Stuart Herbert, prompted by this post from Derick Rethans uses this new post to his blog to point out something that didn't seem to be mentioned and has always been a pet peeve of his when running PHP on IIS - controlling the FastCGI processes so they don't take over the machine.

Running PHP via CGI and FastCGI means that IIS has to do the Windows equivalent of fork()ing off PHP processes to do the actual PHP bit. If your box has too many PHP processes running, the box will start to swap. Once a webserver starts swapping, you've no chance in hell of keeping up with all the incoming requests, and your websites on that particular webserver become unavailable in a matter of moments.

The problem seems to have been corrected in the most recent IIS release, though and correct directions can be found here. Older versions of the web server are out of luck, unfortunately.

Dhiraj Patra has posted a tutorial to his "LAM-PHP" blog today looking at a different-than-usual way for running PHP scripts - in the cron.

Lots of programmers like PHP for its ability to code and develop web applications fast. Code-debugging is a lot easier than with PERL or C. However, there is one thing a lot of developers are puzzled about, "How to run PHP Scripts with crontab?"

He explains how cron can be used effectively to replace including a backend script into another file (bad practice) and how to get started with PHP and cron. He includes how to find if you're using a CGI or Apache version of PHP and how to locate the binary. He takes this knowledge and shows how to apply it and put a sample script into the cron file. You can check out sites like this or this for more information on cron itself.

On his blog, Ian Bicking has posted some of his thoughts on a positive look at PHP - what he thinks PHP has done right.

With the recent talk on the blogosphere about deployment (and for Django, and lots of other posts too), people are thinking about PHP a bit more analytically. I think people mostly get it wrong.

He points out that PHP, in essence, is a CGI-style execution and, in being so, makes it more flexible. Both sides, web and command line, can work with the language equally well. He also mentions the developer/administrator split he sees in PHP's structure and how the language facilitates it.

One of the more frustrating things about working on a shared server is trying to keep it secure while still giving users some flexibility in their environments. Stuart Herbert has continued his series looking at combating issues like this with this look at installing suexec to secure a shared server.

The challenge with securing a shared hosting server is how to secure the website from attack both from the outside and from the inside. PHP has built-in features to help, but ultimately it's the wrong place to address the problem.

His guide steps through the entire process - getting the software, configuring Apache (with the PHP/CGI installation) and configuring suexec, both for the default install and then for the shared server settings. There's even a few brief benchmarks showing the speed of execution for scripts with and without the suexec environment.

Nessa has posted another new tutorial based around her experiences with suPHP. This time it deals with using an .htaccess file for changing the settings of the PHP installation.

First of all, if you'd rather use the .htaccess than the php.ini capabilities of a phpsuexec environment, then shame on you. But, we have some customers who are terrified of php.ini and would rather use the .htaccess. So what? Ok, well there is a workaround.

The connecting piece is the htscanner extension - she includes installation instructions and how to include it into your PHP installation (as well as how to set the PHP values in the .htaccess).

On the Zend Developer Zone today there's a new article by Elizabeth Smith about one of the latest offerings from Microsoft to the online community - FastCGI for IIS6.

What is FastCGI? I could go on for pages about the technical background, and Microsoft already has some great documentation on the subject, however I'll put it in layman's terms for those who aren't Computer Science majors. [...] CGI is a method that a web server can use for tools like PHP, Perl, or any other language that support it. CGI spawns a new process for each request, which can be really slow. FastCGI speeds this up with a very simple solution '" instead of creating a brand new process for each request, it creates a "pool" of processes and reuses them.

She talks about her usage of PHP on Windows platforms in her work, about a move her company made from Apache to IIS and how much the FastCGI functionality helped. She also briefly explains how to get IIS and FastCGI to work together to make the PHP functionality happen.

On his blog, Bill has posted about a patch for IIS7 running on a Windows Vista machine that corrects an issue with applications that send multiple response headers.

Today we released a patch for IIS7 in Windows Vista that addresses an issue we've seen with CGI applications (especially PHP applications that use the built-in CGI component). The typical symptom is an application that runs using CGI and is unable to support multiple "cookies" for authentication or personalization.

He also links to the Microsoft Knowledge Base article on the topic and to the download for the patch.

Pierre-Alain Joye has posted a quick hit to his blog today about using one php.ini file for both a cli and cgi installation of PHP without it throwing errors for htscanner.

Htscanner reports error during module or request init (returns FAILURE), these errors may be fatal and stop the current executions. This behavior is not desired if you use it in a shell ((if you have only one system php.ini for both cli and cgi or if htscanner is compiled statically). This release brings a new ini settings to solve this problem, stop_on_error.

The solution involves changing the htscanner setting to 0 instead of 1 to return a "SUCCESS" message rather than the errors.

From this post on the Zend Developer Zone, we learn about an article over on the Sun Developer Network by Joe McCabe about installing PHP on a Sun Java System Web Server version 7.0.

un Java System Web Server is a mature, highly scalable, and secure web server that provides process redundancy, request scalability, and a wide range of application programming interfaces (APIs) to create and serve dynamic content. This document describes how to install and use PHP with Sun Java System Web Server (hereafter Web Server).

The tutorial is divided up into seven sections (including some reference material):

• Understanding PHP and Web Server
• Running the PHP Engine
• Installing the PHP Engine as a CGI Program
• Installing the PHP Engine as a FastCGI Server
• Installing the PHP Engine as an NSAPI Plugin
• Conclusion
• References

For each, there's plenty of code/configuration options to help clarify what needs to be set up no matter if you need the CGI version, FastCGI, or the NSAPI plugin up and running.

As Christian Wenz points out, there's some information in this blog entry about getting PHP up and running on IIS7 (RC1) for Windows.

Thanks to some small tweaks we made in RC1, it is now easier than EVER to get PHP working on IIS.

The method basically involves grabbing the latest PHP and installing it (including the php.ini file) and installing IIS7 with the ISAPI Extension component or CGI component. Then it's just a matter of setting up the right handler mapping. He provides screenshots of the process to help show you exactly where to go.