Results 1 to 6 of 6
  1. #1
    Join Date
    Feb 2007
    Posts
    81

    whats the difference between running PHP using Fast CGI or as an Apache Module?

    I have been a web developer using PHP for years now, and my work laptop runs CentOS with PHP5 as an Apache Module. This suits me just fine for development, but now I want to setup a web server that runs PHP 4.4.8 and PHP 5.2.5 and offer hosting to people. I know PHP4 is very old, but I am looking to offer my users the freedom of choice, as there are still third party applications out there that may need to be run on PHP4.

    I will want PHP 5 to be the default, and allow PHP 4 to be used if either the file extension is .php4, or they have a line in their .htaccess file. I have seen various tutorials in search engine results saying to run both, I can either do one of the following:

    1. Install PHP5 as a module, and run PHP4 using FastCGI
    2. Install PHP5 and PHP4 and run both using FastCGI
    3. Install PHP4 as a module, and run PHP5 using FastCGI

    In the future I will also be looking to support PHP6 once a stable version has been released, though that will probably be optional to begin with and require a line in the .htaccess file too - like PHP4. I will be using Apache 2.2.8 on CentOS 5.1. I am also looking to install Ruby on Rails and Django too, which I think use FastCGI.

    What's the difference between running as an Apache Module, or using FastCGI? This will be for a shared hosting environment so performance over lots of connections, stability and security are my concerns. Should I run everything using FastCGI, if not, would the default PHP version be better off installed as an Apache Module?

    Thanks
    Luke

  2. #2
    Join Date
    Apr 2003
    Location
    San Jose, CA.
    Posts
    1,622
    If you're using Apache 2.2.8, it depends on what MPM you're using.

    With the traditional prefork module Apache runs as nobody/nogroup and thus PHP when ran as a module will run as nobody/nogroup. File permissions for all your users thus need to be set in potentially insecure ways so that the webserver can read the files or so the scripts can write to files in their directories. If you're going to use a traditional prefork module one "secure" way to permit PHP is to use FastCGI, next best to use mod_suphp.

    With newer versions of apache you can use the perchild MPM which helps deal with some of the security issues of running apache as a module. It may however present entirely new issues especially if you're using some control panel which doesn't understand it.

    The biggest difference overall with FastCGI other then security benefits is that it makes it so you can create entirely different "application" servers... you can have separate server/s which will do nothing but run code for you.

    Summary:
    #2 is the safest and best way to implement PHP assuming you're using a normal Apache prefork MPM.
    #4 (Run both as a module) if you understand how to configure Apache 2.2 using a perchild MPM.
    #1 or #3 aren't recommended...

    Standard disclaimers apply: I could be completely wrong.
    Last edited by Lightwave; 03-10-2008 at 10:34 AM.
    Daved @ Lightwave Networking, LLC.
    AS1426 https:/www.lightwave.net
    Primary Bandwidth: EGIHosting (NLayer, NTT, HE, Cogent)
    Xen PV VPS Hosting

  3. #3
    Join Date
    Feb 2007
    Posts
    81
    Thank you Lightwave. I have just read in the PHP manual that there are potentially permissions problems with running PHP as an Apache Module. So it would probably be best to run all my php versions as Fast CGI then? Is that what you would do in this situation?

    On a tangent... Lighttpd looks good for performance, but I am not sure if cPanel will be able to administer it. Apache is probably more stable/secure as it has been in development for a lot longer.

  4. #4
    Join Date
    Apr 2003
    Location
    San Jose, CA.
    Posts
    1,622
    In a one word answer, "yes" Use both versions of PHP through FastCGI. It will provide you the ability to have a decent level of security and growth for your infrastructure.

    #4 might be easier to implement in the beginning and provide adequate security but #2 will offer other benefits.

  5. #5
    Join Date
    Dec 2006
    Posts
    477
    Cpanel won't work with lighttpd. Although its still faster, lighttpd isn't the order of magnitude better than apache that it once was. One thing to beware of with FastCGI - if you use it to implement security, you need a different FastCGI process running for each pool of threads that belong to a different user. Therefore, it is great for small numbers of users but you run out of memory if you have hundreds.

  6. #6
    Join Date
    Feb 2007
    Posts
    81
    Quote Originally Posted by RBBOT View Post
    You need a different FastCGI process running for each pool of threads that belong to a different user. Therefore, it is great for small numbers of users but you run out of memory if you have hundreds.
    I read an article on the unofficial dreamhost blog ages ago that seems to suggest Fast CGI is better for environments with lots of users, such as shared hosting.

    http://blog.dreamhosters.com/2006/04...apache-module/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •