module or cgi, how much should I care?
Looking into hosting for a fairly undemanding site with php, what are the limitations of a php cgi, as opposed to module? Some hosts (like the one familiar to WebmasterWorld) offer it as a cgi, a few others have it as an Apache module. Does it make a difference?
This is open to discussion, but I would personnally think that the module version would be faster. Other than that, it has the same functionalities.
Yes, I don't know specifics but the module version is definately what other php developers prefer...
Well, traditionally, CGI always launched a new process for each new request, which can be a resource hog, if there's a lot of traffic. On Unix (on some flavour of which you'd presumably be hosted), Apache 2.0 pre-emptively forks to provide processes that are ready to meet demand, and also features multiple threads running within those processes. The multiple threads thing is something that was previously a feature of the Windows version because the WierdOS was never very good at handling multiple processes, but it does add to the scalability of the server load (whilst the running of multiple processes generally adds stability: if one process fall over, the site itself doesn't die).
Your own needs may be small, but since a single serve can actually host dozens of different sites, and any host is unlikely to give you your very own Cobalt blade all to yourself, you may want to think about the load that the actual machine is likely to be running.
I'd also suggest that any host running PHP as CGI rather than mod, is either a fairly conservative organisation, or just not up to speed with how best to use their own hardware. Just my 2 Flanian Pobble beads :)! If someone thinks what I've written is wrong or misleading, do shout me down.
I don't think we're much for shouting around here.
I go for as a module, when we did this everything sped up noticably.
By the way,
search in the other forums like Webmaster General and the like for recommendations. That's how I ended up with aletia, which is fine for my use, but perhaps not for a high-traffic site (I don't know). Great features. All hosts get a lot of complaints and most cheap hosts get more complaints, but no hosts get no complaints. Aletia gets a lot of complaints and a lot of happy customers. I'm one of the latter. There are *many* others that are also appropriate for misers like me. Just pick one and try it for a while.
Generally speaking, I would say there are many considerations more important than the CGI/module consideration. If it's a shared hosting solution, overall server load may be more important than how PHP is running.
My advice for someone who doesn't have a lot of cash riding on this:
- just pick a host and see if it works
- don't sign up for a long-term contract
- don't let your host handle your domain registration
This gives you flexibility to switch quickly if you have problems
I personally use mod_php on all my servers because,
- Fast. Unlike CGI, it does not spawn another process to serve the request, which everyone in the Un*x world knows is an expensive task. Not just forking and context switching, but also initialise the environment and PHP parser, etc.
- Persistent DB connection. It might not be that noticable using MySQL, but with other DB backend, making the connection is actually time consuming. PHP module provides a DB connection pool on each Apache process.
However, PHP module does have some problems. Sometimes the garbage collection is not working properly, and I end up have 20Mb Apache processes lying around. CGI version can also work with suexec so that your PHP scripts can run using your own user ID. It provides more security I guess because some sensitive data (password to the DB for example) does not have to be readable by other users.
I think all of this is more relevant for someone running his or her own server. In other words, if you're sharing a server, then I would guess that there are so many other factors that come in to play. You are comparing your server with mod_php vs with the cgi version. I think SmallTime needs to look at the whole picture and that this is likely to be one of the less important decision factors.
Anyway, there used to also be some security vulnerabilities that existed only in the CGI module too, but I think this is mostly fixed, isn't it?