walterbyrd wrote: > The point is: PHP framework makers are very considerate of the > realities of shared hosting.
I think the opposite is true: PHP applications typically ignore the realities of shared hosting in order to be considerate to non-developers (that is to say, "users"). In particular, security in a shared hosting environment is almost always discarded. Consider a PHP-based CMS that allows users to upload files. Because the application runs as the webserver user, uploaded files, and the directory where they reside, must be accessible and writable by that user. It is the same user that any other hosting customer on that machine has access to. Thus, any user on the shared host could write a quick CGI script that accesses, adds, removes, or defaces your uploaded content. While it is true that PHP can be deployed through fastcgi/suexec to avoid this problem, doing so is just as complicated as deploying python applications through fastcgi. Deploying python applications through mod_python suffers the same drawbacks on a shared host that using mod_php does, but it is quite simple to set up: 3 lines or so in an .htaccess file is all that is required to get mod_python configured. Surely PHP developers need to write their own .htaccess files as well in most cases? On a related note, most PHP hosting providers offer only PHP4. While this is again fine for the typical PHP *user*, I would hope that PHP *developers* are looking primarily (if not exclusively) for PHP5 at this point. PHP5 providers are much rarer. All that said, I am sympathetic to your concerns, and am currently working hard to set up a commercial shared hosting environment that offers turn-key Django and Plone provisioning. Certainly, the automated, generic set-up won't suit everyone's fine-tuned requirements, but I agree that more hosts should think about providing a working default configuration for python frameworks. Jeffrey -- http://mail.python.org/mailman/listinfo/python-list
