About me➡ Film school graduate with a mathematics degree➡ Became a magazine writer and editor➡ Had to get content on the Web➡ Slid from print editorial to online➡ Led development teams➡ Started building sites➡ Learned to do real programming➡ Became interested in Drupal➡ Fell in love with Drupal and was hired by Zivtech
A human analogy...You’ve got an oﬃce, many ﬁles, manyclients, each with diﬀerent needs.People keep calling and asking forinformation. Each request requires youto dig around in some more papers foran answer.
A human analogy...Soon, you’re putting people on hold asyou service requests. Clients are gettingangry.You’ve even gone so far as to putcommon information on sticky notes butyou still need to ﬁnd them when asked.
Meet your secretaryAfter hearing an answer to a questioncan just answer the question againthe next time from memory.
A human analogy...In this setup, you, the person in themessy oﬃce, are Web server (Apache).Your secretary with that brilliantmemory, that’s the reverse-proxy cache.
A real setupApache and PHP do the heavy lifting.Varnish is the reverse-proxy cache.
VarnishA reverse-proxy not thisHTTP acceleratorPopular amongDrupal devsSmart conﬁguration,very ﬂexible CC license Rubber Dragon ﬂickr.com/photos/rubberdragon/
VarnishStandard package on many Linux variantsCustom conﬁguration language (vcl ﬁles)Speaks HTTP, knows HTTP, loves HTTP
VarnishVarnish is a quick solution to improve theresponsiveness of your site for most users.Let’s change topic for a moment.
Security is a featureYour site is an investment. - time - money - resourcesThe trust of your users isan asset. CC license Ice Sabre ﬂickr.com/photos/icesabre/
Security is a featureThe Internet is a scary place.At least we have good crypto.Crypto doesn’t solve everything.But it solves a lot... CC license Ice Sabre ﬂickr.com/photos/icesabre/
Security is a featureSSL everywhere is worthconsidering.The overhead isn’t much(potentially negligible on abig Drupal site). CC license Ice Sabre ﬂickr.com/photos/icesabre/
Back to the analogy...We can think of HTTP and HTTPS astwo diﬀerent languages.Consider HTTP as Englishand HTTPS as French.Let’s say you want to start doingbusiness with French speakers.
But your secretary doesn’t speak FrenchThis isn’t going towork so well.If all your calls are inFrench she’ll be nohelp at all.
VarnishYeah Varnish doesn’t handle SSLtermination (i.e. it doesn’t speak HTTPS)and it’s not going to.
That’s cool.Other things doPound is another reverseproxy tool that handles SSLterminationSomewhat lacking indocumentation and sparkyhow-to guides on the Internet I made this logo up
PoundHandles load balancingCan remove servers that failfrom rotationCan send requests for static ﬁlesto a diﬀerent physical server (orserver service like lighthttpd) I made this logo up
Pound“Pound does not access the hard-disk at all (except for reading thecertiﬁcate ﬁle on start, if required)and should thus pose no securitythreat to any machine.”I liked this quote from the Pound Web site athttp://www.apsis.ch/pound I made this logo up
Pound is your new translatorFluent in both Frenchand EnglishCan pass messagesfrom your Frenchcallers to your brainysecretary.