Posted by Rose Bush on May 15th, 2015
In trying to adjust the method of logging in Apache, it was found logical to have the configuration perform an AND on two variables to validate one format vs another. I had not found much detail on this, until making my way to: http://stephane.lesimple.fr/blog/2010-01-28/apache-logical-or-and-conditions-with-setenvif.html. From the page archived, I had the following:
|
|
CustomLog /var/log/apache2/loopback_posts.log combined env=posting_myself SetEnvIf Remote_Addr "^" loopback_ip=0 SetEnvIf Remote_Addr "^127\.0\.0\.1$" loopback_ip=1 SetEnvIf Request_Method "POST" posting_myself SetEnvIf loopback_ip 0 !posting_myself |
In my example, it was not able to work as shown above, but not of by much. We quoted the last 0 in the lines we had written, giving us the following example:
|
|
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded SetEnvIf Remote_Addr "^" LB_ip=0 SetEnvIf Remote_Addr "10\.11\.0\.254" LB_ip=1 SetEnvIf LB_ip "0" !forwarded CustomLog logs/access_log proxy env=forwarded CustomLog logs/access_log combined env=!forwarded |
When tested, requests coming from the LB IP are listed as trusted, and only trusted requests are adjusted and trusted as having been forwarded. Other requests, we can assume (based on topology) with x-forwarded-for header are identified as falsified.
Filed under: Code or Hosting | Comment (0)
Posted by Rose Bush on November 12th, 2012
Leverage browser caching
- The following cacheable resources have a short freshness lifetime. Specify an expiration at least one week in the future for the following resources:
With a note of: (expiration not specified)
To deal with this, I added the following to my .htaccess file:
|
|
<FilesMatch "\.(ico|jpg|jpeg|png|gif|js|css|swf|woff|ICO|JPG|JPEG|PNG|GIF|JS|CSS|SWF|WOFF)$"> <IfModule mod_expires.c> ExpiresActive on ExpiresDefault "access plus 30 days" </IfModule> </FilesMatch> |
This is a modified version of what I saw recommended. The original as I found it was:
|
|
<FilesMatch "\.(ico|jpg|jpeg|png|gif|js|css|swf)$"> <IfModule mod_expires.c> ExpiresActive on ExpiresDefault "access plus 30 days" </IfModule> Header unset ETag FileETag None </FilesMatch> |
However I had a plugin that added the ‘Header unset ETag’ and ‘FileETag None’ lines. I found the code here, and you can read up on mod_expires here. It is good to note that although the message recommends at least 7 days, Google has a best practices guide found here that recommends 30 days as a minimum.
Filed under: Code or Hosting | Comment (0)
Posted by Rose Bush on November 5th, 2012
A friend pointed me to this as an option, when trying to find out exactly what is going on with apache, you can run this:
|
|
ps auxw | egrep "sbin/apache|httpd" | awk '{print"-p " $2}' | xargs strace |
“This one-liner will use strace to attach to all of the currently running apache processes output and piped from the initial “ps auxw” command into some awk.” This has been rewritten to make it a little more flexible with finding the running process, as the original only searched for sbin/apache, and on my server, apache is run from an odd location.
Filed under: Code or Hosting | Comment (0)