In this guide, we'll be going over Apache's many different available PHP Handlers. We'll explain what each one is, what its best at doing, and any pros and cons regarding that handler. We want this section to be informative for you so that you know how each handler differs from each other.
To start, there are many different handlers for PHP on Apache:
mod_cgi
/mod_cgid
)mod_suphp
)mod_php
)mod_fcgid
)mod_lsapi
)
mod_lsapi
can be used on cPanel servers or DirectAdmin servers with CloudLinux installed.
The CGI handler is one of the very early PHP Handlers. It runs as a CGI Module as opposed to an Apache Module – typically either mod_cgi
or mod_cgid
. When used as the PHP handler, PHP scripts are executed as the file owner instead of the default nobody
1) user by Apache. This PHP handler is not typically used due to not being secure (on it's own) nor is it fast: it is considered the slowest handler. At one point in time, this handler was intended as a fallback method in the event no other handler was available.
As mod_lsapi
on EasyApache 4 is available; there is no reason CGI should be used as a handler on cPanel servers. In a Multi-PHP Environment (EasyApache 4) the CGI handler can be applied to all versions.
Advantages of this handler:
Disadvantages of this handler:
php.ini
) required
On cPanel servers, suphp
must be set as the PHP handler from within WHM so that PHP requests are handled appropriately.
SuPHP (mod_suphp
) was developed as a more secure and better-performing handler then its predecessors. With the use of SuEXEC (mod_suexec
) it offers secure execution of PHP files with proper set permissions. Due to this, it's been considered the most secure of the handlers to be used for webservers. SuPHP run PHP as a CGI module which allows Apache to separate PHP processes, using their own individual user for execution. This allows for isolation between the users. In the event of a compromise, the user's files would be unable to modify a different user's files.
With EasyApache4 on cPanel servers, the suphp
handler can be applied to all versions.
Advantages of this handler:
mod_userdir
(Ex: http://serverip/~$USERNAME
)Disadvantages of this handler:
php.ini
) required
DSO (also known as mod_php
, or PHP as an Apache module) is one of the fastest PHP handlers available: the immediate downside to this is that it runs everything as the Apache user nobody
or apache
by default. This prevents the ability to track individual users/accounts on the server since all PHP scripts are owned and executed as the nobody
2) user. This creates a relatively insecure environment when using DSO without mod_ruid2
– it leaves scripts vulnerable to any sort of malicious attacks that results in modifying PHP scripts or allowing the modification of files outside the directory the file was exploited in.
For this reason we strongly recommended that mod_ruid2
be used with DSO to create SuPHP-like ownership requirements which allows files to be owned by their respective DirectAdmin/cPanel user and allows each PHP request/process to be tracked by the user running said request.
In a Multi-PHP Environment (EasyApache 4 or using multiple versions of PHP with DirectAdmin's CustomBuild) the DSO+mod_ruid2 handler can only be applied to one PHP version – DSO cannot be used for multiple versions of PHP at the same time.
This is our default recommend handler for cPanel servers without LiteSpeed Enterprise.
Advantages of this handler:
php_flag
/ php_value
)mod_ruid2
Disadvantages of this handler(without mod_ruid2
):
mod_userdir
(Ex: http://serverip/~$USERNAME
)nobody
3) user
FCGI or FastCGI (mod_fcgid
) has been stated to be the fastest at serving PHP requests compared to SuPHP, but not as fast as utilizing DSO. This handler works to improve CPU usage through increasing server memory availability overall to cache PHP scripts to server memory. The primary benefit for FastCGI is the ability to be used with SuEXEC like the handler SuPHP. This allows scripts to be processed/executed as the user instead of the default nobody
4) user that Apache uses.
With EasyApache4, the FCGI handler can be applied to all versions.
Due to the configuration requirements necessary for this handler to perform, this handler is recommended to be only for experienced systems administrators.
Advantages of this handler:
Disadvantages of this handler:
LSAPI (mod_lsapi
) is a relatively new handler that was released for cPanel/EasyApache 4 after periodically being only available to CloudLinux servers – mod_lsapi PRO
(with additional configuration options) is available for DirectAdmin and cPanel/WHM servers with CloudLinux installed. LSAPI is based off of LiteSpeed's built-in lsphp handler. mod_lsapi
can replace all other handlers (CGI, SuPHP, FCGID, or DSO). It is considered to be the fastest handler out there currently. Utilizing low resource usage for both server memory and CPU. LSAPI provides an exceptional boost in performance over all other PHP handlers. The benefit of such a handler is that it can run "out of the box" not requiring any significant configuration.
The downside is that this is not the full version of LSAPI as CRIU(Checkpoint/Restore In Userspace) and connection pooling are disabled – CloudLinux is required to take full advantage of LSAPI with mod_lsapi PRO
.
In a Multi-PHP Environment, the LSAPI handler can be applied to all versions.
Advantages of this handler:
php_flag
or php_value
)Disadvantages of this handler:
The following modules should be installed along with mod_lsapi
/ LSAPI – mod_suphp
and mod_suexec
PHP-FPM (PHP FastCGI Process Manager) is designed as an alternative FastCGI daemon. This handler allows for the ability of a website to handle high loads by maintaining a connection pool of workers to respond to incoming PHP requests. This handler is considered to be faster than other CGI-related methods (SuPHP, CGI, etc.) for multi-user scenarios.
PHP-FPM requires that the server have a larger amount of available memory compared to other PHP handler options in order to operate without memory issues. The rule of thumb is at least 2GB of RAM or 30MB per domain. If this is enabled on a server much less then that, performance issues and stability issues can be exhibited.
Due to the configuration requirements necessary for this handler to perform well on cPanel servers, this handler is recommended to be only for experienced systems administrators.
Advantages of this handler:
Disadvantages of this handler: