Apache Variable Fun in htaccess
Server and Environment Variables are used by The Apache HTTP Server by provides a mechanism for storing information. This information can be used to control various operations such as logging or access control.
Mod_Rewrite Basic Examples
mod_rewrite is very useful in many situations. Yet some behaviors were not so obvious when I started to mess with it. After many testings, I understand it much better, now. Having said that, I do not pretend to know it perfectly. I also make mistakes.
COMPUTER SECURITY TOOLBOX
List of mainly obscure security software geared more for the master pentester. These are mostly for unix, bsd, and mac and many are difficult to install and setup (require custom servers, inside access points, obscure libraries). Only programs that output data are included, so no actual exploits or anything. Most of these output extremely useful albeit extremely technical information.Internet Census 2012 – Port scanning using insecure embedded devices – Carna Botnet
While playing around with the Nmap Scripting Engine (NSE) we discovered an amazing number of open embedded devices on the Internet. Many of them are based on Linux and allow login to standard BusyBox with empty or default credentials. We used these devices to build a distributed port scanner to scan all IPv4 addresses. These scans include service probes for the most common ports, ICMP ping, reverse DNS and SYN scans. We analyzed some of the data to get an estimation of the IP address usage.
Firefox Add-ons for Web Developers
Advanced Web Development by AskApache is a Firefox Collection I created since I'm always trying new Addons out and using multiple computers and I wanted a quick and easy way to install my favorite's and keep a running list. Firebug, YSlow, LastPass, and Web Developer are the only ones I always use regularly.
I like the idea of the last.fm but it's not as powerful as the site, which is awesome. Lately listening to Kings of Leon Radio...
Protecting Files with Advanced Mod_Rewrite Anti-Hotlinking
If you have files on your site that you don't want indexed by malicious search engines, grabbed and leeched by malicious spammers, or stolen and made available elsewhere, you can use mod_rewrite to drastically reduce or totally reduce that activity.
Security with Apache htaccess Tutorial
Apache Security tips and tricks for securing Apache Web Servers using htaccess, httpd.conf, and other built-in techniques to thwart attackers. This really should be required reading for any Apache admin or user because these little tricks are so easy to do.
Creating an Offline Version of Page
So, here's what I hacked together last night, that is being used today. It's essentially 2 files.
- A php file that scrapes uses curl to scrape all the urls for the page (favicon, css, images, pdfs, etc..)
- A simple bash shell script acting as a cgi that creates a zip file of all the urls, and a self-extracting exe file for those without a winzip tool
HOWTO: Uninstall CPANEL over SSH
The following is just a quick but detailed reference of some of the commands I used to successfully uninstall cpanel permanently. This is for advanced users of the shell. If you run a single one of these commands without fully understanding it, you will probably kill your server, lose everything on it permanently, not have a website or email for weeks.. So backup everything. FIRST. You should also contact your hosting provider support - but be prepared for some MAJOR negativity.. cpanel makes things very easy for web-hosting companies, and you are less than a drop in their bucket.
Use FallbackResource for WordPress instead of mod_rewrite
FallBackResource is a great alternative to using mod_rewrite to direct Apache to send all requests for non-existing files/directories to a script in WordPress. Htaccess and Server Config enabled.
Wget Trick to Download from Restrictive Sites
Before
After trick
I am often logged in to my servers via SSH, and I need to download a file like a WordPress plugin. I've noticed many sites now employ a means of blocking robots like wget from accessing their files. Most of the time they use .htaccess to do this. So a permanent workaround has wget mimick a normal browser.
.htaccess Examples: Cookies, Variables, Custom Headers
Fresh .htaccess code for you! Check out the Cookie Manipulation and environment variable usage with mod_rewrite! I also included a couple Mod_Security .htaccess examples. Enjoy!
Originally Posted: 3/29/2008
Enhanced printenv Script for Server Debugging
A souped-up version of the Apache printenv script for hard-core server environment debuggery.
#!/bin/sh
echo -e "Content-type: text/plainnn"
...
__T "CURRENT PROCESS CMDLINE"
{
for p in `echo /proc/[0-9]*/cmdline`;
do
pid=${p:6:$((${#p}-13))}
[[ $pid == $PPID || $pid == $$ ]] && continue;
__M "[ /proc/$pid ]";
sed 's/x00/ /g;G' $p 2>/dev/null
done
}
fi
MariaDB with LZ4 Compression Howto for CentOS
I really really wanted to run the latest MariaDB with LZ4 Page Compression.. it is a game changer for many types of large databases I deal with. So I compiled it manually in a way that is repeatable and follows best-practices and it's now powering this site. Now I can use InnoDB Page Compression with lzo, lzma, bzip2, snappy, or my favorite algorithm: LZ4.
Thought this would be a good chance to post a howto, and show that there is a lot you can do by compiling software yourself and breaking the package management one-click install shackles.
Speed Up Sites with php Caching
This explains the basic methods to get started caching with php headers
Apache Logging for Remote Addresses using X-Forwarded-For
Convert Image Base64 Encoder
PHP Session File Hacks
What they say about kung-fu is true..
It can be attained by anyone through hard work over time. You can become as good as the amount of work you put in. Here's a short look at a basic technique that I use. Simply reverse engineering the source code and taking notes along the way...
static void php_session_send_cookie(TSRMLS_D)
if (SG(headers_sent)) {
if (output_start_filename) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cookie - headers already sent by (output started at %s:%d)",
output_start_filename, output_start_lineno);
} else {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cookie - headers already sent");
}
return;
}
/* URL encode session_name and id because they might be user supplied */
e_session_name = php_url_encode(PS(session_name), strlen(PS(session_name)), NULL);
Optimizing Servers and Processes for Speed with ionice, nice, ulimit
To prepare for several upcoming articles on AskApache that are focused on optimizing Servers and Sites from a server admin level, here is an article to introduce the main tools that we will be using. These tools are used to optimize CPU time for each process using nice and renice, and other tools like ionice are used to optimize the Disk IO, or Disk speed / Disk traffic for each process. Then you can make sure your mysqld and httpd processes are always fast and prioritized.
Control htaccess Basic Authentication with PHP and mod_rewrite
Control htaccess Basic Authentication with PHP and mod_rewriteSEO Secrets of AskApache.com
Learn how in a year, with no previous blogging experience this blog was able to rank so high in search engines and achieve 15,000 unique visitors every day. Uses combination of tricks and tips from throughout AskApache.com for Search Engine Optimization.
Google: Let’s Make the Web Faster
Setting charset in htaccess
Learning about charset's and file types maybe pretty boring, but using .htaccess it can be fun! Here's a quicklist htaccess cheatsheet for adding the correct Charset to a web document.
Website SEO Score Tool
Check out this free online SEO site-scoring tool. The SEO generated report is simple, neat, and helpful. The main thing I like about it is how it is a stand-alone website, a residual money making machine.
Best Practices for Speeding Up Your Web Site with Htaccess
I have written more than a few articles detailing how to improve the speed of a website, and due to popular demand, this post will detail all the latest and greatest caching tricks and techniques that I utilize and love. The AskApache Best-Practices.
Redirect index.php to root
WordPress blogs show the same duplicate content for https://www.askapache.com/index.php and https://www.askapache.com/. If you've read about using a robots.txt file for WordPress SEO, than you already understand this setup results in Duplicate Content penalties being levied against your Blog and Web Site by Search Engines.
Updated robots.txt for WordPress
Implementing an effective SEO robots.txt file for WordPress will help your blog to rank higher in Search Engines, receive higher paying relevant Ads, and increase your blog traffic. Get a search robots point of view... Sweet!
Who Am I – Your IP Information
.htaccess mod_rewrite rewrite examples
A hit-list of some of my favorite mod_rewrite code snippets for .htaccess files
htaccess Tricks for Webmasters
Some of my favorite htaccess examples from some of my favorite .htaccess tutorials. These cut-and-paste ready htaccess code snippets are very useful for website and server administrators.
Speed Up Google Analytics with urchin.js
Serve Alternate Content based on Time
Time-dependant rewriting uses mod_rewrite and apache server time variables to display different files depending on the time, while the URL stays the same. An often requested implementation of this is to display a different home page or image depending on if its morning, noon, or night.
PHP5 Custom Install Shell Script Example
Today I successfully learned how to compile and run multiple custom php installations for a DreamHost account, and to get it working I came upon a simple shell script that I made a couple changes to.
Dealing with Mobile Visitors using Bad Browsers
Unicode Character Reference
Just a quick reference to all those delicious unicode characters and how they render on the web‽‽
Renaming Sponsored Links in AdSense
Google AdSense calles their AdSense Ads, "Sponsored Links", while Text-Link-Ads.com recommends "Sponsored By". Of course it is against the Google Adsense TOS to rename your ads, but in general, for non-adsense, what do you like to call your sponsored links?
Top 3 Speed Tips for Sites using Google Analytics
Top 3 ways to speed up websites that use Google Analytics. Host Script Locally, Fix Google-Analytics Cookie Domain, and Failsafe Loading for optimum tracking statistics.
Instruct Search Engines to come back to site after you finish working on it
Nifty SEO tip to get Search Engine Bots to check your site every hour until you finish working on it and tell them you are finished.
Log all .htaccess/.htpasswd logins
Learn how to log and debug usernames and passwords used to login to a htaccess basic authorization protected website using php. This article is BOSS and will show you how to fully take control of this aspect of security using php and .htaccess, I don't believe you will find instructions to do this anywhere else on the net.
Faster Form Submission and Processing with fsockopen
Part II: Example illustrating how to speed up GET/POST form submissions. Uses fsockopen to initiate a server-side background request to process the submitted data, so that the result page of the form is displayed to the client lightningly quick.