Share via

Interesting Warning about PHP and Apache 2.0

  • Article

Excerpt from the PHP Manual:

Warning
Do not use Apache 2.0 and PHP in a production environment neither on Unix nor on Windows.

No comment…

Comments

  • Anonymous
    March 23, 2004
    Play nice now...
  • Anonymous
    March 23, 2004
    Well, what's that all about?
  • Anonymous
    March 23, 2004

    Reading the PHP manual? Thinking of jumping? ;)
  • Anonymous
    March 23, 2004
    Senkwe: I think Apache 2 was officially released in the middle of the PHP4 QA cycle.
  • Anonymous
    March 23, 2004
    Don't make me mention stuff about IIS/Windows instability :).

    If you dont like the warning, just sit down and make the php support for apache 2 stable.
  • Anonymous
    March 23, 2004
    well, at least they tell it and don't let you fall in the trap ;-) i set up php & apache 2 easily and it works great.. so the pronunciation is on "production environment"..
  • Anonymous
    March 23, 2004
    I would like to point out that IIS 6.0/Windows 2003 has an extremely good track record in terms of stability and security. You should acknowledge that at the time of this writing there are 0 (zero!) vulnerabilities for IIS 6.0 (released April 03). You probably know that other web servers had quite a number of vulnerabilities in the same timeframe.
  • Anonymous
    March 23, 2004
    Um, of course not everyone uses IIS 6 :-). I can tell on IIS 6/Windows 2003 stability, and I agree with you.

    Also note that the bugs revealed in Apache, it’s because of its open source nature and more third-party programmers get to look at the source code, in conjunction serious vulnerabilities are found and corrected.
  • Anonymous
    March 23, 2004
    Meanwhile, Apache 1.3.x chugs away as the most successful server in existance and in combination with PHP4 creates a highly flexible, powerful and easy to use solution.
  • Anonymous
    March 23, 2004
    I think the post was just a "what on earth does this sentence mean" post.

    Not a comment on Apache and/or PHP.

    I've looked at the sentence for about 5 minutes and I've not yet figured out what it means. There are too many negatives in it to parse.

    Hmm.. Let's try.

    Do not use Apache 2.0 and PHP in a production environment neither on Unix nor on Windows

    NOT (use Apache 2.0 and PHP in a production environment NOT (on UNIX OR on WINDOWS))

    NOT (use Apache 2.0 and PHP in a production environment NOT on unix AND NOT on windows)

    use apache 2.0 and PHP in a production environment ON UNIX OR ON WINDOWS.

    So the sentence means that you should use Apache 2.0 and PHP on production machines on Unix or Windows. But I don't think that's what they intended.
  • Anonymous
    March 23, 2004
    Andreas, you claim that because of the "open source nature and more third-party programmers get to look at the source code, in conjunction serious vulnerabilities are found and corrected". I this that is a common misconception. I fact, I do not think you can back up your statement with any hard data. On the contrary, I claim that widely-used open sourced products suffer from as many or more security defects than comparable commercial products.
  • Anonymous
    March 23, 2004
    hi. All it means is that if you want to use mod_php (php through CGI is fine), you should use Apache 1.3 rather than Apache 2. I think there are threading issues with Apache 2 modules - the rewrite broke a lot of modules.

    Apache 1.3 is stable and fine, although Apache 2 is faster.

    Apache 2 is also fine for production use, just not in combination with mod_php. Hence if you want to use mod_php, use Apache 1.3

    What is your point? And what has this uncommented upon exerpt got to do with weblogs.asp.net

    Thanks
  • Anonymous
    March 23, 2004
    Larry Osterman's comment (http://blogs.msdn.com/beatsch/archive/2004/03/23/94430.aspx#94528) made me laugh out loud.