php-cgi.exe

PHP CGI Executor for Web Servers

Application ProcessSafeWeb Server Component

CPU Usage

1-10%

Memory

50-200 MB

Location

C:\Program Files\PHP

Publisher

The PHP Group

Quick Answer

php-cgi.exe is a legitimate PHP CGI executable. It runs PHP code on CGI/FastCGI-enabled servers and spawns worker processes to handle PHP requests.

Is it a Virus?

✔ NO - Safe

Must be in C:\Program Files\PHP\ or C:\php\

Warning

Many processes normal

Each PHP request may spawn a php-cgi.exe instance

Can I Disable?

✔ YES

Disable via web server configuration or stop the PHP CGI handler when maintenance is needed

What is php-cgi.exe?

php-cgi.exe is the PHP CGI executable used by some web servers to run PHP scripts via the CGI or FastCGI interface. When a PHP request arrives, the server may launch php-cgi.exe to interpret the PHP file and return generated HTML, JSON, or other output. It can spawn multiple instances to handle concurrent requests.

php-cgi.exe runs PHP code for each CGI/FastCGI request, isolating execution from the main server process, loading php.ini, and communicating through standard input/output with the web server to produce dynamic content.

Quick Fact: CGI/FastCGI with php-cgi.exe allows per-request isolation, improving stability for concurrent PHP processing.

Types of PHP-CGI Processes

Server Runner: Listens for PHP requests and spawns php-cgi.exe as needed
Worker Process: Handles a single PHP request per instance
CLI/Background (rare in CGI mode): May invoke PHP scripts via CLI in some setups
FastCGI Wrapper: Facilitates communication between web server and PHP interpreter
Error Handler: Logs PHP errors and exceptions for the CGI process
Session/Request Context: Provides per-request scope for PHP execution

Is php-cgi.exe Safe?

Yes, php-cgi.exe is safe when it comes from an official PHP distribution and is used by a properly configured web server.

Is php-cgi.exe a Virus or Malware?

The real php-cgi.exe is NOT a virus. Malicious files can mimic names; always verify location and signature.

How to Tell if php-cgi.exe is Legitimate or Malware

File Location:: Ensure php-cgi.exe resides in C:\Program Files\PHP\ or C:\php\. Any other directory is suspicious.
Digital Signature:: Right-click php-cgi.exe → Properties → Digital Signatures. Look for a valid signer such as the PHP Group.
Version and Path Consistency:: Open a command prompt and run php-cgi.exe -v from the expected path; verify version matches your PHP distribution.
Resource Usage:: Normal PHP-CGI usage varies by workload; unusual constant high CPU with no PHP traffic is a red flag.

Red Flags: If php-cgi.exe is located in temp folders, AppData, or System32, runs without server requests, lacks a valid signature, or shows unusual resource patterns, scan for malware and verify server configuration.

Why Is php-cgi.exe Running on My Server?

php-cgi.exe runs to interpret PHP scripts as part of CGI/FastCGI configurations. It may be invoked for each request or kept alive by the FastCGI wrapper, depending on server settings.

Reasons it's running:

Active PHP Requests: The web server forwards PHP requests to php-cgi.exe, spawning worker processes to generate responses.
CGI/FastCGI Architecture: Server uses CGI or FastCGI mode, which creates separate php-cgi.exe processes per request or pool.
Background PHP Tasks: Web applications may trigger background PHP tasks via web requests or scheduled jobs that involve PHP CGI processing.
Startup/Reload Events: Server startup or configuration reload can temporarily spawn php-cgi.exe instances to handle incoming traffic.
Configuration of Extensions: Extensions or modules that rely on PHP CGI may cause php-cgi.exe to launch to satisfy dynamic content.

Can I Disable or Remove php-cgi.exe?

Yes, you can disable php-cgi.exe. If you are not using CGI/FastCGI, you can remove or reconfigure the PHP handler. Ensure you keep PHP installed if you rely on PHP running under a different interface.

How to Stop php-cgi.exe

Restart Web Server: Restart IIS, Apache, or Nginx to terminate current php-cgi.exe workers.
Disable CGI/FastCGI Handler: In IIS Manager or Apache config, disable the PHP CGI/FastCGI handler mappings.
Stop Specific PHP Requests: Block or rate-limit PHP requests at the application level to reduce CGI spawning.
Disable Startup of PHP CGI: Remove PHP CGI from startup scripts or service definitions if used as a service.
Adjust FastCGI Settings: Set MaxProcesses or IdleTimeout to reduce persistent php-cgi instances and recycle workers.

How to Uninstall PHP CGI / PHP

✔ Windows Settings → Apps → Apps & Features → locate PHP (and php-cgi) → Uninstall
✔ Control Panel → Programs → Uninstall a program → PHP → Uninstall
✔ Remove any PHP CGI handler references from web server configuration and PATH environment variable

Common Problems: High CPU or Memory Usage

If php-cgi.exe is consuming excessive resources, consider the following checks and fixes tailored to CGI/FastCGI deployments.

Common Causes & Solutions

Too Many Simultaneous PHP Requests: Limit concurrent PHP requests with FastCGI pool sizing or request throttling on the web server.
Inefficient PHP Scripts: Review and optimize PHP code; use caching and query optimization; enable OPcache.
Heavy or Malicious PHP Extensions: Disable unnecessary extensions and scan for malicious code or backdoors in PHP scripts.
Slow Database Queries: Optimize SQL queries, add necessary indexes, and consider query caching strategies.
Misconfigured php.ini: Tune memory_limit, max_execution_time, and disable verbose error logging in production.
Hardware Acceleration or I/O Bottlenecks: Ensure underlying server hardware and disk I/O are not bottlenecking CGI processing; adjust FastCGI timeouts.

Quick Fixes:
1. Quick Fixes:
2. 1. Identify heavy PHP requests with the server's logs or monitoring tool; reproduce the issue locally
3. Restart the web server to recycle php-cgi.exe workers
4. Enable OPcache and set appropriate memory limits in php.ini
5. Review and disable unused PHP extensions via the server's PHP configuration
6. Tune FastCGI settings (max instances, idle timeout) to balance load

Frequently Asked Questions

Is php-cgi.exe a virus?

No, the legitimate php-cgi.exe from a PHP distribution is not a virus. Verify it resides in a PHP install path such as C:\Program Files\PHP\ and has a valid digital signature.

Why is php-cgi.exe using so much CPU?

High CPU typically stems from heavy PHP scripts, inefficient queries, or many concurrent requests. Use server-side monitoring (and optionally OPcache) to identify and optimize the culprit.

Where is php-cgi.exe located on Windows?

Common locations include C:\Program Files\PHP\php-cgi.exe or C:\PHP\php-cgi.exe. Confirm the path matches your PHP installation and server configuration.

Can I disable php-cgi.exe if I use PHP-FPM or mod_php?

Yes. If you switch to PHP-FPM (on Unix-like systems) or a non-CGI PHP handler, you can remove or disable the CGI-based php-cgi.exe wrapper in your server configuration.

How do I secure php-cgi.exe?

Keep PHP up to date, run only necessary extensions, run the web server with restricted permissions, and enable logging to detect unusual CGI activity.

What is the difference between PHP-CGI and PHP-FPM?

PHP-CGI runs PHP as CGI processes for each request or a small pool, while PHP-FPM uses a persistent pool of workers with advanced process management, generally providing better performance and scalability.