Phalcon on Alpine Linux with Hiawatha Web Server

Question

Phalcon on Alpine Linux with Hiawatha Web Server

commandline_be Oct '18

Created Oct '18	Last Reply Nov '18	Replies 1	Views 528	Votes 3

commandline_be 1.1k

Oct '18

Hey People,

In an attempt to build a lightweight, performance friendly, secure web platform i came up with the PHA stack. I thought it would be fun to explore phalcon on Alpine, so i kept track of what i did and write it all down here.

https://github.com/commandline-be/commandline-blues/wiki/Dev:-Phalcon-with-Hiawatha-WebServer-on-Alpine-Linux

(link was broken, now fixed)

PHA Stack stands for Phalcon with Hiawatha on Alpine Linux as these projects focus on small, simple, secure which most often implies performance while still lightweight.

I believe these projects attain these goals.

Phalcon is a (really fast) PHP framework built on and extendable by Zephir which is an open source, high-level language. Zephir is designed to ease the creation and maintainability of extensions for PHP with a focus on type and memory safety. >> go to documentation

Hiawathahas been written with security in mind. This resulted in a highly secure webserver in both code and features. Hiawatha can stop SQL injections, XSS and CSRF attacks and exploit attempts. Via a specially crafted monitoring tool, you can keep track of all your webservers. >> go to documentation

Alpine Linux is an independent, non-commercial, general purpose Linux distribution designed for power users who appreciate security, simplicity and resource efficiency.

Let me know if this works for you, what improvements can happen etc. There should be no mistakes but it can be incomplete as i think to have omitted small configuration changes in php and php-fpm configuration.

Yes, i did not mention a database choice because this is agnostic to both Phalcon and PHP.

Best Regards,

commandline.be

3

Jonathan Aaron Steel
79.0k

Accepted
answer

edited Oct '18
Oct '18

Kind of exotic stack - but nice contribution @commandline-be

commandline_be · Answer 1 · 2018-10-29T04:26:51-07:00

Thanks.

While reviewing the features and requirements for each of PHA i came to the conclusion it would be stable, scaleable, secure out of the bow. Hence i seek to learn/develop based on PHA to see if i'm right.

On top of that the footprint for PHA is low for each component. An image based on this one will be small and supposedly fast as can be.

Kind of exotic stack - but nice contribution @commandline-be

commandline_be · Answer 2 · 2018-11-01T07:53:51-07:00

Similar reasons drove me to hiawatha, i was appaled by the growing complexity of Apache. I just needed a webserver/reverse proxy.

I saw caddy before but never ended up doing anything with it, since not being a dev. Maybe i should consider doing the same and offer a PCA stack :)

The upside to using anything other than Apache is a much easier config syntax. My favorite for dev work is Caddy because it uses a Caddyfile and so sharing between people is very easy.

commandline_be · Answer 3 · 2018-11-01T07:54:41-07:00

What i'm most curious about is if a machine built on an off the shelf PHA-stack would perform admirably or miserably :)

Are there interesting benchmarks for me to run ?

commandline_be · Answer 4 · 2018-11-01T17:33:35-07:00

For the kind of website i'm using i think Hiawatha Webserver (www.hiawatha-webserver.org) does great. I know for sure some people run it on sizeable websites because it manages to handle a lot of load and has great configuration. When it comes to a webserver-only requirement, Hiawatha is it. Even with reverse proxy functionality etc. The built in security features are simple yet effective.

HTTP/2 support is not yet there but in the works.

FYI : https://www.hiawatha-webserver.org/howto

FYI: https://www.hiawatha-webserver.org/manpages/hiawatha

I could not find the benchmark article but this slideshare sums my motivation for Hiawatha up pretty nicely : https://www.slideshare.net/Brunty/hiawatha-the-best-webserver-youve-never-heard-of

And this PDF https://www.hiawatha-webserver.org/weblog/9 from a while ago.

To me what hiawtha offers is exactly how i think stuff should work. Webservers serve webpages as a frontend to backend services. They do no integrate anything facy. They just offer webpages :-) All else should be taken into consideration elsewhere.

commandline_be · Answer 5 · 2018-11-02T14:25:25-07:00

Hiawatha is not really a hipster thing. It is most respected with people who do have a technical background.

Let me know what you think after some testing, if HTTP/2 is high on your list you'll have to wait though.