Configure Imagick PHP Extension in App Service

3 minute read | By Edison Garcia

This blog explains how to configure Imagick PHP Extension in App Service and most common troubleshooting scenarios.

App Service Linux

PHP 8.x images are pre-built with imagick extension. It will pull the latest available version of imagick when a new tag is available following the App Service OS and runtime patching times. You can check the latest stable version of imagick here.

ImageMagick policies

ImageMagick best practices strongly encourages you to configure a security policy that suits your local environment. You can read more about these policies here.

Policies can be found on /etc/ImageMagick-6/policy.xml

If you desire to modify these policies on Azure App Service Linux, the best option to accomplish this will be to use a startup script.

Here is an example for removing policies for ghostscript:

  #!/bin/bash
  #Removing ghostscript policies
  sed -i '/disable ghostscript format types/,+6d' /etc/ImageMagick-6/policy.xml
  #Update Ghostscript
  apt-get update && apt-get install -y ghostscript
  service nginx reload

And then update the startup script location from Azure Portal:

PHP extension

Troubleshooting

ghostscript

  • Scenario: Uncaught ImagickException: attempt to perform an operation not allowed by the security policy.

      PHP Fatal error: Uncaught ImagickException: attempt to perform an operation not allowed by the security policy `PDF' @ error/constitute.c/IsCoderAuthorized/408 in
   /home/site/wwwroot/index.php:11\nStack trace:\n#0 /home/site/wwwroot/index.php(11): Imagick->readImage('random.pdf')\n#1 {main}\n thrown in
   /home/site/wwwroot/index.php on line 11

    Resolution: Add a custom startup script to modify existing policy with read and/or write or removing the policy, check steps above.

  • Scenario: PHP Fatal error: Uncaught ImagickException: FailedToExecuteCommand ‘gs’

      PHP Fatal error: Uncaught ImagickException: FailedToExecuteCommand `'gs' -sstdout=%stderr -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 '-sDEVICE=pngalpha' -dTextAlphaBits=4 -dGraphicsAlphaBits=4 '-r72x72' -dFirstPage=1 -dLastPage=1 '-sOutputFile=/tmp/magick-60nJzxfIQqHrXx%d' '-f/tmp/magick-60rZK5yQMK31K7' '-f/tmp/magick-60_Dsu584RGIyH'' (1) @ error/pdf.c/InvokePDFDelegate/291

    Resolution: Add a custom startup script to modify existing policy with apt-get upgrade && apt-get install -y ghostscript, check steps above.

App Service Windows

Reference: Microsoft Q&A questions

Update 3/2/2023: Running PHP 7.4 or PHP in general on Azure App Service (Windows) is no longer supported since 28 November 2022. It is recommended to migrate your application to App Service Linux. If you need a specific version of PHP you can bring your own runtime but this will be out of support and you will need to update the versions for any vulnerability reported by the PHP community.

Based on your PHP version and Platform (32/64 bits), get the latest php_imagick.dll from https://windows.php.net/downloads/pecl/releases/imagick/.

Since App Service Windows is running IIS as the webserver, you can select NTS (Non-Thread Safe). This is used when PHP runs on Fast CGI binary.

Custom PHP version

For this scenario php_imagick-3.7.0-7.4-nts-vc15-x64.zip was selected which targets 7.4, you need to select the correct version for your application.

PHP extension

  1. Go to Kudu site browsing to https://yoursitename.scm.azurewebsites.net/DebugConsole
  2. Create a folder named imagick inside c:\home\site or D:\home\site (in any applicable scenario).

  3. Unzip the folder and copy all CORE_RL_* files to c:\home\site\imagick\ or d:\home\site\imagick\

    PHP extension

  4. Create two new folders ext and ini inside c:\home\site or d:\home\site (in any applicable scenario).

  5. Copy php_imagick.dll to c:\home\site\ext\ or d:\home\site\ext\

  6. Create a new file named extensions.ini inside c:\home\site\ini\ or d:\home\site\ini\ with the following content:

     extension=C:\home\site\ext\php_imagick.dll

  7. Create new file applicationHost.xdt file inside the c:\home\site or d:\home\site folder and copy the below configuration:

       <?xml version="1.0"?>
   <configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
     <system.webServer>
       <runtime xdt:Transform="InsertIfMissing">
         <environmentVariables xdt:Transform="InsertIfMissing">
           <add name="PATH" value="%PATH%;c:\home\site\imagick" xdt:Locator="Match(name)" xdt:Transform="InsertIfMissing" />
         </environmentVariables>
       </runtime>
     </system.webServer>
   </configuration>

  8. Add the following App Settings in Azure Portal:

    PHP extension

    Note: Check if c or d drives applies to you.

    • MAGICK_CODER_MODULE_PATH = c:\home\site\imagick
    • MAGICK_HOME = c:\home\site\imagick
    • PHP_INI_SCAN_DIR = c:\home\site\ini
  9. If you create a info page, you should see the following results: 
       <?
   phpinfo();

    PHP extension

You may also enjoy

Rebuild Your Node.js Project the Right Way

3 minute read

Losing your package.json can be a real hassle, especially in larger projects. It’s crucial for managing dependencies and scripts, and without it, you’re stuc...