Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Brian Moon's Blog:
Apache Worker and PHP
Feb 15, 2008 @ 14:43:00

In a recent post to his blog, Brian Moon talks about the experience he's had with using PHP on Apache 2 with a threaded MPM at Dealnews.com.

Well, first, what is an MPM? It stands for Multi-Processing Module. [...] The most commonly used threaded MPM is the Worker MPM. In this MPM, you have several processes that run multiple threads within it. This is the one I will be talking about.

He goes on to describe the "huge memory savings" that using the module got them - using the worker process to increase the child capacity of the Apache instance. He recommends keeping it simple when compiling a server to work with the worker functionality and mentions how it can also help with serving static pages right along side the dynamic ones (without a second server!).

Check out the post for a few more tips.

tagged: apache worker mpm process static dynamic memory

Link:

Robert Swarthout's Blog:
PHP frontend to Subversion (SVN)
Feb 01, 2007 @ 16:33:00

In a new post to his blog, Robert Swarthout about a PHP frontend he's been developing for working with Subversion repositories:

The frontend needed to be designed in such a way that each developer could access their working copies and make the full range of actions against them. I decided to also use an AJAX setup so that pages would be quickly loaded and updated by a single toggle of a folder.

A few issues popped up, including tracking edits correctly through the interface. His solution revolved around an Apache MPM that could serve different pages to different users and groups. With this solution in place, the functionality could be built up, a list of which he provides including:

  • create working copy from repository (svn checkout)
  • svn blame
  • svn delete
  • search files (via a grep/find combination, omitting .svn folders)
  • svn rename

tagged: frontend subversion repository apache mpm ajax interface frontend subversion repository apache mpm ajax interface

Link:

Robert Swarthout's Blog:
PHP frontend to Subversion (SVN)
Feb 01, 2007 @ 16:33:00

In a new post to his blog, Robert Swarthout about a PHP frontend he's been developing for working with Subversion repositories:

The frontend needed to be designed in such a way that each developer could access their working copies and make the full range of actions against them. I decided to also use an AJAX setup so that pages would be quickly loaded and updated by a single toggle of a folder.

A few issues popped up, including tracking edits correctly through the interface. His solution revolved around an Apache MPM that could serve different pages to different users and groups. With this solution in place, the functionality could be built up, a list of which he provides including:

  • create working copy from repository (svn checkout)
  • svn blame
  • svn delete
  • search files (via a grep/find combination, omitting .svn folders)
  • svn rename

tagged: frontend subversion repository apache mpm ajax interface frontend subversion repository apache mpm ajax interface

Link:

Ben Ramsey's Blog:
Peruser MPM for Apache
Dec 01, 2005 @ 13:12:35

In his quest for a secure method of server-side security in addition to PHP, Ben Ramsey stumbled across Peruser MPM, an Apache security module, seemingly with PHP in mind. In this latest blog post he details what lead him there.

A while back, when I was doing some research for a talk on server-side security for PHP, I looked into various "secure" methods for setting up a server for multiple users. Despite my search, I couldn’t find a simple and effective solution for managing a server with a large (and untrusted) user base (as is the case with many virtual hosting companies).

Sure, there’s PHP’s safe_mode, but its "safety" is misleading at best. There’s also open_basedir, which helps a little, but it’s not quite enough. For my research, I also looked at and tested mod_security, and the Hardened PHP Project’s Hardening Patch.

Eventually, through this comment, he found Peruser MPM, a module that runs each Apache process with its own user/group combination. He notes a few issues that it still has (breaking mod_ssl and making Apache less scalable), but overall, it does sound pretty cool...

tagged: apache peruser MPM unique user group security apache peruser MPM unique user group security

Link:

Ben Ramsey's Blog:
Peruser MPM for Apache
Dec 01, 2005 @ 13:12:35

In his quest for a secure method of server-side security in addition to PHP, Ben Ramsey stumbled across Peruser MPM, an Apache security module, seemingly with PHP in mind. In this latest blog post he details what lead him there.

A while back, when I was doing some research for a talk on server-side security for PHP, I looked into various "secure" methods for setting up a server for multiple users. Despite my search, I couldn’t find a simple and effective solution for managing a server with a large (and untrusted) user base (as is the case with many virtual hosting companies).

Sure, there’s PHP’s safe_mode, but its "safety" is misleading at best. There’s also open_basedir, which helps a little, but it’s not quite enough. For my research, I also looked at and tested mod_security, and the Hardened PHP Project’s Hardening Patch.

Eventually, through this comment, he found Peruser MPM, a module that runs each Apache process with its own user/group combination. He notes a few issues that it still has (breaking mod_ssl and making Apache less scalable), but overall, it does sound pretty cool...

tagged: apache peruser MPM unique user group security apache peruser MPM unique user group security

Link:


Trending Topics: