无法让 Apache 连接到 PHP-FPM:(13)权限被拒绝:AH00957:FCGI:尝试连接到 127.0.0.1:9000

tag-icon tag-icon apache-2.4 php-fpm mod-fastcgi
无法让 Apache 连接到 PHP-FPM:(13)权限被拒绝:AH00957:FCGI:尝试连接到 127.0.0.1:9000

我正在尝试在 AlmaLinux 9.3 上设置带有 FastCGI 和 PHP-FPM 的 Apache,但遇到了这个错误。我找不到我缺少的东西。这是错误:

[Mon Mar 25 18:12:33.617487 2024] [proxy:error] [pid 53175:tid 53322] (13)Permission denied: AH00957: FCGI: attempt to connect to 127.0.0.1:9000 (127.0.0.1:9000) failed
[Mon Mar 25 18:12:33.617516 2024] [proxy_fcgi:error] [pid 53175:tid 53322] [client 181.164.62.251:58534] AH01079: failed to make connection to backend: 127.0.0.1

我之前看过一些类似的帖子,它们通常与 PHP-FPM 在 Unix 套接字上监听有关。但事实并非如此。PHP-FPM 正在 127.0.0.1:9000 上运行:

[root@localhost ~]# netstat -natp |grep LISTEN
tcp        0      0 0.0.0.0:2200            0.0.0.0:*               LISTEN      20770/sshd: /usr/sb 
tcp        0      0 127.0.0.1:11211         0.0.0.0:*               LISTEN      29089/memcached     
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      53791/php-fpm: mast 
tcp6       0      0 :::2200                 :::*                    LISTEN      20770/sshd: /usr/sb 
tcp6       0      0 :::3306                 :::*                    LISTEN      46052/mysqld        
tcp6       0      0 ::1:11211               :::*                    LISTEN      29089/memcached     
tcp6       0      0 :::80                   :::*                    LISTEN      47529/httpd         
tcp6       0      0 :::443                  :::*                    LISTEN      47529/httpd         
tcp6       0      0 :::33060                :::*                    LISTEN      46052/mysqld

我可以连接到它:

[root@localhost ~]# telnet 127.0.0.1 9000
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
^]
telnet> Connection closed.

如果我没记错的话,SELinux 不应该阻止它:

[root@localhost ~]# semanage port -l |grep 9000
http_port_t                    tcp      80, 81, 443, 488, 8008, 8009, 8443, 9000
matahari_port_t                tcp      49000
matahari_port_t                udp      49000

防火墙也不应该:

[root@localhost ~]# firewall-cmd --zone=internal --list-ports
9000/tcp
[root@localhost ~]# firewall-cmd --zone=home --list-ports
9000/tcp

以下是代理声明:

# Proxy declaration
  <Proxy "fcgi://127.0.0.1:9000">
    ProxySet disablereuse=on
  </Proxy>
# Redirect to the proxy
  <FilesMatch \.php$>
    SetHandler proxy:fcgi://127.0.0.1:9000
  </FilesMatch>

以下是 PHP-FPM 的配置:

[www]
user = www
group = www
listen = 127.0.0.1:9000
listen.acl_users = apache
listen.acl_groups = apache
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = memcached
php_value[session.save_path]    = "localhost:11211"
php_value[soap.wsdl_cache_dir]  = /var/lib/php/fpm/wsdlcache

我显然遗漏了一些东西,但我看不出是什么。

相关内容