Tuesday, September 7th, 2010
Oh ya lets get it on! short but sweet
Tags: 500, admin, Apache, askapache, bash, CCZE, Forms, GET, Google, HowTo, Linux, Login, Nice, password, password protection, PHP, Port, Prompt, ram, Security, server, SetEnvIf, Shell, SPEED, SSH, SSI, stat, tmpfs
Posted in DreamHost, Featured, Google, Hacking, Htaccess, Linux Unix BSD, Security, Server Administration, Shell Scripting, Web Hosting, Webmaster, WiredTree, WordPress | No Comments »
Tuesday, February 23rd, 2010
Ok I just came back up to write the intro.. I’m trying to keep it short to avoid getting bogged down by the coolness of each step. Here is what goes on. When I logon to my XP machine at work, I bring my usb key and plug it in first. On logging a window pops up first and it’s a password prompt to mount my encrypted drive leonardo. It also checks a keyfile that is located on my usb key, but all I do now is type in my password. That causes my encrypted folder to be accessible to me like a normal drive, and it autoruns a startup batch file.
The batch file causes Portable versions of Firefox (all my bookmarks, my settings) to load, and launches Portable Mozilla Thunderbird (IMAP makes this work well), which is my favorite program (great GPG features and open-source!). Also Some Adobe CS4 software is loaded from the hard drive, like DreamWeaver. In the background, a service we created executes a PortaPuttY plink command to create forwarded tunnels from various remote servers and accounts, all using key-based encryption. These tunnels are automatically reconnected if they are disconnected, meaning you can use a socks 5 if you want or even better!
Part 1 of 5
Tags: 401, Apache, askapache, ASP, Backups, Bandwidth, bash, bash_profile, Boot, compression, curl, Defrag, Email, encryption, filesystem, Firefox, Flash, GET, Google, GPG, Hard Drive, ionice, Linux, Login, Nice, PageDefrag, password, Performance, Pipelining, Plink, Port, post, Prompt, Putty, ram, rsync, Security, server, servers, Shell, SOCKS, SPEED, SSH, SSH Tunnels, SSI, stat, trick, TrueCrupt, tutorial, USB Drives
Posted in Apache, Cache, Featured, Hacking, Htaccess, Linux Unix BSD, Making Money, Security, Web Design, Web Hosting, Web Tools, Webmaster, WiredTree | 7 Comments »
Monday, January 4th, 2010
There are a total of 57 HTTP Status Codes recognized by the Apache Web Server. Wouldn’t you like to see what all those headers and their output, ErrorDocuments look like?
Tags: 301 Redirect, 302 Redirect, 401, 403 Forbidden, 404 Not Found, 500, 503, admin, Advanced, Apache, askapache, authorization, Bandwidth, curl, Dig, error log, errordocument, Flash, Forms, GET, Google, Htaccess, HTTP Error, HTTP Headers, HTTP Status Codes, httpd, HTTPS SSL, If-Modified-Since, password, Perl, PHP, phpBB, Port, post, ram, Redirect, Redirection, Request Method, Security, SEO, server, servers, Sniffing, Source Code, SSI, stat, tutorial, Wget, Wireshark, WordPress
Posted in Apache, Apache Modules, DreamHost, Featured, Hacking, Htaccess, Linux Unix BSD, Mod_Rewrite, PHP, Server Administration, Web Hosting, Webmaster, WiredTree | 22 Comments »
Sunday, October 18th, 2009
Advanced Web Development by AskApache is a Firefox Collection I created since I’m always trying new Addons out and using multiple computers and I wanted a quick and easy way to install my favorite’s and keep a running list. Firebug, YSlow, LastPass, and Web Developer are the only ones I always use regularly.
I like the idea of the last.fm but it’s not as powerful as the site, which is awesome. Lately listening to Kings of Leon Radio…
Tags: 401, 403 Forbidden, 500, Accessibility, Advanced, Ajax, Apache, askapache, Backups, Cache, caching, CommandLine, console, Cookies, CSS, debugging, Dig, DNS, Email, encryption, feed, Firebug, Firefox, Flash, Forms, GET, Gmail, Google, HTTP Headers, HTTPS SSL, Javascript, Login, Networking, Nice, Pagerank, password, Performance, PHP, Port, post, ram, Scripts, Security, SEO, server, servers, SOCKS, Source Code, SPEED, SSH, SSH Tunnels, SSI, stat, tmpfs, trick, Username, Web Development, Wireshark, WordPress, YSlow
Posted in Cache, Firefox, Google, Hacking, Javascript, Making Money, Music, Review, SEO, Security, Web Design, Web Tools, Webmaster, Windows | 4 Comments »
Monday, October 5th, 2009
If you ever wanted to know the best way to defragment and speed up your Windows-Based PC, I mean you really wanted to know, here is the 2nd part to my article on Windows Speed Optimizing that details the process I have found works really well. Definately not a quick process, and certainly not the best ever, just my best ever and one that you only have to do once to get the benefits.
This article has a lot of incredibly useful (and FREE) tools I recommend, which you can grab and use without reading the article..
Tags: 301 Redirect, admin, Advanced, Apache, askapache, ASP, Backups, Boot, Cache, CommandLine, compression, console, Defrag, Defragmentation, Deframenting, Disk IO, File System, Firefox, Forms, GET, Google, Hard Drive, Linux, Login, MyDefrag, nsa, Optimization, PageDefrag, pagefile, PDF, Performance, PHP, Port, ram, Registry Optimization, Scanners, Scripts, Shell, SPEED, SpinRite, SSI, stat, trick, tutorial, UltraDefrag, Windows XP, Windows XP Optimization
Posted in Cache, Featured, Firefox, Hacking, Linux Unix BSD, Review, Webmaster, Windows | 6 Comments »
Sunday, March 29th, 2009
Tags: Apache, askapache, GET, Google, Htaccess, httpd, httpd.conf, Mod_Rewrite, Mod_Security, Perl, PHP, ram, Rewrite Tricks, Security, SEO, server, servers, stat
Posted in Apache, Google, Htaccess, PHP, SEO | 1 Comment »
Saturday, January 10th, 2009
Skip this – still under edit
I discovered these tips and tricks mostly while working as a network security penetration specialist hired to find security holes in web hosting environments. Shared hosting is the most common and cheapest form of web-hosting where multiple customers are placed on a single machine and “share” the resources (CPU/RAM/SPACE). The machines are configured to basically ONLY do HTTP and FTP. No shells or any interactive logins, no ssh, just FTP access. That is when I started examining htaccess files in great detail and learned about the incredible untapped power of htaccess. For 99% of the worlds best Apache admins, they don’t use .htaccess much, if AT ALL. It’s much easier, safer, and faster to configure Apache using the httpd.conf file instead. However, this file is almost never readable on shared-hosts, and I’ve never seen it writable. So the only avenue left for those on shared-hosting was and is the .htaccess file, and holy freaking fiber-optics.. it’s almost as powerful as httpd.conf itself!
Most all .htaccess code works in the httpd.conf file, but not all httpd.conf code works in .htaccess files, around 50%. So all the best Apache admins and programmers never used .htaccess files. There was no incentive for those with access to httpd.conf to use htaccess, and the gap grew. It’s common to see “computer gurus” on forums and mailing lists rail against all uses and users of .htaccess files, smugly announcing the well known problems with .htaccess files compared with httpd.conf – I wonder if these “gurus” know the history of the htaccess file, like it’s use in the earliest versions of the HTTP Server- NCSA’s HTTPd, which BTW, became known as Apache HTTP. So you could easily say that htaccess files predates Apache itself.
Once I discovered what .htaccess files could do towards helping me enumerate and exploit security vulnerabilities even on big shared-hosts I focused all my research into .htaccess files, meaning I was reading the venerable Apache HTTP Source code 24/7! I compiled every released version of the Apache Web Server, ever, even NCSA’s, and focused on enumerating the most powerful htaccess directives. Good times! Because my focus was on protocol/file/network vulnerabilites instead of web dev I built up a nice toolbox of htaccess tricks to do unusual things. When I switched over to webdev in 2005 I started using htaccess for websites, not research. I documented most of my favorites and rewrote the htaccess guide for webdevelopers. After some great encouragement on various forums and nets I decided to start a blog to share my work with everyone, AskApache.com was registered, I published my guide, and it was quickly plagiarized and scraped all over the net. Information is freedom, and freedom is information, so this blog has the least restrictive copyright for you. Feel free to modify, copy, republish, sell, or use anything on this site ;)
Tags: .htaccess examples, 301 Redirect, 302 Redirect, 401, 403 Forbidden, 404 Not Found, 500, 503, admin, Advanced, Apache, Apache Htaccess, apache ssl, askapache, ASP, authorization, Backups, Bandwidth, bash, Blocking, Boot, Cache, Cache-Control, caching, cheatsheet, chmod, code snippets, compression, Cookies, CSS, debugging, DreamHost, Email, error log, errordocument, Etags, Examples, experiments, feed, FeedBurner, File System, FilesMatch, filesystem, Firefox, Flash, Forms, GET, Google, Hacking, hotlinking, HowTo, Htaccess, htaccess files, htaccess guide, htaccess rewrite, htaccess tricks, htaccess tutorial, Htpasswd, HTTP Error, HTTP Headers, HTTP-EQUIV, httpd, httpd.conf, HTTPS SSL, hyper text transfer protocol, If-Modified-Since, Javascript, Last-Modified, Linux, Login, Logs, mad skills, mod_include, mod_python, Mod_Rewrite, Mod_Rewrite examples, Mod_Security, Mod_Setenvif, mysql, Nice, nsa, password, password protection, PDF, Performance, Perl, PHP, php.ini, phpinfo, Port, post, Powweb, Prompt, Python, ram, Redirect, Redirection, Request Method, Rewrite Tricks, rewritecond, rewriterule, Robot, robots, Sample .htaccess, Scripts, Security, SEO, seo secrets, server, server config, servers, SetEnvIf, Shell, Socket, Source Code, SPEED, SSH, SSI, stat, SymLinks, trick, tutorial, ultimate htaccess, Username, Web Hosting, WordPress
Posted in Apache, Apache Modules, Cache, DreamHost, Featured, Google, Hacking, Htaccess, Linux Unix BSD, Mod_Rewrite, SEO, Security, Web Design, Web Hosting, Web Tools, Webmaster, WordPress | 71 Comments »
Friday, December 19th, 2008
This is all new, experimental, and very very cool. It literally uses .htaccess techniques to create several virtual “locked gates” that require a specific key to unlock, in a specific order that cannot be bypassed. It uses whitelisting .htaccess tricks to specify exactly what is allowed, instead of trying to specify everything that isn’t allowed. Also, by setting specific cookies/tokens after successfully passing through a gate, we can then require the exact cookie/token from the previous gate, which stops an attacker from skipping or bypassing gates.
Tags: 302 Redirect, 401, 403 Forbidden, 404 Not Found, 500, 503, Advanced, Apache, askapache, Cookies, Dig, errordocument, GET, Google, Hacking, Htaccess, htaccess tricks, Htpasswd, httpd, HTTPS SSL, Linux, Login, Mod_Rewrite, password, PHP, phpBB, post, Prompt, ram, Redirect, Rewrite Tricks, rewritecond, rewriterule, Security, server, SetEnvIf, Sniffing, SSI, stat, trick, WordPress
Posted in Apache, Featured, Hacking, Htaccess, Mod_Rewrite, Security | 7 Comments »
Friday, October 17th, 2008
Top 3 ways to speed up websites that use Google Analytics. Host Script Locally, Fix Google-Analytics Cookie Domain, and Failsafe Loading for optimum tracking statistics.
Tags: Analytics, Apache, askapache, Cache, caching, compression, Cookies, DNS, GET, Google, Google Analytics, Htaccess, HTTPS SSL, Javascript, server, Source Code, SPEED, SSI, stat, Tracking Code, Web Hosting
Posted in Ajax, Cache, Featured, Google, Javascript | 10 Comments »
Wednesday, October 1st, 2008
One way I speed up AskApache.com is by downloading external third-party javascript files to host on my own server instead of externally. In addition to the obvious speed boost, this lets you configure the caching and compression settings for the files.
Tags: Advanced, Analytics, Apache, askapache, bash, Cache, caching, compression, curl, debugging, DNS, Google, Google Analytics, Htaccess, Javascript, Mod_Rewrite, Nice, Pipelining, Port, Renice, Rewrite Tricks, Scripts, server, servers, Shell, shell script, Shell Scripting, SPEED, SSI, umask, Web Hosting
Posted in Apache, Cache, Javascript, Linux Unix BSD, Shell Scripting, Web Hosting | 5 Comments »
Friday, September 26th, 2008
List of mainly obscure security software geared more for the master pentester. These are mostly for unix, bsd, and mac and many are difficult to install and setup (require custom servers, inside access points, obscure libraries). Only programs that output data are included, so no actual exploits or anything. Most of these output extremely useful albeit extremely technical information.
Tags: admin, Advanced, Apache, askapache, ASP, Bandwidth, Boot, Cache, CommandLine, console, Cookies, debugging, Dig, DNS, Email, encryption, Ethernet, feed, File Permissions, filesystem, Forms, GET, Google, Hacking, HTTPS SSL, Linux, Login, Logs, Networking, Nice, nsa, password, PDF, Performance, Perl, PHP, Port, post, Prompt, Putty, ram, Redirect, Scanners, Scripts, Security, server, servers, Sessions, Shell, shell script, Sniffing, Socket, SOCKS, Source Code, SPEED, SSH, SSH Tunnels, SSI, stat, Vulnerability, Vulnerability Scanners, Windows XP, Wireshark
Posted in Security | 3 Comments »
Wednesday, July 2nd, 2008
PHP’s fsockopen function lets you open an Internet or Unix domain socket connection for connecting to a resource, and is one of the most powerful functions available in the php language.
Tags: 500, Advanced, Apache, askapache, AskApache Crazy Cache, ASP, Bandwidth, Blocking, Cache, Cookies, CSS, curl, debugging, DNS, Examples, feed, File System, Forms, Fsockopen, GET, Google, Hacking, Htaccess, HTTP Headers, httpd, HTTPS SSL, Linux, Login, Networking, PDF, Performance, PHP, Pipelining, Port, post, ram, server, servers, Snoopy, Socket, SPEED, SSI, stat, trick, WordPress
Posted in Cache, Featured, Hacking, Linux Unix BSD, PHP, Security, Webmaster | 4 Comments »
Tuesday, July 1st, 2008
1 minute Install!
Turns every 404 Not Found error into a SEO traffic generating event! Now you have many unique users with unique IP addresses and cookies searching your blog on all of the Google Indexes… Sweet!
«Take My 404 for a Test-Drive
Tags: 404 Not Found, admin, Ajax, Apache, askapache, AskApache Google 404, errordocument, GET, Google, Htaccess, Logs, PHP, Port, Robot, robots, SEO, trick, WordPress
Posted in Ajax, CSS, Google, Javascript, Making Money, PHP, SEO, Webmaster, WordPress, WordPress Plugins | 118 Comments »
Saturday, May 31st, 2008
DreamHost PS gives you your own “virtual machine”, protecting your CPU and RAM on your physical machine for faster websites. Here’s what I like and dislike about DreamHostPS, and some of the issues and solutions for migrating.
Tags: 500, 503, Advanced, Apache, askapache, Backups, bash, Boot, caching, compression, DNS, DreamHost, errordocument, GET, Google, grep, Htaccess, htaccess files, httpd, HTTPS SSL, Linux, Login, Logs, Nice, password, Perl, PHP, Port, Private Server, Prompt, ram, Renice, Scripts, Security, server, servers, Shell, shell script, SSH, SSI, stat, Username, Web Hosting
Posted in DreamHost, Web Hosting | 14 Comments »
So my blog as been rather quiet for almost a year now, and very few updates if any have been released for my Password Protection PLugin, my Google 404 Plugin, and definately not for my AskApache CrazyCache plugin, which I will be releasing last… So for all of you who’ve helped me out by sending me suggestions and notifying me of errors and sticking with it… Just wanted to say sorry about that, and thanks for all the great ideas.. Well, I’ve been sticking with it as well believe it our not. I manage to get free days once in a while, and then its time to jam.
3-Part article covering practical implementation of 3 advanced .htaccess features. Discover an easy way to boost your SEO the AskApache way (focus on visitors), a tip you might keep and use for life. Get some cool security tricks to use against spammers, crackers, and other nefarious sorts. Take your site’s error handling to the next level, enhanced ErrorDocuments that go beyond 404′s. 
