-
Proxying pypi / npm / etc for fun and profit!
Package managers for source code (like pypi, npm, nuget, maven, gems, etc) are great! We should all use them. But what happens if the central repository goes down? Suddenly all your continious builds / deploys fail for no reason. Here is a way to prevent that: Configure Apache as a caching proxy fronting these services.…
-
Virtually Hosted SSL – almost there
Virtual hosting (hosting multiple sites on the same IP address) became possible with HTTP/1.1 because it declares the “Host” header, which specifies which one of the (possibly) multiple sites hosted on the same IP address you would like to reach (a small side-effect is that when you use the IP address of a site, you…
-
Disabling mod_deflate for certain files
I received a question regarding my compressed HTTP post. It goes something like this: I want to use a PHP script as a kind of transparent proxy (that is, when I request a file, it downloads it from an other URL and serves it up to me), but mod_deflate keeps eating my Content-Length header. My…
-
Serving up authenticated static files
Two components which are usually found in web applications are authentication and static files. In this post I will try to show how these two interact. The post will refer to PHP and Apache specifically, since these are the platforms I’m familiar with, however the ideas are generally applicable. The advantages of static files are:…
-
Compressed HTTP
The HTTP standard allows for the delivered content to be compressed (to be more precise it allows for it to be encoded in different ways, one of the encoding being compression). Under Apache there are two simple ways to do this: Using the mod_deflate Apache module If you have mod_php activated, setting the zlib.output_compression variable…
-
Implementing Web Services with Open Source Software
Today many services are available (both internal and external to a company) as Web Services, more specifically as SOAP. Companies like Microsoft, IBM or Sun have heavily invested in this field and made many of their products compatible with it (as a client and/or as a server). In this article I will study the different…
-
Including mixed (SSL and non-SSL) content on your secure site
Disclaimer: while I dabble with Apache from time to time, I’m not a professional SysAdmin or Apache guru. The things described below is my own experience, and it should not be considered expert advice, just a staring point. An other way to say it: if you know better, please leave a comment :). AskApache (a…
-
20 ways to Secure your Apache Configuration
A nice writeup about securing your Apache installation: 20 ways to Secure your Apache Configuration
-
Things you (probably) didn’t know about your webserver
Today’s webservers are incredibly complex beasts. I don’t know how many of the people operating Apache have read the full specifications. I sure didn’t. So it should come as no surprise that there are hidden features in our servers (and some of them turned on by default), which can weaken our defenses. There are two…