So I'm setting up a new web server. It need to be secure (no user A spying in user B's files). It needs to run PHP. Yes, you may run away now. Oh yes, it also needs to be fast...
So how to do that? I'm not going to run Apache+mod_php on the thing. :-/
I've started with Apache2, FastCGI, PHP via FCGI, installed eaccelerator for 60% speed-up.
All of this works reasonably well, except for PHP scripts that want PATH_INFO (like http://.../blog.php/2005/12/03/some_random_gunk
). mod_fcgi passes the whole thing's pseudo file system path in PATH_TRANSLATED. The PHP FCGI process checks that path, sees that it doesn't exist (blog.php is a file after all), and immediately returns an unhelpful error.
I've worked around that thing with an ugly hack
, but I suspect that the real fix would be to add this same hack to PHP instead.
Opinions, anybody? NB
: Oh, and if somebody could tell me why my mysql server's kernel randomly ignores incoming TCP connections for a few seconds every minute (and yes, it's the kernel), I'd be grateful. I suspect that the solution is going to be "upgrade to something newer than 2.6.12-9-686-smp (Ubuntu Breezy's kernel)"... :-/
NB2: There's also a mod_fcgid for Apache2. Hint: It's crap -- if all FCGI processes happen to be busy, I want new requests to be delayed
. I do not
want them to be rejected with a terse, hard-coded error message.