwise, the wrong FastCGI application may be invoked for one or more phases of request processing.
This directive controls whether or not other authenticators
are allowed to run when this module has an authenticator configured
and it fails a request. If this directive is On
(default)
and a FastCGI authenticator returns a failure status, a failure is
returned to the client without giving other authenticators a chance to
validate the client identity. If this directive is Off
,
other authenticators will be called.
Authorization is the procedure which verifies that the user is allowed to access a particular resource. This directive specifies the full path to a FastCGI application which will handle authorization for a particular context, such as a directory.
Key environment variables passed to the application on authorization are:
REMOTE_USER
FCGI_APACHE_ROLE
AUTHORIZER
; by checking the current role, the
same FastCGI application can handle multiple stages of request
processingThe application must output a Status
line to indicate
the result of authorization.
Before 2.3.6, only one FastCGI application of any type (AAA or handler) can be used for a particular request URI. Otherwise, the wrong FastCGI application may be invoked for one or more phases of request processing.
This directive controls whether or not other authorizers
are allowed to run when this module has an authorizer configured
and it fails a request. If this directive is On
(default)
and a FastCGI authorizer returns a failure status, a failure is
returned to the client without giving other authorizer a chance to
access the resource. If this directive is Off
, other
authorizers will be called.
The module performs the
This is the maximum time limit for request handling. If a FastCGI
request does not complete within FcgidBusyTimeout seconds, it will be
subject to termination. Because the check is performed at the
interval defined by
The purpose of this directive is to terminate hung applications. The default timeout may need to be increased for applications that can take longer to process the request.
This directive allows processing options to be specified for a specific command spawned by mod_fcgid. Each option for the command corresponds to another directive that normally applies to all commands started within a particular context. If a particular option is not specified on this directive, the default will be used.
The following table provides a list of options and corresponding directives:
Option name and syntax | Corresponding directive |
---|---|
ConnectTimeout seconds |
|
IdleTimeout seconds |
|
InitialEnv name[=value] |
|
IOTimeout seconds |
|
MaxProcesses value |
|
MaxProcessLifeTime seconds |
|
MaxRequestsPerProcess value |
|
MinProcesses value |
Multiple environment variables are defined by repeating
the InitialEnv
option.
When /usr/local/bin/wrapper
is spawned, its initial
environment contains the MAX_REQUESTS=2000
environment variable setting; additionally, mod_fcgid will
terminate it after it has handled 2000 requests, and I/O
operations will time out after 90 seconds. Directives
corresponding to other options, such as
Use
This setting will apply to all applications spawned for this
server or virtual host. Use
This directive sets the maximum number of processes that can be started for each process class.
This setting will apply to all applications spawned for this
server or virtual host. Use
This directive sets the minimum number of processes that will be retained in a process class after finishing requests.
This setting will apply to all applications spawned for this
server or virtual host. Use
This is the interval at which the module will handle
pending process termination. Termination is pending for
any processes which have exceeded
Unix: mod_fcgid will terminate such processes with SIGTERM; if the process is still active during the next scan, the process will be terminated with SIGKILL. Thus, this directive controls the amount of time for orderly process terminate before being forcibly killed.
This is the interval at which the module will search for
processes which have exceeded
Application processes which have not handled a request for this
period of time will be terminated, if the number of processses for the
class exceeds
0
disables the check.
This idle timeout check is performed at the frequency of the configured
This setting will apply to all applications spawned for this
server or virtual host. Use
This is the maximum period of time the module will wait while trying to read from or write to a FastCGI application.
The FastCGI application must begin generating the response within this period of time. Increase this directive as necessary to handle applications which take a relatively long period of time to respond.
This setting will apply to all applications spawned for this
server or virtual host. Use
This is the maximum period of time the module will wait while trying to connect to a FastCGI application on Windows. (This directive is not respected on Unix, where AF_UNIX defaults will apply.)
This setting will apply to all applications spawned for this
server or virtual host. Use
This directive sets the maximum number of FastCGI application processes which can be active at one time.
This module reads the entire request body from the client
before sending it to the application. Normally the request body
will be stored in memory. Once the amount of request body read
from the client exceeds
If the size of the request body exceeds this amount, the
request will fail with 500 Server Error
.
Administrators should change this to an appropriate value for their site based on application requirements.
Before 2.3.6, this defaulted to 1GB. Most users of earlier versions should use this directive to set a more reasonable limit.
FastCGI application processes will be terminated after handling
the specified number of requests. A value of 0
disables the check.
A value of -1
is currently accepted for ease of
migration for existing configurations. It is treated the same as
0
.
Certain applications, notably PHP as FastCGI, have their own facility for terminating after handling a certain number of requests. This directive can be used to avoid sending additional requests to the application after it has handled its limit.
If this is set such that frequent process creation will be
required, you will likely need to adjust
This setting will apply to all applications spawned for this
server or virtual host. Use
This is the maximum amount of response data the module will read from the FastCGI application before flushing the data to the client.
This directive specifies the name of a request header which will be passed to the FastCGI application as an environment variable. The name of the environment variable is derived from the value specified on this directive, as discussed below:
The legacy behavior is to use the value specified on this directive as the environment variable name, converting hyphens to underscores. No case conversion is performed.
Beginning with release 2.3.6, an additional environment variable
is created. The value specified on this directive is converted to
upper case, prefixed with HTTP_
, and hyphens are
converted to underscores.
Most request headers are already available to the application
as environment variables, and generally are prefixed with
HTTP_
. (Notable exceptions are Content-type
and Content-length
, which do not have the
HTTP_
prefix.) Thus, this directive is only required
for request headers that are purposefully omitted, such as
Authorization
and Proxy-Authorization
.
Only pass these request headers if absolutely required.
cgi.fix_pathinfo
settingThis directive enables special SCRIPT_NAME
processing which allows PHP to provide additional path information.
The setting of cgi.fix_pathinfo
setting in
php.ini
.
Idle application processes which have existed for greater
than this time will be terminated, if the number of processses for the
class exceeds
0
disables the check.
This process lifetime check is performed at the frequency of the configured
This setting will apply to all applications spawned for this
server or virtual host. Use
This module uses shared memory on Unix to maintain state which is shared between httpd processes. This directive specifies the name of the shared memory file.
This module uses AF_UNIX sockets or named pipes, depending on the platform, to communicate with FastCGI applications. This directive specifies the directory where those sockets or named pipes will be created.
Lower values of this directive increase the allowed spawn rate.
Refer to the
A process activity score is maintained for each FastCGI application; the score is used to control the rate of spawning in order to avoid placing too much load on the system, particularly for applications that are repeatedly exiting abnormally.
The value of
When the current score is higher than the value of
If the limit is reached under normal load, it may not be sufficient to
simply increase the limit, as that would only delay the amount of time
before the limit is reached again. Decrease the value of
Lower values of this directive increase the allowed spawn rate. Negative values can be useful in some circumstances, such as allowing process replacement without increasing the score.
Refer to the
Higher values of this directive increase the allowed spawn rate.
Refer to the
Uses Job Control Objects on Windows, only, to enforce shutdown of all fcgi processes created by the httpd worker when the httpd worker has been terminated. Processes terminated in this way do not have the opportunity to clean up gracefully, complete pending disk writes, or similar closure transactions, therefore this behavior is experimental and disabled, by default.
The given command is used to spawn FCGI server processes. If this directive is not used, the file pointed to by the request URL will be used instead. Options for the command can be included using quotation marks surrounding the command and options.
The optional suffix
argument restricts the use of this FCGI
server to all URLs with the given exact path suffix. A suffix needs to start
with '.
'.
The virtual
flag signals that there will be no check
whether the request URL actually points to an existing file. The only
file which needs to exist is the wrapper itself.
The directive can be used multiple times. A wrapper defined without a suffix is used as a default in case no suffix matches.
The module checks for exited FastCGI applications at this interval. During this period of time, the application may exist in the process table as a zombie (on Unix).