diff --git a/roles/nextcloud/tasks/install.yml b/roles/nextcloud/tasks/install.yml
index c37269910..d1e7323cd 100644
--- a/roles/nextcloud/tasks/install.yml
+++ b/roles/nextcloud/tasks/install.yml
@@ -68,7 +68,7 @@
   template:
     src: nextcloud.conf.j2
     dest: "/etc/{{ apache_conf_dir }}/nextcloud.conf"    # apache2/sites-available on debuntu
-  when: apache_installed | bool
+  when: apache_install | bool
 
 
 # RECORD Nextcloud AS INSTALLED
diff --git a/roles/nextcloud/templates/nextcloud.conf.j2 b/roles/nextcloud/templates/nextcloud.conf.j2
index dcba0ae0c..89858bdb8 100644
--- a/roles/nextcloud/templates/nextcloud.conf.j2
+++ b/roles/nextcloud/templates/nextcloud.conf.j2
@@ -16,17 +16,17 @@ Alias {{ nextcloud_url }} {{ nextcloud_prefix }}/nextcloud
     # 2019-09-04 commenting out towards future removal
     #Require host localhost
 
-{% if nextcloud_allow_public_ips %}
-    # PERMIT ACCESS FROM ALL IPv4 ADDRESSES:
+#{% if CONDITION %}    {# where CONDITION was nextcloud_allow_public_ips #}
+#    # PERMIT ACCESS FROM ALL IPv4 ADDRESSES:
     Require all granted
-    # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY:
-    #Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10
-{% else %}
-    # PERMIT ACCESS FROM ALL IPv4 ADDRESSES:
-    #Require all granted
-    # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY:
-    Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10
-{% endif %}
+#    # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY:
+#    #Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10
+#{% else %}
+#    # PERMIT ACCESS FROM ALL IPv4 ADDRESSES:
+#    #Require all granted
+#    # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY:
+#    Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10
+#{% endif %}
 {# Reminder that {{ lan_ip }}/{{ lan_netmask }} is 172.18.96.1/255.255.224.0 #}
     # AVOID THIS LINE AS IT OVERLY RESTRICTS SCHOOLS W/ 192.168.1.x, 10.x.y.z:
     #Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} {{ nextcloud_required_ip }} {{ openvpn_server_virtual_ip }}/255.255.255.0
diff --git a/roles/www_back_end/tasks/main.yml b/roles/www_back_end/tasks/main.yml
index 0129887d4..4b73f40f6 100644
--- a/roles/www_back_end/tasks/main.yml
+++ b/roles/www_back_end/tasks/main.yml
@@ -9,9 +9,14 @@
 
 - include_tasks: php-stem.yml
 
+- name: Install php-fpm (FastCGI Process Manager) if nextcloud_install or pbx_install
+  package:
+    name: php-fpm
+  when: nextcloud_install or pbx_install
+
 # COMPARE apache_allow_sudo @ roles/www_front_end/tasks/main.yml
 
-# For schools that use WordPress/Nextcloud/Moodle intensively.  iiab/iiab#1147
+# For schools that use WordPress/Nextcloud/Moodle intensively.
 # WARNING: Enabling this might cause excess use of RAM/disk or other resources!
 - name: Enact high limits in /etc/php/{{ php_version }}/fpm/php.ini if using WordPress/Nextcloud/Moodle intensively
   lineinfile: