personally, I prefer running PHP on apache (and on linux, but I am biased). and I dont believe there are any benefits to running under IIS. unless you are wanting to add IIS only things like .NET to your site as well.

Running php on IIS can cause many problems but having said this you can add ASP as it was meant to be to your website. As far as I know ASP was created or bought by microsoft so it follows that you should use their server to parse it. I'm sure that IIS is far more easy to play with in a sandbox situation and you can add sendmail and ftp to it at the click of a buton. All this said tho IIS is just too unstable to host a website online. it's riddled with bugs and security holes so it's better to leave it as a sandbox or at the very most a website for students at a university or college. In conclusion I think it may be best to run php in apache because this is where it's performance is best because I don't think the IIS part of php is half as well developed as apache SAPI hope this helps

All this said tho IIS is just too unstable to host a website online. it's riddled with bugs and security holes so it's better to leave it as a sandbox or at the very most a website for students at a university or college

Not to be argumentative, but that's a bunch of misinformation. My ISP www.crystaltech.com has 50,000+ customers on W2003/IIS. I've used them for 5 years now with virtually no downtime, no hacks, no problems.

It's very nice to have php, asp, NET, MySQL, SQL Server, Access all available on the same server.

Doug G just because it has not happened it does not mean the server is any less unstable.

http://www.quepublishing.com/content/images/0789728494/webresources/A010701.html breifly comments on IIS's instability

also a recent search in the CERT Vulnerability Database yielded 28 hits for IIS vulnerabilities and while it is argued that apache has 25 but because of it's open source nature patches have been releaseed for a great many of these security holes. Now I'm not saying patches have not been released for IIS i am however stating that most patches for IIS are to fix it's instabilities.

http://searchsecurity.techtarget.com/generic/0,295582,sid14_gci1096044,00.html will give you a rundown of basic securing your IIS Server but people still get serious issues with IIS which Is why I like it for sandboxing only

and http://searchsecurity.techtarget.com/generic/0,295582,sid14_gci1093529,00.html will give you some information on a few of the most prevalent issues with IIS. Interesting they have all failed to mention that PHP isapi is much more unstable than php sapi for apache maybe it's shoddy programming and maybeit's IIS's instabilities showing through.

regardless of whether your Internet server is secure enough it may even be the case that it is more expensive than apache webhosting with similar features. With all this said it is my conclusion that IIS is all about getting less for your money

One anecdote does not a proof make.

That said, reading advisory databases like Secunia's, or CVE's compilation to compare IIS and Apache can be interesting.

Great sites almost as great as saying that because you ignore a problem it will go away. The database is obviously vastly inadequate. If you do cisco networking course one of the forst topics they cover are problems with networking and network services on a microsoft platform.

and when reading http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=iis really not a good advert for II$ there were problems there I did'nt even know about

however http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=apache+http boasts an extremely short list of mainly novice and easy to work around issues

yeah I guess ur sites really showed me the second one really just showed how pathetic the first site was and also how pathetic IIS really is. good show weedpacket

www.ebay.com uses IIS.
www.godaddy.com uses IIS
www.microsoft.com uses IIS

But what do they know?

IIS is a perfectly good, stable and secure web server. Apache is a perfectly good, stable and secure web server. Both have some potential problems that require a good system admin to maintain the server.

So I suppose with this reasoning if everyone is jumping off of a cliff you have to do it. This is the classical VHS vs betamax argument with apache being betamax just because everybody liked VHS it did'nt improve it's quality. Anyways it should make Micro$oft ashamed that something free bows their commercial server away

Doug G wrote:

Not to be argumentative, but that's a bunch of misinformation. My ISP www.crystaltech.com has 50,000+ customers on W2003/IIS. I've used them for 5 years now with virtually no downtime, no hacks, no problems.

It's very nice to have php, asp, NET, MySQL, SQL Server, Access all available on the same server.

Windows 2003 Server for 5 years ???
All on the same server ???

All fine... if your not making mission critical applications..

If you don't know what you're doing go with Microsoft, they don't seem to know either....

Doug G wrote:

www.ebay.com uses IIS.
www.godaddy.com uses IIS
www.microsoft.com uses IIS

But what do they know?

IIS is a perfectly good, stable and secure web server. Apache is a perfectly good, stable and secure web server. Both have some potential problems that require a good system admin to maintain the server.

Ebay uses Sun / Java / Fire Servers, not IIS!