Ikonboard » Printable Version of Topic

Forum: Geek Forum
Topic: Apache + ASP = heaven.
started by: damien_s_lucifer

Posted by damien_s_lucifer on Aug. 03 2001,03:42

I just installed < mod_perl > and < Apache::ASP > on my linux box0r.

This means that IIS - Internet Intruder Services - will soon be out of my life forever

This message has been edited by damien_s_lucifer on August 03, 2001 at 10:43 PM

Posted by MattimeoZ80 on Aug. 03 2001,23:33

asp is microsofts gay server side programming language that they only make for iis. php has been able to do everthing i need, and when you pair it with mysql who needs asp/sql server?

Posted by DeadAnztac on Aug. 04 2001,03:51

That's what I do man. I write a class for interactions with the MySQL dB, then everythings insanely simple from there.

------------------
~Anztac [ I'm just this guy, you know? ]

Posted by DeadAnztac on Aug. 04 2001,05:15

I have a question, what's ASP like when you compare it to, say < PHP >? I've always wondered. I personally know PHP (I'de say) very well. So I'm just curious what makes alot of people use ASP.
------------------
~Anztac [ I'm just this guy, you know? ]

This message has been edited by DeadAnztac on August 04, 2001 at 12:16 PM

Posted by incubus on Aug. 04 2001,05:33

I tried to get apache asp to work about a year ago. it was a nightmare. has it got any better?

Anztac: a lot of ms products use it.

------------------
-- incubus
As I chase the leaves like the words I never find ...

Posted by damien_s_lucifer on Aug. 05 2001,01:49

anztac, if you already have PHP installed and know it well, there is probably little reason to move to Apache::ASP. The big reason for me is that with Apache::ASP I can write server-side scripts in Perl & use my exisiting Perl libraries. Also, I have a lot of pages that currently run under IIS (no, I didn't design them. I have never and will never used IIS on a project of my own). I need a way to easily port these pages to Linux + Apache.

The big difference between ASP and PHP is that ASP isn't a language. It's just a way to tell the server what parts of a document are code and what parts are HTML. It allows different languages to be used (at least on M$ platforms) and adds a basic API for working with the Web server.

incubus, the hardest part of getting Apache::ASP to work is getting mod_perl installed - they don't make it very clear in the documentation that mod_perl needs to be compiled into Apache for it to work. But once it's properly installed any Perl scripts that you have haul ass - my lil' Graffiti Wall script went from a 5 second response time to virtually none. mod_perl is worth it even without ASP

This message has been edited by damien_s_lucifer on August 05, 2001 at 08:53 PM

Posted by RenegadeSnark on Aug. 05 2001,08:54

Hah. Right now, web server engineers are facing one hell of a challenge - security in multi-user environments with server side modules like PHP or mod_perl. Here's what I mean:

If I write a standard cgi script, I can set the permissions for that script in such a manner that no-one can read it or execute it but my own username, and that's ok, because apache has su_exec. I'd want to do this because things like mysql passwords could be contained in the script.

If I write a PHP script, though, Apache doesn't start a separate process to manage each PHP script. This is a problem because you cannot chroot() or setuid(). Thus, PHP scripts run as <insert your apache username>. Thus, if I'm on an ISP, I can write a PHP script to read fred's Mysql password out of his PHP script.

There is a minimal solution to the problem -- php Safe mode -- but that seems to need quite a bit of work before I call it industrial grade.

mod_perl will increase performance of software execution a lot at the cost of the standard security model. Makes me wish there was a better way to start "jail threads" - since mod_perl just leaves a bunch of perl interpreters laying around for all of the scripts, it could be done in a jail thread that was chrooted and setuid'd.

Posted by DeadAnztac on Aug. 05 2001,19:17

Thanks Damien, didn't know that =)

------------------
~Anztac [ I'm just this guy, you know? ]