99 | | PHP is working in CGI mode (suPHP is the same CGI with exception that php script is running under particular user). |
| 99 | PHP is working in CGI mode (suPHP is the same CGI with exception that php script is running under particular user). Server API in phpinfo() looks like this in this setup: |
| 100 | |
| 101 | [[Image(hssr-php-2-cgi.jpg)]] |
| 102 | |
| 103 | This is most inefficient setup, webserver have to load PHP interpreter each time, especially when small PHP files are executed - time overhead can be up to 2500% (25x time slower). Even worse that opcode cache extensions are not compatible with suPHP. |
| 104 | |
| 105 | This is used on shared hosting to separate users from each other, so it is considered to be safe on shared hosting environment. But when attacker get access to your server - access to all files is open, any file can be modified/removed in any folder, so it maybe more dangerous result in case of hack attempt. |
| 106 | |
| 107 | '''Advantages:''' |
| 108 | * all files are always handled under one owner, so you don't need to bother about files permissions |
| 109 | * PHP settings can be changed without web-server reload |
| 110 | |
| 111 | '''Disadvantages:''' |
| 112 | * slow |
| 113 | * opcode cache extensions are not supported |
| 114 | * insecure |
| 115 | |
| 116 | '''Conclusion:''' it is better to switch to another setup if you have VPS or dedicated server. If you are on shared hosting try to ask to move your account to another server with another setup. If you have no choice - try to lower number of accesses to webserver: you can do it by uninstalling the following modules in Dolphin (they make periodic lightweight request to web-server): messenger, simple messenger, spy and disable floating member menu. Or at least increase time between requests. |