[Zope] Best Practice for Apache 2.0, Zope and SSL
Jamie Heilman
jamie at audible.transient.net
Mon Sep 22 02:44:58 EDT 2003
Rob Thorne wrote:
> * Is there a good patch for ZServer to support https directly, or
> should I run ZServer under Apache 2.0 with mod_ssl?
...
> * How is mod_proxy used with SSL, and how is this different from
> using mod_rewrite alone?
...
> I'm curious which solution performs best for multiple
> sites under one instance.
mod_rewrite & mod_proxy used together to act as a gateway server for a
ZServer instance bound to an unprivileged port on the loopback
interface, is the prefered, and currently "best" way to use Zope[1].
If you set this scenario up, you will in the process use a
VirtualHostMonster which is provided by the SiteAccess Product.
Zope.cgi is, for all intents and purposes, a deprecated technique
which should not be used with new Zope installations (and indeed, isn't
included in the 2.7 code-base at all). Adding mod_ssl to the picture
isn't overly difficult, assuming you've read the documentation for
mod_rewrite and VirtualHostMonsters. Loading mod_proxy is necessary
because its presence enhances the abilities of mod_rewrite, you
needn't use any of mod_proxy's directives directly.
--
Jamie Heilman http://audible.transient.net/~jamie/
[1] It is the prefered way, because it is the most performant. It is
not the most secure, but you said you wanted performance.
More information about the Zope
mailing list