On 2014-12-29, T. Ribbrock <emga...@gmx.net> wrote: > Given the current state of development in OpenBSD, I'm now wondering > what the best way forward is for me: > > a) Install apache-httpd-openbsd from ports and keep my configuration > basically as is > Advantage: Less work to get everything running - I've done OpenBSD > re-installs like that several times over the past years > Disadvantage: I guess that the new httpd will get a lot more > developer attention, so this does not seem the ideal option longterm, > but I could always migrate to httpd later, e.g. when upgrading to 5.7 > or (more likely) 5.8
apache-httpd-openbsd is a dead-end, it's not actively developed, ssl support is poor, third-party documentation relating to use of webapps with Apache has long since moved to Apache 2. It's mainly there to provide a quick migration path for existing OpenBSD users and to ease the pain in ports. > b) Migrate to nginx > This seems to be the least interesting option - not only do I have to > migrate now, but once more in the future, as nginx is also on the way > out (so, the same "developer attention" caveat applies as with > apache) This might be a reasonable choice, especially if the CMS you're looking at already documents how to use it with nginx. > c) Migrate to httpd > From what I've gathered so far from this list, this would basically > require me to switch to -current, as the 5.6 version is too fresh and > too many changes have happened since - or am I being pessimistic > here? I've never run -current before, hence, I'm a bit hesitant... Personally I don't think httpd is quite ready for use with a typical PHP-based CMS yet (including -current). Two big issues for this type of use: "clean urls" functionality in most CMS needs rewrite support which httpd doesn't have. httpd's fastcgi support passes every url matching a location block to the handler meaning there's no mitigation for the issue described in http://wiki.nginx.org/Pitfalls#Passing_Uncontrolled_Requests_to_PHP (which also affects naive nginx configurations). > I tend to go for a) because I do not want to migrate twice - but maybe > somebody else has some interesting points that I have not considered > yet? I'd appreciate the input! Another option is to migrate to apache 2, this tends to be quite well supported by webapp authors, though it's not very widely used in OpenBSD land. Or other servers like lighttpd are available. What would I choose? Depends on the particular webapp...
