On Mon, Aug 20, 2012 at 1:11 AM, Christoph Anton Mitterer <[email protected]> wrote: > This would have the advantages: > - All SAPIs share the same config, thus no surprises.
I am not sure it that's a good idea (even when I drop your mix of AddType and SetHandler). I'll try to come with something else which doesn't involve installing apache configuration files when install php5-cli package. > - No longer the need for manually configuring Apache with respect to PHP when > using CGI/FCGI That's simply not true. - You will have to configure Apache manually for CGI/FastCGI, because you can install mod_php along with php5-cgi - and having both serving PHP files would create just a mess. - For FastCGI using php5-cgi - you have to create a fastcgi wrapper, so again it needs manual configuration. - And FPM doesn't work with libapache2-mod-fcgid at all and needs libapache2-mod-fastcgi from non-free, so again manual intervention is required. > We can largely drop the special section about CGI from README.Debian Not much can be dropped. > I personally, would strongly recommend AGAINST also having the > Action/ScriptAlias directive there; > admins or package maintainers should place them in the <Directory> > definitions where this > is needed. I agree on that, but from different reasons (as documented in README.Debian) - the php5-cgi is webserver agnostic and we don't want it to conflict with libapache2-mod-php5(filter). > It's simply unclean and even dangerous to enable interpretation of PHP files > server-wide, as > it's now done by mod_php packages. Why? You keep pushing your opinions without giving any technical reason. Default Debian configuration is secure (it allows only files in /var/www to be accessed). > #Note: The following is a security measure to remove any possible mappings > that would also apply on “middle extensions” (for example “test.php.png”). > RemoveType php You keep repeating this, but Apache manual says: http://httpd.apache.org/docs/2.2/mod/mod_mime.html#multipleext > If more than one extension is given that maps onto the same type of > meta-information, then the one to the right will be used, except for > languages and content encodings. For example, if .gif maps to the MIME-type > image/gif and .html maps to the MIME-type text/html, then the file > welcome.gif.html will be associated with the MIME-type text/html. So either you or Apache manual is wrong. > <Files ?*.php> > AddType application/x-php php > </Files> Again you keep pushing Files vs FilesMatch, but did you do or see any performance tests. I would guess that processing the PHP file in most common scenarios would be much longer than the performance hit induced by using FilesMatch. I would rather have the configuration files simple to read than tuned to max performance. Compare: <FilesMatch ".+\.ph(p[345]?|tml|t)$"> SetHandler application/x-httpd-php </FilesMatch> <FilesMatch ".+\.phps$"> SetHandler application/x-httpd-php-source </FilesMatch> to <Files ?*.php> SetHandler application/x-httpd-php </Files> <Files ?*.pht> SetHandler application/x-httpd-php </Files> <Files ?*.php3> SetHandler application/x-httpd-php </Files> <Files ?*.php4> SetHandler application/x-httpd-php </Files> <Files ?*.php5> SetHandler application/x-httpd-php </Files> <Files ?*.phtml> SetHandler application/x-httpd-php </Files> <Files ?*.phps> SetHandler application/x-httpd-php-source </Files> The FilesMatch form is much simpler to read and modify en masse. -- Ondřej Surý <[email protected]> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
