DEV Community

Katz Ueno
Katz Ueno

Posted on

2

How to set proxy in PHP-FPM

One of our clients server lives inside of tight security VPC.

Therefore, all of our EC2 web server must use HTTP_PROXY, HTTPS_PROXY.

When I try to use Concrete CMS (formally concrete5) to fetch the latest language files from remote server, I've got the curl timeout error and couldn't update the language.

So I need to set the proxy for PHP-FPM.

If you use Apache's PHP module or CLI, PHP will use server's environment settings.

However, for php-fpm you must also configure in php.d/www.conf.

Checked & tested with Amazon Linux 2 with PHP7.4 installed via amazon-linux-extra.

Condition

For example, you have your proxy set for both http and https.

http://10.0.0.1:8080
Enter fullscreen mode Exit fullscreen mode

STEP 1. Set environment globally

Although php-fpm doesn't reference to server's global setting, you may still want to use PHP-CLI to run via SSH. So let's set it.

$ sudo vi /etc/environment
export http_proxy="http://10.0.0.1:8080"
export https_proxy="http://10.0.0.1:8080"
export HTTP_PROXY="http://10.0.0.1:8080"
export HTTPS_PROXY="http://10.0.0.1:8080"
export no_proxy="127.0.0.1,localhost"
export NO_PROXY=$no_proxy
Enter fullscreen mode Exit fullscreen mode

Some middleware may use lowercase or capitol variable, so let's set both.

STEP 2. Set php-fpm environment

Set it to your php-fpm config.

$ sudo vi /etc/php-fpm.d/www.conf
# Add the following two lines anywhere
env[HTTP_PROXY] = 10.0.0.1:8080
env[HTTPS_PROXY] = 10.0.0.1:8080
Enter fullscreen mode Exit fullscreen mode

STEP 3. Set php-fpm environment

Then, reload php-fpm service

sudo service php-fpm reload
Enter fullscreen mode Exit fullscreen mode

STEP 4. Test run

I've prepared the sample PHP script.
Change $proxy variable to your proxy.
And save it to your webroot.

Get my sample PHP script here.
https://en.katzueno.com/2021/10/08/how-to-set-proxy-in-php-fpm/

AWS Security LIVE!

Tune in for AWS Security LIVE!

Join AWS Security LIVE! for expert insights and actionable tips to protect your organization and keep security teams prepared.

Learn More

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more