It is widely known that, if virtual hosts in Apache (httpd) are configured to permit vhost administrators override specific configuration options at the directory level using htaccess files, the web server consumes valuable time in order to check whether an htaccess file exists in every directory included in the requested path and parse it. On [...]

It’s been a while since the details of an SSL/TLS vulnerability have been released to the public. Since then, security experts have worked on the issue and have released a whitepaper describing how to mitigate the attack, known as BEAST (Browser Exploit Against SSL/TLS).

This is a quick note that mod_wsgi daemon processes are now incompatible with mod_python. Upgraded mod_wsgi earlier today in CentOS and saw the following note. I guess this limitation has been around for a while before affecting CentOS/RHEL:

The last incident with the php-cgi errors as a result of a bad PHP script made me re-evaluate the daily reports I receive from the server. I realized that a report about the httpd errors that have occured during the previous day, including all virtualhosts, is more important than I had initially thought. Such a [...]

I am afraid the deployment of Redmine on CodeTRAX.org will be delayed some more. This is because I am skeptical about using mod_fcgid to run two different kinds of web applications on the same web server. This software is pretty much incomplete when it comes to defining classes of applications and setting limits, like the [...]

mod_dav_svn lets you serve subversion repositories through the Apache HTTP Server. mod_dav.so is a requirement for mod_dav_svn.so. If while setting up mod_dav_svn you see the error “undefined symbol: dav_register_provider“, make sure you check the order that the aforementioned modules are loaded. mod_dav must precede mod_dav_svn: LoadModule dav_module modules/mod_dav.so LoadModule dav_svn_module modules/mod_dav_svn.so This will resolve the [...]

One of the most efficient methods to reduce the usage of bandwidth by the web server and, at the same time, increase the speed of the content delivery is to compress your web pages and, generally, all output that is returned to the clients. The compression of the web content can be done using several [...]

mod_gnutls is an experimental Apache module. As long as I had compiled it for the sake of the secure name-based vhosts with SNI test and since I was asked to release the compiled library in this forum post, here it goes. The following is an archived mod_gnutls installation. One word of warning: It also contains [...]

This article describes how to implement SSL-enabled name-based vhosts – that is secure virtual hosts which share the same IP address and port – with the SNI-capable mod_gnutls module for Apache’s httpd web server.

Apache is a very flexible web server implementation. The .htaccess files give the webmasters the ability to override the default server configuration on a per-directory basis, provided that httpd’s configuration pernits the overrides of the htaccess file. I am aware that there are thousands of cheat sheets (aka ready-made recipes) out there, mostly implementing mod_rewrite conditional redirections, but I decided to bookmark this article because it is very well and carefully written.