Tag Archives: apache

Centos: How to fine tune your Apache SSL server


The fine tuning of the SSL server side configuration is slow and tedious but necessary procedure. It’s always good to have your SSL site to conform the most latest security standards. It boosts ego and makes customer happy too. It turns out that all you need for that is already at your disposal the point is to properly configure it.
Read more »

Share Button

sysadmin: Apache, FastCGI and PHP-FPM working config

apache-php-fpm
I was looking for working config for the combination of apache mod_fastcgi and PHP-FPM and could not find any. I mean there were plenty of examples and discussions but none of them were operational. The closest was the article on server-world.info site.
Based on that information I was able to put together working configuration for multiple virtual hosts.
Read more »

Share Button

Sysadmin: “[warn-phpd] mmap cache can’t open file … ” mystery solved


Yesterday I was asked by one of our old customers to help solving very interesting problem – he put some php files outside of apache DocumentRoot on his server and the apache could not access the files, producing very interesting lines into apache default error_log

Read more »

Share Button

Sysadmin: How to make use of apache web server mod_expires to improve performance

apache_banner
Most of modern Linux distributions contain Apache 2.x web server with the set of standard modules. One of these modules is mod_expires that allows to configure content expiration in local browser cache or caching proxies. Proper configuration for it can significantly improve overall server performance and reduce bandwidth consumption.
Read more »

Share Button

Sysadmin: How to protect WordPress against “POST /wp-login.php” attacks

Wordpress attackDuring last few weeks I’ve witnessed repeated semi-successful attacks against WordPress sites. This attack is easy to recognize – server response is extremely slow and if you take a look at apache ‘server-status’ page you will see multiple ‘POST /wp-login.php’ requests from different IPs.
Read more »

Share Button

Centos: How to run additional apache instance on different port

In some situations you might need to configure and run additional apache httpd instance listening on different port. It is really easy to accomplish using minimal modifications to the standard CentOS apache httpd configuration and init script.
Read more »

Share Button

Hosting: Howto redirect domain to another domain.

There is always a question on how to completely redirect some src-domain to another dst-domain properly.
And while there is the simple straightforward way to do so, there are always some dedicated server customers of the web hosting that are trying to reinvent the wheel one more time. And failing miserably.
Read more »

Share Button

X-Robots-Tag in headers – fine grained crawlers control in apache

xrobotsI was asked to implement X-Robots-tag on one of our dedicated servers the other day.
This google document explains in the great details what it does and how it influences your site presentation on the search engine.
Read more »

Share Button

Django on cpanel server for shared web hosting

django congrats on successful install
I had a customer request to install Django on cpanel server shared account the other day – took me some time to get it going, mostly because of easyapache not willing to play nice.
Other then that, Jimmy’s blog entry here provides excellent instructions on how to configure it, the only difference being that his cpanel server already had mod_fcgid installed.
So, what I’ll do is just quick recap:
Things to do as root

  1. Make sure your apache had mod_fcgid compiled, if not – run easyapache script from SSH or from WHM web page and make sure mod_fcgid option checked
  2. Install easy_install script –
  3. Use easy_install to install a couple Python packages –
  4. Restart apache, make sure mod_fcgid is loaded

This is it – you can notify customer that he can do his django magic – all prerequisites are in place.

Share Button

Apache, PHP, SuEXEC: added security and control

suhosin
As we know from original article using Apache, PHP in CGI mode along with suExec gives us 2 important security advantages:
– suExec allows to run PHP process with (only) the file owner user privileges, enforcing proper permissions on PHP scripts and thus allowing to avoid cross-site exploits on the server that is running multiple dynamic web sites;
– per site php.ini.
That gives some unique opportunities for securing separate web sites on the server.
Read more »

Share Button
Page 1 of 212