When completed, this procedure allows users to securely run PHP files from ~/public_html/ to manipulate their own files.


Do not use the method in the Old Procedure section for setting up PHP interpretation in users' home directories -- the old procedure uses an insecure and performance-wasting method for achieving this goal. If all you are seeking is to enable PHP scripts in users' personal public_html directories, simply do the following:

sudo apt-get install php5
sudo a2enmod php5

If you're using the latest version of Ubuntu (16.04 or later), consider using PHP7.0 instead of PHP5. To do so, check if you already have PHP installed.

php --version 

If you do not have PHP already installed, you will likely see a message such as

$ php --version
The program 'php' can be found in the following packages:
 * php7.0-cli
 * hhvm
Try: sudo apt install <selected package>

To install PHP from the Ubuntu repositories,

sudo apt install php

If you already have PHP installed, you will likely see something like

$ php --version
PHP 7.0.4-7ubuntu2 (cli) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies
    with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies

At this point, Apache and PHP are installed and ready to go. A recent update to the Lucid distribution, however, requires a slight change to /etc/apache2/mods-available/php5.conf to re-enable interpretation in users' home directories -- previous distributions do not require this change. Simply open up this file in your favorite editor as root (a simple sudo gedit /etc/apache2/mods-available/php5.conf will suffice) and comment out (or remove) the following lines:

    <IfModule mod_userdir.c>
        <Directory /home/*/public_html>
            php_admin_value engine Off

If you don't see anything starting with PHP in /etc/apache2/mods-available, you likely need to install libapache2-mod-php. Run

sudo apt install libapache2-mod-php

After running it, you should see phpx.conf and phpx.load where x is the current PHP version. For example, at the time of this writing, I see php7.0.conf and php7.0.load. Edit the conf file as shown above.

Once this has been done, restart apache2 with the usual sudo /etc/init.d/apache2 restart and PHP should be successfully installed and working.

Make sure you have userdir enabled. If it is not enabled, run the following to enable it

 sudo a2enmod userdir

Security note: Running PHP scripts in users' home directories was not disabled for a frivolous reason -- PHP is a full programming language, and as such, can be used by attackers in nefarious ways. Ideally, the PHP engine should only be enabled for users you (the system administrator) trust, and even then sparingly. To do this, instead of removing the above lines, create a file (as root) called /etc/apache2/conf.d/php-in-homedirs.conf with the following contents:

    <IfModule mod_userdir.c>
        <Directory /home/$USERNAME/public_html>
            php_admin_value engine On

Simply replace the $USERNAME with the user name of the user you wish to allow PHP access to. Also note that the <Directory> section may be repeated as many times as is necessary. Save the file, and restart Apache with a sudo /etc/init.d/apache2 restart and PHP should only be enabled for the users listed in this file. See the Apache documentation on the Directory tag for more information.

Old Procedure

Note: The below method for allowing all users to exec their own PHP scripts as themselves is dangerous both to the users' data, and possibly the system itself -- especially if it is enabled system-wide. As a result, it should be avoided at all costs.

Install Apache 2, PHP 5, and support for executing pseudo-binaries.

sudo apt-get install apache2 php5-cgi binfmt-support

Configure PHP 5 to run .php scripts from the shell.

sudo update-binfmts --install PHP /usr/bin/php5-cgi --extension php

Enable necessary Apache modules.

sudo a2enmod rewrite
sudo a2enmod suexec
sudo a2enmod include
sudo a2enmod userdir

Enable Apache's handling of PHP files. Add the following line to /etc/apache2/apache2.conf

AddHandler cgi-script .php

Configure the userdir module. Uncomment the following lines in /etc/apache2/apache2.conf.

UserDir public_html
UserDir disabled root

<Directory /home/*/public_html>
        AllowOverride FileInfo AuthConfig Limit
        Options Indexes SymLinksIfOwnerMatch IncludesNoExec

Add the ExecCGI option. The block should now appear as below.

UserDir public_html
UserDir disabled root

<Directory /home/*/public_html>
        AllowOverride FileInfo AuthConfig Limit
        Options Indexes SymLinksIfOwnerMatch IncludesNoExec ExecCGI

Reload the Apache configuration.

sudo /etc/init.d/apache2 force-reload