PHPDeveloper.org

Brian Moon's Blog: Apache Worker and PHP

Fri, 15 Feb 2008 08:43:00 -0600

In a recent post to his blog, Brian Moon talks about the experience he's had with using PHP on Apache 2 with a threaded MPM at Dealnews.com.

Well, first, what is an MPM? It stands for Multi-Processing Module. [...] The most commonly used threaded MPM is the Worker MPM. In this MPM, you have several processes that run multiple threads within it. This is the one I will be talking about.

He goes on to describe the "huge memory savings" that using the module got them - using the worker process to increase the child capacity of the Apache instance. He recommends keeping it simple when compiling a server to work with the worker functionality and mentions how it can also help with serving static pages right along side the dynamic ones (without a second server!).

Check out the post for a few more tips.

Robert Swarthout's Blog: PHP frontend to Subversion (SVN)

Thu, 01 Feb 2007 10:33:00 -0600

In a new post to his blog, Robert Swarthout about a PHP frontend he's been developing for working with Subversion repositories:

The frontend needed to be designed in such a way that each developer could access their working copies and make the full range of actions against them. I decided to also use an AJAX setup so that pages would be quickly loaded and updated by a single toggle of a folder.

A few issues popped up, including tracking edits correctly through the interface. His solution revolved around an Apache MPM that could serve different pages to different users and groups. With this solution in place, the functionality could be built up, a list of which he provides including:

create working copy from repository (svn checkout)
svn blame
svn delete
search files (via a grep/find combination, omitting .svn folders)
svn rename

Ben Ramsey's Blog: Peruser MPM for Apache

Thu, 01 Dec 2005 07:12:35 -0600

In his quest for a secure method of server-side security in addition to PHP, Ben Ramsey stumbled across Peruser MPM, an Apache security module, seemingly with PHP in mind. In this latest blog post he details what lead him there.

A while back, when I was doing some research for a talk on server-side security for PHP, I looked into various "secure" methods for setting up a server for multiple users. Despite my search, I couldn't find a simple and effective solution for managing a server with a large (and untrusted) user base (as is the case with many virtual hosting companies).

Sure, there's PHP's safe_mode, but its "safety" is misleading at best. There's also open_basedir, which helps a little, but it's not quite enough. For my research, I also looked at and tested mod_security, and the Hardened PHP Project's Hardening Patch.

Eventually, through this comment, he found Peruser MPM, a module that runs each Apache process with its own user/group combination. He notes a few issues that it still has (breaking mod_ssl and making Apache less scalable), but overall, it does sound pretty cool...