2

In a setup where you use Apache for PHP / Python scripts and lighttpd for static files, but only one listens on the outside IP address and acts as a proxy to the other listening on the loopback interface, which should be which, why, and does it matter?

Hanno Fietz
  • 992
  • 2
  • 11
  • 23

2 Answers2

8

The lighter of the two (lighttp) should be the proxy, only bothering the heavier Apache for action when a script needs running.

Unleas of course requests for static files are rare, but in that case you don't want to split the jobs between too servers anyway as you are overcomplicating things.

As an alternative have you considered running lighttp only with php and python running as FastCGI processes? While PHP as a module can be a little quicker than FCGI the difference may not be worth the hassle of running two servers and may be negated completely anyway by the proxy arrangement.

Another alternative is to have the static content served from another IP address if the server can have a second assigned, then neither set of requests need be run through a proxy. You could use a different port on the same address too, though there is a chance some of your viewers might have trouble there if they are behind very strict firewalls that won't allow the non-port-80 traffic through.

David Spillett
  • 22,534
  • 42
  • 66
  • +1 i'd just replace lighttpd with nginx for greater performance and stability. also, nginx is first a loadbalancer, and only second a (wicked fast) http server. – Javier Jul 02 '09 at 17:32
-2

If this is on the same server, you should not install more then one HTTP server. You just enable the Apache server to listen on the outside IP adress :-)

Installing two HTTP servers on one machine is pretty pointless. If this were a two server setup, then it would be a good idea so that the backend machine is less vulnerable to attacks from the Internet.

Antoine Benkemoun
  • 7,314
  • 3
  • 41
  • 60
  • 1
    I beg to differ. I admin a machine with Varnish (a reverse caching proxy) as the front end. I also have pound handling https requests (since they can't be cached anyway) so apache doesn't need to worry about encryption. On the back end, I have apache and nginx for the static content (any URL not involving a PHP script). Both listen to non-standard ports and only allow connections from the IP of the server itself, so nobody can bypass the proxy. (I'd normally bind apache and nginx to locahost, but they reside in a FreeBSD jail which doesn't support localhost.) It really works quite well. – Geoff Fritz Jul 02 '09 at 16:56
  • The scenario I'm outlining seems to be quite a typical way to improve scalbility. It makes a lot of sense to me, because you assign different tasks (dynamic and static content) to different programs who are especially good at it. – Hanno Fietz Jul 02 '09 at 18:13
  • Answer couldn't be more wrong. Running Apache behind nginx/lighttpd and proxying to it for dynamic content is becoming a popular way of getting significantly better performance out of a single server. – ceejayoz Jul 03 '09 at 01:00