E.g. Is it more secure to use mod_php
instead of php-cgi
?
Or is it more secure to use mod_perl
instead of traditional cgi-scripts
?
I'm mainly interested in security concerns, but speed might be an issue if there are significant differences.
Security in what sense? Either way it really depends on what script is running and how well it is written. Too many scripts these days are half-assed and do not properly do input validation.
I personally prefer FastCGI to mod_php since if a FastCGI process dies a new one will get spawned, whereas I have seen mod_php kill the entirety of Apache.
As for security, with FastCGI you could technically run the php process under a different user from the default web servers user.
On a seperate note, if you are using Apache's new worker threading support you will want to make sure that you are not using mod_php as some of the extensions are not thread safe and will cause race conditions.