FREE THOUGHT · FREE SOFTWARE · FREE WORLD

Home » Search results for "expires"

Search For expires

Raw HTTP Header Debugger

Post by Oct 26, 20115 comments

Category:

Htaccess Rewrites – Rewrite Tricks and Tips

Post by AskApache Apr 10, 2011130 comments

htaccess rewrite / Mod_Rewrite Tips and Tricks is as glamorous as it sounds! htaccess rewrite mod_rewrite is just possibly one of the most useful Apache modules and features. The ability to rewrite requests internally as well as externally is extremely powerful.

Category: Htaccess

Ultimate Htaccess Part II

Post by AskApache Oct 16, 20105 comments

Editing an Apache .htaccess file in VIM. Here is even more information from the Ultimate Htaccess Part I. For now this is very rough and you will want to come back later to read it.

Category: Htaccess

PHP Session File Hacks

Post by AskApache Jun 24, 20102 comments

What they say about kung-fu is true..

It can be attained by anyone through hard work over time. You can become as good as the amount of work you put in. Here's a short look at a basic technique that I use. Simply reverse engineering the source code and taking notes along the way...

static void php_session_send_cookie(TSRMLS_D)
  if (SG(headers_sent)) {
          if (output_start_filename) {
                  php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cookie - headers already sent by (output started at %s:%d)",
                          output_start_filename, output_start_lineno);
          } else {
                  php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cookie - headers already sent");
          }
          return;
  }
 
  /* URL encode session_name and id because they might be user supplied */
  e_session_name = php_url_encode(PS(session_name), strlen(PS(session_name)), NULL);

Category: PHP

Actual Htaccess Files from My Server

Post by AskApache Apr 17, 20106 comments

#### No https except to wp-admin -
# If the request is empty ( implies fopen or normal file access by a php script )
RewriteCond %{THE_REQUEST} ^$ [OR]
 
# OR if the request if for wp-admin or wp-login.php
RewriteCond %{REQUEST_URI} ^/(wp-admin|wp-login\.php).*$ [NC,OR]
 
# OR if the Referer is https
RewriteCond %{HTTP_REFERER} ^https://www.askapache.com/.*$ [NC]
 
# THEN skip the following rule, basically all this does is force https or badhost to be redirected
# BUT because of the above 3 rewritecond's, this won't break poorly written admin scripts
RewriteRule .* - [S=1]
 
RewriteCond %{HTTPS} =on [OR]
RewriteCond %{HTTP_HOST} !^www\.askapache\.com$ [NC]
RewriteRule .* http://www.askapache.com%{REQUEST_URI} [R=301,L]
 
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(wp-admin/.*|wp-login\.php.*)\ HTTP/ [NC]
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

Category: Htaccess

Optimize a Website for Speed, Security, and Easy Management

Post by AskApache Feb 18, 201011 comments

Learn how to setup, configure, secure, optimize, and create a low-maintenance website the AskApache way. I'm piecing together all the hacks, tricks, methods, and ideas discussed throughout this blog and all across Netdom and glueing them all together to show you how to have the most optimized, crazy fastest, and best website setup I can think of.

Category: Hosting

Optimizing Servers and Processes for Speed with ionice, nice, ulimit

Post by AskApache Oct 10, 20094 comments

To prepare for several upcoming articles on AskApache that are focused on optimizing Servers and Sites from a server admin level, here is an article to introduce the main tools that we will be using. These tools are used to optimize CPU time for each process using nice and renice, and other tools like ionice are used to optimize the Disk IO, or Disk speed / Disk traffic for each process. Then you can make sure your mysqld and httpd processes are always fast and prioritized.

Category: Optimization

An AskApache Plugin Upgrade to Rule them All

Post by AskApache Jul 29, 20091 comment

An AskApache Plugin Upgrade to Rule them AllSo my blog as been rather quiet for almost a year now, and very few updates if any have been released for my Password Protection PLugin, my Google 404 Plugin, and definately not for my AskApache CrazyCache plugin, which I will be releasing last... So for all of you who've helped me out by sending me suggestions and notifying me of errors and sticking with it... Just wanted to say sorry about that, and thanks for all the great ideas.. Well, I've been sticking with it as well believe it our not. I manage to get free days once in a while, and then its time to jam.

Category: WordPress

THE Ultimate Htaccess

Post by AskApache Jan 10, 200988 comments

Skip this - still under edit

I discovered these tips and tricks mostly while working as a network security penetration specialist hired to find security holes in web hosting environments. Shared hosting is the most common and cheapest form of web-hosting where multiple customers are placed on a single machine and "share" the resources (CPU/RAM/SPACE). The machines are configured to basically ONLY do HTTP and FTP. No shells or any interactive logins, no ssh, just FTP access. That is when I started examining htaccess files in great detail and learned about the incredible untapped power of htaccess. For 99% of the worlds best Apache admins, they don't use .htaccess much, if AT ALL. It's much easier, safer, and faster to configure Apache using the httpd.conf file instead. However, this file is almost never readable on shared-hosts, and I've never seen it writable. So the only avenue left for those on shared-hosting was and is the .htaccess file, and holy freaking fiber-optics.. it's almost as powerful as httpd.conf itself!

Most all .htaccess code works in the httpd.conf file, but not all httpd.conf code works in .htaccess files, around 50%. So all the best Apache admins and programmers never used .htaccess files. There was no incentive for those with access to httpd.conf to use htaccess, and the gap grew. It's common to see "computer gurus" on forums and mailing lists rail against all uses and users of .htaccess files, smugly announcing the well known problems with .htaccess files compared with httpd.conf - I wonder if these "gurus" know the history of the htaccess file, like it's use in the earliest versions of the HTTP Server- NCSA's HTTPd, which BTW, became known as Apache HTTP. So you could easily say that htaccess files predates Apache itself.

Once I discovered what .htaccess files could do towards helping me enumerate and exploit security vulnerabilities even on big shared-hosts I focused all my research into .htaccess files, meaning I was reading the venerable Apache HTTP Source code 24/7! I compiled every released version of the Apache Web Server, ever, even NCSA's, and focused on enumerating the most powerful htaccess directives. Good times! Because my focus was on protocol/file/network vulnerabilites instead of web dev I built up a nice toolbox of htaccess tricks to do unusual things. When I switched over to webdev in 2005 I started using htaccess for websites, not research. I documented most of my favorites and rewrote the htaccess guide for webdevelopers. After some great encouragement on various forums and nets I decided to start a blog to share my work with everyone, AskApache.com was registered, I published my guide, and it was quickly plagiarized and scraped all over the net. Information is freedom, and freedom is information, so this blog has the least restrictive copyright for you. Feel free to modify, copy, republish, sell, or use anything on this site ;)

Category: Htaccess

Htaccess SetEnvIf and SetEnvIfNoCase Examples

Post by AskApache Dec 07, 20087 comments

SetEnv, SetEnvIf, and SetEnvIfNoCase directives conditionally set environment variables accessible by scripts and apache based on HTTP Headers, Variables, and Request information.

Category: Htaccess

.htaccess Plugin Blocks Spam, Hackers, and Password Protects Blog

Post by AskApache Nov 22, 200845 comments

.htaccess security plugin 2

Well what can I say, other than this is sooo DOPE! Here is a list of the modules this plugin (version 4.7 unreleased) will automatically detect. I compiled the list myself using every module included with any default Apache installation for ALL the versions listed below, 1.3 to 2.2+

Want to know something else I'm including in this plugin? For each and every module that is detected, this plugin can then detect ALL of the modules .htaccess Directives! For instance, RewriteRule, AccessFileName, AddHandler, etc.. are each a directive belonging to a module that is allowed to be used from within .htaccess files.

Talk about sick.. these tricks have the diamond disease!

Category: WordPress

.htaccess trick to show Alternate CSS file based on IP

Post by AskApache Oct 20, 20085 comments

This past week I updated my sites apache.css file for a site-redesign. I wanted to make changes to the .css file that only I could see, so that my regular traffic and site-visitors would still see the old version. Here's the elegant solution I came up with using .htaccess and mod_rewrite that works so well I'm sharing it with all you wonderful and incredible people reading my blog :)

Category: Htaccess

Pimp out your FeedBurner Count

Post by AskApache Aug 19, 20081 comment

I've had a lot of people ask about the FeedBurner FeedCount image on AskApache. Specifically how to set it up with custom messages and different colors each page view... It is pretty sweet..

Category: Hacking

Notes from Apache HTTPD Source Code

Post by AskApache Aug 12, 2008comment

thought I'd take a break from coding and post about how open-source is such a great tool for finding the best answers to the toughest questions,

/** is the status code informational */
#define ap_is_HTTP_INFO(x)         (((x) >= 100)&&((x) < 200))
/** is the status code OK ?*/
 
#define ap_is_HTTP_SUCCESS(x)      (((x) >= 200)&&((x) < 300))
/** is the status code a redirect */
#define ap_is_HTTP_REDIRECT(x)     (((x) >= 300)&&((x) < 400))
 
/** is the status code a error (client or server) */
#define ap_is_HTTP_ERROR(x)        (((x) >= 400)&&((x) < 600))
/** is the status code a client error  */
 
#define ap_is_HTTP_CLIENT_ERROR(x) (((x) >= 400)&&((x) < 500))
/** is the status code a server error  */
#define ap_is_HTTP_SERVER_ERROR(x) (((x) >= 500)&&((x) < 600))
 
/** is the status code a (potentially) valid response code?  */
#define ap_is_HTTP_VALID_RESPONSE(x) (((x) >= 100)&&((x) < 600))

Category: Hacking

Preloading .flv and .mp3 files with Flash

Post by AskApache Aug 05, 200812 comments

Preload/Cache .mp3 .flv files with Flash ActionscriptIf you want to pre-load .flv / .mp3 files into a visitors browser cache using flash, here's the actionscript I use to do it, and some ideas behind a good javascript implementation using swfobject or ufo.

Category: Optimization

Mod_Security .htaccess tricks

Post by AskApache Apr 23, 200811 comments

Mod_Security rivals Mod_Rewrite in the amount of features it provides. I decided to go ahead and post what I learned about it today, even though its tough to give away such awesome htaccess and apache tricks.. Learn how to control spam once and for all, conditionally log/deny/allow/redirect requests based on IP, username, etc.. Mod_Security is so fine!

Category: Htaccess

PHP Sessions/Cookies On The Fly

Post by AskApache Mar 28, 20082 comments

Multiple Web Technologies for dynamic php session controlThis article shows how to save and modify php session data, cookies, do anything really... without using ajax or iframes or forcing the user make a request.

Category: PHP

Advanced HTTP Redirection

Post by AskApache Mar 26, 20082 comments

HTTP Redirection Status Codes, 300Learn about the 7 different HTTP response codes specifically reserved for redirection. 301, 302, 303, 304, 305, and 307.

Category: SEO

Hack WP-Cache for Maximum Speed

Post by AskApache Mar 11, 20082 comments

WP-Cache with Full AskApache HackIf you desire SPEED from your WordPress blog, the #1 speed improvement comes from using the WP-Cache Plugin. If you still desire SPEED after installing the Plugin, you can modify the WP-Cache Plugin code to make your blog even faster!

Category: Optimization

Speed Tips: Add Cache-Control Headers

Post by AskApache Mar 10, 200827 comments

Cache-Control Headers OnUsing Cache-Control headers you can specify which types of proxies can cache certain content, and how long files should be cached.

Category: Htaccess

Page 1 of 3123

My Picks

AskApache Liberty Policy

Live Free or Die
Hacking and Hackers

The use of "hacker" to mean "security breaker" is a confusion on the part of the mass media. We hackers refuse to recognize that meaning, and continue using the word to mean someone who loves to program, someone who enjoys playful cleverness, or the combination of the two. See my article, On Hacking.
-- Richard M. Stallman

Newest Posts

htaccess Guide

Website Speed Tips Series
  1. Turn On Compression
  2. Add Future Expires Header
  3. Add Cache-Control Headers
  4. Turn Off ETags
  5. Remove Last-Modified Header
  6. Use Multiple SubDomains

The power of the Web is in its universality. Access by everyone regardless of disability is an essential aspect. -Tim Berners-Lee

A strong free software movement focused on the principled issues of software freedom and a strong FSF in particular will determine what freedoms the next generation of computer users enjoy. At stake is no less than the next generation's autonomy. -Benjamin Mako Hill


It's very simple - you read the protocol and write the code. -Bill Joy

HTML | DCMI | GRDDL | OGP | XOXO | XDMP | XFN | DOM | XML | XHTML 1.1 Strict | CSS 2.1 | W3C

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 License, just credit with a link.
This site is not supported or endorsed by The Apache Software Foundation (ASF). All software and documentation produced by The ASF is licensed. "Apache" is a trademark of The ASF. NCSA HTTPd.
UNIX ® is a registered Trademark of The Open Group. POSIX ® is a registered Trademark of The IEEE.

Site Map | Contact Webmaster | Glossary | License and Disclaimer | Terms of Service |

↑ TOPMain