Category Archives: Server Configuration - Page 2

How to hide PHP version in the HTTP Headers

In default Apache/PHP configuration, the server sends HTTP Header with the information of which PHP version is running on the server. The HTTP response header “X-Powered-By” displays the version of PHP that is running on the server. This information can be used by hackers to try to exploit any vulnerabilities in the PHP version you are running, specially if you are running an older version with known vulnerabilities.

Sample HTTP Response Header:

HTTP/1.1 200 OK
Date: Sun, 04 Nov 2012 07:24:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
Vary: Accept-Encoding,Cookie

Read more »

Schedule crons using crontab

Many times we need to have some process to run automatically at set times or after set intervals. This can be easily done in Linux/Unix by using cron jobs. In this post I’ll talk cron and crontabs.

Topics Covered:

Read more »

Migrating servers using DNS TTL for minimum downtime

You have your site running on an old hardware and want to migrate it to a new upgraded hardware which would result in change of the ipaddress of your site and in turn imply downtime for your site. You want to minimize the downtime due to the change in ipaddress. This can be easily achieved using the Time-to-live (TTL) values of the Domain Naming Service (DNS) entries of your website.

The users usually use your site name and not the ipaddress to visit to your site. DNS is used to resolve the site name to the correct ipaddress. The DNS entry is stored at various levels (browser, OS, proxy server, DNS servers, etc) and is cached for a specific period called as Time-to-live (TTL). Once the TTL expires, the DNS record will be fetched again from the DNS Server. Usually the TTL for a DNS entry is specified as 3600 sec (i.e. 1 hr). The TTL values can be even lower (0, i.e. no caching) or higher (up to 68 years).

Read more »

How and when to use robots.txt file

We have heard of crawlers and bots are crawling our sites to scrap content for various reasons like indexing in search engines, identifying content, scanning email addresses, etc. There are all kinds of crawlers/bots which crawl websites. While some are good which should be allowed access to our site, but we might want to restrict some. In this post we will see how we can do this.

Topics Covered:

Read more »

more .htaccess tips

In my previous post .htaccess tips I had started with what is .htaccess file and some things that can be done using it. In this post I’ll cover more about .htaccess files.

Topics Covered:

Read more »