Benifits of running php on IIS

_frakture

Hi there,

Im just wondering if anyone can tell me if there are any benifits of running php on IIS>? Are there any major setbacks and/or disadvantages fro running it on apache?

thorpe

cant really see any benifits of running php on IIS, apache is a better server IMO.

maxpup979

personally, I prefer running PHP on apache (and on linux, but I am biased). and I dont believe there are any benefits to running under IIS. unless you are wanting to add IIS only things like .NET to your site as well.

cyberlew15

Running php on IIS can cause many problems but having said this you can add ASP as it was meant to be to your website. As far as I know ASP was created or bought by microsoft so it follows that you should use their server to parse it. I'm sure that IIS is far more easy to play with in a sandbox situation and you can add sendmail and ftp to it at the click of a buton. All this said tho IIS is just too unstable to host a website online. it's riddled with bugs and security holes so it's better to leave it as a sandbox or at the very most a website for students at a university or college. In conclusion I think it may be best to run php in apache because this is where it's performance is best because I don't think the IIS part of php is half as well developed as apache SAPI hope this helps 🙂

Doug_G

All this said tho IIS is just too unstable to host a website online. it's riddled with bugs and security holes so it's better to leave it as a sandbox or at the very most a website for students at a university or college

Not to be argumentative, but that's a bunch of misinformation. My ISP www.crystaltech.com has 50,000+ customers on W2003/IIS. I've used them for 5 years now with virtually no downtime, no hacks, no problems.

It's very nice to have php, asp, NET, MySQL, SQL Server, Access all available on the same server.

cyberlew15

Doug G just because it has not happened it does not mean the server is any less unstable.

http://www.quepublishing.com/content/images/0789728494/webresources/A010701.html breifly comments on IIS's instability

also a recent search in the CERT Vulnerability Database yielded 28 hits for IIS vulnerabilities and while it is argued that apache has 25 but because of it's open source nature patches have been releaseed for a great many of these security holes. Now I'm not saying patches have not been released for IIS i am however stating that most patches for IIS are to fix it's instabilities.

http://searchsecurity.techtarget.com/generic/0,295582,sid14_gci1096044,00.html will give you a rundown of basic securing your IIS Server but people still get serious issues with IIS which Is why I like it for sandboxing only

and http://searchsecurity.techtarget.com/generic/0,295582,sid14_gci1093529,00.html will give you some information on a few of the most prevalent issues with IIS. Interesting they have all failed to mention that PHP isapi is much more unstable than php sapi for apache maybe it's shoddy programming and maybeit's IIS's instabilities showing through.

regardless of whether your Internet server is secure enough it may even be the case that it is more expensive than apache webhosting with similar features. With all this said it is my conclusion that IIS is all about getting less for your money

Weedpacket

One anecdote does not a proof make.

That said, reading advisory databases like Secunia's, or CVE's compilation to compare IIS and Apache can be interesting.

cyberlew15

Great sites almost as great as saying that because you ignore a problem it will go away. The database is obviously vastly inadequate. If you do cisco networking course one of the forst topics they cover are problems with networking and network services on a microsoft platform.

and when reading http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=iis really not a good advert for II$ there were problems there I did'nt even know about

however http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=apache+http boasts an extremely short list of mainly novice and easy to work around issues

yeah I guess ur sites really showed me the second one really just showed how pathetic the first site was and also how pathetic IIS really is. good show weedpacket

Doug_G

www.ebay.com uses IIS.
www.godaddy.com uses IIS
www.microsoft.com uses IIS

But what do they know?

IIS is a perfectly good, stable and secure web server. Apache is a perfectly good, stable and secure web server. Both have some potential problems that require a good system admin to maintain the server.

cyberlew15

So I suppose with this reasoning if everyone is jumping off of a cliff you have to do it. This is the classical VHS vs betamax argument with apache being betamax just because everybody liked VHS it did'nt improve it's quality. Anyways it should make Micro$oft ashamed that something free bows their commercial server away

goldlikesnow

Doug G wrote:
Not to be argumentative, but that's a bunch of misinformation. My ISP www.crystaltech.com has 50,000+ customers on W2003/IIS. I've used them for 5 years now with virtually no downtime, no hacks, no problems.

It's very nice to have php, asp, NET, MySQL, SQL Server, Access all available on the same server.

Windows 2003 Server for 5 years ???
All on the same server ???

All fine... if your not making mission critical applications..

If you don't know what you're doing go with Microsoft, they don't seem to know either....

goldlikesnow

Doug G wrote:
www.ebay.com uses IIS.
www.godaddy.com uses IIS
www.microsoft.com uses IIS

But what do they know?

IIS is a perfectly good, stable and secure web server. Apache is a perfectly good, stable and secure web server. Both have some potential problems that require a good system admin to maintain the server.

Ebay uses Sun / Java / Fire Servers, not IIS!

Weedpacket

Three anecdotes does not a proof make either.

Um,
http://toolbar.netcraft.com/site_report?url=http://www.microsoft.com (No, really? I'd never have guessed.)
http://toolbar.netcraft.com/site_report?url=http://www.ebay.com
http://toolbar.netcraft.com/site_report?url=http://www.godaddy.com

....but what do they know? (Of course, they could be lying.)

The original question is whether or not there are any significant advantages to IIS over Apache. It seems like the answer is "No, unless you want to play with a lot of other Microsoft technologies as well in a Microsoft-only environment."