Configure Lighttpd With PHP and HTTPS

· klm's blog


Original post is here: eklausmeier.goip.de

I use the Hiawatha web-server on my servers. For example, this blog runs on Hiawatha. Recently I needed a web-server on Red Hat Enterprise. Unfortunately, Red Hat does not provide Hiawatha directly on its Satellite program, but Lighttpd was there. I also wanted to use PHP and the connection should be secure, i.e., I needed https.

I had written on the lines of code for Apache, Lighttpd, NGINX, and Hiawatha here: Set-Up Hiawatha Web-Server.

Below is the required config file for Lighttpd:

 1# See /usr/share/doc/lighttpd
 2# and http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ConfigurationOptions
 3
 4server.port		= 8080
 5server.username		= "http"
 6server.groupname	= "http"
 7server.document-root	= "/srv/http"
 8server.errorlog		= "/var/log/lighttpd/error.log"
 9dir-listing.activate	= "enable"
10index-file.names	= ( "index.html", "index.php" )
11mimetype.assign		= (
12				".html" => "text/html",
13				".txt" => "text/plain",
14				".css" => "text/css",
15				".js" => "application/x-javascript",
16				".jpg" => "image/jpeg",
17				".jpeg" => "image/jpeg",
18				".gif" => "image/gif",
19				".png" => "image/png",
20				"" => "application/octet-stream"
21			)
22
23#
24# which extensions should not be handle via static-file transfer
25#
26# .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi
27#
28static-file.exclude-extensions = ( ".php", ".pl", ".fcgi", ".scgi" )
29
30
31server.modules += ( "mod_openssl", "mod_status", "mod_fastcgi" )
32status.config-url = "/config"
33status.statistics-url = "/statistics"
34
35$SERVER["socket"] == ":8443" {
36	ssl.engine = "enable"
37	ssl.pemfile = "/etc/hiawatha/eklausmeier.goip.de.pem"
38}
39
40
41fastcgi.server = ( ".php" =>
42	( "php-local" =>
43		(
44			"socket" => "/tmp/php-fastcgi-1.socket",
45			"bin-path" => "/bin/php-cgi",
46			"max-procs" => 1,
47			"broken-scriptfilename" => "enable",
48		),
49	  "php-num-procs" =>
50		(
51			"socket" => "/tmp/php-fastcgi-2.socket",
52			"bin-path" => "/bin/php-cgi",
53			"bin-environment" => (
54				"PHP_FCGI_CHILDREN" => "1",
55				"PHP_FCGI_MAX_REQUESTS" => "10000",
56			),
57			"max-procs" => 5,
58			"broken-scriptfilename" => "enable",
59		),
60	),
61)

As I already run Hiawatha, the ports 80 and 443 are in use, so I switched to 8080 and 8443 instead. I re-use the certificate for Hiawatha, i.e., the PEM-file.

Processes are as follows:

1$ ps -ef | grep lighttpd
2root      154125       1  0 12:30 ?        00:00:00 /usr/bin/lighttpd-angel -D -f /etc/lighttpd/lighttpd.conf
3http      154126  154125  0 12:30 ?        00:00:00 /usr/bin/lighttpd -D -f /etc/lighttpd/lighttpd.conf