Dev Guides PHP Mr. Boyd

PHP File Download Issues

Fix PHP files that download instead of executing — handler configuration, MIME types, and server setup for Apache and Nginx.

The Problem

You navigate to a .php file in your browser and instead of the page rendering, the browser downloads the raw PHP source code as a file. This means the web server isn't processing PHP — it's treating the file as a static download. This is both a functionality and a security issue, as your source code (including database credentials) could be exposed.

Common Causes

  • PHP handler not configured — the web server doesn't know to send .php files to the PHP interpreter
  • PHP not installed — the PHP package is missing entirely from the server
  • Wrong MIME type — the server is sending .php files with a download content type
  • mod_php / PHP-FPM not loaded — the PHP module is installed but not enabled in the web server
  • .htaccess override disabled — handler directives in .htaccess are being ignored

Apache Fixes

Check PHP Is Installed

# Check PHP version
php -v

# Check if PHP module is loaded in Apache
apache2ctl -M | grep php

# Install PHP if missing (Ubuntu/Debian)
sudo apt install php libapache2-mod-php

# Enable the PHP module
sudo a2enmod php8.2
sudo systemctl restart apache2

Add PHP Handler in .htaccess

# Add to .htaccess
AddHandler application/x-httpd-php .php

# Or for newer Apache/PHP-FPM setups:
<FilesMatch \.php$>
    SetHandler "proxy:unix:/run/php/php8.2-fpm.sock|fcgi://localhost"
</FilesMatch>

Apache Virtual Host Configuration

# In your Apache virtual host config
<VirtualHost *:80>
    ServerName yourdomain.com
    DocumentRoot /var/www/html

    <FilesMatch \.php$>
        SetHandler application/x-httpd-php
    </FilesMatch>

    DirectoryIndex index.php index.html
</VirtualHost>

Nginx Fixes

Nginx doesn't process PHP natively — it passes PHP requests to PHP-FPM (FastCGI Process Manager):

# /etc/nginx/sites-available/yourdomain.conf
server {
    listen 80;
    server_name yourdomain.com;
    root /var/www/html;
    index index.php index.html;

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php8.2-fpm.sock;
    }
}

# Test config and reload
sudo nginx -t
sudo systemctl reload nginx

Ensure PHP-FPM Is Running

# Check PHP-FPM status
sudo systemctl status php8.2-fpm

# Start if not running
sudo systemctl start php8.2-fpm
sudo systemctl enable php8.2-fpm

cPanel PHP Handler

On cPanel shared hosting, the PHP handler is usually managed through:

  1. Go to cPanel → MultiPHP Manager
  2. Select your domain and choose the correct PHP version
  3. Click Apply

You can also check cPanel → MultiPHP INI Editor to verify PHP configuration for your domain.

Quick Diagnostic Test

<?php
// Save as test.php and access via browser
echo "PHP is working! Version: " . phpversion();
?>

If this file downloads instead of showing text, the PHP handler is definitely misconfigured. If it shows the version, the issue is specific to certain files or directories.

Security Alert

If PHP files were downloading publicly, your source code may have been exposed. Immediately change any passwords and API keys that appear in your PHP files, especially database credentials in config files.

Pro Tip

Store sensitive configuration files (database credentials, API keys) outside the web root directory so they can never be served directly by the web server, even if PHP processing fails.