Does Multisite run properly under PHP-FPM (CGI)?

  • mjdewitt

    (@mjdewitt)


    7 years, 3 months ago

    Hi,

    I have been working with test system based on multisite 5.0.3 under NGINX or apache and PHP-FPM (no SSL) on Centos 7. Everything works fine except I can’t edit php files in plugins or themes. I get a “loopback” failure.

    Looking into this further it seems that the underlying problem is with Basic Authentication. I have tried countless server and .htaccess configs and cannot get either NGINX or Apache to set the $_SERVER[‘PHP_AUTH_USER’] or $_SERVER[‘PHP_AUTH_PW’].

    There is tons of discussion on this topic, but nothing that I would consider definitive. Other than this one (big) issue, everything else seems fine and I have setup and can run three test subdomains.

    So, can this work, or does Multisite truly require Mod_php?

    Thanks in advance for your help.

    Mike

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter mjdewitt

    (@mjdewitt)

    7 years, 3 months ago

    I setup a self-signed certificate with NGINX with the following fastcgi_params:
    fastcgi_pass_header Authorization; <=throws undefined index error
    and
    fastcgi_param PHP_AUTH_USER $remote_user; <= value is NULL
    fastcgi_param PHP_AUTH_PW $http_authorization; <= value is NULL

    I believe these will only work if you authenticate against NGINX.

    Sorry to say this is still not working for me.

    Thread Starter mjdewitt

    (@mjdewitt)

    7 years, 3 months ago

    Well, it seems that Basic Authorization isn’t needed for the loopback requests. It is merely one of many possible authentications that WordPress will attempt to allow the edit to save.

    From what I can tell there are two issues with wp-admin/includes/file.php and the ability to edit PHP files as the Network Admin. The first is that WP does an SSL verification even on links that are on the same host. If you are using a self-signed certificate, this will fail unless you turn off sslverify. I’m still looking into the best way to do this as I want remote verification, but want to disable verifications to the hosts own IP addresses.

    The 2nd issue seems to be that the network admin url isn’t being used when creating the URL for the loopback request. Access logs were showing a 302 as the loopback attempted to request from /wp-admin/theme-editor.php rather than /wp-admin/network/theme-editor.php

    after putting this in place, PHP file editing started working:
    File.php
    if ( $plugin ) {
    if ( is_multisite() ) {
    $url = add_query_arg( compact( ‘plugin’, ‘file’ ), admin_url( ‘network/plugin-editor.php’ ) );
    } else {
    $url = add_query_arg( compact( ‘plugin’, ‘file’ ), admin_url( ‘plugin-editor.php’ ) );
    }
    } elseif ( isset( $stylesheet ) ) {
    error_log(‘editing theme’);
    if ( is_multisite() ) {
    $url = add_query_arg(
    array(
    ‘theme’ => $stylesheet,
    ‘file’ => $file,
    ),
    admin_url( ‘network/theme-editor.php’ )
    );
    } else {
    $url = add_query_arg(
    array(
    ‘theme’ => $stylesheet,
    ‘file’ => $file,
    ),
    admin_url( ‘theme-editor.php’ )
    );
    }
    } else {
    $url = admin_url();
    }

    What I don’t understand is how editing PHP files isn’t broken on every Multisite installation as I seem to be the only one raising this issue?

    Mike

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Does Multisite run properly under PHP-FPM (CGI)?’ is closed to new replies.