"... the point being (when taken in context with the rest of this
paragraph), so many people complain that IIS is rubbish etc etc etc. but
that is 90% because they are rubbish etc. etc. etc. and don't actually
do any configuration of their server, IIS and so on. ;o)"
Personally, when I started out with web development back in the arse-end
of the twentieth century, I used to love IIS for just the reason Thomas
stated - "wow, a GUI? Isn't it pretty? And I can look like I know what
I'm doing when I really don't...."
But now, after several years of wrestling with web servers, I'm firmly
with the "IIS is rubbish" crowd, from my own painful personal
experience.
I've had no end of trouble with IIS over the years, from the constant
security holes and exploits making it almost a full-time job just to
keep the damn thing reasonably safe, to configuration being dropped and
sites disappearing for no apparent reason, to the inability to have any
confidence in backups, to the fact that it's totally insecure by default
and you have to sit down and work at a vanilla install for several hours
before anyone with an ounce of knowledge would dare make it public......
etc etc, you get the idea
With Apache, all config is done with text files, which means that it can
be easily backed-up, altered and re-applied by an automated release
process (e.g. an ANT script) or even by a CF script, or rolled back to a
previous version if you've made a mistake - and when it goes wrong
(which, in my experience, it virtually never has) you can easily look at
it and see EXACTLY what the software itself is seeing, in a
human-readable format. After a little practice, it's actually pretty
easy to debug. Admittedly, I haven't used IIS for a couple of years, so
it may have improved a little...
Also, if you develop and test on Apache for Windows, you can very easily
deploy a site on a UNIX or Windows platform without having to worry
about the web server config side of things.
Apache is by far the most commonly-used web server out there ( e.g.
http://www.securityspace.com/s_survey/data/200405/index.html
<http://www.securityspace.com/s_survey/data/200405/index.html> reckons
it has a 70% market share across 14 million servers ) and yet how many
security alerts do you hear about worms / viruses / DDOS attacks
targeting vulnerabilities in Apache? Now how many for IIS?
The prosecution rests, m'lud.... (or "your honour", for you Americans ;P
)
Alistair Davidson
Senior Technical Developer
Headshift.com
------------------------------------------
HEADSHIFT >> www.headshift.com <blocked::http://www.headshift.com/>
T: 020 7357 7358
------------------------------------------
smarter > simpler > social >
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
[Donations and Support]
- Re: Apache and CF Thomas Chiverton
- Re: Apache and CF Stephen Moretti (cfmaster)
- Re: Apache and CF Thomas Chiverton
- Re: Apache and CF Stephen Moretti (cfmaster)
- Re: Apache and CF Doug White
- Re: Apache and CF Dave Carabetta
- Re: Apache and CF Rick Root
- Re: Apache and CF Mark Drew
- RE: Apache and CF Barney Boisvert
- Re: Apache and CF Mark Drew
- Re: Apache and CF Alistair Davidson
- Re: Apache and CF Thomas Chiverton
- RE: Apache and CF Craig Dudley
- RE: Apache and CF Dave Watts
- Re: Apache and CF Brandon Harper
- CFX_FileReadLn Frank Priest
- Re: CFX_FileReadLn Dick Applebaum
- RE: CFX_FileReadLn Paul Vernon
- RE: CFX_FileReadLn Frank Priest
- RE: CFX_FileReadLn Frank Priest
- Re: CFX_FileReadLn Joe Rinehart