Understanding apache 2.4 mod_proxy_fcgi and RewriteRules in htaccess

We've recently switched one of our web servers to apache 2.4 and running PHP via php-fpm and mod_proxy_fcgi. Most everything works quite well, but there is one problem that I don't understand yet. One of our sites is running WordPress, which brings along a good list of rewrite rules in its .htaccess file. And it seems that those don't work so well with the ProxyPass directive in the vhost setup.

Our vhost contains the following configuration:

ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.2:9126/<path>/$1

This works in most cases.

Now, the htaccess file does, amongst other things, this:

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule  ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule  ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]

As the site is a multiblog in subdirectories, I read that the URL /blogname/wp-admin/load-styles.php?xxxx should be rewritten as wp-admin/load-styles.php?xxx (the second rewrite rule). But looking at the mod_proxy log, the request that is passed actually is /blogname/wp-admin/load-styles.php.

I read this as there being a precedence problem – the ProxyPass rule fires before all of the RewriteRules have been worked off.

I'm stymied - what can be the cause?


I found this solution, I don't know if is the best way, but works for me.

  1. Remove the line:

    ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.2:9126/<path>/$1
    
  2. Add this in your directive:

    <Directory /var/www/yoursiste.com>
        Options -Indexes +FollowSymLinks -ExecCGI +MultiViews
    
        AllowOverride All
    
        <IfModule mod_proxy_fcgi.c>
            RewriteEngine On
            RewriteBase /
            RewriteOptions InheritBefore
            RewriteCond %{REQUEST_FILENAME} -f
            RewriteRule ^([^\.]+\.php)$ fcgi://127.0.0.2:9126/var/www/yoursite.com/$1 [L,P]
        </IfModule>
    
        Order allow,deny
        allow from all
    
        <IfVersion >= 2.4>
            Require all granted
        </IfVersion>
    </Directory>
    

    All the real php files will redirect to fcgi proxy.

    And the "RewriteOptions InheritBefore" This forces the current configuration to inherit the configuration of the parent, but are applied before rules specified in the child scope (.htaccess at the directory). Is the only way I found to has compatibility between the fcgi config and the client .htaccess config.

  3. To control other parameters you could need for the proxy:

    <IfModule mod_proxy_fcgi.c>
        <Proxy fcgi://127.0.0.2:9126>
            ProxySet timeout=1800 disablereuse=on
        </Proxy>
    </IfModule>
    

With ProxyPassMatch, .htaccess files are ignored. Try using FilesMatch and SetHandler instead, as described here and here.