On Mon, Dec 29, 2014 at 10:41:26PM +0000, Stuart Henderson wrote: > On 2014-12-29, T. Ribbrock <emga...@gmx.net> wrote: > > Given the current state of development in OpenBSD, I'm now wondering > > what the best way forward is for me: > > > > a) Install apache-httpd-openbsd from ports and keep my configuration > > basically as is > > Advantage: Less work to get everything running - I've done OpenBSD > > re-installs like that several times over the past years > > Disadvantage: I guess that the new httpd will get a lot more > > developer attention, so this does not seem the ideal option longterm, > > but I could always migrate to httpd later, e.g. when upgrading to 5.7 > > or (more likely) 5.8 > > apache-httpd-openbsd is a dead-end, it's not actively developed, ssl > support is poor, third-party documentation relating to use of webapps > with Apache has long since moved to Apache 2. It's mainly there to > provide a quick migration path for existing OpenBSD users and to > ease the pain in ports. > > > b) Migrate to nginx > > This seems to be the least interesting option - not only do I have to > > migrate now, but once more in the future, as nginx is also on the way > > out (so, the same "developer attention" caveat applies as with > > apache) > > This might be a reasonable choice, especially if the CMS you're looking > at already documents how to use it with nginx. > > > c) Migrate to httpd > > From what I've gathered so far from this list, this would basically > > require me to switch to -current, as the 5.6 version is too fresh and > > too many changes have happened since - or am I being pessimistic > > here? I've never run -current before, hence, I'm a bit hesitant... > > Personally I don't think httpd is quite ready for use with a typical > PHP-based CMS yet (including -current). Two big issues for this type > of use: "clean urls" functionality in most CMS needs rewrite support > which httpd doesn't have. httpd's fastcgi support passes every url > matching a location block to the handler meaning there's no mitigation > for the issue described in > http://wiki.nginx.org/Pitfalls#Passing_Uncontrolled_Requests_to_PHP > (which also affects naive nginx configurations). >
Yep. Lack of a "mod_rewrite" functionality in httpd is the only thing at this point keeping me from using it in production. MVC frameworks usually rely on some sort of rewrite to force URLs to a signle "front controller" file. I went with the OP's option a) and installed the apache 1 port just to get through the 5.6 upgrade. I'll likely switch to nginx long term unless httpd gets a rewrite functionality. Big thanks for the apache-httpd-openbsd option to make these migrations easier to phase in over time on busy sites. -Clint
