Comments on: open_basedir will slow you down – security vs. speed http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed Cake and cookies by Jippi Fri, 06 Nov 2009 19:47:42 +0000 hourly 1 http://wordpress.org/?v=3.0 By: Laatste Nieuws http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed/comment-page-1#comment-9228 Laatste Nieuws Sun, 02 Aug 2009 04:42:08 +0000 http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed#comment-9228 Hi, I currently have got Apache+SysCP and would like to switch to lighty because of the performance issues. Any more hints you can tell me about? Otherwise maybe I'd set it up in a virtual Xen domain to test it first? Thanks a lot for the tip on php-cgi.ini file, I won't touch the settings too much there... Hi,
I currently have got Apache+SysCP and would like to switch to lighty because of the performance issues.
Any more hints you can tell me about? Otherwise maybe I’d set it up in a virtual Xen domain to test it first?

Thanks a lot for the tip on php-cgi.ini file, I won’t touch the settings too much there…

]]> By: Andrew http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed/comment-page-1#comment-3939 Andrew Tue, 20 Jan 2009 08:56:34 +0000 http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed#comment-3939 hello Jippi! nice ideas and interesting point of view. I'm interested in this kind of information on php work and will be so much glad to read new notes written by you. good job! have a nice day hello Jippi! nice ideas and interesting point of view. I’m interested in this kind of information on php work and will be so much glad to read new notes written by you. good job! have a nice day

]]> By: smsinvest.ru http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed/comment-page-1#comment-3878 smsinvest.ru Tue, 13 Jan 2009 21:24:59 +0000 http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed#comment-3878 Hello! I don't know how can disabled open_basedir affect webserver security but i had the same problem. Generating script took 10 seconds. After disabling open_basedir generating took only 1.2 sec., with cache enabled it is more quicker. :) Anybody knows that about security with open_basedir disabled ? Hello! I don’t know how can disabled open_basedir affect webserver security but i had the same problem. Generating script took 10 seconds. After disabling open_basedir generating took only 1.2 sec., with cache enabled it is more quicker. :) Anybody knows that about security with open_basedir disabled ?

]]> By: Oscar http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed/comment-page-1#comment-170 Oscar Mon, 21 Apr 2008 13:32:30 +0000 http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed#comment-170 Indeed, I got these results: - With open_basedir: Requests per second: 21.23 [#/sec] (mean) - Without open_basedir: Requests per second: 23.97 [#/sec] (mean) Indeed, I got these results:
– With open_basedir: Requests per second: 21.23 [#/sec] (mean)
– Without open_basedir: Requests per second: 23.97 [#/sec] (mean)

]]> By: Oscar http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed/comment-page-1#comment-169 Oscar Mon, 21 Apr 2008 13:00:27 +0000 http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed#comment-169 Will make benchmarks myself regarding this, thanks. Also, have you checked this method for securing FastCGI and Lighttpd? http://trac.lighttpd.net/trac/wiki/HowToSetupFastCgiIndividualPermissions A bit messy to set up, but seems to be working really good (been running it for a couple of weeks now). Will make benchmarks myself regarding this, thanks.

Also, have you checked this method for securing FastCGI and Lighttpd?
http://trac.lighttpd.net/trac/wiki/HowToSetupFastCgiIndividualPermissions

A bit messy to set up, but seems to be working really good (been running it for a couple of weeks now).

]]> By: Nate Todd http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed/comment-page-1#comment-120 Nate Todd Tue, 25 Mar 2008 01:27:01 +0000 http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed#comment-120 Sorry, typo. The apache benchmark is "ab". Sorry, typo. The apache benchmark is “ab”.

]]> By: Nate Todd http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed/comment-page-1#comment-119 Nate Todd Mon, 24 Mar 2008 14:51:55 +0000 http://www.cakephp.nu/open_basedir-will-slow-you-down-security-vs-speed#comment-119 When making large changes in server config and code I routinely run a quick apache benchmark (ap -c 10 -t 30 http://foo) to catch performance killers like that. It may be considered premature optimization to some, but it helps to catch certain things before you go too far. For example, I loaded in a script that was doing a system call out to uname and it immediately dropped about 2 requests per second. Switching that over to php_uname brought that performance back. When making large changes in server config and code I routinely run a quick apache benchmark (ap -c 10 -t 30 http://foo) to catch performance killers like that. It may be considered premature optimization to some, but it helps to catch certain things before you go too far. For example, I loaded in a script that was doing a system call out to uname and it immediately dropped about 2 requests per second. Switching that over to php_uname brought that performance back.

]]>