The version of PHP on OS X Server 5.x is v.5.3.x. As of this writing, the current distro of PHP on Homebrew is v.7.4.12. You will lose the ability to control PHP loading from the GUI.
To prep, you should have prepared a phpinfo.php file on your website in an orphan directory so you can check all the modules that load with PHP. It is simply a text file with the name phpinfo.php and the content is:
Don’t worry if PHP is currently running.
Install PHP via Homebrew:
brew install php
If you’re running WordPress on your own Mac OS X Server and have installed an updated version of PHP using Homebrew, you may have a directory mismatch that will prevent pecl from successfully installing imagemagick.
This tutorial applies to Porsche Cayenne Turbo models 9Y0/9YA/9YB/9Y3.
What’s so special about the Turbo?
- There are two extra steps to the process compared to the base model Cayenne.
- Takes an extra quart of oil compared to base model.
- The oil drain plug is under the first under carriage plate.
- The oil filter housing is under the front torsion bar.
Time and Difficulty
Easy but dirty
- Beginner: About 8 hrs
- DIY-er: About 4 hrs
- Pro: About 1.5 hours
The httpd.conf file controlled by the Server.app is stored at
If you happen to update PHP or other Apache modules through non-Apple methods (e.g. homebrew), then this is where you add your LoadModule and FilesMatch arguments.
You MUST restart the web server through the Server.app for changes to load. apachectl graceful will not load the changes in httpd_server_app.conf.
#This article is in response to “Update PHP on OS X Server 5.x”.
If you use Let’s Encrypt as your SSL certificate authority, it is paramount that you implement an automatic certificate renewal procedure.
Very helpful tutorial from Mac Strategy – How To Setup Let’s Encrypt For OS X / macOS + Server 5.x
When setting up or renewing your SSL certificates, you may encounter a problem with certbot giving you the following error:
Timeout, https://www.example.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain
This may be happening if you ONLY have the HTTPS version of your website configured OR if you use http::REDIRECT to redirect to HTTPS without letting the GET request connect to a HTTP version of your site.
certbot, as default, can only validate your website via HTTP on port 80. The easiest solution would be to provide an HTTP version of your website. This may be less than ideal for many setups where port 80 is inundated with DDoS attacks – so it seems.
In reality, if port 80 is served by the same software that serves port 443, having port 80 open does not increase the amount of risk. Rather, it is a reminder that one should not rely on the illusion that HTTPS alone will prevent a hack. Your website design should be more resilient in that it would protect against ALL web based attacks.
A message from Let’s Encrypt regarding Port 80: Best Practice – Keep Port 80 Open
So open up port 80, setup your webserver to answer to HTTP requenst, and renew your Let’s Encrypt SSL certificates using certbot. And go add some security features to your website while your at it.
For WordPress sites like this, you can use the WP Force SSL plugin to reroute all HTTP request to HTTPS via script. That means, any non-Wordpress request like certbot’s will be processed via HTTP.