[thelist] PHP Perl Apache security
Keith
cache at dowebscentral.com
Sun Jul 20 16:35:24 CDT 2003
At 08:57 AM Sunday 7/20/2003, Ari wrote:
>The mod_proxy scenario:
>
>You run a separate copy of apache for each vhost (at least each that
>need it), with a different User directive ....
>Then, you set up mod_proxy on the /main/ instance of Apache to map each
>user's URL-space into the other instance of apache, running on another
Correct me if I misunderstand, but it looks like you are describing a hack
to accomplish Apache2's perchild MPM. How does it differ, not so much in
details but in things like resources.
RAM, because of Linux >= 2.0's memory handling. If you set apache to
>only prefork a few daemons per user (adjust as their site load grows),
>you don't end up too badly off, resource-wise. It's probably lighter
Apache2's perchild /seems/ to require 8 daemons per user that all run on
bootup. And the number allocated per user is not done dynamically. That
scenario seems to guarantee that there will always be some wasted resources
for most vhosts, while others will be under strain until a human intervenes.
This looks like it might be OK for a clean box, but what problems can be
anticipated if this is a conversion on a box with hundreds of VHosts?
Keith
====================
cache at dowebscentral.com
More information about the thelist
mailing list