Category Archives: Apache

Preserve remote IP address with HAProxy on CENTOS

March 20, 2014 7:05 am /

If you install HAProxy on your server, you will notice that the remote IP address in the logs and webapps will display the IP of the proxy and not the remote IP address of the client. You can set HAProxy to forward the client IP address to the web server via the “forwardfor” configuration. Once that is done, configure the web server to read the forwarding IP address header.

Make sure you have the following configuration for HAProxy: /etc/haproxy/haproxy.cfg

option http-server-close
option forwardfor       except 127.0.0.0/8

 

If you are using Lighttpd, there is a module called mod_extforward that you can set to forward the original IP address:

http://redmine.lighttpd.net/projects/1/wiki/Docs_ModExtForward

 If you are using Apache, here are the instructions to preserve the remote IP address:

Install Apache Mod_Extract_Forwarded package: (you need to have the EPEL repository)

yum install mod_extract_forwarded

Configure: /etc/httpd/conf.d/mod_extract_forwarded

MEFaccept 127.0.0.1

Replace the 127.0.0.1 with your proxy IP address (e.g. 192.168.50.50)

Restart Apache

apachectl restart
Posted in: Apache, Linux / Tagged:

Fix: WordPress with password protected subdirectories

July 12, 2012 9:51 am /

If you use WordPress on your root web folder, subdirectories password protected with .htaccess do not work. Users will not get the ability to put in their username and password to access the page. The Apache rewrite rules included in WordPress will forward users to the 404 error page instead.

To get around this, you will need to create a 401 error page in the web root directory (e.g. ~/public_html/401.html) and add the following line to the .htaccess file located in your web root directory.

ErrorDocument 401 /401.html

This also works for other apps using Apache Rewrite Rules, such as Drupal.

Posted in: Apache, wordpress / Tagged: , ,

Qualys SSL Labs – SSL web server testing

April 24, 2012 2:49 pm /

Qualsys SSL Labs is a free resource to test your SSL web server configuration. It’ll test for vulnerabilities, certificate validity, supported standards, and more.
https://www.ssllabs.com/ssltest/index.html

 

Posted in: Apache / Tagged:

Modifying awstats to show total hits for matching files

November 3, 2011 1:22 pm /

Here’s a quick modification to awstats that allows you to add a totals field for the “Viewed – Full List” option. There isn’t a total hits field for matching files in awstats, so I added one to make it more useful. This makes it a lot quicker to total up hits for a specific folder, file type, or specific file in awstats.

Read More →

Posted in: Apache / Tagged: , ,

Setting up mod deflate on Apache2 for Debian to reduce server bandwidth

June 8, 2011 12:28 pm /

Mod deflate in Apache 2 is a great way to save on server bandwidth since it can compress files (js/xml/html/css) before it is sent to the client. Most web browsers support gzip compression (90%+) so this is a great way to reduce the amount of traffic sent by the server. It also helps with the Google Page Speed result.

To setup Apache2 with mod deflate in Debian, enable mod deflate:
a2enmod deflate

This should place 2 files inside /etc/apache2/mods-enabled — deflate.conf and deflate.load.

Edit deflate.conf and copy the following configuration. This configuration is for compressing html, js, css, xml, and text files. It also ignores compression for browsers without support for gzip compression.

AddOutputFilterByType DEFLATE text/html text/plain text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE text/plain text/xml text/x-js text/css
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

After completing the changes, restart the Apache2 service
/etc/init.d/apache2 restart

http://httpd.apache.org/docs/2.0/mod/mod_deflate.html

Posted in: Apache / Tagged: ,

Post Navigation

Older Posts