Apache PHP 8 keeps getting disabled

Question

I have an Ubuntu Linux server (20.04) running Apache2 version 2.4.41

$ apachectl -v
Server version: Apache/2.4.41 (Ubuntu)
Server built:   2024-04-10T17:46:26

with PHP8 enabled in /etc/apache2/mods-enabled:

$ ls -l /etc/apache2/mods-enabled/php8*
lrwxrwxrwx 1 root root 39 Apr 29 14:17 /etc/apache2/mods-enabled/php8.0.conf -> /etc/apache2/mods-available/php8.0.conf
lrwxrwxrwx 1 root root 39 Apr 29 14:17 /etc/apache2/mods-enabled/php8.0.load -> /etc/apache2/mods-available/php8.0.load

It was running like this for months, and now somehow PHP keeps getting disabled. I become aware of it when my PHP application suddenly stops working, and when I look in /etc/apache2/mods-enabled I find the two entries for PHP8 are missing. If I reenable it, it will run for a few days, then the same thing happens again.

I can't see anything in the logs to indicate that it has been disabled, and I am (I hope) the only person with root access to the machine.

Does anyone know how I can track down what is disabling this and why? Is there some kind of logging I can enable to get more information?

Answer 1

Personally, I’d set up auditing: Install the auditd package to track system changes:

sudo apt-get install auditd

Configure auditing to monitor the /etc/apache2/mods-enabled directory:

sudo auditctl -w /etc/apache2/mods-enabled/ -p wx -k apache_mods

This will log any changes to the mods-enabled directory. You can check the audit logs with:

sudo ausearch -k apache_mods

Also verify PHP installation; double-check that PHP is correctly installed and configured:

sudo php -v
sudo ls /etc/apache2/mods-available/php8.0.*

If you find any issues, please share the outcome.