mod_fcgid: error reading data from FastCGI server

[zEitEr]

Hello,

Just wonder, whether it's a single specific issue or are we early birds before a mass reports on crashes. Had worked on a report from a customer of mine. They updated a CloudLinux server with Apache and all PHP sites stopped working.

Used software:

- CloudLinux release 7.9
- Apache 2.4.55 with PHP as fastcgi

A fix is not ready for public posting yet, at least the way we used it. Just let me know if you see the same on your end. I don't want to spend more time on writing a fix if it's only a single case.

Symptoms:

- Apache shows a 500 error for all PHP scripts
- Logs show:

[fcgid:warn] [pid 97188:tid 140579530512128] (104)Connection reset by peer: [client 37.xxx.xxx.215:0] mod_fcgid: error reading data from FastCGI server 
[core:error] [pid 97188:tid 140579530512128] [client 37.xxx.xxx.215:0] End of script output before headers: index.php

 

[Zhenyapan]

maybe similar as mine yesterday https://forum.directadmin.com/threads/no-php-fpm-socket-in-users-httpd-conf.67848/
check user's httpd conf - are they changed?

 

[zEitEr]

@Zhenyapan Thanks for the interest to the case.

I've checked a list of newly posted threads and none of them seems to be related.

The case I've mentioned in my thread is purely related to fastcgi/suexec on a CloudLinux server. Not too sure whether regular CentOS/AlmaLinux/Debian/Ubuntu/etc are effected here.

And even downgrade of Apache does not help. So my guess is either something changed in CloudLinux of suexec module. Probably it's a bug in the patch from DirectAdmin for suexec:

- /usr/local/directadmin/custombuild/patches/suexec-safe.patch

 

[zEitEr]

I see changes to suexec were done by DirectAdmin in the following files:

- configure/ap2/configure.apache
- patches/suexec-safe.patch

1 month ago. Probably that's the root cause of the issue.

 

[Zhenyapan]

maybe, but they told about it just recently https://forum.directadmin.com/threads/directadmin-v1-645-has-been-released.67373/post-357941

 

[zEitEr]

maybe, but they told about it just recently https://forum.directadmin.com/threads/directadmin-v1-645-has-been-released.67373/post-357941

Yes, thanks. That's the same case. It seems the patch did not work at least on CloudLinux. I have opened a ticket with DirectAdmin support. Waiting for a reply from them.

 

[MateMate]

Yes, thanks. That's the same case. It seems the patch did not work at least on CloudLinux. I have opened a ticket with DirectAdmin support. Waiting for a reply from them.

hey zEitEr, did you manage to resolve the issue? We are experiencing something similar.

 

[zEitEr]

Tried two different approaches. The simplest one is to copy:

- configure/ap2/configure.apache

to

- custom/ap2/configure.apache

and add the following line:

"--with-suexec-safedir=/usr/local/safe-bin" \

back to the file. It should work for the current version Apache. Not too sure about future releases.