The document provides an overview of how PHP works with web servers to process requests and return dynamic content. It describes the request lifecycle, from a user entering a URL in their browser, to the server locating and executing the PHP file, to PHP code execution and output returned to the browser. Key steps include the PHP interpreter loading and parsing the PHP file, interacting with databases or APIs, and returning the output back to the server to send to the user's browser.
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Apache error
1.
2. Contents
A. How PHP Works with the Web Server
B. How to secure PHP website from hackers
C. MySQL Optimization tricks
D. Client and Server Error Overview
E. General Troubleshooting Tips
F. 400 Bad Request
G. 401 Unauthorized
H.403 Forbidden
I. 404 Not Found
J. 500 Internal Server Error
K. 502 Bad Gateway
L. 503 Service Unavailable
M.504 Gateway Timeout
N. Conclusion
3. How PHP Works with the Web Server
Introduction
PHP is a popular server-side language that is particularly good for web applications.
The Language
PHP is an interpreted language. This means that you will write code statements (lines of code)
and when a page is requested, the PHP interpreter will load your PHP code, parse it and then
execute it.
The Request Life-cycle
So what exactly is happening when a user types in the URL http://example.org? When a user
types in http://example.org in a Web client (a browser, for instance), the client issues
a GET request to the server. When Apache gets this request, it looks for a file
named index.php . If a file named index.php is found, Apache essentially give this to the PHP
interpreter”. When PHP receives the file it reads through it and executes any PHP code it can
find. After it is done with the file, the PHP interpreter gives the output of the code back to
Apache. When Apache gets the output back from PHP, it sends that output back to a browser
which renders it to the screen.
4. In this diagram, we will assume the user is going to the Laravel website at
http://laravel.com/. The following figure has circled numbers that will highlight the various
stages of the request. A step-by-step explanation of each step follows the figure.
PHP and Apache Output
5. Step 1
The user enters http://laravel.com into their browser and taps/hits ‘enter’.
Step 2
After the user has tapped/hit ‘enter’, the browser sends the page request over the Internet
to the web server.
Step 3
The web server gets the request and analyzes the request information. Apache realizes that
we didn’t specify a file, so it looks for a directory index and finds index.php.
Step 4
Since Apache knows to send files that end with the .php file extension to the PHP
interpreter, it asks PHP to execute the file.
Step 5
In this step, PHP is executing the code contained in the index.php file from the request. During
this step, PHP may interact with databases, the file system or make external API calls, amongst
other things.
6. How to secure PHP website from hackers
You may not think your site has anything worth being hacked for, but websites are
compromised all the time. The majority of website security breaches are not to steal your data
or deface your website, but instead attempts to use your server as an email relay for spam, or
to setup a temporary web server, normally to serve files of an illegal nature.
Step 7
Apache receives the output from PHP and sends it back over the Internet to a user’s web
browser. This is called the web response.
Step 8
The user’s web browser receives the response from the server, and renders the web page on a
computer or device.
Step 6
After PHP has finished executing the index.php file, it sends the output back to Apache.
7. 01. Keep software up to date
02. SQL injection
03. XSS (Cross-site scripting)
04. Error messages
05. Server side validation/form validation
06. Passwords
07. File uploads
08. HTTPS
09. Website security tools
MySQL Optimization tricks
99% of PHP performance problems will be caused by the database, and a single bad SQL
query can play havoc with your web application. MySQL’s EXPLAIN statement, the Query
Profiler, and many other tools can help you find that rogue SELECT.
8. 1. Optimize Your Queries For the Query Cache
2. EXPLAIN Your SELECT Queries
3. LIMIT 1 When Getting a Unique Row
4. Index the Search Fields
5. Index and Use Same Column Types for Joins
6. Do Not ORDER BY RAND()
7. Avoid SELECT *
8. Almost Always Have an id Field
9. Use ENUM over VARCHAR
10. Get Suggestions with PROCEDURE
ANALYSE()
11. Use NOT NULL If You Can
12. Prepared Statements
13. Unbuffered Queries
14. Store IP Addresses as UNSIGNED INT
15. Fixed-length (Static) Tables are Faster
16. Vertical Partitioning
17. Split the Big DELETE or INSERT Queries
18. Smaller Columns Are Faster
19. Choose the Right Storage Engine
20. Use an Object Relational Mapper
21. Be Careful with Persistent Connections
9. When accessing a web server or application, every HTTP request that is received by a server is
responded to with an HTTP status code. HTTP status codes are three-digit codes, and are
grouped into five different classes. The class of a status code can be quickly identified by its
first digit:
1xx: Informational
2xx: Success
3xx: Redirection
4xx: Client Error
5xx: Server Error
List of HTTP status codes
1xx Informational
Request received, continuing process.
10. We will focuses on identifying and troubleshooting the most commonly encountered
HTTP error codes, i.e. 4xx and 5xx status codes, from a system administrator's perspective. There
are many situations that could cause a web server to respond to a request with a error code--we
will cover common potential causes and solutions.
2xx Success
This class of status codes indicates the action requested by the client was received, understood, accepted, and
processed successfully.
3xx Redirection
This class of status code indicates the client must take additional action to complete the request. Many of these
status codes are used in URL redirection. A user agent may carry out the additional action with no user interaction
only if the method used in the second request is GET or HEAD. A user agent may automatically redirect a request.
A user agent should detect and intervene to prevent cyclical redirects.
11. Client and Server Error Overview
Client errors, or HTTP status codes from 400 to 499, are the result of HTTP requests sent by
a user client (i.e. a web browser or other HTTP client). Even though these types of errors are
client-related, it is often useful to know which error code a user is encountering to determine
if server configuration can fix the potential issue.
Server errors, or HTTP status codes from 500 to 599, are returned by a web server when it is
aware that an error has occurred or is otherwise not able to process the request.
12. General Troubleshooting Tips
•When using a web browser to test a web server, refresh
the browser after making server changes
•Check server logs for more details about how the server
is handling the requests. For example, web servers such
as Apache or Nginx produce two files
called access.log and error.log that can be scanned for
relevant information
•Keep in mind that HTTP status code definitions are part
of a standard that is implemented by the application that
is serving requests. This means that the actual status code
that is returned depends on how the server software
handles a particular error--this guide should generally
point you in the right direction
13. Now that you have a high-level understanding of HTTP status codes, we will look at
the commonly encountered errors.
400 Bad Request
The 400 status code, or Bad Request error, means the HTTP request that was sent to the
server has invalid syntax.
Here are a few examples of when a 400 Bad Request error might occur:
The user's cookie that is associated with the site is corrupt. Clearing the browser's cache and
cookies could solve this issue
Malformed request due to a faulty browser
Malformed request due to human error when manually forming HTTP requests (e.g.
using curl incorrectly)
14. 401 Unauthorized
The 401 status code, or an Unauthorized error, means that the user trying to access the
resource has not been authenticated or has not been authenticated correctly. This means that
the user must provide credentials to be able to view the protected resource.
An example scenario where a 401 Unauthorized error would be returned is if a user tries to
access a resource that is protected by HTTP authentication. In this case, the user will receive
a 401 response code until they provide a valid username and password (one that exists in
the .htpasswd file) to the web server.
403 Forbidden
The 403 status code, or a Forbidden error, means that the user
made a valid request but the server is refusing to serve the request,
due to a lack of permission to access the requested resource. If you
are encountering a 403 error unexpectedly, there are a few typical
causes that are explained here.
15. File Permissions
403 errors commonly occur when the user that is running the web server process does not
have sufficient permissions to read the file that is being accessed.
To give an example of troubleshooting a 403 error, assume the following situation:
.htaccess
Another potential cause of 403 errors, often intentinally, is the use of an .htaccess file.
The .htaccessfile can be used to deny access of certain resources to specific IP addresses or
ranges.
Index File Does Not Exist
If the user is trying to access a directory that does not have a default index file, and directory
listings are not enabled, the web server will return a 403 Forbidden error. For example, if
the user is trying to access http://example.com/emptydir/, and there is no index file in
the emptydir directory on the server, a 403 status will be returned.
If you want directory listings to be enabled, you may do so in your web server configuration.
16. 404 Not Found
The 404 status code, or a Not Found error, means that the user is able to communicate with
the server but it is unable to locate the requested file or resource.
Does the link that directed the user to your server resource have a typographical error in it?
Did the user type in the wrong URL?
Does the file exist in the correct location on the server? Was the resource was moved or
deleted on the server?
Does the server configuration have the correct document root location?
Does the user that owns the web server worker process have privileges to traverse to the
directory that the requested file is in? (Hint: directories require read and execute
permissions to be accessed)
Is the resource being accessed a symbolic link? If so, ensure the web server is configured to
follow symbolic links
17. 500 Internal Server Error
The 500 status code, or Internal Server Error, means that server cannot process the request
for an unknown reason. Sometimes this code will appear when more specific 5xx errors are
more appropriate.
This most common cause for this error is server misconfiguration (e.g. a
malformed .htaccess file) or missing packages (e.g. trying to execute a PHP file without PHP
installed properly).
502 Bad Gateway
The 502 status code, or Bad Gateway error, means that the server is a gateway or proxy server,
and it is not receiving a valid response from the backend servers that should actually fulfill the
request.
If the server in question is a reverse proxy server, such as a load balancer, here are a few things
to check:
The backend servers (where the HTTP requests are being forwarded to) are healthy
The reverse proxy is configured properly, with the proper backends specified
18. The network connection between the backend servers and reverse proxy server is healthy. If
the servers can communicate on other ports, make sure that the firewall is allowing the
traffic between them
If your web application is configured to listen on a socket, ensure that the socket exists in
the correct location and that it has the proper permissions.
503 Service Unavailable
The 503 status code, or Service Unavailable error, means that the server is overloaded or
under maintenance. This error implies that the service should become available at some point.
If the server is not under maintenance, this can indicate that the server does not have enough
CPU or memory resources to handle all of the incoming requests, or that the web server needs
to be configured to allow more users, threads, or processes.
19. 504 Gateway Timeout
The 504 status code, or Gateway Timeout error, means that the server is a gateway or proxy
server, and it is not receiving a response from the backend servers within the allowed time
period.
This typically occurs in the following situations:
The network connection between the servers is poor
The backend server that is fulfilling the request is too slow, due to poor performance
The gateway or proxy server's timeout duration is too short