diff --git a/README.md b/README.md
index a9f9e89f48..421f9af426 100755
--- a/README.md
+++ b/README.md
@@ -65,7 +65,6 @@
[`apache::mod::shib`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#apachemodshib
[`apache::mod::ssl`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#apachemodssl
[`apache::mod::status`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#apachemodstatus
-[`apache::mod::suphp`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#apachemodsuphp
[`apache::mod::userdir`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#apachemoduserdir
[`apache::mod::worker`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#apachemodworker
[`apache::mod::wsgi`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#apachemodwsgi
@@ -243,10 +242,6 @@
[`ssl_compression`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#ssl_compression
[`ssl_key`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#ssl_key
[`StartServers`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#startservers
-[suPHP]: http://www.suphp.org/Home.html
-[`suphp_addhandler`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#suphp_addhandler
-[`suphp_configpath`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#suphp_configpath
-[`suphp_engine`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#suphp_engine
[supported operating system]: https://forge.puppet.com/supported#puppet-supported-modules-compatibility-matrix
[`ThreadLimit`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#threadlimit
@@ -506,33 +501,6 @@ apache::vhost { 'subdomain.loc':
#### Configuring virtual hosts for apps and processors
-To set up a virtual host with [suPHP][], use the following parameters:
-
-* [`suphp_engine`][], to enable the suPHP engine.
-* [`suphp_addhandler`][], to define a MIME type.
-* [`suphp_configpath`][], to set which path suPHP passes to the PHP interpreter.
-* [`directories`][], to configure Directory, File, and Location directive blocks.
-
-For example:
-
-``` puppet
-apache::vhost { 'suphp.example.com':
- port => '80',
- docroot => '/home/appuser/myphpapp',
- suphp_addhandler => 'x-httpd-php',
- suphp_engine => 'on',
- suphp_configpath => '/etc/php5/apache2',
- directories => [
- { 'path' => '/home/appuser/myphpapp',
- 'suphp' => {
- user => 'myappuser',
- group => 'myappgroup',
- },
- },
- ],
-}
-```
-
To configure a virtual host to use the [Web Server Gateway Interface][] (WSGI) for [Python][] applications, use the `wsgi` set of parameters:
``` puppet
diff --git a/manifests/mod/suphp.pp b/manifests/mod/suphp.pp
deleted file mode 100644
index ae88413215..0000000000
--- a/manifests/mod/suphp.pp
+++ /dev/null
@@ -1,23 +0,0 @@
-# @summary
-# Installs `mod_suphp`.
-#
-# @see https://www.suphp.org/DocumentationView.html?file=apache/INSTALL for additional documentation.
-#
-class apache::mod::suphp (
-) {
- if $facts['os']['family'] == 'Debian' {
- fail("suphp was declared EOL by it's creators as of 2013 and so is no longer supported on Ubuntu 15.10/Debian 8 and above. Please use php-fpm")
- }
- include apache
- ::apache::mod { 'suphp': }
-
- file { 'suphp.conf':
- ensure => file,
- path => "${apache::mod_dir}/suphp.conf",
- mode => $apache::file_mode,
- content => template('apache/mod/suphp.conf.erb'),
- require => Exec["mkdir ${apache::mod_dir}"],
- before => File[$apache::mod_dir],
- notify => Class['apache::service'],
- }
-}
diff --git a/manifests/params.pp b/manifests/params.pp
index 27a4a06b71..d937a3965c 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -88,9 +88,6 @@
$passenger_root = undef
$passenger_ruby = undef
$passenger_default_ruby = undef
- $suphp_addhandler = 'php5-script'
- $suphp_engine = 'off'
- $suphp_configpath = undef
$php_version = $apache::version::scl_php_version
$mod_packages = {
'authnz_ldap' => "${_scl_httpd_name}-mod_ldap",
@@ -200,9 +197,6 @@
$passenger_root = undef
$passenger_ruby = undef
$passenger_default_ruby = undef
- $suphp_addhandler = 'php5-script'
- $suphp_engine = 'off'
- $suphp_configpath = undef
$php_version = $facts['os']['release']['major'] ? {
'9' => '8', # RedHat9
'8' => '7', # RedHat8
@@ -261,7 +255,6 @@
default => 'python3-mod_wsgi', # RedHat8+
},
'dav_svn' => 'mod_dav_svn',
- 'suphp' => 'mod_suphp',
'xsendfile' => 'mod_xsendfile',
'nss' => 'mod_nss',
'shib2' => 'shibboleth',
@@ -359,9 +352,6 @@
$default_ssl_cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem'
$default_ssl_key = '/etc/ssl/private/ssl-cert-snakeoil.key'
$ssl_sessioncache = "\${APACHE_RUN_DIR}/ssl_scache(512000)"
- $suphp_addhandler = 'x-httpd-php'
- $suphp_engine = 'off'
- $suphp_configpath = '/etc/php5/apache2'
if ($facts['os']['name'] == 'Ubuntu') or ($facts['os']['name'] == 'Debian' and versioncmp($facts['os']['release']['major'], '11') < 0) {
$php_version = $facts['os']['release']['major'] ? {
'9' => '7.0', # Debian Stretch
@@ -527,9 +517,6 @@
$passenger_root = '/usr/local/lib/ruby/gems/2.0/gems/passenger-4.0.58'
$passenger_ruby = '/usr/local/bin/ruby'
$passenger_default_ruby = undef
- $suphp_addhandler = 'php5-script'
- $suphp_engine = 'off'
- $suphp_configpath = undef
$php_version = '5'
$mod_packages = {
# NOTE: I list here only modules that are not included in www/apache24
@@ -600,9 +587,6 @@
$passenger_conf_file = 'passenger.conf'
$passenger_conf_package_file = undef
$passenger_default_ruby = undef
- $suphp_addhandler = 'x-httpd-php'
- $suphp_engine = 'off'
- $suphp_configpath = '/etc/php5/apache2'
$php_version = '5'
$mod_packages = {
# NOTE: I list here only modules that are not included in www-servers/apache
@@ -672,10 +656,7 @@
$default_ssl_key = '/etc/apache2/ssl.key/default-server.key'
$php_version = '7'
}
- $suphp_configpath = "/etc/php${php_version}/apache2"
$ssl_sessioncache = '/var/lib/apache2/ssl_scache(512000)'
- $suphp_addhandler = 'x-httpd-php'
- $suphp_engine = 'off'
if versioncmp($facts['os']['release']['major'], '11') < 0 or versioncmp($facts['os']['release']['major'], '12') >= 0 {
$mod_packages = {
'auth_kerb' => 'apache2-mod_auth_kerb',
diff --git a/manifests/vhost.pp b/manifests/vhost.pp
index b309940d91..9b8ddbeb5f 100644
--- a/manifests/vhost.pp
+++ b/manifests/vhost.pp
@@ -1154,66 +1154,6 @@
# Allows the spcification of user and group execution privileges for CGI programs through
# inclusion of the `mod_suexec` module.
#
-# @param suphp_addhandler
-# Sets up a virtual host with [suPHP](http://suphp.org/DocumentationView.html?file=apache/CONFIG)
-# working together with suphp_configpath and suphp_engine.
-# An example virtual host configuration with suPHP:
-# ``` puppet
-# apache::vhost { 'suphp.example.com':
-# port => '80',
-# docroot => '/home/appuser/myphpapp',
-# suphp_addhandler => 'x-httpd-php',
-# suphp_engine => 'on',
-# suphp_configpath => '/etc/php5/apache2',
-# directories => [
-# {
-# 'path' => '/home/appuser/myphpapp',
-# 'suphp' => { user => 'myappuser', group => 'myappgroup' },
-# },
-# ],
-# }
-# ```
-#
-# @param suphp_configpath
-# Sets up a virtual host with [suPHP](http://suphp.org/DocumentationView.html?file=apache/CONFIG)
-# working together with suphp_addhandler and suphp_engine.
-# An example virtual host configuration with suPHP:
-# ``` puppet
-# apache::vhost { 'suphp.example.com':
-# port => '80',
-# docroot => '/home/appuser/myphpapp',
-# suphp_addhandler => 'x-httpd-php',
-# suphp_engine => 'on',
-# suphp_configpath => '/etc/php5/apache2',
-# directories => [
-# {
-# 'path' => '/home/appuser/myphpapp',
-# 'suphp' => { user => 'myappuser', group => 'myappgroup' },
-# },
-# ],
-# }
-# ```
-#
-# @param suphp_engine
-# Sets up a virtual host with [suPHP](http://suphp.org/DocumentationView.html?file=apache/CONFIG)
-# working together with suphp_configpath and suphp_addhandler.
-# An example virtual host configuration with suPHP:
-# ``` puppet
-# apache::vhost { 'suphp.example.com':
-# port => '80',
-# docroot => '/home/appuser/myphpapp',
-# suphp_addhandler => 'x-httpd-php',
-# suphp_engine => 'on',
-# suphp_configpath => '/etc/php5/apache2',
-# directories => [
-# {
-# 'path' => '/home/appuser/myphpapp',
-# 'suphp' => { user => 'myappuser', group => 'myappgroup' },
-# },
-# ],
-# }
-# ```
-#
# @param vhost_name
# Enables name-based virtual hosting. If no IP is passed to the virtual host, but the
# virtual host is assigned a port, then the virtual host name is `vhost_name:port`.
@@ -1849,9 +1789,6 @@
Optional[Variant[Array[Hash],Hash]] $proxy_pass = undef,
Optional[Variant[Array[Hash],Hash]] $proxy_pass_match = undef,
Boolean $proxy_requests = false,
- String $suphp_addhandler = $apache::params::suphp_addhandler,
- Enum['on', 'off'] $suphp_engine = $apache::params::suphp_engine,
- Optional[String] $suphp_configpath = $apache::params::suphp_configpath,
Hash $php_flags = {},
Hash $php_values = {},
Variant[Array[String],Hash] $php_admin_flags = {},
@@ -2365,7 +2302,6 @@
# - $_directories
# - $docroot
# - $apache_version
- # - $suphp_engine
# - $shibboleth_enabled
if $_directories and ! empty($_directories) and $ensure == 'present' {
$_directories.each |Hash $directory| {
@@ -2693,18 +2629,6 @@
}
}
- # Template uses:
- # - $suphp_engine
- # - $suphp_addhandler
- # - $suphp_configpath
- if $suphp_engine == 'on' {
- concat::fragment { "${name}-suphp":
- target => "${priority_real}${filename}.conf",
- order => 240,
- content => template('apache/vhost/_suphp.erb'),
- }
- }
-
# Template uses:
# - $php_values
# - $php_flags
diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb
index 8742e74826..7874557be2 100644
--- a/spec/acceptance/vhost_spec.rb
+++ b/spec/acceptance/vhost_spec.rb
@@ -1082,29 +1082,6 @@ class { 'apache': }
end
end
- describe 'suphp' do
- pp = <<-MANIFEST
- class { 'apache': service_ensure => stopped, }
- host { 'test.server': ip => '127.0.0.1' }
- apache::vhost { 'test.server':
- docroot => '/tmp',
- suphp_addhandler => '#{apache_hash['suphp_handler']}',
- suphp_engine => 'on',
- suphp_configpath => '#{apache_hash['suphp_configpath']}',
- }
- MANIFEST
- it 'applies cleanly' do
- apply_manifest(pp, catch_failures: true)
- end
-
- describe file("#{apache_hash['vhost_dir']}/25-test.server.conf") do
- it { is_expected.to be_file }
- it { is_expected.to contain "suPHP_AddHandler #{apache_hash['suphp_handler']}" }
- it { is_expected.to contain 'suPHP_Engine on' }
- it { is_expected.to contain "suPHP_ConfigPath \"#{apache_hash['suphp_configpath']}\"" }
- end
- end
-
describe 'directory rewrite rules' do
pp = <<-MANIFEST
class { 'apache': }
diff --git a/spec/classes/mod/suphp_spec.rb b/spec/classes/mod/suphp_spec.rb
deleted file mode 100644
index 4e8a7548db..0000000000
--- a/spec/classes/mod/suphp_spec.rb
+++ /dev/null
@@ -1,18 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe 'apache::mod::suphp', type: :class do
- on_supported_os.each do |os, facts|
- # suphp has been declared EOL and is no longer supported on any Debian module that we test on
- next unless facts[:os]['family'] == 'RedHat'
- context "on #{os} " do
- let :facts do
- facts
- end
-
- it { is_expected.to contain_class('apache::params') }
- it { is_expected.to contain_package('mod_suphp') }
- end
- end
-end
diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb
index 37e3110a0c..3508a08999 100644
--- a/spec/defines/vhost_spec.rb
+++ b/spec/defines/vhost_spec.rb
@@ -375,9 +375,6 @@
},
],
'proxy_requests' => false,
- 'suphp_addhandler' => 'foo',
- 'suphp_engine' => 'on',
- 'suphp_configpath' => '/var/www/html',
'php_admin_flags' => ['foo', 'bar'],
'php_admin_values' => ['true', 'false'],
'no_proxy_uris' => '/foo',
@@ -777,7 +774,6 @@
.with_content(%r{^\s+SSLProxyCipherSuite\s+HIGH$})
.with_content(%r{^\s+SSLProxyProtocol\s+TLSv1.2$})
}
- it { is_expected.to contain_concat__fragment('rspec.example.com-suphp') }
it { is_expected.to contain_concat__fragment('rspec.example.com-php_admin') }
it { is_expected.to contain_concat__fragment('rspec.example.com-header') }
it {
@@ -1315,7 +1311,6 @@
it { is_expected.not_to contain_concat__fragment('rspec.example.com-setenv') }
it { is_expected.not_to contain_concat__fragment('rspec.example.com-ssl') }
it { is_expected.not_to contain_concat__fragment('rspec.example.com-sslproxy') }
- it { is_expected.not_to contain_concat__fragment('rspec.example.com-suphp') }
it { is_expected.not_to contain_concat__fragment('rspec.example.com-php_admin') }
it { is_expected.not_to contain_concat__fragment('rspec.example.com-header') }
it { is_expected.not_to contain_concat__fragment('rspec.example.com-requestheader') }
@@ -1634,7 +1629,7 @@
end
[
- 'ensure', 'suphp_engine', 'ip_based', 'access_log', 'error_log',
+ 'ensure', 'ip_based', 'access_log', 'error_log',
'ssl', 'default_vhost', 'ssl_proxyengine', 'rewrites', 'suexec_user_group',
'wsgi_script_alias', 'wsgi_daemon_process_options',
'wsgi_import_script_alias', 'itk', 'logroot_ensure', 'log_level',
diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb
index 5ea10c10e8..95152b6557 100644
--- a/spec/spec_helper_acceptance_local.rb
+++ b/spec/spec_helper_acceptance_local.rb
@@ -100,8 +100,6 @@ def apache_settings_hash
apache['service_name'] = 'httpd'
apache['package_name'] = 'httpd'
apache['error_log'] = 'error_log'
- apache['suphp_handler'] = 'php5-script'
- apache['suphp_configpath'] = 'undef'
if operatingsystemrelease >= 8 && osfamily == 'redhat'
apache['version'] = '2.4'
apache['mod_dir'] = '/etc/httpd/conf.modules.d'
@@ -132,8 +130,6 @@ def apache_settings_hash
apache['service_name'] = 'apache2'
apache['package_name'] = 'apache2'
apache['error_log'] = 'error.log'
- apache['suphp_handler'] = 'x-httpd-php'
- apache['suphp_configpath'] = '/etc/php5/apache2'
apache['version'] = '2.4'
apache['mod_ssl_dir'] = apache['mod_dir']
when 'freebsd'
diff --git a/templates/mod/suphp.conf.erb b/templates/mod/suphp.conf.erb
deleted file mode 100644
index 95fbf97c78..0000000000
--- a/templates/mod/suphp.conf.erb
+++ /dev/null
@@ -1,19 +0,0 @@
-
- AddType application/x-httpd-suphp .php .php3 .php4 .php5 .phtml
- suPHP_AddHandler application/x-httpd-suphp
-
-
- suPHP_Engine on
-
-
- # By default, disable suPHP for debian packaged web applications as files
- # are owned by root and cannot be executed by suPHP because of min_uid.
-
- suPHP_Engine off
-
-
-# # Use a specific php config file (a dir which contains a php.ini file)
-# suPHP_ConfigPath /etc/php4/cgi/suphp/
-# # Tells mod_suphp NOT to handle requests with the type .
-# suPHP_RemoveHandler
-
diff --git a/templates/vhost/_directories.erb b/templates/vhost/_directories.erb
index 406dd24828..b33301023c 100644
--- a/templates/vhost/_directories.erb
+++ b/templates/vhost/_directories.erb
@@ -347,9 +347,6 @@
SSLVerifyDepth <%= directory['ssl_verify_depth'] %>
<%- end -%>
<%- end -%>
- <%- if directory['suphp'] and @suphp_engine == 'on' -%>
- suPHP_UserGroup <%= directory['suphp']['user'] %> <%= directory['suphp']['group'] %>
- <%- end -%>
<%- if directory['fcgiwrapper'] -%>
FcgidWrapper <%= directory['fcgiwrapper']['command'] %> <%= directory['fcgiwrapper']['suffix'] %> <%= directory['fcgiwrapper']['virtual'] %>
<%- end -%>
diff --git a/templates/vhost/_suphp.erb b/templates/vhost/_suphp.erb
deleted file mode 100644
index e394b6f94a..0000000000
--- a/templates/vhost/_suphp.erb
+++ /dev/null
@@ -1,11 +0,0 @@
-<% if @suphp_engine == 'on' -%>
- <%- if @suphp_addhandler -%>
- suPHP_AddHandler <%= @suphp_addhandler %>
- <%- end -%>
- <%- if @suphp_engine -%>
- suPHP_Engine <%= @suphp_engine %>
- <%- end -%>
- <%- if @suphp_configpath -%>
- suPHP_ConfigPath "<%= @suphp_configpath %>"
- <%- end -%>
-<% end -%>