AH01071: Got error 'Primary script unknown\n' apache2.4 php-fpm7.2
…
Finally, I checked both services:
php-fpm7.3 -t
apachectl configtest
Since everything looked fine, I restarted them both:
systemctl restart php7.3-fpm
systemctl restart apache2
That simple.
Although I guess a reboot would have fixed this AH01071
as well.
Related videos on Youtube
Dan
Updated on September 18, 2022Comments
-
Dan over 1 year
I seem to be getting these lines in my /var/log/apache2/error.log and the corresponding records in /var/log/apache2/access.log
/var/log/apache2/error.log
[Fri Sep 20 02:28:36.654357 2019] [proxy_fcgi:error] [pid 28619:tid 140003157985024] [client 49.233.5.191:37604] AH01071: Got error 'Primary script unknown\n' [Fri Sep 20 02:28:38.136282 2019] [proxy_fcgi:error] [pid 28618:tid 140003082450688] [client 49.233.5.191:43806] AH01071: Got error 'Primary script unknown\n'
/var/log/apache2/access.log
49.233.5.191 - - [20/Sep/2019:02:28:36 +0000] "GET /TP/html/public/index.php HTTP/1.1" 404 392 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 49.233.5.191 - - [20/Sep/2019:02:28:36 +0000] "GET /elrekt.php HTTP/1.1" 404 433 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
Those files obviously do not exist so this seems like a bot scan from the ip location and the behavior. However, when i request another file that does not exist. I do not get the 'Got error 'Primary script unknown\n' errors in the /var/log/apache2/error.log file
php-fpm configuration
<IfModule !mod_php7.c> <IfModule proxy_fcgi_module> # Enable http authorization headers <IfModule setenvif_module> SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1 </IfModule> <FilesMatch ".+\.ph(ar|p|tml)$"> SetHandler "proxy:unix:/run/php/php7.2-fpm.sock|fcgi://localhost" </FilesMatch> <FilesMatch ".+\.phps$"> # Deny access to raw php sources by default # To re-enable it's recommended to enable access to the files # only in specific virtual host or directory Require all denied </FilesMatch> # Deny access to files without filename (e.g. '.php') <FilesMatch "^\.ph(ar|p|ps|tml)$"> Require all denied </FilesMatch> </IfModule> </IfModule>
Is this something that i can do something about, configuration change maybe?
I know i can block the ip using iptables, i am more interested in getting rid of the log entry if possible by some configuration change.
-
dortegaoh over 4 years
-
Hardoman over 3 yearsIn my case I had to change the user and group in /etc/opt/remi/php73/php-fpm.d/www.conf to nobody (the same as apache using)
-
-
Pawel Veselov almost 3 yearsHaving to open a file for a world write access is almost always a bad idea.