Search For Server Side Includes

Firefox Add-ons for Web Developers

Advanced Web Development by AskApache is a Firefox Collection I created since I’m always trying new Addons out and using multiple computers and I wanted a quick and easy way to install my favorite’s and keep a running list. Firebug, YSlow, LastPass, and Web Developer are the only ones I always use regularly.

I like the idea of the last.fm but it’s not as powerful as the site, which is awesome. Lately listening to Kings of Leon Radio…

Tagged: askapache, Firebug, Firefox, Firefox Addons, Web Development, webdev, YSlow | 4 Comments | Continue...

---

---

---

Optimizing Servers and Processes for Speed with ionice, nice, ulimit

To prepare for several upcoming articles on AskApache that are focused on optimizing Servers and Sites from a server admin level, here is an article to introduce the main tools that we will be using. These tools are used to optimize CPU time for each process using nice and renice, and other tools like ionice are used to optimize the Disk IO, or Disk speed / Disk traffic for each process. Then you can make sure your mysqld and httpd processes are always fast and prioritized.

Tagged: bash, chrt, CPU Scheduling, Disk IO, ionice, iostat, Nice, optimize processes, Renice, servers, Shell Scripting, taskset | 2 Comments | Continue...

---

Advanced WordPress wp-config.php Tweaks

The bottom line for this article is that I want to make WordPress as fast, secure, and easy to install, run, and manage because I am using it more and more for client production sites, I will work for days in order to solve an issue so that I never have to spend time on that issue again. Time is money in this industry and that is ultimately (time) what there is to gain by tweaking WordPress.

Note: I spent no time on readability, this is primarily a read the code and figure it out article.. This is for advanced users looking for a reference or discussion and for those of you looking to advance. Feedback would be great if you make it that far..

Tagged: admin, advanced, Cookies, debugging, htaccess, mod_rewrite, PHP, phpinfo, WordPress, wp-config.php | 4 Comments | Continue...

---

Advanced Htaccess – SSI, ErrorDocuments, DirectoryIndexing SEO

3-Part article covering practical implementation of 3 advanced .htaccess features. Discover an easy way to boost your SEO the AskApache way (focus on visitors), a tip you might keep and use for life. Get some cool security tricks to use against spammers, crackers, and other nefarious sorts. Take your site’s error handling to the next level, enhanced ErrorDocuments that go beyond 404’s.

Tagged: Apache Htaccess, errordocument, htaccess, htaccess rewrite, mod_include, Server Side Includes, SSI, SymLinks | 1 Comment | Continue...

---

Ultimate Htaccess Tutorial for .htaccess files

This is not an introduction to .htaccess… This is the evolution of .htaccess… The BEST, the ORIGINAL, the NEWEST, and the most HIGHEST, FLYEST .htaccess tricks I can find.

Originally known as the “Ultimate .htaccess Guide”, its changed over the years by adding new .htaccess tricks and .htaccess examples to it.. I also add my favorite .htaccess links, the best .htaccess articles on AskApache, the coolest .htaccess experiments, the Web’s best .htaccess hacks, and update this article on the regular.

Tagged: .htaccess examples, Apache, Cache, caching, Files, FilesMatch, Google, Hacking, howto, htaccess, htaccess guide, htaccess help, htaccess howto, htaccess rewrite, htaccess tricks, htaccess tutorial, httpd, litespeed, mod_rewrite, Mod_Security, rewritecond, rewriterule, sample .htaccess, Security, SEO, seo secrets, SetEnvIf, ssl, ultimate htaccess | 56 Comments | Continue...

---

COMPUTER SECURITY TOOLBOX

List of mainly obscure security software geared more for the master pentester. These are mostly for unix, bsd, and mac and many are difficult to install and setup (require custom servers, inside access points, obscure libraries). Only programs that output data are included, so no actual exploits or anything. Most of these output extremely useful albeit extremely technical information.

3 Comments | Continue...

---

About AskApache

Purpose and Goal of AskApache
To provide free access to knowledge and data with the goal of empowering people.. or more melodramatically: “Power to the People!”
Why the name AskApache? AskApache was chosen to show and pay respect to the contributors of the Apache Web Server. Literally it means to ask Apache when facing a problem, by searching the Open-Source, contacting a board/list, or browsing the documentation.
The Author
I work for a multimedia production / brand development & marketing company here in Indianapolis, the greatest city in the world! I started this blog in Dec., ‘06 to familiarize myself with WordPress as a blogging platform among other things for my job. I help expand/create a growing companies market-share online (and offline) by managing and building the brand and developing high-quality leads and loyal customers by building online funnels fed by SEO traffic and on/offline marketing campaigns. Other than the design and development costs for our minimum 12 month contract, we operate using a gain-share formula where we receive a percentage of the increased revenue that results from our services. This translates to fanatical attention to improving the bottom-line, and focus on long-term sustainable growth and overall success.
It’s important to me to note that unlike most systems set up like this, we are absolutely interested in creating customers/leads/whatever by providing real value for them. It’s much more difficult and takes a lot longer, but it is also self-sustaining as value attracts in an exponential manner. We are likely different than any model you’ve seen before in terms of lead-sales-marketing types.
My Background
I started on DOS, then Windows 2.11 (released 1989), and learned BASIC for my first language… then IBM PC assembly followed by Java, which I used as an excuse to stop learning assembly.. …

5 Comments | Continue...

---

Notes from Apache HTTPD Source Code

thought I’d take a break from coding and post about how open-source is such a great tool for finding the best answers to the toughest questions,

/** is the status code informational */
#define ap_is_HTTP_INFO(x)         (((x) >= 100)&&((x) < 200))
/** is the status code OK ?*/
 
#define ap_is_HTTP_SUCCESS(x)      (((x) >= 200)&&((x) < 300))
/** is the status code a redirect */
#define ap_is_HTTP_REDIRECT(x)     (((x) >= 300)&&((x) < 400))
 
/** is the status code a error (client or server) */
#define ap_is_HTTP_ERROR(x)        (((x) >= 400)&&((x) < 600))
/** is the status code a client error  */
 
#define ap_is_HTTP_CLIENT_ERROR(x) (((x) >= 400)&&((x) < 500))
/** is the status code a server error  */
#define ap_is_HTTP_SERVER_ERROR(x) (((x) >= 500)&&((x) < 600))
 
/** is the status code a (potentially) valid response code?  */
#define ap_is_HTTP_VALID_RESPONSE(x) (((x) >= 100)&&((x) < 600))

Tagged: httpd.conf, source code | Continue...

---

Undetectable Sniffing On Ethernet

I have been in some tight spots where I had to sniff a password or two off the wire, or sniff some packets off the wire and based on the packets content perform some action… Accidentally, I stumbled on a method to sniff data while remaining undetected and invisible.

Tagged: Ethernet, Hacking, linux, nsa, Sniffing, Undetectable, wireshark | Continue...

---

AskApache Password Protection, For WordPress

AskApache Password Protect adds some serious password protection to your WordPress Blog. Not only does it protect your wp-admin directory, but also your wp-includes, wp-content, plugins, etc. plugins as well. Imagine a HUGE brick wall protecting your frail .php scripts from the endless attacks of automated web robots and password-guessing exploit-serving scripts.

90 Comments | Continue...

---

Updated robots.txt for WordPress

Implementing an effective SEO robots.txt file for WordPress will help your blog to rank higher in Search Engines, receive higher paying relevant Ads, and increase your blog traffic. Get a search robots point of view… Sweet!

Tagged: robots, robots.txt, SEO, WordPress | 43 Comments | Continue...

---

Apache Directives and Modules on DreamHost

Apache .htaccess Directives and Loaded Modules allowed on DreamHost Apache Server 2 Setups.

Continue...

---

Request Method Security Scanner

Also See: 27 Request Methods and HTTP Status Codes.
GET
The GET method indicates that the script should produce a document based on the meta-variable values. By convention, the GET method is ’safe’ and ‘idempotent’ and SHOULD NOT have the significance of taking an action other than producing a document.
The meaning of the GET method may be modified and refined by protocol-specific meta-variables.
POST
The POST method is used to request the script perform processing and produce a document based on the data in the request message-body, in addition to meta-variable values. A common use is form submission in HTML [18], intended to initiate processing by the script that has a permanent affect, such a change in a database.
The script MUST check the value of the CONTENT_LENGTH variable before reading the attached message-body, and SHOULD check the CONTENT_TYPE value before processing it.
HEAD
The HEAD method requests the script to do sufficient processing to return the response header fields, without providing a response message-body. The script MUST NOT provide a response message-body for a HEAD request. If it does, then the server MUST discard the message-body when reading the response from the script.
OPTIONS
The OPTIONS method represents a request for information about the communication options available on the request/response chain identified by the Request-URI. This method allows the client to determine the options and/or requirements associated with a resource, or the capabilities of a server, without implying a resource action or initiating a resource retrieval.
Responses to this method are not cacheable.
If the OPTIONS request includes an entity-body (as indicated by the presence of Content-Length or Transfer-Encoding), then the media type MUST be indicated by a Content-Type field. Although this specification does not define any use for such a body, future extensions to HTTP might use the OPTIONS body to make more detailed queries…

1 Comment | Continue...

---

SEO with Robots.txt

Very nice tutorial dealing with the robots.txt file. Shows examples for google and other search engines. Wordpress robots.txt and phpBB robots.txt sample files.

13 Comments | Continue...

---

WordPress robots.txt SEO

WordPress robots.txt file can make a huge impact on your WordPress blogs traffic and search engine rank. This is an SEO optimized robots.txt file.

26 Comments | Continue...

---

Apache Variable Fun in htaccess

Server and Environment Variables are used by The Apache HTTP Server by provides a mechanism for storing information. This information can be used to control various operations such as logging or access control.

3 Comments | Continue...

---

27 Request Methods for Apache rewritecond htaccess

Have you ever wondered how many REQUEST_METHODS you could use in Apache?

Scan Your Site to see what Request Methods are currently allowed, and fix potential security holes.
Intro
The Request Method, as supplied in the REQUEST_METHOD meta-variable, identifies the processing method to be applied by the script in producing a response.
The script author can choose to implement the methods most appropriate for the particular application.
If the script receives a request with a method it does not support it SHOULD reject it with an error.
List of the 27 Request Methods Recognized by Apache

GET
PUT
POST
DELETE
CONNECT
OPTIONS
TRACE
PATCH
PROPFIND
PROPPATCH
MKCOL
COPY
MOVE
LOCK
UNLOCK
VERSION_CONTROL
CHECKOUT
UNCHECKOUT
CHECKIN
UPDATE
LABEL
REPORT
MKWORKSPACE
MKACTIVITY
BASELINE_CONTROL
MERGE
INVALID

GET
The GET method indicates that the script should produce a document based on the meta-variable values. By convention, the GET method is ’safe’ and ‘idempotent’ and SHOULD NOT have the significance of taking an action other than producing a document.
The meaning of the GET method may be modified and refined by protocol-specific meta-variables.
POST
The POST method is used to request the script perform processing and produce a document based on the data in the request message-body, in addition to meta-variable values. A common use is form submission in HTML [18], intended to initiate processing by the script that has a permanent affect, such a change in a database.
The script MUST check the value of the CONTENT_LENGTH variable before reading the attached message-body, and SHOULD check the CONTENT_TYPE value before processing it.
HEAD
The HEAD method requests the script to do sufficient processing to return the response header fields, without providing a response message-body. The script MUST NOT provide a response message-body for a HEAD request. If it does, then the server MUST discard the message-body when reading the response from the script.
OPTIONS
The OPTIONS method represents a request for information about the communication options available on the request/response chain identified by the Request-URI. This method allows the client to determine the…

Tagged: htaccess, mod_rewrite, Request Method | 2 Comments | Continue...

---

Custom PHP.ini tips and tricks

Tagged: htaccess, PHP, php.ini | 9 Comments | Continue...

---

.htaccess – Wikipedia

.htaccess (Hypertext Access) is the default name of Apache’s directory-level configuration file. It provides the ability to customize configuration directives defined in the main configuration file. The configuration directives need to be in .htaccess context and the user needs appropriate permissions.

Statements such as the following can be used to configure a server to send out customized documents in response to client errors such as “404: Not Found” or server errors such as “503: Service Unavailable” (see List of HTTP status codes):
ErrorDocument 404 /error-pages/not-found.html
ErrorDocument 503 /error-pages/service-unavailable.html
When setting up custom error pages, it is important to remember that these pages may be accessed from various different URLs, so the links in these error documents (including those to images, stylesheets and other documents) must be specified using URLs that are either absolute (e.g., starting with “http://”) or relative to the document root (starting with “/”). Also, the error page for “403: Forbidden” errors must be placed in a directory that is accessible to users who are denied access to other parts of the site. This is typically done by making the directory containing the error pages accessible to everyone by creating another .htaccess file in the /error-pages directory containing these lines:
Order allow,deny
Allow from all
Contents
[hide]

1 Password protection

1.1 Password unprotection
1.2 Extra secure method to force a domain to only use SSL and fix double login problem

2 Enable SSI
3 Deny users by IP address
4 Change the default directory page
5 Redirects
6 Prevent hotlinking of images

6.1 From specific domains
6.2 Except from specific domains

7 Standardise web address to require www with SEO-friendly 301 Redirect
8 Directory rules
9 User permissions
10 Other uses
11 See also
12 External links

Password protection
Make the user enter a name and password before viewing a directory.
AuthUserFile /home/newuser/www/stash/.htpasswd
AuthGroupFile /dev/null
AuthName “Protected Directory”
AuthType Basic
<Limit GET POST>
require user newuser
</Limit>
The same behavior…

Continue...

---

Running a Reverse Proxy in Apache

In 2003, Nick Kew released a new module that complements Apache’s
mod_proxy and is essential for reverse-proxying. Since then he gets
regular questions and requests for help on proxying with Apache. In
this article he attempts to give a comprehensive overview of the
proxying and mod_proxy_html

This article was originally published at ApacheWeek in January 2004,
and moved to ApacheTutor with minor updates in October 2006.
Web Proxies
A proxy server is a gateway for users to the Web at large. Users
configure the proxy in their browser settings, and all HTTP requests
are routed via the proxy. Proxies are typically operated by ISPs and
network administrators, and serve several purposes: for example,

to speed access to the Web by caching pages fetched, so that
popular pages don’t have to be re-fetched for every user who views
them.
to enable controlled access to the web for users behind a
firewall.
to filter or transform web content.

Reverse Proxies
A reverse proxy is a gateway for servers, and enables one web server
to provide content from another transparently. As with a standard
proxy, a reverse proxy may serve to improve performance of the web by
caching; this is a simple way to mirror a website. But the most common
reason to run a reverse proxy is to enable controlled access from the
Web at large to servers behind a firewall.
The proxied server may be a webserver itself, or it may be an
application server using a different protocol, or an application
server with just rudimentary HTTP that needs to be shielded from
the web at large. Since 2004, reverse proxying has been the preferred
method of deploying JAVA/Tomcat applications on the Web, replacing
the old mod_jk (itself a special-purpose reverse proxy module).
Proxying with Apache
The…

8 Comments | Continue...

---

Caching Tutorial for Webmasters

If you examine the preferences dialog of any modern Web browser (like Internet Explorer, Safari or Mozilla), you’ll probably notice a ‘cache’ setting. This lets you set aside a section of your computer’s hard disk to store representations that you’ve seen, just for you. The browser cache works according to fairly simple rules. It will check to make sure that the representations are fresh, usually once a session (that is, the once in the current invocation of the browser).

1 Comment | Continue...

---

PHPMailer tutorial

This is meant to be an improved version of the article written by PHPFreaks founder, Eric Rosebrock on the PHPFreaks site HERE, simply because I noticed the URL for that tutorial often was down, so I rewrote it (close to verbatim) for my own personal use.

PHPMailer is by far the BEST way to add email functionality to your web site.
This is just an article to point you in the right direction to mastering this incredible php package.
Tutorials, Guides, Documentation, and HowTos

PHPMailer Documentation
Couple Examples using PHPMailer
Brief PHPMailer tutorial on home site
PHPFreaks founder, Eric Rosebrock, PHPMailer tutorial | Original (alternate)

Other PHPMailer links

PHPMailer Home
Sourceforge Project Home
PHPMailer FAQ
PHPMailer Mailing List
PHP mail() function reference
Standard Email RFC822
MIME Email RFC 2046

Introduction
Sending E-Mail through PHP can be simple, or it can be very complex depending on what you want to do. A standard plain-text E-Mail is what most developers resort to because building the MIME headers for HTML mail can be a difficult process. Those days have been over for quite some time with the amazing PHPMailer library that is available for free! In this tutorial, I will discuss in detail the features and possibilities you have when dealing with PHPMailer.
Requirements
The requirements of this tutorial are very limited. You only need PHP and the ability to send mail() function or an SMTP connection. You should also have a basic understanding of dealing with Object Oriented Programming (OOP) or at least how to follow the examples we’ll use in this tutorial.
Don’t sweat it, this is going to be an easy tutorial for you to follow!
About PHPMailer
PHPMailer is a fully featured email transfer class for PHP that I would put above all of the other E-Mail handlers that I’ve used. It’s popularity has grown rapidly over the…

19 Comments | Continue...

---

Speed Up Sites with htaccess Caching

2 awesome ways to implement caching on your website using Apache .htaccess or httpd.conf. Both methods are extremely simple to set up and will dramatically speed up your site!

10 Comments | Continue...

---

FastCGI on DreamHost

Continue...

---

Web Development Glossary

Web Development / Webmaster Glossary
A | B | C | D | E | F | G | H | I | L | M | N | O | P | R | S | T | U | V | W | X | Z | other glossaries
This glossary defines some of the common terminology related to Apache in particular, and web serving in general. More information on each concept is provided in the links.

Access Control
The restriction of access to network realms. In an Apache context usually the restriction of access to certain URLs.See: Authentication, Authorization, and Access Control

Account
The term “account” is often used synonymously with username here at DynDNS. Both terms describe the name you use to log in to our system. An account is not the same as a hostname, which may be named differently.

age
The age of a response is the time since it was sent by, or successfully validated with, the origin server.

Alias
See cname.

Algorithm
An unambiguous formula or set of rules for solving a problem in a finite number of steps. Algorithms for encryption are usually called Ciphers.
APache eXtension Tool (apxs)
A perl script that aids in compiling module sources into Dynamic Shared Objects ( dsos) and helps install them in the Apache Web server.See: Manual Page: apxs

A Record
An A Record, short for Address Record, allows a numeric ipaddress to map to a more human-readable domain. An A Record may also be referred to as a host or hostname.

Authoritative Nameserver
A nameserver which has been configured to provide answers for a specific domain, rather than simply getting and caching data about domains from other nameservers.

Authentication
The positive identification of a network entity such as a server, a client, or a user.See: Authentication, Authorization, and Access Control
Advisory Committee
An Advisory Committee is a formal advisory…

Continue...

---