Understanding PHP Pools

As described in Understanding System Users all sites deployed via SpinupWP are owned by a unique system user. This provides security isolation on the server because a site user cannot read or modify another site’s files.

Each site is also deployed with a PHP-FPM resource pool, which is owned by the site user. This prevents PHP scripts from reading or modifying files outside of the current site’s root directory. Meaning, if a malicious user were to gain access to a site on your server, they would be unable to infect other sites.

In addition to providing security isolation between sites, PHP pools allow you to configure PHP on a per-site basis. Values within your php.ini file can be overridden in a pools config file.

Nginx (PHP-FPM)

In Nginx, PHP requests are forwarded to your site’s PHP pool, like so:

location ~ \.php$ {
    try_files $uri =404;

    include fastcgi.conf;
    fastcgi_pass unix:/run/php/php{php_version}-{user}.sock;
}

CLI

PHP on the command line works differently than PHP-FPM. This is because PHP on the CLI runs as the current system user issuing the command. For example, if logged in as batman, the following command would run as the batman user:

php -r 'echo "To the Batcave!";'

The same goes for WP-CLI commands, even when specifying the location of the WordPress install:

wp core update --path=/sites/superman.com/files

This means that site users, will be unable to execute PHP scripts they’re unable to read. Nor will they be able to modify other sites via WP-CLI.

Start Your 7-Day Free Trial

Start your SpinupWP journey today and spin up your first server within minutes.

Subscribe to get the latest news, updates and optimizations in performance and security.

Thanks for subscribing 👍

To receive awesome stuff, you'll need to head to your inbox and click on the verification link we sent you.
Make sure to check your "spam" folder or your "promotions" tab (if you have Gmail).
If you're still having trouble, then message us at sudo@spinupwp.com.

You are already logged in

It looks like you are already logged in to SpinupWP.

Please log out of this account to continue.

Registration Successful

Thanks for registering for a new
SpinupWP account.

Before getting started, could you verify your email address by clicking on the link we just emailed to you?

SpinupWP

Free Trial

Start Your 7-Day Free Trial

No credit card required. All features included.

By signing up to SpinupWP, you agree to our Terms and Conditions.
For privacy related information, view our Privacy Policy.