speed and power

take a look at these as well
Security
Installed as CGI binary [ca.php.net]
Installed as an Apache module [ca.php.net]

You have a lot more options with a fair number of functions and configuration in general if it is run as a module.

given that on the php site they often refer to installation this way

PHP can be used on all major operating systems, including Linux, many Unix variants (including HP-UX, Solaris and OpenBSD), Microsoft Windows, Mac OS X, RISC OS, and probably others. PHP has also support for most of the web servers today. This includes Apache, Microsoft Internet Information Server, Personal Web Server, Netscape and iPlanet servers, Oreilly Website Pro server, Caudium, Xitami, OmniHTTPd, and many others. For the majority of the servers PHP has a module, for the others supporting the CGI standard, PHP can work as a CGI processor.

cgi would be the last option, if you can't install it as a module.

Personally, if I have the option, I would never install php as cgi. In the hundreds of sites I have worked with only 1 has been set up this way and that was a few years ago.

speed and power

There is still the option of FastCGI, which from what I have heard is about as fast as PHP as a module.

cgi by any other name is still..

cgi

;)

Personally I stay with module creation, and watch my code on security issues. I feel that if I'm relying on a particular setup to give my code the proper security level, then I'm looking for a cyber-black-eye.

The reason I stay with module is that most ISP's I work with, don't install PHP as a CGI option, so it is usless to the customer to design it that way. FastCGI is cool, but so is compiled PHP from a module install (which then passes FastCGI once again .. IME).

webadept --out

Thanks for the info all, and particularly for the security links.

I'm just getting my feet wet with php so info like this is very useful.