Brian V. Hughes wrote:
I’d be careful not to confuse the Apache mod_fcgi module (which was
dormant at the time the AWD book was published, I think this has
changed some recently) with the FastCGI module that comes as part
of LightTPD. IMO, LightTPD is the premier production deployment
solution for Rails apps, today.
In response to: “I’d be careful not to confuse the Apache mod_fcgi
module (which was dormant at the time the AWD book was published,”…
There is no Apache module named “mod_fcgi”. There are 2 released
FastCGI modules for Apache and one that is upcoming:
mod_fastcgi for Apache 1.x/2.0 - version 2.4.2 released in Nov 2003
and last snapshot distribution is April 2004.
mod_fcgid for Apache 2.x - version 1.08 released in Jan 2006 and has
always been actively maintained (so this cannot be the dormant
“mod_fcgi” you mentioned).
mod_proxy_fcgi for Apache which is new and not even released yet
In response to: "IMO, LightTPD is the premier production deployment
solution for Rails apps, today"…
I’ve been using Lighttpd on an internal test server and I can say that
Lighttpd-1.4.10 (latest stable version) is not as stable as Apache.
Lighttpd-1.4.10 has massive memory leaks and other stability problems
which are well-documented at:
In terms of performance, people should be aware that benchmark
comparison between Lighttpd and Apache 2 is with MPM-Prefork. Note that
Apache’s MPM-Prefork makes Apache 2 perform as badly as Apache 1. One
reason someone might use MPM-Prefork for benchmarking Apache 2.x is to
make sure they have the slowest possible performance to make their
product shine. If you look at the source of the benchmark, it is a
commercial webserver vendor trying to emphasize their performance
To avoid getting fooled, I encourage you to do your own benchmarks
instead of falling victom to hype. Use ab or seige on a separate
physical machine to benchmark your server software. You’ll see results
vastly different from biased benchmarks posted online by people trying
to push their products on the public.
One last issue to consider is that Lighttpd does not (yet) have
mod_security which can prevent XSS and SQL injection attacks and more.
Given the stability/memory-leak problems, lack of compelling speed
advantage over Apache 2 MPM-Worker, and lack of mod_security, I really
don’t see how Lighttpd can be considered the “premier production
deployment solution for Rails apps, today.”
Believe me, I’d be one of the first to use Lighttpd in production if it
performed better than Apache 2 but it just isn’t ready for prime-time
yet. In the meantime, I’ve submitted several Lighttpd bug reports and
suggested the use of splint (which the author said he’d investigate) so
I’m doing my part to help Lighttpd catch up to Apache’s robustness. The
worst we can do is pretend it is better or even on par with Apache today
by ignoring reality.