1. Field of the Invention
The present invention relates to a server, and more particularly, to a server that supports two different Hypertext Preprocessor (PHP) modes, and determines to execute which one of the two PHP modes by determining whether a received uniform resource locator (URL) has a user account or not.
2. Description of the Prior Art
A PHP module of a conventional server, such as a module “mod_php” of Apache HTTP server, uses a single execution identity (effective user identity, EUID) and an effective group identity (EGID) to execute a PHP request. Therefore, when many users share a server, and if a program stored in the server by a user account has security issues (e.g. a malicious file was written into the server), the security of the files of the other users may be influenced.
Prior art techniques provide some methods to solve the above-mentioned problem. According to one prior art technique, an executing module PHP-FPM (FastCGI Process Manager) is used to assign the execution identity by referring to the request path (e.g. document catalog/path under different user accounts) . However, this technique needs to prepare pools corresponding to all the executing identities before processing the request, and it is not allowed to assign the execution identity dynamically. For example, assuming that there are one thousand users open the personal web stations in the server, in order to have the independent execute identities, the server needs to assign one thousand pools to PHP-FPM; and once the situations of the users been added or cancelled, PFP-FPM needs to restart. In light of above, PFP-FPM is not suitable for home directory web server.
In addition, according to another prior art technique, another
PHP executing module “suPHP” is used to dynamically assign the execution identity by referring to the owner of the file/document. However, because suPHP requires additional security checking and decision logic steps while executing the request, so the efficiency of suPHP is much less than that of PFP-FPM.
To have the security and efficiency, a reverse proxy server is provided to transfer the request to a suPHP web server or a PHP-FPM web server. However, this technique needs two web servers and one reverse proxy server, that is needs more hardware resources, and addition delay time occurs when the data is transferred between different servers.