PHP the Module vs PHP the CGI Script

Some debates seem to have no end. What came first, the egg or the chicken? Edward’s team or Jacob’s? Which is better?

The question of whether to use PHP as an Apache module or as a separate CGI script is still being talked about in the world of dedicated servers.

Most web hosting companies seem to be using PHP as CGI at the moment, mostly because it is safer. The performance of PHP as an Apache module, on the other hand, is faster and easier to set up.

When PHP is used as an Apache module, it is built into the code for Apache. This means that when an Apache process starts, so does PHP.

They are tied together deeply, and PHP can’t work without Apache. Because PHP is part of every Apache process, this makes Apache run more efficiently. Also, PHP functions can be controlled by how Apache is set up, especially when .htaccess files are used.

The other bad thing about PHP as a module is that it is built into Apache. When PHP goes down, Apache goes down with it. This makes it a bigger security risk, especially for accounts that are shared.

When PHP is used as a CGI script, it runs as a separate binary with its own processes. It is not part of Apache, so it can run as a different user instead of Apache’s generic user. This makes things safer and more stable, but it slows things down.

A downside of PHP as CGI is that it is slower, and users can’t use .htaccess files to control any PHP functionality. They have to make their own php.ini files to do that.

A Linux system administrator can set up a server to run PHP either way or both ways at the same time. PHP as a module makes sense on a server with only one website or a single dedicated server account, because the security risk isn’t really an issue.

If there is no good reason not to, it makes more sense to run PHP as a CGI script on shared hosting accounts.