Technical Zone

Use the right user:group

I have seen Apache installed under many groups and/or users. One of the biggest offenders is the root user. This can lead to some serious issues. Or say both Apache and MySQL are run by the same user/group. If there is a hole in one, it can lead to an attack on the other. The best scenario is to make sure Apache is run as the user and group apache. To make this change, open the httpd.conf file and check the lines that read:
User Group
Change these entries to:
User apache Group apache

Turn off unwanted services

There are a few services and/or features that you will want to turn off or not allow. All of these services can be disabled in the httpd.conf file.

• Directory browsing. This is done within a directory tag (the document root is a good place to start) using the Options directive and is set with “-Indexing”.
  
• Server side Includes. This is another feature that is disabled within a directory tag (using Options directive) and is set with “-Includes”.
  
• CGI execution. Unless your site needs CGI, turn this off. This feature is also set within a directory tag using the Options directive, with “-ExecCGI”.
  
• Symbolic links. Set this inside a (surprise, surprise) directory tag with “-FollowSymLinks”.
  
• None. You can turn off all options (in the same way you set the above) using “None” with the Option directive.
  

Disable unused modules

Apache has a ton of modules. To get an idea how many modules your installation is running, issue the command
(as the root user) grep -n LoadModule httpd.conf from within your Apache configuration directory. This command
will show you every module Apache is loading, along with the line number it falls on. To disable the modules you
don’t need, simply comment them out with a single # character at the beginning of the module line.

Restrict access

You want to deny anyone outside your private network from seeing information. To do this, you can restrict access to your internal network by adding
the following inside a directory tag in your httpd.conf file:
Order Deny, Allow
Deny from all
Allow from 192.168.1.0/16
where 192.168.1.0/16 is the configuration matching your internal network. As with all modifications to the
httpd.conf file, make sure you restart Apache so the changes take effect.

Limit request size

Denial of service attacks are always a possibility when you allow large requests on Apache. Apache has a
directive, LimitRequestBody, that is placed within a Directory tag. The size of your limit will depend upon your
Web site’s needs. By default, LimitRequestBody is set to unlimited.

Immunize httpd.conf

One of the best security measures is to hide your httpd.conf file from prying eyes. If people who shouldn’t see your httpd.conf file can’t see it, they can’t change it.

chattr +i /path/to/httpd.conf
where /path/to/httpd.conf is the path to your Apache configuration file. Now it will be very difficult for anyone to make any changes to httpd.conf.

Cheeeerrrrssssssss

How to install red5 on Linux

Some Cool tips to install red5 on Linux.

Prerequisite
1. Subversion (To checkout latest source from red5)
2. Java – jdk
3. Ant 1.7 – currently not in debian etch repositories so I m compiling it from source.

1) apt-get install subversion (This will install latest subversion package)

2) Install Java developing environment

Download the latest JDK version of Linux from Sun official website. Here we use the version 1.5.0.11 and its downloaded file name is jdk-1_x_x_-linux-i586.bin. (Get the latest java version to get run red5)

Add the executable permission to the file: chmod +x jdk-1_x_x_-linux-i586.bin
Execute the following command to start installation:
./jdk-1_x_x_-linux-i586.bin

According to the reference install information, it recommends the installation path: /usr/java

3) Install Apache Ant Ant 1.7:x
wget http://apache.mirror.transip.nl/ant/binaries/apache-ant-1.7.0-bin.tar.gz
=>tar -zxf apache-ant-1.7.0-bin.tar.gz
=>sudo mv apache-ant-1.7.0 /opt/ant # you dont need this
=>export ANT_HOME=/opt/ant

Input command directly through Terminal:
export JAVA_HOME=/usr/java
export PATH=$PATH:$JAVA_HOME/bin:$ANT_HOME/bin
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar

Red5

svn co http://svn1.cvsdude.com/osflash/red5/java/server/trunk red5
cd red5
now we have red5 directory containing red5 sources.
next step is compilation

cd red5
/opt/ant/bin/ant prepare
/opt/ant/bin/ant build

now directory “dist” contains compiled and ready to run server

cd dist
sh red5.sh

Run red5 from dist directory other wise it will not run.
red5 should now run http server on port 5080 and rtmp service on port 1935

so lets navigate to:

http://localhost:5080/demos/port_tester.swf

Need any help: Feel free to ask….
pankaj.dangi@gmail.com
Cheeerrrrrsssss

New architecture appears to include crawling, indexing, and ranking changes.
Caffiene will likely present Google results faster and make its search offering more real-time.

Caffeine won’t change the look or feel of Google’s popular search engine but will work under the hood to improve its performance, reportedly delivering faster, better, and more flexible results.

Google specifically states that its goal for the new version of Google Search is to improve its

Some features which will effect search engine. Have a look

• Indexing speed
• Accuracy
• Size
• Comprehensiveness.

Speed: They doubled the speed! If we search a category or word. Old google will takes time .25 seconds but Caffine will only take .12 sec.
Accuracy: You’ll notice that many of the blended search options, like image search and news, don’t appear in the new version.
Sets are very accurate, but subjectively, The new Google search more accurately reflect what a user would be looking for.

Index Size: Newgoogle claims 359,000,000 for dog word compared to old 51,900,000.

Say Goodbye To Duplicate Content Issues On Multiple Product Pages

What: Google’s new feature, Parameter Control, lets you list up to 15 parameters for Google’s search bots to ignore.

Why: Benefits
Can improve your site’s crawl efficiency
Gives you better display URLs

Is an excellent way to control duplicate content on your site – Telling Google that these pages contain the same content will allow them to index only one version in their search results. For example, if you specify that the parameter session id should be ignored, Google will consider these URLs to be the same page.

Enjoyyyyy….