Download failed.: cURL error 2:

I upgraded my WordPress host to CentOS7 with PHP7.3 and everything seemed fine until I went to upgrade and I got:

Update WordPress
Downloading update from https://downloads.wordpress.org/release/en_NZ/wordpress-5.4.2.zip…
Download failed.: cURL error 2:
Installation Failed

Also from Health check

Communicating with the WordPress servers is used to check for new versions, and to both install and update WordPress core, themes or plugins.

our site is unable to reach WordPress.org at 198.143.164.251, and returned the error: cURL error 2:

Also

CURLE_FAILED_INIT (2)

Very early initialization code failed. This is likely to be an internal error or problem, or a resource problem where something fundamental couldn’t get done at init time.

Its not a WordPress problem

The more I dug into this, the more I realized the problems I had were a symptom of a bigger problem. For example I tried running a straight curl command and it worked fine.

Because WordPress runs curl from within PHP I created a test script:

<?php
$url = "https://www.google.com/";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_AUTOREFERER, false);
curl_setopt($ch, CURLOPT_REFERER, "http://www.xcontest.org");
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_HEADER, 0);
$result = curl_exec($ch);
echo $result;
echo "Curl error: ".curl_errno($ch)."</br>";
echo "URL: ".$url; curl_close($ch);
?>

This script ran fine if I ran it from the command line using

php -f test.php

but if I called the same script from Apache, httpd24, I got the

Curl error: 2
URL: https://www.google.com/

I tried adding every type of debug option I could but I got not detail about what was going on.

Solution was fpm

When I did the setup of this host I was aware that PHP’s preferred, faster, way of running PHP on a website was using “fpm”. However I felt that since my site was small and not too busy it was unnecessary work, so didn’t use it.

My lack of success and frustration encouraged me to try out fpm.

First thing I had to erase rh-php72-php using:

yum erase rh-php72-php

Then I needed to install rh-php72-php-fpm using

yum install rh-php72-php-fpm

Configure Apache

At this point PHP is not being executed by Apache. If you were to restart Apache it would simply return the text of the test.php file.

We need to edit the httpd.conf so:

nano /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf

In the VirtualHost add:

ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/srv/www/zoyinc/$1

You will note that “/srv/www/zoyinc” is the root folder, or “DocumentRoot”, for this VirtualHost.

For my config this resulted in:

<VirtualHost *:80>
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/srv/www/zoyinc/$1
ServerAdmin webmaster@zoyinc.com
DocumentRoot /srv/www/zoyinc
ServerName www.zoyinc.com
ServerAlias 192.168.204.38
ServerAlias zoyinc.com
ServerAlias www.cantabrian.co.nz
ServerAlias cantabrian.co.nz
ErrorLog logs/www.zoyinc.com-error_log
CustomLog logs/www.zoyinc.com-access_log combined
DirectoryIndex index.php

Note the addition of “DirectoryIndex index.php”. This is very important for WordPress in particular.

You need to make the same change for the Apache ssl config:

nano /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf

So the ssl.conf should have a VirtualHost similar to:

<VirtualHost _default_:443>
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/srv/www/zoyinc/$1
ServerAdmin webmaster@zoyinc.com
DocumentRoot /srv/www/zoyinc
ServerName www.zoyinc.com
ServerAlias wordpress
ServerAlias 192.168.204.38
ServerAlias zoyinc.com
ServerAlias www.cantabrian.co.nz
ServerAlias cantabrian.co.nz
ErrorLog logs/www.zoyinc.com-error_log
CustomLog logs/www.zoyinc.com-access_log combined
DirectoryIndex index.php

We now need to enable and then start the fpm service:

systemctl enable rh-php72-php-fpm.service
service rh-php72-php-fpm start

Finally restart Apache:

service httpd24-httpd restart

Alternative Apache changes

I had a similar problem with MythWeb which is the web based frontend for MythTV. This also runs on PHP. However in this case I had it running under “/mysthweb” not at the root.

My changes were to:

/opt/rh/httpd24/root/etc/httpd/conf.d/mythweb.conf

# 
Alias /mythweb "/usr/share/mythweb" 
ProxyPassMatch "^/mythweb/.*\.php(/.*)?$" "fcgi://127.0.0.1:9000/usr/share/" enablereuse=on
<Directory "/usr/share/mythweb">
<IfModule mod_authz_core.c>

Unfortunately this broke MythWeb and it transpires this was because the sections under “Directory ..” were not recognized specifically the section:

<Files mythweb.*>
#
# Use the following environment ...
# look to connect to the databa ...
# the authentication info to us ...
# fine unless you've changed my ...
# a different server from your ...
#
setenv db_server "localhost"
setenv db_name "mythconverg"
setenv db_login "mythtv"
setenv db_password "secret DB password"

I had to move the setenv commands about “<Directory…” and then mythweb worked again.

During this exercise I found another option that also worked for mythweb and didn’t involve ProxyPass and DIDN’T involve moving the setenv commands:

#
Alias /mythweb "/usr/share/mythweb"
<Directory "/usr/share/mythweb">
Require all granted
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} ^/((.*\.php)(/.*)?)$
RewriteCond %2 -f
RewriteRule . fcgi://127.0.0.1:9000/%1 [L,P]
RewriteOptions Inherit
<IfModule mod_authz_core.c>

This also seemed to work quite well. This was found at: https://serverfault.com/questions/633096/php-htaccess-environment-variables-php-fpm-mod-proxy-fcgi-apache-2-4  from user134840.

Misc

Log folder:
/var/opt/rh/rh-php72/log/php-fpm

Err