# Apache mod_php55 <Files Match>



## balanga (Aug 29, 2014)

Having just built mod_php55 from source, I noticed a message about adding some lines to Apache's conf file, which included

```
<FilesMatch "\.php$">
```
I've not seen this before and there is no such section in my conf file so not sure where it should go. Also wondered if this should be used instead of the 'AddType ...  .php' or in addition.


----------



## SirDice (Aug 29, 2014)

balanga said:
			
		

> I've not seen this before and there is no such section in my conf file so not sure where it should go. Also wondered if this should be used instead of the 'AddType ...  .php' or in addition.


I think those instructions are for Apache 2.4, on 2.2 it was indeed customary to use the AddType additions. 

There should be a directory called modules.d in /usr/local/etc/apache24/, have a look in httpd.conf to make sure it's loaded like this:

```
Include etc/apache24/modules.d/*.conf
```
If the include line isn't there you can add it if you want. Then create a file php55.conf in the modules.d directory:

```
<FilesMatch "\.php$">
```

That way you don't really have to modify httpd.conf when adding modules and/or settings.


----------



## julp (Aug 29, 2014)

Nothing related to Apache version: this is for security purpose, AddType can be bypassed in some way. This is why, it is advised to replace AddType by FilesMatch + SetHandler.

See explanation of PHP and Apache documentation

(only PHP 5.3 still displays - pkg-message.mod - AddType ; PHP 5.4 and 5.5 were migrated 3 months ago)


----------



## balanga (Aug 30, 2014)

julp said:
			
		

> Nothing related to Apache version: this is for security purpose, AddType can be bypassed in some way. This is why, it is advised to replace AddType by FilesMatch + SetHandler.
> 
> See explanation of PHP and Apache documentation
> 
> (only PHP 5.3 still displays - pkg-message.mod - AddType ; PHP 5.4 and 5.5 were migrated 3 months ago)



Should this go in the <IfModule mime_module> section? And what about the existing AddTypes? Should they also be replaced?


----------



## julp (Aug 30, 2014)

> Should this go in the <IfModule mime_module> section?



It could, but it really makes sense if there is a <IfModule !mime_module> (which denies access to *.php, else clients get PHP source codes), I think.



> And what about the existing AddTypes? Should they also be replaced?



Here, it only concerns PHP (AddType application/x-httpd-php(-source) ...)


----------

