HTTP2 allows web servers to serve multiple content streams on the same connection. This can reduce server and network load. I have updated my Ubuntu Apache servers to enable HTTP2.
After installing the latest Ubuntu release, I needed to redo the switch to the event Multi-Processing Module (MPM) and switch PHP content delivery back to the php-fpm daemon. I had to repeat the process I originally used as documented here.
There are a number of methods to attach a web site and its viewers’ browsers. Many of these have simple fixes that can be applied in the Apache configuration file. This article presents some of the headers that can be applied
(more…)A StackExchange question on using HAProxy’s capture feature to pass data from TCP mode to HTTP mode prompted me to update my SSL configuration. This was intended to get an A+ rating from SSL Labs by sending non-SNI capable clients to a server with weaker ciphers. This was to enable clients on WinXP/IE8, Java 6, and an old Android version to connect. I found a solution without having to have two sets of ciphers and handling traffic in both the TCP mode and HTTP mode. I then optimized my settings to a minimal list of cipher specifications.
The new Poodle vulnerability lead me to disable SSLv3 on my Ubuntu server. I have TLS/SSL enabled on three services: apache2, exim4, and dovecot2. Each service required a different method to disable SSLv3. While SSLv3 is mostly history, the techniques I used can be applied to other TLS versions.
Ubuntu uses configuration files split into small pieces. The method should apply to other distributions, although the configuration files may be arranged differently.
(more…)I am now using Report Magic for Analog with my Analog installation. My last attempt had failed miserably, but this time it went extremely well. I found Logwrangler which does a lot of the work. I encountered an incompatibility between Report Magic and an updated graphics library. Once the patch was applied the program ran well. All that was left was tuning the report layout and the interaction with Logwrangler. (more…)
Analog is a fast and flexible web log analysis tool. Its configuration can consist of several files nested using include statements. This allows common configuration items to be grouped in separate files. The minimal site specific configuration items can be contained in small include files. Similarly, time period specific include files allow for reports by time period to be easily configured. Each report then requires a configuration file, which includes a few other files.
I have reviewed and updated my previous documentation for analog. This site is hosted on a new server, and I needed to setup analog for the new server. I also made changes to the list of virtual sites being hosted. I generate report sets for each site as well as an overview report for all sites. Each report set includes reports for covering the latest week, month, and year of data. (more…)