Apache RewriteRule and query string — Simone Carletti
▻https://simonecarletti.com/blog/2009/01/apache-rewriterule-and-query-string
utiliser les query string dans les RewriteRule d’apache
Voir aussi : ▻https://perishablepress.com/redirect-query-string-htaccess
Les drapeaux de réécriture - Serveur HTTP Apache Version 2.4
▻https://httpd.apache.org/docs/2.4/rewrite/flags.html
documentation des flags des RewriteRule d’apache
Vivre sans Google et cie ? La liste des alternatives aux GAFAM
▻https://mrmondialisation.org/vivre-sans-google-et-cie-la-liste-des-alternatives-aux-gafam
Les GAFAM – ces mastodontes du web – sont régulièrement sous le feu des critiques. Contrôle du marché de l’information et de la publicité en ligne, revente des données personnelles, pouvoir économique mondial hors norme, influence de la démocratie via des lobbies surpuissants, les motifs de se méfier de ces géants ne manquent pas. Difficile pourtant de s’en défaire une bonne fois pour toute tant ils sont partout dans notre univers numérique. Néanmoins, voici quelques pistes pour les remplacer au (...)
#Alphabet #Apple #Google #Microsoft #Mozilla #Amazon #Diaspora #DuckDuckGo #Ecosia #Facebook #Mastodon_ #ProtonMail #Qwant #Wikimedia #Wikipedia #Firefox #Linux #Windows #Brave #Android #Chrome #Apache #domination #Wikileaks #bénéfices #BigData (...)
Sur la plupart des serveurs, j’ai besoin d’allonger la durée indiquée de conservation en cache des éléments intégrés aux pages, pour faire plaisir à PageSpeed Insights.
Je me note le code ici :
ExpiresActive on
ExpiresByType text/css A31557600
ExpiresByType application/x-javascript A31557600
ExpiresByType application/javascript A31557600
ExpiresByType text/javascript A31557600
ExpiresByType image/webp A31557600
ExpiresByType image/jpeg A31557600
ExpiresByType image/png A31557600
ExpiresByType image/gif A31557600
ExpiresByType image/svg+xml A31557600
ExpiresByType application/x-shockwave-flash A31557600
AddType application/font-woff .woff
ExpiresByType application/font-woff A31557600
AddType application/font-woff2 .woff2
ExpiresByType application/font-woff2 A31557600Par rapport à ce qu’on trouve usuellement en ligne, il y a aussi le WebP et le woff/woff2, que j’utilisent désormais systématiquement.
Cadeau, un lien déjà cité ici mais toujours utile : ▻https://technique.arscenic.org/lamp-linux-apache-mysql-php/apache-le-serveur-http/optimisations/article/expire-headers
ping @kent1
Forcing a PDF or DOC to Open in Browser Rather Than Downloading | DeveloperSide.NET
▻http://www.devside.net/wamp-server/forcing-a-pdf-or-doc-to-open-in-browser-rather-than-downloading
Sur le problème du traitement des liens vers des fichiers PDF par les navigateurs, voir aussi : ▻https://www.askapache.com/htaccess/pdf-cookies-headers-rewrites
#PDF #téléchargement #.htacces #virtual_host #apache #PDF.js #header
@kent1 j’en ai profité pour le mentionner dans l’article que j’avais rédigé ici ►https://technique.arscenic.org/ssl-securisation-des-communications-serveur-client/article/installer-et-configurer-un-certificat-let-s-encrypt ;)
How to enable #HTTP/2 support in #Apache
Starting from Apache 2.4.27, the Apache MPM (Multi-Processing Module) prefork no longer supports HTTP/2.To fix this, select a different MPM: event or worker. We highly recommend you to use the event prefork.
If you are using PHP, it is likely that PHP is integrated to Apache via the mod_php module, which requires the prefork MPM. If you switch out from preform MPM, you will need to use PHP as FastCGI. To switch to php-fpm, you can do as folllwing.
▻https://http2.pro/doc/Apache#prefork-http2
▻https://httpd.apache.org/docs/2.4/fr/howto/http2.html#mpm-config
Sur debian stretch ça donne ça (si on avait activé mpm_prefork alors que mpm_event est bien celui proposé par défaut) :
apt install php-fpm
a2enmod proxy_fcgi setenvif
a2enconf php7.0-fpm
a2dismod php7.0
a2dismod mpm_prefork
a2enmod mpm_event
service apache2 restart
apt purge libapache2-mod-php
Dans la foulée, deux liens à propos de l’optimisation de #php-fpm :
Apache2 and php fpm performance optimization — Step-by-step guide
▻https://medium.com/@sbuckpesch/apache2-and-php-fpm-performance-optimization-step-by-step-guide-1bfecf161534
If you consistently see a large number of idle workers, you may want to lower your MinSpareServers (for the prefork MPM) or MinSpareThreads (for the worker and event MPMs) setting so that you are not sustaining a higher number of processes or threads than necessary to process your rate of traffic. Maintaining more processes or threads than you actually need will unncessarily exhaust system resources.
▻https://www.datadoghq.com/blog/monitoring-apache-web-server-performance
Toujours à propos de #php-fpm, et de l’intérêt de basculer le process manager de dynamic (valeur par défaut) vers autre ondemand ou static.
Certaines personnes recommandent d’utiliser ondemand pour ne pas avoir de process php en idle quand il n’y a pas de trafic :
Dans mon cas j’ai 10 processus qui tournent en permanence, même si aucun de mes sites n’est visité.
▻https://www.guillaume-leduc.fr/une-autre-facon-dutiliser-php-fpm.html
If you’re working on a high performance PHP setup, the ’ondemand’ PM may not be for you. In that case, it’s wise to pre-fork your PHP-FPM processes up to the maximum your server can handle. That way, all your processes are ready to serve your requests without needing to be spawned first. However, for 90% of the sites out there, the ondemand PHP-FPM configuration is better than either static or dynamic.
▻https://community.webcore.cloud/tutorials/php_fpm_ondemand_process_manager_vs_dynamic
Mais comme indiqué ci-dessus, ça n’est pas forcément mieux car le process manager va devoir spawner des process alors que des process en idle permettent une réaction plus rapide en cas de pic de trafic :
Idle process stay online waiting for traffic spikes and responding immediately, rather than having to wait on the pm to spawn children and then kill them off after x pm.process_idle_timeout expires...
The common advice is to use pm ondemand, as is the advice in this same support thread. However, that’s even worse, because ondemand will shutdown idle processes right down to 0 when there’s little to no traffic and then you’ll end up with just as much overhead issues as traffic fluctuates.
▻https://haydenjames.io/php-fpm-tuning-using-pm-static-max-performance
Mais...
PM dynamic and especially ondemand can be save you however, when you have multiple PHP-FPM pools. For example, hosting multiple cPanel accounts or multiple websites under different pools. I have a server for example with 100+ cpanel accounts and about 200+ domains and it would be impossible for pm.static or even dynamic to perform well. Only ondemand performs well since more than two third’s of the websites receive little to no traffic and with ondemand it means all children will be shutdown saving tons of server memory!
When it comes to PHP-FPM, once you start to serve serious traffic, ondemand and dynamic process managers for PHP-FPM can limit throughput because of the inherent overhead. Know your system and set your PHP-FPM processes to match your server’s max capacity. Start with pm.max_children set based on max usage of pm dynamic or ondemand and then increase to the point where memory and CPU can process without becoming overwhelmed. You will notice that with pm static, because you keep everything sitting in memory, traffic spikes over time cause less spikes to CPU and your server’s load and CPU averages will be smoother. The average size of your PHP-FPM process will vary per web server requiring manual tuning, thus why the more automated overhead process managers – dynamic and ondemand – are more popular recommendations.
Grosso merdo, il semble que dynamic peut faire le job quand on ne veut pas trop se prendre la tête, ondemand quand on sait à quoi s’attendre et qu’on est juste en mémoire (ou pour du dev), et static quand on veut faire du tuning précis.
Un bon résumé :
In dynamic type, the number of child processes is set dynamically based on the PHP-FPM parameters in conf file. But it is a bit memory-intensive type.
In static type, the number of child processes is fixed by pm.max_children parameter, but this type is not flexible for a server with changing web traffic. It also consumes too much memory.
In ondemand type, the PHP-FPM processes are spawned only on demand, based on the traffic. This type helps to manage varying traffic in memory restrained servers. But the overhead increases when there is so much traffic fluctuation.
▻https://bobcares.com/blog/php-fpm-tuning-high-load
Bref, comme souvent il n’y a pas de recette unique/magique :p
Et vous les gens, vous utilisez quoi ?
Better to Give and to Receive: Alibaba’s #open-source Contributions to Flink
▻https://hackernoon.com/better-to-give-and-to-receive-alibabas-open-source-contributions-to-flin
Between its #sql and Runtime layers, Alibaba has helped optimize Apache Flink for large-scale production environments like its ownThis article is part of Alibaba’s Flink series.As an open-source framework for big data #computing, Apache Flink has undergone extensive optimization to meet a range of users’ demands for enhancement. For Alibaba Group, where the framework is deployed in a large-scale production environment, the need for these changes has motivated its real-time computing team to contribute many of Flink’s most valuable optimizations, benefiting the Flink community and Alibaba alike.In this article, we look at Alibaba’s contributions in two key aspects of the framework’s architecture, tracing developments including Flink’s Query Processor, BinaryRow, and AsyncOperator (...)
Performance Testing of a Single-node Server and a Two-node Cluster with #apache #jmeter
▻https://hackernoon.com/performance-testing-of-a-single-node-server-and-a-two-node-cluster-with-
Photo by Samuel Zeller on UnsplashAbout Performance TestingPerformance testing is a method of identifying whether software (a web application) is capable to handle a high load, among other possible performance issues. Therefore, the ultimate goal of a performance test is to analyze the overall performance against heavy loads. Apache JMeter is an open-source tool that can be used exactly for this purpose.What is a Single-node Server?This is the case when a server runs on a single machine only. If the server crashes due to some issue, there will be a downtime until the issue is fixed.What is a Two-node Cluster?A two-node cluster is a setup where two servers are configured with high availability. If clustering is used, there won’t be downtime due to a server crash. The advantage of having (...)
Siege Manual
▻https://www.joedog.org/siege-manual
Un outil (linux uniquement) de test de montée en charge d’un site/serveur web :
Siege is an open source regression test and benchmark utility. It can stress test a single URL with a user defined number of simulated users, or it can read many URLs into memory and stress them simultaneously. The program reports the total number of hits recorded, bytes transferred, response time, concurrency, and return status.
Le repo Git : ▻https://github.com/JoeDog/siege
Commande type :siege -c10 -t10S http://exemple.com
NB : paquet debian disponible
#siege #testeur #stress #serveur_web #charge #benchmark #apache #performance
A Brief History of Flink: Tracing the Big Data Engine’s #open-source Development
▻https://hackernoon.com/a-brief-history-of-flink-tracing-the-big-data-engines-open-source-develo
From version 1.1.0 to 1.6.0, Apache Flink’s relentless improvement exemplifies open-source development.Open-source big data computing engine Apache Flink, or Flink for short, has gained popularity in recent years as a powerful framework for both batch processing and stream processing that can be used to create a number of event-based applications.Flink is first of all a pure stream computing engine with a data stream basic data model. A stream can be infinite and borderless, which describes stream processing in the general sense, or can be a finite stream with boundaries, as in the case of batch processing. Flink thus uses a single architecture to support both stream and batch processing.As conveyed by its slogan “Stateful Computations Over Streams”, Flink has the additional strength of (...)
#apache-flink #big-data-engine #alibaba-open-source #big-data
#mapr-DB Spark Connector with Secondary Indexes
▻https://hackernoon.com/mapr-db-spark-connector-with-secondary-indexes-df41909f28ea?source=rss--
MapR Data Platform offers significant advantages over any other tool on the big data space. MapR-DB is one of the core components of the platform and it offers state of the art capabilities that blow away most of the NoSQL databases out there.An important add-on to MapR-DB is the ability to use, for writing and querying, Apache Spark through the Connector for Apache Spark. Using this connector comes very handy since it can read and write from spark to MapR-DB using the different Spark APIs such as RDDs, DataFrames, and Streams.Using the connector we can issue queries like the following one.▻https://medium.com/media/eaf9aff1c6b796823d99a0b32e11c030/hrefThe resulting type is a Dataframethat we can use as any other Dataframe from any other source, as we normally do in Spark.If we then filter (...)
Principal Component Analysis — Unsupervised Learning Model
▻https://hackernoon.com/principal-component-analysis-unsupervised-learning-model-8f18c7683262?so
Principal Component Analysis — Unsupervised Learning ModelLearn how to train and evaluate an unsupervised machine learning model — principal component analysis in this article by Jillur Quddus, a lead technical architect, polyglot software engineer and data scientist.There are numerous real-world use cases, where the number of features available, which may potentially be used to train a model, is very large. A common example is economic data and using its constituents, stock price data, employment data, banking data, industrial data, and housing data together to predict the gross domestic product (GDP). Such types of data are said to have high dimensionality. Though they offer numerous features that can be used to model a given use case, high-dimensional datasets increase the computational (...)
#machine-learning #apache-spark #component-analysis #principal-component #unsupervised-learning
Apache #spark — Tips and Tricks for better #performance
▻https://hackernoon.com/apache-spark-tips-and-tricks-for-better-performance-cf2397cac11?source=r
Apache Spark — Tips and Tricks for better performanceApache Spark is quickly gaining steam both in the headlines and real-world adoption. Top use cases are Streaming Data, Machine Learning, Interactive Analysis and more. Many known companies uses it like Uber, Pinterest and more. So after working with Spark for more then 3 years in production, I’m happy to share my tips and tricks for better performance.Lets start :)1 - Avoid using Custom UDFs:UDF (user defined function) :Column-based functions that extend the vocabulary of Spark SQL’s DSL.Why we should avoid them?From the Spark Apache docs:“Use the higher-level standard Column-based functions withDataset operators whenever possible before reverting tousing your own custom UDF functions since UDFs are ablackbox for Spark and so it does not even (...)
How To Tune Apache on Ubuntu 14.04 Server - Server Fault
▻https://serverfault.com/questions/684424/how-to-tune-apache-on-ubuntu-14-04-server/684512#684512
Une méthode pour le calcul de la valeur de MaxRequestWorkers du module mpm-prefork de apache 2.4
#MaxRequestWorkers #apache #configuration #tuning #mpm-prefork
Les piratages avec fuite massive de #données_personnelles, on va finir par s’y habituer. Avant, c’était une fois par semaine, maintenant trois en une journée. Bref, répétons-le une nouvelle fois : VOTRE BASE DE DONNÉES AVEC DES INFORMATIONS PERSONNELLES SERA PIRATÉE. Il est donc crucial de minimiser les données en récoltant moins voire, idéalement, pas du tout. Si vous collectez des donées personnelles, vous êtes responsable de la mauvaise utilisation qui en sera faite.
Donc, hier :
1) Piratage de la base #ARIANE du Ministère des Affaires Étrangères français (données sur les contacts des voyageurs) ▻https://www.diplomatie.gouv.fr/fr/salle-de-presse/communiques-techniques/article/ariane-piratage-de-donnees-communique-f-a-q-13-12-18 ▻https://twitter.com/francediplo/status/1073157281217417216 et l’article de Libération : ▻https://www.liberation.fr/planete/2018/12/13/piratage-au-quai-d-orsay-les-coordonnees-de-540-000-personnes-derobees_16
2) Piratage d’un fichier du syndicat de policiers #Alliance ▻https://www.lexpress.fr/actualite/societe/enquete/l-inquietante-fuite-des-coordonnees-de-500-policiers_2052828.html
3) Piratage de la base nationale des citoyens au Brésil (après la Turquie et l’Inde, répétons que c’est une folie que d’avoir une base centralisée de tous les citoyens d’un pays, même si ça fait moderne, e-Gouvernement et tout). ▻https://www.infosecurity-magazine.com/news/apache-misconfig-leaks-data-120
La prochaine fois que vous entendrez un monsieur sérieux dire avec assurance « il n’y a rien à craindre, la base de données est sécurisée [ou autres éléments de langage comme « anonymisée » ou « cryptée »] », méfiez-vous.
Sur le piratage du syndicat policier, « la DGSI enquête » (ce sont les Anonymous, on vous le dit) ▻https://www.lemonde.fr/pixels/article/2018/12/13/gilets-jaunes-la-dgsi-enquete-sur-des-attaques-informatiques-et-des-fuites-r
ah ah ah... Anonymous Anarchist Agency
La DGSI enquête sur la fin du porno sur Tumblr, cet espace où « les gilets jaunes » exploraient différentes fuites.
Des attaques informatiques et des sexualités revendiquées par des jeunes anonymous.
#de_la_dyslexie_créative by bitmap screen
Apache Cassandra — The minimum internals you need to know
▻https://hackernoon.com/apache-cassandra-the-minimum-internals-you-need-to-know-89724603abb2?sou
Apache Cassandra — The minimum internals you need to knowFor effective data modeling and comparison with other DB’sWe will discuss two parts here; first, the #database design internals that may help you compare between database’s, and second the main intuition behind auto-sharding/auto-scaling in Cassandra, and how to model your data to be aligned to that model for the best performance.Part 1: Database Architecture — Master-Slave and Masterless and its impact on HA and ScalabilityThere are two broad types of HA Architectures Master -slave and Masterless or master-master architecture.Here is an interesting Stack Overflow QA that sums up quite easily one main trade-off with these two type of architectures.Q. -I’ve heard about two kind of database architectures.master-master and master-slaveIsn’t (...)
Sneak Peak into Apache #zookeeper
▻https://hackernoon.com/sneak-peak-into-apache-zookeeper-10417393765?source=rss----3a8144eabfe3-
Apache Zookeeper is open source tool from Apache Foundation. Originally developed at Yahoo. Thanks Yahoo for the Zookeeper.Zookeeper is written in Java and it is platform independent.What is Distributed Systems?Multiple independent computers connected together and appears as single computer to the users. Distributed System communicate through network by passing messages. All components in distributed system interact with each other to performs subsets of tasks to achieve common goalsWhy to use Distributed System?Reliability : System will continue to run even if one or more servers in Distributed system fails.Scalability: System can be horizontally upscale and downscale as per the workload requirement.Challenges of Distributed System?Race Condition: A race condition occurs when two or (...)
Spark and Redshift: Which is better for big #data?
▻https://hackernoon.com/spark-and-redshift-which-is-better-for-big-data-2e1b89ae0580?source=rss-
Every day, we talk to companies who are in the early phases of building our their data infrastructure. A lot of times these conversations circle around which technology to pick for which job. For example, we often get the question “what’s better — Spark or Amazon Redshift?”, or “which one should we be using?”. Spark and Redshift are two very different technologies. It’s not an either / or, it’s more of a “when do I use what?”. In this post, I’ll lay out some of the differences and when to use which technology.At the time of this post, if you look under the hood of the most advanced tech start-ups in Silicon Valley, you will likely find both Spark and Redshift. Spark is getting a little bit more attention these days because it’s a new shiny toy. But they cover different use cases (“dish washer vs. (...)
#big-data #apache-spark #amazon-redshift #spark-and-redshift
A Hierarchy of Search
▻https://hackernoon.com/a-hierarchy-of-search-eed08acbd6bf?source=rss----3a8144eabfe3---4
Designing Search Experiences that People LoveThis is story is brought to you by Manifold, the marketplace for independent developer services. Use code HACKERNOON2018 to get $10 off any service.As the founder of Bonsai, I get a lot of questions about how to effectively scale #elasticsearch.Our customers often ask how to calculate shard counts, or architect indices. Or they need to know how much data is required, or what it takes to handle certain traffic loads. These are valid questions, and an easy place for engineers to get started. But there is a lot more that goes into an effective search engine than its mechanics.In his talk at Lucene Revolution 2017, Eric Pugh compared a search engine’s needs to Maslow’s Hierarchy of Needs. I thought that was a really interesting metaphor, and it’s (...)
#search-hierarchy #apache-solr #weekly-sponsor #search-engines
→ Apache et Let’s Encrypt, de la création du certificat à l’installation
▻https://www.memoinfo.fr/tutoriels-linux/configurer-lets-encrypt-apache
Installation commentée de Letsencrypt/Certbot pour un virtualhost sous apache : précise les modifications faites, les options possibles ainsi que la méthode pour révoquer un certificat.
Et pour aller un peu plus loin :
– la méthode pour conserver sa clé lors du renouvellement du certificat par certbot : ▻http://www.bortzmeyer.org/letsencrypt-certbot-keep-key.html
– les réécritures d’URL pour imposer la navigation en https: ▻https://technique.arscenic.org/ssl-securisation-des-communications-serveur-client/article/rediriger-http-vers-https-ssl-automatiquement
#letsencrypt #certbot #apache #howto #serveur
Sur le sujet j’ai partagé ma méthode ici ►https://technique.arscenic.org/ssl-securisation-des-communications-serveur-client/article/installer-et-configurer-un-certificat-let-s-encrypt :)
User Guide — Certbot 0.19.0.dev0 documentation
▻https://certbot.eff.org/docs/using.html#webroot
La ligne de commande de certbot pour installer un certificat SSL associé à plusieurs noms de domaine et un document_root
#certbot #SSL #letsencrypt #serveur #apache
The #Log File Navigator
▻http://lnav.org
An advanced log file viewer for the small-scale
– Automatic Log Format Detection
– Display only lines that match or do not match a set of regular expressions. Useful for removing extraneous log lines that you are not interested in.
– Log files are directly used as the backing for SQLite virtual tables. This means you can perform #queries on messages without having to load the data into an SQL database. For example, the screenshot above shows the result of running the following query against an #Apache access_log file
– Errors and warnings are colored in red and yellow, respectively. Highlights are also applied to: SQL keywords, XML tags, file and line numbers in Java backtraces, and quoted strings.
Paris et ses « no go zones » du début du siècle : l carte des apaches parisiens !
Le 30 septembre 1907, le quotidien « Le Matin » informait ses lecteurs de la présence de bandes d’Apaches dans plusieurs quartiers parisiens. Et déconseillait formellement de se rendre sur les fortif’
Signalé par Enlarge your Paris sur FB et relayé par Eric Verdeil (entr autre)
#paris #apaches #cartographie #cartoexperiment #visualisation #insécurité
« Des apaches aux blousons noirs, peur sur la ville » {[Jukebox sur France Cu] : ▻https://www.franceculture.fr/emissions/juke-box/des-apaches-aux-blousons-noirs-peur-sur-la-ville
Aristide Bruant : « Chant d’apaches ». ▻http://lhistgeobox.blogspot.com/2010/10/224-aristide-bruant-chant-dapaches.html
« Chez les apaches » : ▻http://lhistgeobox.blogspot.com/2010/11/225-aristide-bruant-chez-les-apaches.html
@bricabraque La source du lien vers l’article de Michelle Perrot, "Dans le Paris de la Belle Époque, les « Apaches », premières bandes de jeunes" provient bien de cette émission "Juke-Box"
d’Amaury Chardeau. Dans la bibliographie de l’émission, il y a aussi ce bouquin de Marwan Mohammed et Laurent Mucchielli "Les bandes de jeunes
Des « blousons noirs » à nos jours"
▻http://www.editionsladecouverte.fr/catalogue/index-Les_bandes_de_jeunes-9782707190017.html
et de fil en aiguilles, je retrouve celui-ci :
▻https://seenthis.net/messages/548199
à regarder/revoir sur vimeo.com
je viens de poster un billet sur l’argot / source : les nuits de France Culture.
►https://seenthis.net/messages/799412
en tournant autour de François Caradec, j’suis tombé sur cette perle avec une iconographie sur les apaches de Paris avec tout plein de liens vers le petit journal
▻https://www.languefrancaise.net/Argot/Apaches
https://www.languefrancaise.net/dev6/uploads/Argot/A/Apaches/apaches-cpa-conference-apache-1.jpg 
https://www.languefrancaise.net/dev6/uploads/Argot/A/Apaches/apaches-le-populaire-supp-illustre-22-31-05-1903-1.jpg 
https://www.languefrancaise.net/dev6/uploads/Argot/A/Apaches/apaches-petit-journal-illustre-apache-plaie-paris-20-10-1907-1.jpg 
https://www.languefrancaise.net/dev6/uploads/Argot/A/Apaches/apaches-petit-journal-illustre-apaches-ripolin-28-07-1907-1.jpg
htaccess Tester - madewithlove
▻http://htaccess.madewithlove.be
Un testeur en ligne de RewriteRule pour .htaccess : pour une URL d’entrée et un jeu de règles, donne l’URL de sortie et des infos complémentaires (+ possibilité de passer un HTTP_REFERER)
#RewriteRule #htaccess #réécriture_url #apache #outil #web-based
