DaveDevelopment::Dave Marshall

After reading John Rockefeller’s post on Handling multiple domains and less recently Richard Heye’s post on displaying errors, I thought I’d write a little post about my qualms with their methods.

I won’t go into too much detail, but both examples use a variable that can be manipulated by the user, $_SERVER['HTTP_HOST']. Richard actually changed his example to use $_SERVER['SERVER_NAME'], but as Chris Shiflett shows, neither are guaranteed to be genuine.

My example relies on having access to the server configuration, but is fairly simple. I think Ruby on Rails uses a similar method.

First we set up our virtual hosts, all pointing to the same codebase, but each getting an individual environment variable set using mod_env.

<VirtualHost *:80>
    ServerName davedevelopment.co.uk
    DocumentRoot /var/www/codebase
    SetEnv WEB_ENV davedevelopment.co.uk
</VirtualHost>

<VirtualHost *:80>
    ServerName test.davedevelopment.co.uk
    DocumentRoot /var/www/codebase
    SetEnv WEB_ENV test.davedevelopment.co.uk
</VirtualHost>

<VirtualHost *:80>
    ServerName anotherSite.com
    DocumentRoot /var/www/codebase
    SetEnv WEB_ENV another_site
</VirtualHost>

The code then switches on this variable, which should be guaranteed to be controlled by yourself?

<?php
switch($_SERVER['WEB_ENV']) {
    case ‘davedevelopment.co.uk’:
        $message = ‘Welcome to DaveDevelopment’;
        break;
    case ‘another_site’:
        $message = ‘Welcome to another site’;
        break;
    case ‘test.davedevelopment.co.uk’:
    default:
        $message = ‘Welcome to DaveDevelopment Test’;
        break;
}

echo $message;

?>

I had a problem today at work, I’ve been coding exclusively in PHP5.2 since it was available and most of the servers I’ve been working for are Debian or Ubuntu based, so I didn’t have any problems until this afternoon. We’ve recently bought a SAN solution from Dell and to gain support we bought two new servers, both with SUSE Enterprise Linux installed, which only comes with PHP 5.1.2. That particular version came out in January 2006. Since then I’ve been using the new DateTime object, the filter functions, memory_get_peak_usage() and sys_get_temp_dir(). And they’re only the problems I noticed. We could install from source, but then we lose the subtle benefits of package management.

So, this lead to me wondering what LAMP versions the popular distros are using, with the help of DistroWatch, I compiled this table. It only shows the community/open source distributions, the commercials counterparts for each are usually at least a year behind, guaranteeing support but only for out of date versions.

Here’s a quick tip to optimise the HTTP response headers sent by your webserver. While being pretty useless to the average user, the Server signature and powered-by headers could be removed or at least reduced. Obviously these changes are only minor, but on a heavily loaded server such as large forums, could make a decent little saving.

These two little changes…

apache2.conf

ServerTokens Prod

php.ini

expose_php = Off

Will change the HTTP response headers on this server from:

Server: Apache/2.0.54 (Debian GNU/Linux) PHP/4.3.10-16 \
mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4
X-Powered-By: PHP/4.3.10-16

To:

Server: Apache

That’s a saving of 128 bytes. This site has served 2025 requests so far this month, so this little trick might only have saved me 253kB, but what if there had been 20,000,000 requests?

payday loans cash advance needs

I’ve finally gotten around to finishing the basic design on the Broadband affiliate site project I’ve had ongoing for a while and figured it would be nice to have a backend to add/remove, de-activate all the different packages etc. So, I decided to go crazy and have a look at Ruby on Rails.

Now I’m not extremely well versed with patterns and so on, but I have a decent understanding of the MVC style architecture that seems to be popular these days and I’ve seen a few tutorials on Symfony, a PHP 5 web framework which I believe is fairly similar in nature to Rails, so I figured I’d get along okay. I feel I was pretty right, in a few hours over today and yesterday I’ve come out with a working database driven website and administration area running on Ruby on Rails.

Running Gentoo, I always try and use the portage package management tool, to be double sure on what I needed to do I had a little search on google which led me to this page, and these commands.

echo "dev-ruby/rails mysql fastcgi" >> /etc/portage/package.use
emerge -av rails
rails /path/to/app

That all went well and I was sat looking at a clean rails application. I fired up the builtin webserver, WEBrick, it worked, so I closed it again. Seeing as I use Apache on all my servers, I wanted to use it for the development aswell. I’ve never used FastCGI before, but what do you know there was an example virtual host definition in the rails README file.

  <VirtualHost *:80>
    ServerName rails
    DocumentRoot /path/application/public/
    ErrorLog /path/application/log/server.log

    <Directory /path/application/public/>
      Options ExecCGI FollowSymLinks
      AllowOverride all
      Allow from all
      Order allow,deny
    </Directory>
  </VirtualHost>

Once again, this worked a treat. I then set about creating my application, which by enlarge went along without many flaws, using a combination of the excellent Rails API, this Create a weblog in 15 minutes screencast and Rolling with Ruby on Rails as guidance. The biggest problem I had was creating initially trying to create the scaffolds. Not knowing RoR’s naming conventions, I’d foolishly named my database tables in the singular form, ie provider rather than providers. After overcoming this, I rolled on pretty nicely.

Using this page as guidance I used the login_generator to create a simple admin area, and the scaffolding stuff filled most of the admin pages for me, just a few tweaks here and there were required. The public face was even easier, basically allowing a few different ways to filter the list of broadband packages through one action, ‘list’.

As far as the language Ruby itself goes, I’ve barely learnt anything, basically because Rails does it all for me. The most complicated things I did code wise, was using a case statement to change the filtering on the public packages page and this simple function for turning bytes into a more readable form.

        def human_readable(number)
                count = 0
                while number/1024 > 1
                        number = number/1024
                        count += 1
                end

                iec = ['', 'K', 'M', 'G', 'T']
                return number.to_s + iec[count]
        end

My only gripe with this so far, is the speed. It does take forever to generate these simple pages, the built in webserver does seem to be a shade quicker, but I’d still rather use apache. I’m sure there’ll be some tweaks I can make to speed the FastCGI module up, but there’s no rush for that now.

Hopefully I’ll signup for a few affiliate programs and launch the site properly within the next few days, I don’t expect to make a fortune but it’s been a good little learning utility so far and I hope to use it to learn a few things about affiliate marketing.

Well then, a few months down the road and I’ve hopefully made a few more improvements to DaveProxy.

First off is some modifications to the CGIProxy script, thanks to the guys over at Proxy Society. It basically allows me to control which type of files can be accessed through the proxy, based on the file extension.

I did have Squid running as a httpd accelerator for a while, but in the end I decided that the benefits were not really worth the hassle. On the other hand, I can see where this type of setup could prove very useful, particularly with other CGI scripts, just not proxy one’s.

I also started rotating the cgi-bin folder by adding a random number to the end, changing all the configuration scripts and the index page of the site every two hours. This certainly stopped a lot of hotlinking, but stopped people from adding favourites through the site and also any incoming traffic from Proxy.org. I also tried using apache to deny any requests without referers, this worked well for a short time…

The site had some major downtime recently and although I’m not entirely sure I think I figured out what happened. About three days ago, I had a massive influx of traffic, which ended with me serving thousands of 403 denied requests, which culminated in the proxy not being able to handle any real requests because apache and the proxy itself were firing that many 403’s back. I personally think these requests were mainly coming from China. Pages like this providing links to FreeBSD and not to mention all the forum pages hotlinking porn, are just abusing the site and it’s not fair on me or the genuine users. First I thought about geotargetting and deny requests, but that wouldn’t help anyway. A 403 might cost me 1kB, which doesn’t sound like much, but times that by thousands and my server would be crippled again. So why not drop it before it gets to Apache? A quick google search not only led me to sites listing chinese and korean ‘A’ class network ranges, but also to iptables scripts set to drop all traffic for them. Changed the port from SMTP to HTTP and I was in business. Even implemented this at work for our SMTP server, cut the spam in half!

Add to that some more links, a news page, a links page and a little bit of promotion here and there and that’s DaveProxy as of now.

Just spent an hour or so tweaking the server running DaveProxy, mainly the introduction of mod_perl and a couple of little tweaks to Apache. Both together it should help keep it up during the worst periods of traffic.

I decided I’d take this course of action rather than moving over to PHProxy, although CGIProxy is very heavy on resources, using mod_perl should cut out the perl interpreter instantiation for every request and also allows easier monitoring using Monit. While PHProxy is better on the resources side of things, CGIProxy handles more features.

Depending on how well it goes over the next week, I may introduce squid as a cache between Apache and clients.