Solving apache_request_headers Issues on NGINX: A Professional Server Administrator's Guide

Understand the Issue

• apache_request_headers is a function designed for PHP running under Apache.
• When PHP is used with NGINX (often with PHP-FPM), apache_request_headers may not retrieve certain headers (e.g., Authorization) unless explicitly passed by NGINX to PHP.

Root Cause:

NGINX does not pass some headers, like Authorization, by default unless configured to do so.

Pass Missing Headers in NGINX

To ensure that NGINX passes all headers, especially Authorization, you need to configure NGINX properly.

Edit the NGINX Configuration

1. Open your NGINX configuration file:
   sudo nano /etc/nginx/sites-available/your-site.conf

   Or if you're using a global configuration:

   sudo nano /etc/nginx/nginx.conf
2. Locate the location block for PHP, which often looks like this:

   location ~ \.php$ {
       include fastcgi_params;
       fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
   }

3. Add the following line to ensure Authorization headers are forwarded:

   fastcgi_param HTTP_AUTHORIZATION $http_authorization;

4. Save the file and exit.
5. Test the NGINX configuration for syntax errors:
   sudo nginx -t
6. Reload NGINX to apply the changes:
   sudo systemctl reload nginx

Configure PHP-FPM

Ensure that PHP-FPM is configured to handle additional headers properly.

Verify PHP-FPM Configuration

1. Open the PHP-FPM pool configuration file:
   sudo nano /etc/php/8.0/fpm/pool.d/www.conf

   Replace 8.0 with your PHP version.

2. Check for the clear_env directive. If it's set to yes, it will strip environment variables, including headers:

   clear_env = no

3. Save the file and restart PHP-FPM:
   sudo systemctl restart php8.0-fpm

Debug Headers in PHP

Create a test script to verify which headers are being passed to PHP.

Example Debug Script (headers.php):

<?php
// Try apache_request_headers
if (function_exists('apache_request_headers')) {
    $headers = apache_request_headers();
    echo "apache_request_headers:\n";
    print_r($headers);
} else {
    echo "apache_request_headers function not available.\n";
}

// Fallback to $_SERVER
echo "Headers from \$_SERVER:\n";
foreach ($_SERVER as $key => $value) {
    if (strpos($key, 'HTTP_') === 0) {
        echo "$key: $value\n";
    }
}
?>

Test with cURL:

Send a request to this script to see if the headers are being passed:

curl -H "Authorization: Bearer YOUR_TOKEN" http://your-site.com/headers.php

Additional NGINX Tuning

If headers are still not working, ensure the following in your NGINX configuration:

1. Proxy Pass (If Using Reverse Proxy)

If your NGINX setup uses a reverse proxy to another server, ensure you pass headers:

proxy_set_header Authorization $http_authorization;
proxy_set_header Host $host;

2. Set Default Headers

If specific headers are required but missing, you can set default values:

add_header Authorization "Bearer Default_Token" always;

3. Increase Buffer Size (Optional)

If headers or payloads are too large, increase buffer sizes:

fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;

Restart Services and Verify

After making changes to NGINX and PHP-FPM:

1. Restart NGINX:
   sudo systemctl restart nginx
2. Restart PHP-FPM:
   sudo systemctl restart php8.0-fpm

Test again using your application or a tool like Postman/cURL.

Fallback to $_SERVER in PHP Code

If apache_request_headers still doesn't work due to your setup, use $_SERVER as a fallback.

Example: Fallback Code

// Check for Authorization header
$authHeader = $_SERVER['HTTP_AUTHORIZATION'] ?? null;

if ($authHeader) {
    echo "Authorization header: $authHeader";
} else {
    echo "Authorization header not found.";
}

Summary Checklist