Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Apache Tips
& Tricks
Fabio Wakim Trentini
Agenda
Apache?

MPMs

Módulos

Proxy Reverso

URL Rewriting

Segurança

Performance
Apache?

A PAtCHy server
Suporta uma grande variedade de plataformas
Flexibilidade
Segurança
Apache?
Desde março/1996 é o
servidor mais usado na
internet
Em junho/2009 tem
47,12% de market
share
IIS tem 24,80%
Fonte...
MPMs

Multi Processing Modules
  prefork (1.3)
  worker (2.0)
  event (2.2)
ThreadsPerChild

                               worker
                               thread

  parent httpd   child httpd...
ThreadsPerChild   MinSpareThreads

                               worker
                               thread

  parent h...
ThreadsPerChild   MinSpareThreads

                               worker
                               thread

  parent h...
ThreadsPerChild   MinSpareThreads

                               worker
                               thread

  parent h...
Módulos


core
73 módulos
171 módulos pra apache 2.X em http://
modules.apache.org
mod_alias


Redirect /images http://img.domain.com/product


RedirectMatch permanent ^/$ http://home.domain.com/
mod_authz_host
<Location /staging>
  Order deny,allow
  Deny from all
  Allow from 172.22.0.0/255.255.0.0
  Allow from 127...
mod_authz_host
SetEnvIf Referer ^http://.*domain.com referer-ok
SetEnvIf Remote_Addr 127.0.0.1 local
<Location /staging>
 ...
mod_cache

mod_disk_cache
 htcacheclean
mod_mem_cache
 MCacheRemovalAlgorithm
mod_libmemcached-cache (new!)
mod_dumpio


DumpIOLevel debug
DumpIOInput On
DumpIOOutput On
mod_headers
RequestHeader unset Cookie


Header set Server %{SERVER_SOFTWARE}e


SetEnvIfNoCase Referer (google.com|bing.c...
mod_log_config
   %a                   Remote Address
   %t          Horário do recebimento do request
  %D       Tempo gas...
mod_setenvif


BrowserMatchNoCase iphone mobile


SetEnvIf Request_URI .gif image
mod_setenvif
Remote_Host
Remote_Addr
Server_Addr
Request_Method
Request_Protocol
Request_URI
mod_setenvif

allow from env=private


CustomLog logs/accesslog combined env=!image


Header set X-foo 1 env=bar
<Location />
           E
         </Location>

         <Files f.html>
           D
         </Files>

         <VirtualH...
Proxy Reverso
mod_proxy

  mod_proxy_ajp

  mod_proxy_balancer

  mod_proxy_connect

  mod_proxy_ftp

  mod_proxy_http

mo...
Proxy Reverso
 ProxyRequests Off

 ProxyPreserveHost On

 ProxyVia Off

 ProxyTimeout 20

 ProxyMaxForwards 10

 ProxyBadH...
Proxy Reverso


ProxyPassMatch ^/images !
ProxyPass / http://backend:8080/ disablereuse=on
ProxyPassReverse / http://backe...
Proxy Reverso

<Proxy balancer://supahclustah>

  BalancerMember http://backend1:8080/

  BalancerMember http://backend2:8...
Proxy Reverso
        max           max. número de conexões no backend

  connectiontimeout         timeout pra criar cone...
URL Rewriting

Black Magic
Condições
Regras
Flexibilidade
URL Rewriting

TinyURL em 2 linhas


RewriteEngine On
RewriteMap tinyurl dbm:/export/data/tinyurl.dbm
RewriteRule ^(.*)$ $...
URL Rewriting

SEO Friendly o/
www.domain.com/my-super-topic-1234
www.domain.com/?q=1234


RewriteEngine On
RewriteRule /....
URL Rewriting
Arquivo Existe?


RewriteEngine On
RewriteCond %{REQUEST_METHOD} =GET [OR]
RewriteCond %{REQUEST_METHOD} =PO...
URL Rewriting
Porteiras


RewriteEngine On
RewriteCond ${HTTP:Cookie} !XR=1
RewriteCond ${DOCUMENT_ROOT}/.xrated -f
Rewrit...
URL Rewriting

Trocando query string por request header!


RewriteEngine On
RewriteCond %{QUERY_STRING} flavor=(.*)
Rewrite...
Segurança
LimitInternalRecursion

LimitRequestBody

LimitRequestFields

LimitRequestFieldSize

LimitRequestLine

RLimitCPU...
SSL
NameVirtualHost


SSLSessionCache
  file
  shm
  distfile
Performance do servidor


Carregar somente os módulos necessários
Evitar excesso de log
Acertar tunables
Performance do servidor
UseCanonicalName Off

HostNameLookups Off

Options FollowSymLinks

AllowOverride None

EnableMMAP ...
Performance do servidor

Timeout 30
KeepAlive On
KeepAliveTimeout 5
MaxKeepAliveRequests 200
MaxRequestsPerChild 0
Performance do cliente
Firebug / YSlow! / Page Speed / IRCache
WebPageTest / etc
Performance do cliente


Steve Souders’ rules
  ETag
  Expires
  gzip/deflate
Performance do cliente


FileETag INode MTime Size


FileEtag None
Performance do cliente


ExpiresActive On
ExpiresByType image/jpeg M604800
ExpiresByType image/gif “access plus 1 week”
Performance do cliente
SetEnv gzip-only-text/html 1

SetOutputFilter DEFLATE

<LocationMatch “.(css|js|txt|xml|json)$”>

 ...
Dúvidas?
Dúvidas?
KTHXBAI
Upcoming SlideShare
Loading in …5
×

Apache Tips And Tricks

7,722 views

Published on

Published in: Technology
  • Be the first to comment

Apache Tips And Tricks

  1. Apache Tips & Tricks Fabio Wakim Trentini
  2. Agenda Apache? MPMs Módulos Proxy Reverso URL Rewriting Segurança Performance
  3. Apache? A PAtCHy server Suporta uma grande variedade de plataformas Flexibilidade Segurança
  4. Apache? Desde março/1996 é o servidor mais usado na internet Em junho/2009 tem 47,12% de market share IIS tem 24,80% Fonte: netcraft.com
  5. MPMs Multi Processing Modules prefork (1.3) worker (2.0) event (2.2)
  6. ThreadsPerChild worker thread parent httpd child httpd worker (root) (nobody) thread worker thread Worker MPM
  7. ThreadsPerChild MinSpareThreads worker thread parent httpd child httpd worker (root) (nobody) thread worker thread worker thread child httpd worker (nobody) thread worker thread worker thread child httpd worker (nobody) thread worker thread MaxSpareThreads Worker MPM
  8. ThreadsPerChild MinSpareThreads worker thread parent httpd child httpd worker (root) (nobody) thread worker thread worker thread child httpd worker (nobody) thread worker thread worker thread child httpd worker (nobody) thread worker thread MaxSpareThreads MaxClients ServerLimit Worker MPM
  9. ThreadsPerChild MinSpareThreads worker thread parent httpd child httpd worker (root) (nobody) thread worker thread worker thread child httpd worker (nobody) thread worker thread worker thread child httpd worker (nobody) thread worker thread MaxSpareThreads MaxClients ServerLimit ListenBacklog Worker MPM
  10. Módulos core 73 módulos 171 módulos pra apache 2.X em http:// modules.apache.org
  11. mod_alias Redirect /images http://img.domain.com/product RedirectMatch permanent ^/$ http://home.domain.com/
  12. mod_authz_host <Location /staging> Order deny,allow Deny from all Allow from 172.22.0.0/255.255.0.0 Allow from 127.0.0.1 </Location>
  13. mod_authz_host SetEnvIf Referer ^http://.*domain.com referer-ok SetEnvIf Remote_Addr 127.0.0.1 local <Location /staging> Order deny,allow Deny from all Allow from env=referer-ok env=local </Location>
  14. mod_cache mod_disk_cache htcacheclean mod_mem_cache MCacheRemovalAlgorithm mod_libmemcached-cache (new!)
  15. mod_dumpio DumpIOLevel debug DumpIOInput On DumpIOOutput On
  16. mod_headers RequestHeader unset Cookie Header set Server %{SERVER_SOFTWARE}e SetEnvIfNoCase Referer (google.com|bing.com) search_engine=$1 Header set Set-Cookie “SE=${search_engine}e; path=/; domain=%{HTTP_HOST}e” env=search_engine
  17. mod_log_config %a Remote Address %t Horário do recebimento do request %D Tempo gasto para responder, em microssegundos %{Foo}C Conteúdo do cookie “Foo” no request %{Foo}e Conteúdo da variável “Foo” %{Foo}i Conteúdo do header “Foo” no request %{Foo}o Conteúdo do header “Foo” na resposta %X Status da resposta
  18. mod_setenvif BrowserMatchNoCase iphone mobile SetEnvIf Request_URI .gif image
  19. mod_setenvif Remote_Host Remote_Addr Server_Addr Request_Method Request_Protocol Request_URI
  20. mod_setenvif allow from env=private CustomLog logs/accesslog combined env=!image Header set X-foo 1 env=bar
  21. <Location /> E </Location> <Files f.html> D </Files> <VirtualHost *> <Directory /a/b> B </Directory> </VirtualHost> <DirectoryMatch "^.*b$"> C </DirectoryMatch> <Directory /a/b> A </Directory> Directory, Location, Files A>B>C>D>E
  22. Proxy Reverso mod_proxy mod_proxy_ajp mod_proxy_balancer mod_proxy_connect mod_proxy_ftp mod_proxy_http mod_rewrite
  23. Proxy Reverso ProxyRequests Off ProxyPreserveHost On ProxyVia Off ProxyTimeout 20 ProxyMaxForwards 10 ProxyBadHeader Ignore ProxyErrorOverride On ProxyStatus On
  24. Proxy Reverso ProxyPassMatch ^/images ! ProxyPass / http://backend:8080/ disablereuse=on ProxyPassReverse / http://backend:8080/
  25. Proxy Reverso <Proxy balancer://supahclustah> BalancerMember http://backend1:8080/ BalancerMember http://backend2:8080/ smax=10 </Proxy> ProxyPass / balancer://supahclustah/ stickysession=JSESSIONID
  26. Proxy Reverso max max. número de conexões no backend connectiontimeout timeout pra criar conexão disablereuse não usa keepalive no backend retry tempo de nova tentativa no backend lbmethod byrequests / bytraffic stickysession Usa cookie pra sticky
  27. URL Rewriting Black Magic Condições Regras Flexibilidade
  28. URL Rewriting TinyURL em 2 linhas RewriteEngine On RewriteMap tinyurl dbm:/export/data/tinyurl.dbm RewriteRule ^(.*)$ ${tinyurl:$1|http://domain.com} [L,NE] /42 http://www.mysuperurl.com/
  29. URL Rewriting SEO Friendly o/ www.domain.com/my-super-topic-1234 www.domain.com/?q=1234 RewriteEngine On RewriteRule /.*-([0-9]+)$ http://backend/viewpage/?q=$1 [P,L]
  30. URL Rewriting Arquivo Existe? RewriteEngine On RewriteCond %{REQUEST_METHOD} =GET [OR] RewriteCond %{REQUEST_METHOD} =POST RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^/(.*)$ http://backend/$1 [P,L]
  31. URL Rewriting Porteiras RewriteEngine On RewriteCond ${HTTP:Cookie} !XR=1 RewriteCond ${DOCUMENT_ROOT}/.xrated -f RewriteRule . http://porteira.domain.com/?redir=http://% {HTTP_HOST}%{REQUEST_URI} [CO=XR:1,R,L]
  32. URL Rewriting Trocando query string por request header! RewriteEngine On RewriteCond %{QUERY_STRING} flavor=(.*) RewriteRule (.*) $1 [E=flavor:%1] RequestHeader set Accept application/%{flavor}e env=flavor
  33. Segurança LimitInternalRecursion LimitRequestBody LimitRequestFields LimitRequestFieldSize LimitRequestLine RLimitCPU RLimitMEM RLimitNPROC
  34. SSL NameVirtualHost SSLSessionCache file shm distfile
  35. Performance do servidor Carregar somente os módulos necessários Evitar excesso de log Acertar tunables
  36. Performance do servidor UseCanonicalName Off HostNameLookups Off Options FollowSymLinks AllowOverride None EnableMMAP On EnableSendfile On ExtendedStatus Off DirectoryIndex index.html
  37. Performance do servidor Timeout 30 KeepAlive On KeepAliveTimeout 5 MaxKeepAliveRequests 200 MaxRequestsPerChild 0
  38. Performance do cliente Firebug / YSlow! / Page Speed / IRCache WebPageTest / etc
  39. Performance do cliente Steve Souders’ rules ETag Expires gzip/deflate
  40. Performance do cliente FileETag INode MTime Size FileEtag None
  41. Performance do cliente ExpiresActive On ExpiresByType image/jpeg M604800 ExpiresByType image/gif “access plus 1 week”
  42. Performance do cliente SetEnv gzip-only-text/html 1 SetOutputFilter DEFLATE <LocationMatch “.(css|js|txt|xml|json)$”> UnsetEnv gzip-only-text/html SetOutputFilter DEFLATE </LocationMatch> BrowserMatch ^Mozilla/4 no-gzip BrowserMatch bMSI[E]s4 no-gzip !gzip-only-text/html Header append Vary User-Agent
  43. Dúvidas?
  44. Dúvidas? KTHXBAI

×