[Zope] Best Practice for Apache 2.0, Zope and SSL

Jamie Heilman jamie at audible.transient.net
Mon Sep 22 02:44:58 EDT 2003


Rob Thorne wrote:
>    * Is there a good patch for ZServer to support https directly, or
>      should I run ZServer under Apache 2.0 with mod_ssl?
...
>    * How is mod_proxy used with SSL, and how is this different from
>      using mod_rewrite alone?
...
> I'm curious which solution performs best for multiple 
> sites under one instance.

mod_rewrite & mod_proxy used together to act as a gateway server for a
ZServer instance bound to an unprivileged port on the loopback
interface, is the prefered, and currently "best" way to use Zope[1].
If you set this scenario up, you will in the process use a
VirtualHostMonster which is provided by the SiteAccess Product.
Zope.cgi is, for all intents and purposes, a deprecated technique
which should not be used with new Zope installations (and indeed, isn't
included in the 2.7 code-base at all).  Adding mod_ssl to the picture
isn't overly difficult, assuming you've read the documentation for
mod_rewrite and VirtualHostMonsters.  Loading mod_proxy is necessary
because its presence enhances the abilities of mod_rewrite, you
needn't use any of mod_proxy's directives directly.

-- 
Jamie Heilman                     http://audible.transient.net/~jamie/

[1] It is the prefered way, because it is the most performant.  It is
    not the most secure, but you said you wanted performance.



More information about the Zope mailing list