Jan 132013

Today I present a really interesting article by   first published on Infosecinstitute.com.

With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

Many risks are possible from a compromise including using the web server into a source of malware, creating a spam-sending relay, a web or TCP proxy, or other malicious activity. The operating system and packages can be fully patched with security updates and the server can still be compromised based purely on a poor security configuration. Security of web applications first begins with configuring the server itself with strict security in mind.

Continue reading »

flattr this!

Dec 072012

This is an article of mine first published on Wazi

PHP is a widely-used language, it offers general purpose scripting that is well suited for Web development. It can be embedded into HTML, and is compatible with all major operating systems such as Linux, many Unix variants, Microsoft Windows, Mac OS X, RISC OS and more.

It works with most major Web servers and it’s the scripting engine of many popular software such as Wordpess, Drupal, phpBB, mediaWiki, Joomla and Moodle just to name a few.

A thing that not everyone know is that you have different choice to run PHP on your Server, the most common option is the one used in the LAMP stack(Linux+Apache+Mysql+PHP): mod_php, this is the more common way to have php working with your web server, but is not the only one and for someone is the worst in terms of performance, other options available are PHP-FPM (FastCGI Process Manager) and PHP FastCGI, another way of running a PHP script from a webserver could be ti use the traditional CGI method but for its poor performance this method is not used anymore

In this article I’ll show you the pros and cons of these different ways to use PHP with your webserver and as first thing I’ll give you a general suggestion to speed up the performance of your PHP.
Continue reading »

flattr this!

Mar 112012

This is an article of mine, originally published on Wazi

WordPress , the popular content management system (CMS), is easy to configure and use, and is well supported by its community of professional consultants. WordPress depends for its operation from a full stack that includes an operating system, database, web server and PHP. If you can optimize this stack, you can improve the performance of your site. Here are some tips and best practices for a configuration that can improve performance without forcing a hardware upgrade.

In the first part of this guide we have seen what to check and modify in the operating system and database server (mysql)
In the second part I have presented the instructions to set the http server (Nginx to be exact) and PHP .

Today we will see APC, the configuration of WordPress and Varnish. Continue reading »

flattr this!

Supercharge WordPress, Part 2

This article of mine has been original published on Wazi WordPress, the popular content managing system (CMS), is easy to set up and use, and well supported by both its community and professional consultants. WordPress depends upon a complete stack that comprises an operating system, database, web server, and PHP. If you can optimize this [...]

Apache Alternatives for Serving PHP

This is an article of mine, already published on wazi Do you have problems serving more than two pages per second on your WordPress or Drupal blog? Do the sites of your competitors serve pages faster than yours? Their secret weapon may be a different web server and PHP combo than Apache and mod_php. But don’t [...]