24.07.2008

Disadvantages and big advantages of php in fastcgi mode

Disadvantages and big advantages of php in fastcgi mode

In this article, we’ll talk about php hosting for a simple user and why it’s better to choose hosting with php running in cgi / fastcgi mode, despite some disadvantages of php cgi-mode. We do not consider the performance of this solution, since the hoster should take care of the performance.

Choosing php hosting

So, what does a regular user pay attention when choosing a php hosting? Of course, it is necessary that all functions in php work and safe_mode and open_basedir modes are not enabled. But, unfortunately, there are no such completely ideal cases on hosting, and if there is, it is better, paradoxically, not to take hosting there.

You may ask, why so?

Everything is quite simple - such a completely ideal case can only be if mod_php is used on the hosting when all functions are turned on and safe_mode and open_basedir are turned off.

And what's wrong with that?

In this case, another problem arises - if php works like mod_php, then all the scripts of all hosting users work from the apache user and any hosting user can read any file from their server neighbors with php scripts, for example, with a function like fopen and similar functions opening and reading files, which when using well-known content management systems (CMS) can be quite fatal - guessing which file they are in and reading passwords to mysql databases will be quite simple.

You can say - but how is it, because hosters are not stupid, there have to be ways to limit users when using mod_php?

Yes, of course, there are such methods - safe_mode, open_basedir, disabling the operation of "dangerous" functions like fopen () or installing special modules on apache, which make user scripts work not from the apache user, but from users. But, unfortunately, these methods have huge drawbacks - disabling the "dangerous" functions, safe_mode, open_basedir limit the user to use many CMS and scripts, and apache modules that allow scripts to work from hosting users (such as mpm-itk, mpm -peruser) have many problems, are not supported by apache developers and are kind of “hacks”, which limits their use on serious hosting servers.

PHP in CGI / FastCGI mode

But still there is a way out of this situation - you can use php in cgi / fastcgi mode. Then the scripts work with the rights of hosting users, they cannot read / run other neighbors scripts, that is, in this case the security is very high. Such modes of operation are supported by apache and php developers, so, such a solution is quite workable and well tested. But, of course, there are drawbacks to such a solution - in cgi / fastcgi mode, apache passes all requests to php scripts to the php interpreter, which already processes the script and gives an apache response. But apache does not pass all php headers, php flags (php_value, etc.) do not work in .htaccess, and mod_rewrite also does not work fully. But all these problems can be solved - when using php in cgi mode, it is usually possible to edit your own php.ini, which the php interpreter will use instead of the server one.

The priority of choice is, of course, before the user, but he should not recklessly “firsthand” decide what he needs, but he must understand that the hosting cannot do everything so perfectly that security is at its best and absolutely all scripts work that they work in tests on the localhost, since the localhost is not a real hosting account and the hoster on its server must provide not only the operation of your sites on the account, but also think about the fact that users on this server could not create any problems for their neighbors.

Latest news

Discount on all Ukrainian domains until 10/21/2022!
14.10.2022
Discount on all Ukrainian domains until 10/21/2022!
Dear users! For a whole week -15% discount for registration of all Ukrainian domains using the promo code defendersday22!
Increase in price of a number of Ukrainian domains UA ccTLD!
28.09.2022
Increase in price of a number of Ukrainian domains UA ccTLD!
Dear users! From October 1, 2022, we are waiting for a rise in price in a number of Ukrainian domains - in.ua, od.ua, mk.ua!
Important changes in some Ukrainian domains!
09.03.2022
Important changes in some Ukrainian domains!
Dear users! In some Ukrainian domain zones, the Redemption period for domains has been increased from 30 to 60 days.
Rise in price of dedicated IPv4 in Germany!
09.08.2021
Rise in price of dedicated IPv4 in Germany!
Dear users! In Germany, additional dedicated IP addresses (IPv4) and IP networks have risen significantly.

Latest Blog Posts

New virus Coronavirus (COVID-19) and cyber fraud on the Internet
02.03.2020
New virus Coronavirus (COVID-19) and cyber fraud on the Internet
The panic surrounding the coronavirus COVID-19 is used by cyber fraudsters on the Internet - phishing, selling masks, vaccines and tests.
Mail is not sent - check if the internet provider is blocking port 25
11.01.2020
Mail is not sent - check if the internet provider is blocking port 25
How to check if provider is blocking port 25 using the command line in Windows. How to send mail if port 25 is blocked.
How to install Clam AntiVirus (ClamAV) on a VPS or server with CentOS
11.11.2019
How to install Clam AntiVirus (ClamAV) on a VPS or server with CentOS
Install Clam AntiVirus (ClamAV) on VPS / VDS or a dedicated server with CentOS OS and configure daily server scan.
ISPmanager no longer supports backup to Yandex.Disk
20.10.2019
ISPmanager no longer supports backup to Yandex.Disk
Within a week, Yandex.Disk will disappear from the list of backup storage in the ISPmanager panel and other ISPsystem products.