Page Speed ​​is an open source project started by Google to help developers optimize their web pages by applying best practices in web performance.
Page Speed ​​began as an extension of the open source browser, and is now deployed in third party products as Webpagetest.org, Show Slow and Google Webmaster Tools.

How it works :

The Page Speed extensions run performance tests on the basis of a set of best practices known to reduce page load time.
mod_pagespeed, the Apache module, automatically optimizes the resources in a web page.

Installation:

First you need to download the module from here:  mod-pagespeed download

Then run the following commands to install it:

dpkg -i mod-pagespeed-*.deb
apt-get -f install

After you installed the plugin you must restart the apache2 server.

/etc/init.d/apache2 restart

Configure mod_pagespeed for using  on VirtualHosts:

Continue Reading…

You may be concerned about the security of your servers, and you should know that hackers often try to break your server

One way to secure your LAMP server would stop Apache and PHP5 to send details of their versions or other valuable informations.

1. How to hide Apache2 version?

Continue Reading…

eAccelerator is a free open-source PHP accelerator & optimizer. It increases the performance of PHP scripts by caching them in their compiled state, so that the overhead of compiling is almost completely eliminated. It also optimizes scripts to speed up their execution. eAccelerator typically reduces server load and increases the speed of your PHP code by 1-10 times.

eAccelerator stores compiled PHP scripts in shared memory and executes code directly from it. It creates locks only for a short time, while searching for a compiled PHP script in the cache, so one script can be executed simultaneously by several engines. Files that can’t fit in shared memory are cached on disk only.

The latest release, 0.9.6.1, features support for PHP 5.3 and also works with PHP 5.1 and 5.2.

1. Installation:

apt-get update && apt-get upgrade && apt-get install php5-dev

Now  you  have to download and install eAccelerator from the eAccelerator website.

Now Install eAccelerator using the following commands:

cd /usr/src
wget http://bart.eaccelerator.net/source/0.9.6.1/eaccelerator-0.9.6.1.tar.bz2
tar -xvfj eaccelerator-0.9.6.1.tar.bz2
cd eaccelerator-0.9.6.1
phpize
./configure
make
make install

2. Integrate eAccelerator in PHP5:

Continue Reading…

What is mod_evasive?

mod_evasive is an evasive maneuvers module for Apache2 to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive presently reports abuses via email and syslog facilities.

Installation:

apt-get install libapache2-mod-evasive

Activate the mod_evasive module:

In the directory: / etc/apache2/mods-available / Debian Squeeze should already have directive to load the module. Or you just can use the following command:

a2enmod mod-evasive

The configuration:

Continue Reading…

This the solution that I found against Script Injection:

First of all, backup file. htaccess.

Then paste the code below in .htaccess:

Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]

What is the code doing?

Check if the application contains <script> and if someone try to change the variable values  GLOBALS and  _REQUEST variables.

If this happens, then the browser is closed and the 403 error is returned.

I hope this is usefull. Enjoy

Page 4 of 71234567