Seeking Zope/Plone hosting and Systems Administration
Roy S. Rapoport
rsr at inorganic.org
Tue Jun 15 23:34:37 PDT 2004
On Tue, Jun 15, 2004 at 05:41:36PM -0700, Ken Malone wrote:
> [MIME & HTML stuff trimmed during the approval process, since I hadn't
> warned this poster.... -- postmaster@]
[..]
> on an as-needed basis. Very soon, we will be seeking development help as
> well. In the months ahead, we will implement an Apache front-end, a
> PostgreSQL or Ingres back-end, and ZEO-clustering.
(Ken, please don't take this as an attack on you)
Oh Zope, how do I love thee?
Well, a lot. $lastWorkplace uses Zope exclusively for their web apps so I
got my introduction there. I love the way Zope really works hard to
enforce the MVC paradigm (this is where you decide how your page is going
to look. No, you may not put business logic. This is where your business
logic is going to go. No, don't worry yer pretty little head about if this
is going to get displayed as a table or as a collection of paragraphs;
etc). I love the incredibly rapid development cycle, aided by easy
FTP/WebDAV access. I like the automatic versioning. I love the
hierarchical acquisition system.
It took me about three weeks to create a media library using PHP. When it
was time to migrate it from PHP to Zope, it took me about two days, and it
feels cleaner and is less buggy (see http://app.inorganic.org/library)
Having said that, the thing I hate the MOST about Zope is the fact that
managing it is done through a web interface on the same port where it
offers content -- in other words, it's in-band management.
That means that you can take the average Zope server serving content at
http://my.dom.ain and go to http://my.dom.ain/manage to get the management
interface. You'll get prompted for a password, of course, but ... I don't
like the fact you get that close. Worse, it's somewhat difficult to deal
with this because /manage is not the only 'management' URL -- most actions
in Zope are done through URLs (I wrote a Zope exporter/importer at my last
company that took advantage of this).
Now, it may be that logging in through Zope's mechanisms is required for
you and so you're going to have to make it available to the world. If it
is not, however, I'd strongly urge you to proxy it behind Apache and use
ProxyMatch to make sure people don't access the management interface (e.g.
http://app.inorganic.org/manage).
Thus ends AnswerMan's retort to your question.
(There are other reasons I don't like Zope, but they're mostly
development-based, rather than sysadmin-based)
-roy
More information about the Baylisa
mailing list