Portal Home > Knowledgebase > Articles Database > PHP as CGI or Module for VPS
PHP as CGI or Module for VPS
| Posted by JoyceBabu, 08-20-2008, 03:20 PM |
| Can anyone plz tell me which of the following configurations is better
PHP as FastCGiPHP as Apache Module
Considering the facts tat I am on a VPS and I can have which ever configuration I like.
Thanks in advance
|
| Posted by ISPserver, 08-20-2008, 06:04 PM |
| It's do not have better configuration. Just different php.
It's as socks and hat, what better?
As an APACHE module: This method provides the fastest operation of PHP and is generally more compatible with scripts and other server software.
As a CGI: This method is used when security is key. When there are several web sites on one server, this method provides better tracking of each domains use of PHP. The price is slower PHP.
|
| Posted by ISPserver, 08-20-2008, 06:06 PM |
| А lot:
PHP as Apache module
Running PHP as an Apache module requires web-server module apache mod_php
Advantages
* Faster performance since it is running as part of apache.
* Scripts are executed by server.
* A single config. file for all the scripts (php.ini).
* If need be, you can set PHP configuration variables in the web-server config. file or by using your .htaccess file to specify rules.
Disadvantages
* Scripts are being executed with web-server owners' privileges, which might lead to some security related problems
* If the scripts run foreign applications (like mail distribution), the user will not be identified
* Apache loads servers, which might lead to the particular problems like to slow other statistics performance
* Errors in scripts may cause the whole web-server to crash
PHP as CGI
When PHP works in CGI-mode, PHP-script execs in PHP-interpreter.
Advantages
* Scripts will be executed with user privileges (www-domain owner)
* More than one PHP version can be run as CGI
* Needs less memory (RAM) than Apache module
* Errors in scripts do not cause the whole web-server to crash
Disadvantages
* Authorisation header not passed to PHP.
|
| Posted by foobic, 08-20-2008, 06:27 PM |
| It's to some extent a question of personal preference. Mine is mod_php for single-user systems and FastCGI (or other suexec options) for multi-user.
On a VPS used for a single site I believe it's actually more secure to run mod_php, since PHP is then limited in what it can do, eg. writing only to uploads directories where permissions have been set to allow it. And it's significantly faster than CGI. FastCGI closes the gap but there's still a momentary delay as it starts up (the first page view on a previously idle site).
Where you have multiple users sharing a system the balance shifts - running suexec (CGI) helps protect each user from the others and makes it easier to see who's doing what.
The technical differences don't really amount to much - applications from competent developers will work on both.
HTH
|
| Posted by JoyceBabu, 08-21-2008, 01:11 AM |
| Thanks for all the nice replies. From what I understood, I have to choose module for speed and fastcgi for security. Actually the VPS is to host my personal sites, even though I occassionally allow friends to host their site on my account. Hence it is mostly single user (but multiple domains).
I was asking this question because I wanted to use the php_flag(for turning off session.use_trans_id) and php_value(for auto prepending and appending files) properties, which are available only in the Apache Module setup. Or should recode my site, so that it works without those properties?
|
| Posted by foobic, 08-21-2008, 03:47 AM |
| Multiple domains under the same account are still running as a single user - using CGI won't give you any advantage there. What it would do is help to protect you from your friends (or anyone who manages to exploit their accounts). You could also separate your own domains onto different accounts so that each one would be somewhat isolated from the others.
Bear in mind though that if one of your own accounts is exploited then running CGI will make it worse for that account - giving the attacker full access to everything that user has instead of just the uploads directories.
If you do decide to run FastCGI there should be a way to set custom per-directory PHP settings with individual php.ini files. Or if you can apply the same settings to all accounts / domains then just change the global php.ini.
|
| Posted by JoyceBabu, 08-21-2008, 09:17 AM |
| Thanks a lot Chris.
This was exactly what I was looking for. I will ask my provider about this.
Considering that and
I think I should opt for FastCGI option.
Just one more question. Is there a considerable(for example a factor of 2) speed difference?
|
Add to Favourites 
Print this Article
Also Read
