Recent Entries
- Recovering from a Broken Partition Table
- RewriteRule in htaccess vs httpd.conf
- Running PHP through mod_fcgid
- How They Got Your Password
- Installing mod_reqtimeout on cPanel
- Following the Hacker — passwords
- Using Nginx as a reverse-proxy
- Dead-simple templates in PHP
- Tell-a-friend SPAM
- PHP mail via SMTP
View by topic -- Apache
This listing shows articles relating to this single topic, making it easier to find all the articles that deal with a given subject.
RewriteRule in htaccess vs httpd.conf
Typically Apache’s RewriteRule sets from mod_rewrite go in .htaccess files, but sometimes you have a good reason to put them in your general server config instead: your httpd.conf or apache2.conf file (or a file you Include from one of those). If you’ve done this before, you’ve probably been surprised that it didn’t work quite the […]
Installing mod_reqtimeout on cPanel
The Apache module mod_reqtimeout is a simple and effective way to protect yourself from the Slowloris attack. But the cPanel team still does not include support for mod_reqtimeout in the EasyApache build utility, even though the module is a core part of the Apache web server distribution. But that doesn’t leave us completely powerless: we can add this support ourselves.
Following the Hacker — passwords
At TL Tech we spend a lot of time tracking down hackers. What we find often illustrates important lessons in what not to do in web security. In this example, a user was a victim of a previous attack caused by a vulnerable PHP extension that has since been removed. The site owner evicted the […]
Installing mod_cloudflare on cPanel
Here you’ll find an installer script that adds mod_cloudflare to your EasyApache build system included with cPanel servers. The CloudFlare module automatically translates visitor IP addresses to reflect the visitor’s original IP address rather than the IP address of the CloudFlare proxy servers.
Force SSL with .htaccess
Here’s a generic .htaccess excerpt that you can use to redirect users to the SSL-enabled version of the page they requested. Just drop it into any directory you want to enforce security on, and you’re done (no modification necessary).
Referrer Checking with .htaccess
Referrer checking is a mechanism to restrict the way web resources are used. You can cut-and-paste this code into any domain without having to change anything about it.