Home >Education >15. Advanced PHP-Apache-MySQL - PHP & MySQL Web Development

15. Advanced PHP-Apache-MySQL - PHP & MySQL Web Development

Date post:08-May-2015
Category:
View:7,983 times
Download:16 times
Share this document with a friend
Description:
Advanced concepts about PHP, Apache and MySQLTelerik Software Academy: http://academy.telerik.com/school-academy/meetings/details/2011/10/11/php-school-academy-meetingThe website and all video materials are in Bulgarian.This lecture discusses the following topics:PHP Settings: Modifying PHP settings at runtime, Modifying trough .htaccessApache Settings: Virtual Hosts, Modules – mod_rewrite, mod_autoindex, mod_expires, etcMySQL Settings: Performance
Transcript:
  • 1.Advanced PHP,Apache and MySQLAdvanced SettingsNikolay KostovTechnical Trainerhttp://nikolay.itTelerik Software Academyacademy.telerik.com

2. Summary PHP Settings Modifying PHP settings at runtime Modifying trough .htaccess Apache Settings Virtual Hosts Modules mod_rewrite, mod_autoindex, mod_expires, etc MySQL Settings Performance 3. Configuring PHP The php.ini file 4. PHP Settings PHP settings are in the php.ini file Set of name=value statements Location of the file is different across the operating systems and versions Which php.ini file is loaded can be checked with the phpinfo() function PHP supports add-ons Most add-ons read their settings from the same file 5. Code Settings short_open_tags(on or off) Defines if Use ini_getfunction to check a value of php.ini variable Use phpinfo() function to see the current values of the PHP settings 10. Configuring Apache The httpd.conf file 11. Apache Settings Apache settings are defined in the httpd.conf file Location and name may differ across platformsand Apache versions Older version read from multiple files The site-specific settings and module-specificsettings are in separate files Follows syntax close to XML format Name value pairs sometimes in tags 12. Prefork vs. Worker Apache has two core modules (versions) prefork and worker Different behavior Prefork is process based, doesnt utilize threads much, better for single/dual core CPU servers Worker utilizes threaded-architecture better for multi-core/CPU servers Some tests say prefork is better, some say worker 13. Apache Modules Loading a moduleLoadModule ssl_module modules/mod_ssl.so Using conditional configuration settings:DirectoryIndex index.phpDirectoryIndex index.html Loading mod_phpLoadModule php5_module "C:/ProgramFiles/PHP/php5apache2_2.dll" 14. Connection Settings Timeout (in seconds) The number of seconds before it sends timeout to a dead connection Keepalive (on or off) Turns on and off persistent connections MaxKeepAliveRequests The maximum number of persistent connections allowed KeepAliveTimeout The number of seconds before closing a dead persistent connection 15. More Settings Listen Sets port for apache to listen for connections Can be repeated with different ports Usually separated in ports.conf file HostnameLookups (on or off) If turned on logs the host names of remote clients instead of IP addresses User,Group set the user and group that apache process should work in 16. More Settings DirectoryIndex Sets default file names that should be shown in case directory is requested Example:DirectoryIndex index.php index.html If the user requests http://www.example.com/test/ the server will look for index.php and then for index.html in the requested directory 17. Log Settings ErrorLog Sets the file apache logs errors to Can be specified separately for each site LogLevel Sets the level of logging to the error log One of debug, info, notice, warn, error, crit LogFormat Specifies nick names for different log formats Can be used for site-specific access logs 18. Virtual Hosts Apache supports multiple sites on the same IP address/port Specified in VirtualHost directives Usually virtual hosts are separated in differentfiles Requires NameVirtualHost directive Sets the IP address and port on which the apache will receive requests for the name-based virtual hosts IP and Port can be replaced with * (any) 19. Example Virtual HostNameVirtualHost *:80ServerName example.comServerAlias www.example.comDocumentRoot /var/www/example/htdocsErrorLog /var/www/example/logs/errCustomLog /var/www/example/logs/custom ServerName specifies the (domain) name ofthe virtual host ServerAlias specifies additional names(domains) for this virtual host 20. VirtualHost Settings DocumentRoot Sets the root directory for this host Passed to PHP in the $_SERVER[DOCUMENT_ROOT] variable Be careful with the ending slash ErrorLog sets the host-specific error log CustomLog sets the location and format for the host access log file 21. Location Directive The Locationdirective is used to define URL- specific settings Settings are directory based Can be placed in VirtualHost or for server-wide Require valid-user 22. Directory Directive Allow from localhost Deny from all The Directory directive is used to define file system directory settings Can be defined server-wide or host-specific 23. Deny and Allow The Deny from, Allow from and Orderdirectives are used to limit access to certain hosts Deny and Allow values are lists of hosts (space-separated), partial domain names, partial IPs or"all" The Order directive sets whether deny or allowshould be higher priority Value is "Allow,Deny" or "Deny,Allow" First is with higher priority, if host is not matched, secondin list is used 24. Deny and Allow ExamplesAllow from localhostDeny from allOrder Allow, DenyAllow from .net # partial domainDeny from 192.168 # partial IPOrder Deny, AllowAllow from localhost 192.168.0.1Deny from 85.187.0.0/16 # deny a networkOrder Deny, AllowAllow from 2001:db8::a00:20ff:fea7:cceaDeny from allOrder Allow, Deny 25. The Options Directive Sets valuesof several additional directory- based options Each option is prefixed with + or to turn on oroff; if no prefix is supplied, on is assumed ExecCGI whether CGI scripts execution isallowed in the directory FollowSymLinks whether Apache shoulduse only files or can follow symbolic links in thedirectory 26. The Options Directive Indexes If a URL maps to directory and there is no file that matches the DirectoryIndex directive then mod_autoindex will return page with the list of files in the directory Turning this on for hosts/locations that do not explicitly require it is considered security risk!Options +Indexes +FollowSymLinks -ExecCGI27. Setting-up a Virtual Host Example To set-up a virtual host follow the steps: 1. Set your domain name to point to your external IPaddressFor testing you can modify the "hosts file" /etc/hosts in Linux C:WINDOWSSystem32driversetc hosts in Linux 2. Add NameVirtualHost and VirtualHostdirectives in the httpd.conf 3. Restart Apache 28. Using HTTPS HTTPS is HTTP over SSL/TLS Apache has separate module for handling https Running virtual host over https requires certificate and connection on port 443 In Linux the packages openssl andssl-cert are necessary too Apache has automated script for generatingcertificates apache2-ssl-certificate 29. Configuring HTTPS Example of virtual host with SSL ServerName phpmyadmin.example.com DocumentRoot /usr/shared/phpmyadmin/ SSLEngine on SSLCertificateFile/etc/apache2/ssl/myadmin.pem The SSLEngine directive turns on the SSL securityengine SSLCertificateFile supplies valid certificate file The domain property in the file must match thehost name 30. Configuring HTTPS Example1. First ensure that httpd-ssl.conf file will be loaded. Put this code in httpd.conf: Include conf/extra/httpd-ssl.conf2. Create a self-signed SSL certificate: openssl genrsa 1024 > host.key openssl req -new -x509 -nodes -sha1 -days 365 -key host.key > host.cert cat host.cert host.key > host.pem3. Define a virtual host on port 443 with SSL engine switched on4. Restart Apache 31. HTTP Authentication The apache module mod_authallows the use of HTTP Basic Authentication Restrict or allow access to certain areas Requires user and password input For stronger authentication and scalability use mod_auth_digest or mod_auth_dbm Usernames and password are stored encrypted in a file 32. mod_auth directives AuthType Sets the type of user authentication Possible values are Basic and Digest AuthName User-friendly name of the realm that requires authorization Must be enclosed in quotation marks AuthUserFile Specifies the file that stores users and passwords 33. mod_auth directives AuthGroupFile Specifies the file that stores the groups of users Groups are simply alias to list of users Example content of group file:Boss: john peshoAccounting: mara cecaTesters: chocho bobo shusi Groups cannot be nested or inherited Never put the user file or groups file in the document tree of the site! 34. Require Directive Require sets which users/groups are allowed to access the realm Possible values are:Require user [list of users]Require group [list of groups]Require valid-user 35. The htpasswd tool Apache comes with a small tool for generating user files named htpasswd Encrypts the passwords Usually these files are named .htpasswd// the c flag means "create a new file"htpasswd c .htpasswd mara// asks you to supply password// add new userhtpasswd .htpasswd john// again asks for password 36. Authentication Example ServerName example.com DocumentRoot /var/www/ex/htdocs AuthType BasicAuthName "Example admin area"AuthUserFile /var/www/ex/.htpasswd 37. Using .htaccess Apache can read additional settings from files in the site document tree The name of the file is controlled by the AccessFileName server directive Usually named .htaccess In the .htaccess file can be placed all directives, valid for Location Slows down the Apache It has to read it on every request 38. Example .htaccessOptions +IndexesAuthType BasicAuthName "test"AuthUserFile ".htpasswd"php_value magic_quotes_gpc off Apache reads all .htaccess files in thedirectories from the document root up to therequested resource and combines them Can contain mod_rewrite settings Can contain PHP settings with the php_valuedirective 39. mod_rewrite mod_rewrite allows rule-based rewriting andredirecting of requests Example: user requests index.html but therewrite rules change this to index.php This is NOT redirecting! Used to make friendly URLs, rename resources,etc. Based on regular expressions Operates on per-server or per-directory context 40. Rewriting Directives RewriteEngine (on or off) RewriteBase Sets the base URL for per-directory (.htaccess) rewriting RewriteRule[pattern] [substitution][flags] If the requested URL matches the pattern it is rewritten with the replacement All

Click here to load reader

Embed Size (px)
Recommended