cancel
Showing results for 
Search instead for 
Did you mean: 

The Problems we need to fix

Ianwild
Grafter
Posts: 3,835
Registered: 05-04-2007

The Problems we need to fix

Here, I'm listing all the issues that customers haver raised about the current CGI platform. We will aim to make sure as many of these issues as possible are addressed in the new one.
- Server upgradability, both in terms of the OS and software, and the time we have to keep doing that on a server platfrom where one change can have untold effects (And it's hard to do QA).
-- PHP5 Support
- Maintainability
-- Clock Synch
-- Priorities low as it's not a critical server from a network perspective and is not used by a hige amount of customers.
- Can't buy more databases, storage, upgrades etc even if you want to.
- DNS support (From John). eg:
    * forums.elvin.me.uk instead of ccgi.elvin.me.uk/forums (and similar for other packages) which would need to be configured to point to a folder
    * different root directory folders for different domains like homepages - could this be achieved by allowing people a separate account on ccgi for each hosted domain? So I'd have ccgi accounts elvin (ccgi.elvin.plus.com), elvin_cgi1 (ccgi.elvin.me.uk) and elvin_cgi2 (ccgi.pdacontact.org.uk)
- Ease of use / Complication
-- No pre-installed scripts - eg Blog, forum etc.
Database
- Non clustered customer Database backend (is this still the case?)
- Phpmyadmin
Please suggest more things for the list.
8 REPLIES
Community Veteran
Posts: 14,469
Registered: 30-07-2007

Re: The Problems we need to fix

More issues that need resolution and have come up in various forums:
- Be able to run both PHP4 & PHP5 on the same platform. This solves the problem with legacy apps and allows porting from 4 to 5 to be tested.
- Don't run PHP in CGI mode as it breaks .htaccess authentication options. While this may have enhanced security it actually made it impossible to secure php scripts like admin areas.
- Simplify the permissions issues so it is not necessary to set php scripts to certain permissions. Limiting full access to owner and read access to group/all should make adding scripts easier.
- SSL support (maybe as an payable option).
- Support full domain DNS control better to allow TXT (i.e. SPF) records to be specified.
- A cpanel type access to your hosting / MySQL solution
- A more up to date website statistics package. Webalizer is too out of date now.
Probably more to follow... Smiley
Ianwild
Grafter
Posts: 3,835
Registered: 05-04-2007

Re: The Problems we need to fix

Keep the problems coming, but please make sure feature requests also go onto the hosting spec thread so we don't lose them.

Ian
Superuser
Superuser
Posts: 2,489
Thanks: 194
Fixes: 5
Registered: 06-04-2007

Re: The Problems we need to fix

One of the main reasons why I don't user the ccgi platform more than I do is the restriction on needing to be on a PlusNet connection to upload to it.  Most of my development work happens when I'm at work, which uses JANET.
Phil
Community Veteran
Posts: 26,357
Thanks: 607
Fixes: 8
Registered: 10-04-2007

Re: The Problems we need to fix

Quote from: Peter
- Be able to run both PHP4 & PHP5 on the same platform. This solves the problem with legacy apps and allows porting from 4 to 5 to be tested.

Not sure about this. If the new platform can be initially tested using a different sub-domain (e.g. cgi2.xxxxxx.xx.xx) while ccgi.xxxxxx.xx.xx is still running the live versions of peoples web sites, is this needed? This isn't going to be available to punters before August when all support for php 4 ceases.
Once people have completed testing, their individual ccgi DNS records could be pointed to the new servers.
Of more relevance in the not too distant future would be availability of php5 and php6.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£13/month)
Mobile: iD mobile (£4/month)
mcgurka
Grafter
Posts: 764
Registered: 09-10-2007

Re: The Problems we need to fix

I think ultimately running both on the same platform is going to cause more problems that it will solve.
I am all for running on a second cgi controller, this will alleviate the need to "tinker" with the current system.
I know there has been a lot of kernel customisation in place for the current servers, and have the view that it is ultimately that which has impeded the progress of this project.
There is a few options regarding this, you can run php5, and make the kernel work again... but you will hit the same problem for php6+
In theory, could the servers not point at the same shared backend? ie. CGI1(php4) ----> SAN <----- CGI2(php5) this way, the pages can be loaded to one place, and tested on both platforms without a lot of fuss?
Also, I think it would be worthwhile to amalgimate the homepage and cgi servers.. and have a seperate cshell system, again use the shared storage architecture.
From a customer standpoint, why have more than one server (static, php, cgi) when you can have one system to run all of the languages?
What strikes me, is that August is not too far away!
Ben_Brown
Grafter
Posts: 2,839
Registered: 13-06-2007

Re: The Problems we need to fix

Quote from: Peter
More issues that need resolution and have come up in various forums:
- Don't run PHP in CGI mode as it breaks .htaccess authentication options. While this may have enhanced security it actually made it impossible to secure php scripts like admin areas.
- Simplify the permissions issues so it is not necessary to set php scripts to certain permissions. Limiting full access to owner and read access to group/all should make adding scripts easier.

Although it might be a little nicer for PHP to run as an apache module, for a platform with as many different people on it as our CGI platform the security benefits of running it as a CGI far outweighs the benefits to customers.
I find at least one compromised site on CGI every week, however the damage people can do with them is currently limited to the account that has been compromised. If we were running PHP as an apache module they would have access to everyone's files. Also the webserver user would need to see all the user's files to work, and open_basedir doesn't work properly so a malicious user would be able to craft a script to view/edit/delete other user's files (well at least read them, depending on individual file permissions the rest may be possible).
The permissions issue you mention is because we are using PHP as CGI rather than an apache module.
Superuser
Superuser
Posts: 2,489
Thanks: 194
Fixes: 5
Registered: 06-04-2007

Re: The Problems we need to fix

Another 'problem' that has come up is with password aging on the current platform.
Phil
Ianwild
Grafter
Posts: 3,835
Registered: 05-04-2007

Re: The Problems we need to fix

Good one - been a bit quiet this week while my potential suppliers crunch numbers.
Hopefully we can get things moving and some significant progress next.
Ian