On 6/1/07, Polonkai Gergely <polesz@xxxxxxxxxxxxxx> wrote:
could you please suggest me which MPM module to use? I have about 10-15 active production sites, all with effectively low traffic. Some of them use php, others use perl for generating dynamic content. For PHP I'm currently using mod_php, but using PHP as CGI is an option if needed. In the future, I want to make this system a bit more secure, and so I decided to use different UIDs and GIDs for the different sites, so they cannot touch each others' files. Which MPM should I use to achieve this? I also thought it would be nice if the separate sites would use different chroots, but this is not necessary for me (or is it?).
No particular MPM supports this. If you only want to isolate cgi scripts, then you can simply use suexec. If you want complete isolation, you need to use multiple apache instances, as described here: http://wiki.apache.org/httpd/Recipes/Different_UserIDs_Using_Reverse_Proxy In either case, any MPM will do. The highest performance with the lowest resource use likely comes from worker or event. The best stability (in terms of resilience in the face of crashing scripts and avoidance of thread safety problems) comes from prefork. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|