Re: apache-perl vs. libapache-mod-ssl

To: debian-user@lists.debian.org
Subject: Re: apache-perl vs. libapache-mod-ssl
From: will trillich <will@serensoft.com>
Date: Mon, 10 Sep 2001 22:54:36 -0500
Message-id: <[🔎] 20010910225436.D649@serensoft.com>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20010910182622.I15723@micromuse.com>; from nnorman@micromuse.com on Mon, Sep 10, 2001 at 06:26:22PM -0500
References: <[🔎] 20010910162210.A32285@serensoft.com> <[🔎] 20010910182622.I15723@micromuse.com>

On Mon, Sep 10, 2001 at 06:26:22PM -0500, Nathan E Norman wrote:
> On Mon, Sep 10, 2001 at 04:22:11PM -0500, will trillich wrote:
> > 	i have mod_perl working like a dream -- and i'd like to add
> > 	mod_ssl, so:
> [ snip ]
> 
> Welcome to the wonderful world of apache-perl vs. libapache-mod-ssl.
> After beating my head against this a few times I decided to trash
> apache-perl and just use apache with modules.  Since I made that
> decision I've been a lot happier.

i suspected that this would be my case, too. bite the bullet, i
suppose...

> I find the default apache configs to be abominable; I hack them up
> quite a bit :) (sorry Johnie).  For example, I run all my virtual
> hosts out of VirtualHost stanzas; I keep the global configuration to a
> minimum.

i agree. i always step through them and ditch what we don't need,
and wrap dependent statements into their requisite <IfModule...>
sections so we can turn features on and off for quick testing and
debugging. (if'n yer asks me, i think the off-the-shelf configs
should have all mod-dependent statements so wrapped. but i'm new
at this... )

> I know that's not the answer you wanted to hear, but if you're
> interested in going this route and want to peek at my configs let me
> know.

if you can, that'd be great. i was originally running apache
(deb) with mod_perl as a *.so, and 'upgraded' for reasons i can't
recall. unless there's a major difference between apache.deb with
mod_perl dynamically linked, compared to apache-perl with static
link-in, i may as well get back to it...

--

how about this idea -- a firewall-resident lightweight apache
with ssl, that forwards requests to the real backend server
that's laden down with mod_perl muscle. i'm hoping to have :443
and :80 (secure and open) all look alike and be configured with
one main config file (HTML::Mason in particular -- it'd be awful
to have to split the software between secure and insecure
areas).

	'net     firewall box        backend server

	http --> 11.22.33.44:80 ---> 192.168.10.20:80
	         apache              apache/mod_perl

	https--> 11.22.33.44:443 --> 192.168.10.20:80
	         apache/mod_ssl      apache/mod_perl
	         verify certificate,
	         forward req to backend
	         server if all tests pass

is that hard to set up? (i've been looking at Stas Beckman's
wonderful perl.apache.org/guide and i can tell that if my brain
cells were a bit more evolved i'd probably understand how to do
what i want from what Stas has posted there. alas-- )

-- 
DEBIAN NEWBIE TIP #18 from Will Trillich <will@serensoft.com>
:
How do you DISABLE A NETWORK SERVICE? There are several ways
network services are made available: for inetd items, modify
/etc/inetd.conf and then "/etc/init.d/inetd restart". For
independently-running daemons, try "/etc/init.d/<daemon> stop"
(or to permanently zap them, "apt-get --purge remove <daemon>").

Also see http://newbieDoc.sourceForge.net/ ...

Reply to:

References:
- apache-perl vs. libapache-mod-ssl
  - From: will trillich <will@serensoft.com>
- Re: apache-perl vs. libapache-mod-ssl
  - From: Nathan E Norman <nnorman@micromuse.com>

Prev by Date: potato: port forwarding question--
Next by Date: Re: [TriLUG] Re: Typing umlauts on an english keyboard
Previous by thread: Re: apache-perl vs. libapache-mod-ssl
Next by thread: How
Index(es):
- Date
- Thread