Date: Mon, 20 Sep 2010 11:00:34 -0400 (EDT) From: doug@safeport.com To: freebsd-questions@freebsd.org Subject: Re: why is the PHP stuff line "off" by default in ports/lang/php5? Message-ID: <alpine.BSF.2.00.1009201025480.89612@fledge.watson.org> In-Reply-To: <AANLkTimh%2B_ZfUhBcjONGQFgfCsvFyqnDaKHvP6L=ar4Q@mail.gmail.com> References: <20100918114500.C20F41065761@hub.freebsd.org> <20100919194813.J11124@sola.nimnet.asn.au> <AANLkTimjA9mfCSWDV7vUUPAp2-ORqLxEsar5_CBW=E_d@mail.gmail.com> <4C971132.7060809@FreeBSD.org> <AANLkTimh%2B_ZfUhBcjONGQFgfCsvFyqnDaKHvP6L=ar4Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 20 Sep 2010, Rob Farmer wrote: > On Mon, Sep 20, 2010 at 00:45, Alex Dupre <ale@freebsd.org> wrote: >> This "issue" has been discussed too many times. The answer is simply >> "no", but you can search the archives for the actual reason. You have to >> comile the module for your specific apache installation. >> >> -- >> Alex Dupre >> > > If you can't be bothered to give the "actual reason," then why even reply? > > I have searched the archives. Unfortunately, there are so many > messages revolving around how to set up php, secure it, etc. that it > becomes difficult to find anything relevant. The only thing I came > across was a thread from 2007 about how this is "more like a personal > preference than engineering as such"[1] and "its just one of those > things that you learn to live with after a while."[2] > > [1] http://lists.freebsd.org/pipermail/freebsd-questions/2007-June/151399.html > [2] http://lists.freebsd.org/pipermail/freebsd-questions/2007-June/151384.html I think that response was not all that unreasonable. I 'remember' the topic in general. My questions archive has > 80,000 messages. Most [all??] of the ones relating to this issue probably do not address that in the subject line and are thus lost [to me]. That said the following reasons come to mind: 1) security - google + security + php = 9.7 million hits Probably enough said. But if I do not have php installed why should I have to prune it from apache or worry about the subset of the 9.7 hits that relate to my server[s]. 2) apache builds w/o php, and should php4, php5, or php6 be included by default? The base apache httpd.conf file requires several statement to support php, they should not have to be removed if php is not installed. Having the base of any port install other packages/ports that are not required breaks the requirements/dependencies that are the heart of the ports system. 3) I think (proof left to the reader) there is an apache/php package. 4) My own opinion of best admin practices generally follows, if you don't need it, don't install it. If you build/install something like wordpress that requires both php and apache, the correct thing is done. Usually even the required directives are added to httpd.conf. The original question does not say if a port management system was used to upgrade apache. If that was the case, perhaps one could argue apache was not updated properly. Even in that case, I would argue that the bug [if any] lies with the port management system.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1009201025480.89612>