PHP-FPM does not compartmentalize its caches.
This can lead to some security problems but also some operating problems.
Indeed, the key used by the cache is the path of the PHP files.
A problem will occur if:
chrootparameter with different
Because, for the cache of PHP-FPM, the path used as a key is the path seen by a
pool and not
the absolute path on the host.
The result is that PHP-FPM will answer with the first file that has been requested, regardless the
For example, if you have two chrooted instance of the same PHP applcation:
A-poolare in the cache (because already requested by a suer)
B-poolare requested, the pages of the
To fix this problem, the following parameters must be set in the
php.ini file from
(for example in
opcache.use_cwd = 1 opcache.validate_permission = 1 opcache.validate_root = 1
Or they can be set in the configuration file of each
php_admin_flag[opcache.use_cwd] = 1 php_admin_flag[opcache.validate_permission] = 1 php_admin_flag[opcache.validate_root] = 1
For more informations: