RE: Use mod_perl2 in production environment?
> My job is it now to write a response to our customer and I want to have > some information from developers and/or users about the stability of > Apache2+mod_perl2+Unix and Apache1+mod_perl1+Win32. This is kinda comparing apples to oranges. mod_perl1+Apache1+Win32 is a single threaded environment. Apache can only accept one request at a time. Not a good idea for a production environment. If a server request takes a long time, everyone waits in line until that is complete. I would think that Apache1+mod_perl1+Unix is your most stable option. If you have to go with Win32, I would suggest going with Apache2+mod_perl2. Although it's technically not 100%, I've been using it for the past 4 months with no problems (YET!). Good Luck, Mike > -Original Message- > From: Tom Schindl [mailto:[EMAIL PROTECTED] > Sent: Friday, June 13, 2003 3:30 AM > To: modperl > Subject: Use mod_perl2 in production environment? > > > Hi guys, > > within the next 2 months I have to create an webapplication from scratch > using mod_perl for a customer. > > The customer wanted to host the application at his provider which > refuses the installation of Apache2+mod_perl2 because he considers them > to be Beta-Software whereas he considers Apache1+mod_perl1 under Win32 > to be stable. > > > thx > > Tom >
security with mod_perl
I have a local hosting provider who has mod_perl installed on the server, but will not enable it for security reasons. After doing some digging on the mod_perl site and thinking about how many ways a renegade mod_perl program could bring down a site (large modules using a lot of memory means larger httpd process, consumes memory, hurts performance, etc.). I couldn't find any documentation on how a host *could* provide mod_perl and do it in a way that would be safe for his server and usable for a client. Maybe some way to restrict memory space or something? One problem I see is that Stat::INC would need to be enabled for everything (at least in the clients sandbox). I guess performance-wise, this would still be way better than straight CGI. Thanks for any help. If there is an "M" out there for this, please tell me to "RTF"! I looked into some of the sites listed on the mod_perl providers page on perl.apache.org. However, most of these sites are $99+ per month. My lowly non-profit clients can't afford this much $. I'm debating getting a bunch of non-profits together and do a dedicated server, but I'd rather not do that unless I have to. Thanks, Mike Zelina
how to make sure code wasn't changed
OK... I have a system I've developed for a client that is now on a central server. They would like me to make changes so it can be installed on the laptops of users to use off site if necessary. Here's my question: has anyone setup a clever way, possibly using CRC/MD5 analysis, to check to make sure code hasn't been changed? I don't care if someone steals it or gives it to their friends, but I don't want the code to yield results if it's been modified - either intentionally or on accident - because it could give false results. These are sales guys machines which (no offense to any sales people lurking on this list) means anything can and probably will happen. I realize that someone could circumvent a CRC check just by changing the CRC check number, but I'm not worried... if they are that clever kudos to them. Another option is maybe to use IndigoPerl's perl2exe and make the perl script .exe files... however, then I lose the mod_perl benefits. This may not be a big deal since only one person will be running at a time and performance shouldn't be a huge issue. Just curious if anyone has done something like this before... Thanks, Mike
