mod_rails aka mod_rack aka mod_ruby
strangepics at gmail.com
Thu Jun 12 22:09:56 MSD 2008
On Thu, Jun 12, 2008 at 4:24 AM, Manlio Perillo
<manlio_perillo at libero.it> wrote:
> This can not be generalized.
Of course it can. There are bad designs, and there good designs.
Apache's mod_* is an example of bad design from the viewpoint of
security and reliability. The modules are loaded into the web server.
If one of the modules is compromised or buggy the whole system is
compromised or buggy. Also large amounts of RAM need to be used for
all the mod_*. Also the security boundaries cannot be set between
modules because they're just one process. The analogy can be made
between Sendmail and qmail. Sendmail is monolithic and not modular.
qmail is modular. Look how many exploits Sendmail had... Sendmail is
also slow and hard to administer.
> The main problem is that separating the main server from the application
> server means that you need to implement another server!
Yes, and that's GOOD - modular design.
> Implementing a robust/scalable/efficient server is not an easy task, so
> using mod_whatever is the best solution (assuming, of course, that the
> application is designed to taking advantage of being embedded in a server).
It's not, you are just hung up on this idea for some reason. I think
you may be thinking that mod_* is MUCH faster, while in reality it's
not that much faster. If you weigh benefits vs. risks it's not worth
it. Web servers are web servers, and applications are applications.
This is also the original UNIX mantra (many little programs each doing
its specific little purpose) that Apache and Sendmail do not follow.
More information about the nginx