At 01:53 PM 11/18/2004, Nathanael Noblet wrote: >On Nov 18, 2004, at 11:43 AM, Graham Leggett wrote: > >>I've been keen to do some digging for reasons why someone might need to >>install httpd v1.3 instead of v2.0 or later. > >I think there is still a thought that php isn't mature on 2.x. (I'm using it) >But some people, notably the php folks last I saw. Suggested 1.3 as the stable >production server to use instead of 2.x
Let's not lose sight of the root of this problem. In order to properly write php4apache2filter - we needed PHP's engine to allow us to push the script, IIRC... at that time Zend only offered us pull-based file handling. Instead of a real solution, this 'filter' simply assumed there was a file bucket, sucked the fd and passed that to zend. It was no filter, and it often did not work at all when the content had been parsed. Sooo... php4apache2handler was born, which solved this whole hassle by being a handler-only module. And then PHP5 was born, and now has the hooks we needed in the first place to create a PHP filter module. Fun weekend warrior project if someone wants to spend the cycles in the php5 tree. Understand that the handler works -just-fine- and with prefork there was never an issue with thread-unsafe libraries. But the project's docs continue to promulgate the FUD. Last I looked the regression rate (folks adopting 2.0 and then reverting to 1.3) is quite low, within the margin of error for most mixed-server load balanced servers: http://www.securityspace.com/s_survey/data/man.200410/srvch.html?server=Apache&revision=Apache%2F2.0.51 (substitute whichever sub-version 1.3 or 2.0 you like.) Also notice a much higher percentage adopt the latest and greatest 2.0.x release when announced than those who adopt the latest and greatest 1.3.x release. So as others noted, a large percentage of this imbalance is probably explained by bundled distros. The overall adoption is actually reasonably impressive; 4.51% are using IIS 6, roughly 9.66% (forgive rounding errors) are using a fairly stock 2.0 (not renamed), while 13.5% don't admit their version of Apache at all. Dollars to donuts, those 2.0 users are very actively aware of their installed servers and more likely to disable the version tag than those using an stock, OS distribution flavor of version 1.3. And for fun... http://www.securityspace.com/s_survey/data/man.200410/srvch.html?server=Apache&revision=Apache indicates about 3/4% of our users per month are dropping their version from our server string. It makes an interesting graph; http://www.securityspace.com/s_survey/server_graph.html?type=http&domaindir=&month=200410&serv1=QXBhY2hl Bill
