So up until now I’ve been using mpm_itk or mpm_peruser – both with advantages and disadvantages in an attempt to secure web content. Both of these is essentially a forking mpm, kills Keepalive to a greater or lesser extent, and almost as important – neither is supported by mainline apache (so you’re on you own). Personally I prefer mpm_worker (or more recently mpm_event) since it’s threaded, and I find that it uses less resources (in terms of memory mostly). A lot of movement has also been happening with respect to FastCGI and the advantages are very good, both in terms of security and reliability (in theory).
(more…)