Slashdot Mirror

← Back to Stories (view on slashdot.org)

Using Single Apache SSL/Non-SSL in Production?

Posted by Cliff on from the worth-the-performance-hit dept.

tck1000 asks: "I currently maintain some legacy webservers, running Apache 1.3.x on Linux, on x86 hardware. Two separate daemons are used. One to serve SSL vhosts, and one to server non-SSL vhosts. Each of these servers also is compiled with PHP, mod_perl, and JServe, and also works with a Tomcat servlet engines. In the process of planning an upgrade path, I've thought about using a single daemon to serve both the SSL and Non-SSL vhosts. Is this a good idea?"

"These webservers serve about 4 million hits a day across all the vhosts. I'm worried about memory usage if every httpd process has to load mod_ssl, as well as everything else they load.

I've been searching for comparisons between running 2 daemons (and the associated effort in maintaining/upgrading/patching), vs. running a single daemon (with any added overhead it entails).

I've found a lot of examples of how to do it, but not much on the why's.

Comments, Opinions, Ideas, Links?"

3 of 37 comments (clear)

  1. Slashdot/Sourceforge/etc... by krow · · Score: 4, Informative

    This is what Slashdot does (and sourceforge too for that matter), they use one Apache host to serve content and use pound to do the SSL.
    Good luck!

    --
    You can't grep a dead tree.
  2. Link by jpkunst · · Score: 4, Informative

    Comments, Opinions, Ideas, Links?

    Recipe 7.4: Serving a Portion of Your Site via SSL from O'Reilly's Apache Cookbook ?

    JP

  3. Re:Might consider more than that... by Homology · · Score: 3, Informative

    With four million hits a day it does makes little sense to use Tomcat even for static content. Apache serves static pages faster than Tomcat and with less resources.