Archive

Posts Tagged ‘apache’

Speed up website performance with mod_deflate compression via .htaccess

May 18th, 2010
2 comments

The loading time of a website gets a lot of attention these days, at least since google said, that the loading speed is a factor for the ranking position. With compression of text files (CSS, HTML, JS) you can speed up the performance easily.

If the site is hosted on an Apache 2 webserver, there is an easy to add compression to your existing files without modifying or wrapping them – the only requirement is that Apache is compiled with mod_deflate (which should be standard on quality webhosting providers).

Simply add the following snippet to your .htaccess file:

# BEGIN Gzip
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript
SetEnvIfNoCase Request_URI .(?:exe|t?gz|zip|iso|tar|bz2|sit|rar|png|jpg|gif|jpeg|flv|swf)$ no-gzip dont-vary
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.[0678] no-gzip

# MSIE masquerades as Netscape, but it is fine
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

# NOTE: Due to a bug in mod_setenvif up to Apache 2.0.48, the above regex won’t work. You can use the following
# workaround (comment the above line and uncomment the below line) to get the desired effect:
# BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html


# Make sure proxies don’t deliver the wrong content
Header append Vary User-Agent env=!dont-vary

</IfModule>
# END Gzip

The “BrowserMatch” should prevent compression for older Browsers (inluding Internet Explorer), because there are issues with javascript compression (but it seems, that only certain versions of IE 6 are concerned…)

admin Programming , ,

Mandrake 9.2 and Apache Open Proxy Bug

March 6th, 2009
No comments

the standard apache config of this linux version can cause serious trouble

The problem:
Linux Mandrake 9.2 uses  apache 2.0.47 by default - but take a careful look at your apache config files, because the server is set up by default with an open proxy port – so your box could be “hijacked” by spammers, who use your machine as their own proxy server.

More info about mod_proxy: http://httpd.apache.org/docs-2.0/mod/mod_proxy.html

I became attentive to the hijacking of my system, because the network performance was suddenly very poor, and the http – log of apache showed thousands of lines of “GET” and “CONNECT” requests to foreign domains (mostly porn sites) – this resulted in a massive overload on the server.

Check the open proxy server
To check if your box does really act as an open proxy server, just connect via telnet and try a “GET” request to another adress.

 telnet www.yourserver.com 80
 GET http://www.google.com

If the request returns the source code of www.google.com, your server acts as an open proxy!
Solution:
In Mandrake 9.2, the proxy – configrations can be found in  /etc/httpd/conf.d/30_mod_proxy.conf – please check your settings with the following settings, and your server will lock out the bad guys.

--------------------------------------

LoadModule proxy_module  modules/mod_proxy.so
# LoadModule proxy_connect_module modules/mod_proxy_connect.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so

#
# Proxy Server directives. Uncomment the following lines to
# enable the proxy server:
#
ProxyRequests Off
#

   Order deny,allow
   Deny from all
   Allow from 127.0.0.1

#
# Enable/disable the handling of HTTP/1.1 "Via:" headers.
# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block
#
ProxyVia Off
# End of proxy directives.
---------------------------------------

If your server has already been hijacked and its adress shows up in spammer lists, the requests will not stop immediatly, this will take a few days (up to two weeks)

In my case, everything worked fine after 4 days.

The problem:
Linux Mandrake 9.2 uses  apache 2.0.47 by default - but take a careful look at your apache config files, because the server is set up by default with an open proxy port – so your box could be “hijacked” by spammers, who use your machine as their own proxy server.

More info about mod_proxy: http://httpd.apache.org/docs-2.0/mod/mod_proxy.html

I became attentive to the hijacking of my system, because the network performance was suddenly very poor, and the http – log of apache showed thousands of lines of “GET” and “CONNECT” requests to foreign domains (mostly porn sites) – this resulted in a massive overload on the server.

Check the open proxy server
To check if your box does really act as an open proxy server, just connect via telnet and try a “GET” request to another adress.

 telnet www.yourserver.com 80
 GET http://www.google.com

If the request returns the source code of www.google.com, your server acts as an open proxy!

Solution:

In Mandrake 9.2, the proxy – configrations can be found in  /etc/httpd/conf.d/30_mod_proxy.conf – please check your settings with the following settings, and your server will lock out the bad guys.

--------------------------------------

LoadModule proxy_module  modules/mod_proxy.so
# LoadModule proxy_connect_module modules/mod_proxy_connect.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so

#
# Proxy Server directives. Uncomment the following lines to
# enable the proxy server:
#
ProxyRequests Off
#

   Order deny,allow
   Deny from all
   Allow from 127.0.0.1

#
# Enable/disable the handling of HTTP/1.1 "Via:" headers.
# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block
#
ProxyVia Off
# End of proxy directives.
---------------------------------------

If your server has already been hijacked and its adress shows up in spammer lists, the requests will not stop immediatly, this will take a few days (up to two weeks)

In my case, everything worked fine after 4 days.

admin Legacy , ,