This presentation cover Adobe AEM Dispatcher security and CDN and browser caching.
This presentation is the second part of a webinar on AEM Dispatcher:
http://dev.day.com/content/ddc/en/gems/dispatcher-caching---new-features-and-optimizations.html
Visit url above to view the whole presentation. Domique Pfister the primary engineer developing AEM Dispatcher covers the first part on new features.
Last updated on Dec 12, 2014
The Sightly template language, shipped with Adobe Experience Manager 6.0, simplifies a lot the component development workflow by allowing front-end developers to edit components themselves directly.
Learn about the main features of that template language, and about the tools available to make project development work more efficient.
Sample code: https://github.com/cqsupport/webinar-dispatchercache
Webinar Recording: http://my.adobeconnect.com/p7th2gf8k43/
Optimizing dispatcher cache covering:
Best practices for using the dispatcher
Tips and tricks for improving performance
Common pitfalls to avoid
How to design your site so you get the most out of your Dispatcher
Learn the best practices and advanced techniques.
* Passing data to client libs, use the data attribute
* Expression contexts, choose wisely
* Use statement best practices, what fits best your needs
* Template & Call statements advanced usage
* Parameters for sub-resources, featuring resource attributes and synthetic resources
RichText Editor (RTE) is an integral component of AEM and it provides AEM authors a WYSIWYG text-editing experience on the web pages. RTE offers diverse configurations to developers.
This presentation provides an in-depth understanding of this component and shows various concepts, use-cases, modes, configurations, best practices, limitations and troubleshooting that surround it.
E-Seminar recording published here -
https://helpx.adobe.com/experience-manager/kt/eseminars/gems/AEM-Rich-Text-Editor-RTE-Deep-Dive1.html
Ask the AEM Community Expert : May Session. This session will cover in depth sling concepts such as Sling Selectors, Default Sling Post Servlet, Sling Models, and the Sling API.
Last updated on Dec 12, 2014
The Sightly template language, shipped with Adobe Experience Manager 6.0, simplifies a lot the component development workflow by allowing front-end developers to edit components themselves directly.
Learn about the main features of that template language, and about the tools available to make project development work more efficient.
Sample code: https://github.com/cqsupport/webinar-dispatchercache
Webinar Recording: http://my.adobeconnect.com/p7th2gf8k43/
Optimizing dispatcher cache covering:
Best practices for using the dispatcher
Tips and tricks for improving performance
Common pitfalls to avoid
How to design your site so you get the most out of your Dispatcher
Learn the best practices and advanced techniques.
* Passing data to client libs, use the data attribute
* Expression contexts, choose wisely
* Use statement best practices, what fits best your needs
* Template & Call statements advanced usage
* Parameters for sub-resources, featuring resource attributes and synthetic resources
RichText Editor (RTE) is an integral component of AEM and it provides AEM authors a WYSIWYG text-editing experience on the web pages. RTE offers diverse configurations to developers.
This presentation provides an in-depth understanding of this component and shows various concepts, use-cases, modes, configurations, best practices, limitations and troubleshooting that surround it.
E-Seminar recording published here -
https://helpx.adobe.com/experience-manager/kt/eseminars/gems/AEM-Rich-Text-Editor-RTE-Deep-Dive1.html
Ask the AEM Community Expert : May Session. This session will cover in depth sling concepts such as Sling Selectors, Default Sling Post Servlet, Sling Models, and the Sling API.
Version 6 of Adobe Experience Manager (AEM 6) is a major release that introduces significant innovations. Sightly is a new template system to be used in place of (or together with) JSP. Along with Sling Models, SIghtly strongly improves the separation between the logic and presentation. The development effort is reduced because a Sightly template is an HTML 5 document, easily maintainable even by front-end developers.
The presentation provides an overview of the basic features of Sightly and introduces the fundamentals of the new development model with the support of tools released release together with AEM 6.
Learn how to build RESTful API using Node JS with Express Js Framework. Database used is Mongo DB (Mongoose Library). Learn Step by step what is Node JS, Express, API and Mongo DB. Explain and sample code step to build RESTful API
AEM Best Practices for Component DevelopmentGabriel Walt
This presentation describes how to easily get started with an efficient development workflow with Adobe Experience Manager 6.1.
The tools and technologies presented are:
* Project Archetype – https://github.com/Adobe-Marketing-Cloud/aem-project-archetype
* AEM Eclipse Extension – https://docs.adobe.com/docs/en/dev-tools/aem-eclipse.html
* AEM Brackets Extension – https://docs.adobe.com/docs/en/dev-tools/aem-brackets.html
* Sightly Template Language – http://www.slideshare.net/GabrielWalt/component-development
* Sightly REPL Tool – https://github.com/Adobe-Marketing-Cloud/aem-sightly-repl
* Sightly TodoMVC Example – https://github.com/Adobe-Marketing-Cloud/aem-sightly-sample-todomvc
This was presented at Adobe's 'Ask the AEM Expert' Session. This session covered
Introduction to the core components
How to use and when to use the core components
My slides from WordCamp Dhaka 2019 on WordPress Scaling. In this session I explained performance optimisation using HTTP/2, Caching and compressing resources.
I also explained how to Dockerize WordPress to make it easier to scale.
Scaleable PHP Applications in KubernetesRobert Lemke
Kubernetes is also called the "distributed Linux of the cloud" – which implies that it provides fundamental infrastructure, which can solve a lot of challenges. Let’s see how PHP applications fit into this picture. In this presentation, we are going to explore when Kubernetes is a good fit for operating your PHP application and how it can be done in practice. We’ll look at the whole lifecycle: how to build your application, create or choose the right Docker images, deploy and scale, and how to deal with performance and monitoring. At the end you will have a good understanding about all the different stages and building blocks for running a PHP application with Kubernetes in production.
Version 6 of Adobe Experience Manager (AEM 6) is a major release that introduces significant innovations. Sightly is a new template system to be used in place of (or together with) JSP. Along with Sling Models, SIghtly strongly improves the separation between the logic and presentation. The development effort is reduced because a Sightly template is an HTML 5 document, easily maintainable even by front-end developers.
The presentation provides an overview of the basic features of Sightly and introduces the fundamentals of the new development model with the support of tools released release together with AEM 6.
Learn how to build RESTful API using Node JS with Express Js Framework. Database used is Mongo DB (Mongoose Library). Learn Step by step what is Node JS, Express, API and Mongo DB. Explain and sample code step to build RESTful API
AEM Best Practices for Component DevelopmentGabriel Walt
This presentation describes how to easily get started with an efficient development workflow with Adobe Experience Manager 6.1.
The tools and technologies presented are:
* Project Archetype – https://github.com/Adobe-Marketing-Cloud/aem-project-archetype
* AEM Eclipse Extension – https://docs.adobe.com/docs/en/dev-tools/aem-eclipse.html
* AEM Brackets Extension – https://docs.adobe.com/docs/en/dev-tools/aem-brackets.html
* Sightly Template Language – http://www.slideshare.net/GabrielWalt/component-development
* Sightly REPL Tool – https://github.com/Adobe-Marketing-Cloud/aem-sightly-repl
* Sightly TodoMVC Example – https://github.com/Adobe-Marketing-Cloud/aem-sightly-sample-todomvc
This was presented at Adobe's 'Ask the AEM Expert' Session. This session covered
Introduction to the core components
How to use and when to use the core components
My slides from WordCamp Dhaka 2019 on WordPress Scaling. In this session I explained performance optimisation using HTTP/2, Caching and compressing resources.
I also explained how to Dockerize WordPress to make it easier to scale.
Scaleable PHP Applications in KubernetesRobert Lemke
Kubernetes is also called the "distributed Linux of the cloud" – which implies that it provides fundamental infrastructure, which can solve a lot of challenges. Let’s see how PHP applications fit into this picture. In this presentation, we are going to explore when Kubernetes is a good fit for operating your PHP application and how it can be done in practice. We’ll look at the whole lifecycle: how to build your application, create or choose the right Docker images, deploy and scale, and how to deal with performance and monitoring. At the end you will have a good understanding about all the different stages and building blocks for running a PHP application with Kubernetes in production.
Cloud Community Engineering - Holiday readinessOleg Posyniak
In this presentation, B. Korablov, B. Batschelet, and O. Posyniak will provide an overview on how to prepare your Magento Cloud environment for Holidays
Site Speed = Success – Optimising WordPress from the Server Up - Presented by...WordCamp Harare
I’d like to talk on how to make WordPress fly on the various different levels available to you, from right down as simple as basic steps to take within WordPress or as advanced as server tweaks, will use my time hosting Techzim as a case study example
My talk on wordpress and website performance and quick tips + advanced on how to improve website performance
Video at http://wordpress.tv/2017/01/04/anthony-somerset-site-speed-success-optimising-wordpress-from-the-server-up/
High Performance Wordpress: “Faster, Cheaper, Easier : Pick Three”Valent Mustamin
High Performance Wordpress: “Faster, Cheaper, Easier : Pick Three”
, by Harry Sufehmi (http://twitter.com/sufehmi), for WORDCAMPID - WordCamp Indonesia 2010. Auditorium Gunadarma University, Depok, January 30, 2010
Reducing latency on the web with the Azure CDN - DevSum - SWAGMaarten Balliauw
Serving up content on the Internet is something our web sites do daily. But are we doing this in the fastest way possible? How are users in faraway countries experiencing our apps? Why do we have three webservers serving the same content over and over again? In this session, we’ll explore the Azure Content Delivery Network or CDN, a service which makes it easy to serve up blobs, videos and other content from servers close to our users. We’ll explore simple file serving as well as some more advanced, dynamic edge caching scenarios.
The need to scale is in high demand in an age where everything is moving to the cloud. Though the standard Apache configuration could handle a website with moderate traffic, the minute it gets slash dotted or twitted multiple times could spell an embarrassing crash landing! If you are the administrator of such a website then good luck finding another job! On the other hand you value high availability in the midst of popularity then read on. On this one day workshop, we will show you how to scale your website and webapps to scale to handle thousands of simultaneous sessions the right way. The topics covered will include:
- Setting up Apache and NGiNXM
- Setting up a sample LAMP web app
- Benchmarking Apache performance
- Fine tuning Apache to improve performance
- Fine tuning NGiNX to improve performance
- Discussion about code level improvements when developing custom webapps using PHP
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Thanks Dominique, Hi my name is Andrew Khoury and today I’ll be covering
some basic tips on how to secure your dispatcher
and how to leverage a CDN and client-side browser caches to improve your site beyond what dispatcher provides.
Before watching this presentation, you should already have a basic understanding of
the HTTP protocol,
Apache HTTP Server configurations
and an understanding of what the AEM dispatcher is and how to use it.
Before securing dispatcher, here are some things you can do to make apache http server a little more secure:
First of all, keep your Apache server binaries up to date as security patches are released all the time.
be aware of the latest apache security reports
limit the files and directories that the apache user has access to.
if you are not using htaccess files then disable them,
If you are using SSI then use IncludesNOEXEC instead of Includes to make it so SSI calls cannot execute commands on the Operating system shell.
Disable user directories as this sometimes can expose information that we don’t intend to share.
Block directory listing in apache to prevent users from exploring the server
Disable any apache modules
Use mod_security or some other intrusion detection and prevention system.
This diagram shows a basic AEM architecture.
You can use this diagram as a reference for how you would configure your firewalls.
The idea here is to only allow traffic to flow in the direction it needs to and over the ports it needs to.
When configuring your firewalls, keep in mind that
if you are not disabling the link checker then you will need to allow all
outbound tcp/ip connections from author and publish instances.
If you plan on disabling the link checker, but need to integrate with Adobe’s
Cloud services then you can refer to the Adobe knowledge base for a list of ip
addresses to allow outbound connections to.
If you are familiar with basic AEM architecture
then you know that your web server and dispatcher
are your last line of defense before a request can
reach the publish instances.
Due to this, it is important to lock down your dispatcher and block as much unwanted traffic as possible before it reaches the publish instances.
As a first step in locking down your dispatcher’s security you should always keep the dispatcher binary up to date with the latest security fixes.
The next important thing is to
Create a strong set of filter rules in your dispatcher.any file. Filter rules will help
You keep bad traffic from reaching your publish instances.
When implementing the filter rules, it is best to use a whitelist.
This means that you deny all first, then
Only allow the requests you need for your site to function properly.
When creating allow rules, be specific as to request methods and URL patterns you want to allow.
For deny rules, be as general as possible to block all variations of bad requests.
Also, If you use the vanity URL feature in AEM then in order to implement a white list you will need to leverage the new dispatcher feature that Dominique covered earlier.
(Show dispatcher.any file) Now I’ll quickly show you my dispatcher.any filter rules.
After configuring filter rules, the next thing to consider is authentication.
If your site doesn’t allow users to log in then block users from authenticating against experience manager.
To do this, Block HTTP basic auth by listing all request headers in the /clientheaders and omit the authorization header.
Then block AEM token auth by filtering out all requests for j_security_check
For additional security, you could also block any request methods that are not supported by the site at the apache level in your httpd.conf using the LimitExcept directive.
Even with the best Filter rules you cannot filter out all invalid request patterns.
So to protect the dispatcher further there are a few things that can help.
Make sure that your error responses such as 404 not found return the correct error codes and don’t return status 200.
Cache your custom error pages in the dispatcher cache by configuring the DispatcherPassError feature.
Return 403 or 404 for bad querystring or selectors in URLs
This can be done by using the open source cq-urlfilter tool or by implementing your own javax.servlet.Filter that blocks the unwanted traffic.
One other setting that can help protect your publish instances is to set the serveStaleOnError flag. This flag tells the dispatcher to serve whatever cached files it has in case all publish instances are inaccessible.
Additionally, to protect against false dispatcher flushes we should always set /allowedClients with IP addresses of the publish instances to restrict which servers can perform dispatcher flushes.
If your site has any expensive requests such as RSS feeds or large site maps then it might make sense to exclude those requests from the dispatcher cache rules and use a periodic script to cache those files instead.
To do this, you would block the url in the /filter section of dispatcher.any and use a script like the one on this slide to handle re-requesting and re-caching the file.
If you don’t use querystrings in your site then set/ignoreUrlParams to allow requests with querystrings to get cached. This feature basically lets you specify rules for which querystrings you want to remove from the url before forwarding the request to the publish instance.
Finally, one thing you can do to prevent running out of apache threads is to set the connection /timeout in the /renders section of dispatcher.any in case requests are hanging, waiting on the publish instances.
The next step in keeping your site running smoothly is to leverage other upstream caches such as browser caches and CDNs.
First I’ll start with CDNs.
If you are not familiar with CDNs, they are large distributed networks of cache servers that optimize content delivery using geographical proximity.
To manage your cached content within a CDN, most of the time people rely on Cache-Control headers or manually configured TTLs to control the freshness of the cache.
Some CDN providers such as Akamai support on demand flush requests.
A CDN in our case is yet another way of reducing the amount of traffic that reaches the back-end.
When integrating a CDN with AEM and dispatcher there are multiple options.
We can…
(read numbers)
Here are the pros and cons
One issue that can come up when integrating a CDN into your AEM architecture is that non-cacheable requests respond with the headers set by AEM, not apache. This presents an issue when the response is served without a Cache-Control header set as some CDNs cache these responses.
The solution is to set cache-control headers at the AEM level so that if a file is non-cacheable it will still have the correct headers.
When integrating a CDN with your AEM instances it is nice to be able to
Cache js, css and other static files for a very long time by using a unique URL per version.
And to be able to implement domain sharding
It’s basically where you use multiple subdomains pointing to your CDN to serve resources such as images, js and css. By using multiple domains the browser is able to download files in parallel and the page will load faster.
To do this, the Adobe consulting team has implemented two tools
The first is called versioned clientlibs which adds a unique identifier to clientlib urls
The second is called Static reference rewriter which rewrites certain urls to point to a different domain. It also supports domain sharding.