This blog helps you to get some basic knowledge about PHP handlers.
What is a PHP handler
A PHP handler determines how PHP is loaded on the server. To run a site on PHP, the server must interpret the PHP code and generate pages while visitors accessing the site. The page generated on the server is depends on the PHP library you are using. Each PHP handler delivers the PHP libraries through different files and implementations. Each file and implementation affects apache’s performance because it determines how apache serves PHP.
The main PHP Handlers are :-
1) DSO (Dynamic Shared Object)
2) suPHP (Singleuser PHP)
4) CGI (Common Gateway Interface)
DSO is the oldest PHP handler that runs as an apache module. The module is mod_php. Since it is an apache module , it understands the apache directives. So it can take directives on apache conf or .htaccess file for a site. Because of this we can say that this handler is highly configurable. All scripts are executed as apache’s default user.
The main advantages of this handler are speed and resource usage. Also with opcode caching extensions like eAccelerator or APC, DSO will run significantly faster than other handlers. So this handler is considered as the fastest handler to serve PHP requests. Low CPU usage typically amounts in higher speed and load times than other handlers.
The main disadvantage of this handler is all scripts needs to be owned and executed by apache’s default user. So we can’t easily track per user basis. Also while using CMS (Content Management System) like WordPress or Joomla that requires the ability of these applications to write or modify files, the proper permissions must be set beforehand to allow this to happen. Each time a new file is created by a PHP script, it will be owned by the apache default user and can lead to further permission issues.
Another drwaback of this Handler is security. Because all of your users on the server are having their PHP scripts executed by the same user (apache default user), if one of your sites is exploited due to a flaw in one of your PHP scripts, the attacker could potentially look at or modify files outside of that user’s directory that had the PHP script that was exploitable. So when using the DSO handler please keep all PHP software up to date with any security patches so they are not exploited.
So this Handler is best suited if you have only one user and need good speed and performance.
suPHP runs as CGI module and its major benefits are strong security and easy permissions. The module is mod_suphp. It doesnot understand apache directives in .htaccess or apache conf like DSO, you should define in php.ini .
This handler is the most flexible and secure way of serving PHP pages. The SuPHP handler with suEXEC enabled , runs all the PHP scripts as the user owned them rather than apache defualt user. So we can easily track down which website user is using excessive resources. This is the main advantage of using suPHP.
The main benefit of using suPHP handler is that it isolates one user on the server from the others. So if one account was compromised because of an exploit in one of your PHP scripts, the attacker would only be able to view or modify files owned by that particular user. Another advantage of running process as the user is that it simplifies the permission scheme. It is helpful while using CMS such as wordpress or joomla.
The main disadvantage of suPHP is speed and CPU load. Your PHP websites may be slower down due to additional overhead of having to run separate process per request. suPHP runs much slower than the other handlers. suPHP also cannot work with an opcode caching extension such as eAccelerator or APC, which also increases the CPU usage.
suPHP is best suited if you have multiple accounts on same server .
FastCGI is also the fastest way to serve PHP pages than suPHP, but not much faster than DSO. This runs as CGI module. The module is mod_fcgid. And FastCGI doesnot understand apache directives.
The main benefit of using the FastCGI handler is that you can use suEXEC just like with suPHP to allow PHP scripts to be executed by the actual user of the PHP script instead of using the Apache default user. FastCGI also doesn’t require a single PHP process execution per request like suPHP does, so it can be much faster and reduces CPU usage by holding PHP scripts in memory.
This allows you the same permissions advantages of suPHP mentioned above. The difference between the two, however, is how they control the PHP processes. suPHP runs each time a PHP process needs to be compiled, whereas FastCGI keeps persistent connections open that can be recalled by the same PHP process. This allows you to use an opcode caching extension such as eAcceleartor or APC with it to increase performance.
The main disadvantage of the FastCGI handler is that it can be very memory intensive. This is because FastCGI keeps PHP sessions opened in the background in memory for quicker access and the ability to use PHP opcode caching can add to the memory usage as well. Additionally FastCGI can encounter an array of errors depending on how your PHP scripts are coded. This can typically require a day or two of setting tweaks, specific to what your PHP scripts are trying to do.
FastCGI is suited if you are experiencing slow performance when using suPHP, and you have available memory to spare on your server.
CGI PHP handler is not widely used anymore due to the other PHP handlers benefits. CGI is can use suEXEC so that PHP executions are run by the file owner of a PHP script rather than the apache default user.
The main benefit of using the CGI handler is that it is very configurable, and supports using suEXEC for making permissions less of a headache.
The main disadvantage of the CGI handler is that it is the slowest handler. The CGI handler is typically not used much anymore.
I believe now you got some knowledge about each PHP handler . Choose of PHP handler is depends on your PHP environement . Also I highly recommend that don’t change the PHP handler if your current handler has better performance.