This guide is written mostly for web administrators/developers, who want to optimize the speed and increase the security of Apache web server. Without a doubt, Apache is still one of the best web servers on the Internet. Being open source, loaded with modules that can do almost anything, Apache is a good solution for both development and production needs. This guide will help you get the best out of Apache web server by letting you control its usage with minimum resources.

1) Who should use this guide?

Web admins and web developers who want to optimize the speed and increase the security of Apache Web Server. Also the guide is useful for ISPs who get slammed with big loads of traffic.

2) On what operating systems has this guide been tested on?

This guide was tested on Redhat Enterprise Linux 5 and Fedora Core 8, but should work on any *nix or win32 environment as well.

3) Does this guide guarantee a significant increase in performance of Apache?

This guide might or might not help you increase the speed of Apache. I don’t guarantee anything. Please be warned that the speed of Apache is controlled by many factors such as amount of RAM, processor speed, size of the executable, number of compiled modules and etc. Don’t expect your Apache to be twice as fast just because you followed the guide. I will do my best in providing explanations for what I’m doing and why, so that you understand the purpose of every action and how it can help you in speeding up your web server.

4) What you need to get started:

The guide is useless without a working Apache installation. If you don’t have Apache installed yet, go ahead and install it now. You can follow my “Apache, PHP, GD & Mod_Perl Guide” or install it on your own. I do not recommend running the default RPM version of Apache that comes with your OS distribution for various reasons. Go ahead and download the following modules into your source directory (in this case the source directory is /usr/local/src).

List of useful modules:
- mod_evasive 1.10.1 from http://www.zdziarski.com/projects/mod_evasive/
- mod_security 1.9.5 from http://www.modsecurity.org

(more…)

This guide is for those who want to build a stable Apache compiled with PHP, GD, mod_ssl and mod_perl for production servers. Since a lot of people get confused with a source installation, I decided to write this guide to help them out. It’s very sad that the latest versions of linux come with Apache2, which is not yet ready to be built for real production servers. After checking out Apache2, I found the following problems:

• mod_perl is unstable on Apache2. After testing some scripts that heavily rely on mod_perl, I came across segmentation faults and weird errors.
• PHP will not compile into Apache2 – it can only be installed as a DSO module. I wouldn’t install PHP as a module on a production server since PHP works much faster when compiled into Apache and you will need all the speed you can get, especially if you have limited RAM.
• Some apache 1.3.x modules don’t work with Apache2.

I’m sure there are more problems out there, but they are all getting fixed day by day. Apache2 has some very neat features and I hope to see it in production servers soon.

(more…)

I wrote this guide for those people, who would like to print cyrillic letters in GD. Since native GD fonts do not support Cyrillic characters, the only way to print out Cyrillic on GD is to use TrueType fonts. If you are using GD very often, using ttf is not the best and speedy solution. TrueType fonts do require more memory, time and CPU usage for producing an image in GD, whereas native GD fonts take up a lot less memory and time, because they are already compiled into GD.

Russian GD 2.0.33 Guide
or
Support for Cyrillic letters in GD 2.0.33

1) Who should use this guide?
Those of you who are really worried about productivity and speed in producing images with Cyrillic letters using Boutell’s GD.

2) On what operating systems has this guide been tested on?
This guide should work on all flavors of Linux, FreeBSD and OpenBSD systems. If you make it work on any other platform, please let me know :-)

3) Stuff we’ll be needing (sources)
Before version 2.0.33 all GD releases did not have GIF image support. This happened because of LZW patent issues. The patent has been expired and gif support will be added to all GD releases from now on.

Create a “GD” folder in /usr/local/src and download the following sources to the directory /usr/local/src/GD:
- GD v2.0.33 sources from Boutell.com
- Perl GD Module v2.28 sources from Lincoln Stein

Other Files:
- JPEG v6b sources from Independent JPEG Group
- TIFF v3.6.1 sources from Libtiff.org
- LibPNG v1.2.8 from Libpng.org
- zlib v1.2.3 from Zlib.net
- Freetype v2.1.10 from The FreeType Project
- Russian GD Patch from this site

(more…)

This guide is for those people, who would like to print Cyrillic letters in GD. Since native GD fonts do not support Cyrillic characters, the only way to print out Cyrillic on GD is to use TrueType fonts. If you are using GD very often, using TTF is not the best and speedy solution. TrueType fonts do require more memory, time and CPU usage for producing an image in GD, whereas native GD fonts take up a lot less memory and time, because they are already compiled into GD.

Russian GD 1.8.4 Guide
or
Support for Cyrillic letters in GD 1.8.4

1) Who should use this guide?
Those of you who are really worried about productivity and speed in producing images with Cyrillic letters using Boutell’s GD.

2) On what operating systems has this guide been tested on?
This guide should work on all flavors of Linux, FreeBSD and OpenBSD systems. If you make it work on any other platform, please let me know :-)

3) Stuff we’ll be needing (sources)
Latest versions of GD do not have gif image support. This happened because of some patent and copyright issues. Officially, Boutell.com is not allowed to add gif image support to its versions of GD, but there have been some brave developers out there who patch the released versions of GD to add internal gif support. In this guide, I provide links to both official and patched releases of GD. If you are really worried about copyright laws, please do not use the patched gif version for your own good. Otherwise, download the patched version and cross your fingers :-)

Create a “GD” folder in /usr/local/src and download the following sources to the directory /usr/local/src/GD:

Official GD:
- Official GD v1.8.4 sources from Boutell.com
- Perl GD Module v1.33 sources from Lincoln Stein

Patched GD:
- Patched GD v1.8.4 sources with Gif support from Albatross Consulting
- Patched Perl GD Module v1.30 sources from Albatross Consulting

Other Files:
- JPEG v6b sources from Independent JPEG Group
- TIFF v3.5.7 sources from Libtiff.org
- LibPNG v1.2.5 from Libpng.org
- zlib v1.1.4 from Gzip.org
- Freetype v1.3.1 from The FreeType Project
- Russian GD Patch from this site

(more…)

Big thanks to Richard Stanway for his valuable feedback on my Qmail guide. I received the following e-mail from him:

From: “Richard Stanway”

I would strongly recommend you remove the relays.osirusoft.com and replace it with a more responsible list such as sbl.spamhaus.org. The relays.osirusoft.com zone contains SPEWS.org data – SPEWS operate by “punishing” ISPs who host spammers by blacklisting huge IP ranges in order to make them lose customers and “pressure” them into booting spammers. I for one do not agree with this tactic that is causing many legit messages from innocent users who happen to use the same ISP to be bounced. My server on which I set up qmail following your guide happens to be on a SPEWS IP range even though my ISP has a strict anti spam policy – a spammer signs up, spams for a day, gets booted from the network and then my IP range is blacklisted on SPEWS for months on end causing legitimate mail to be bounced and no way to our IP range removed.

I am not the only one to be suffering legitimate mail bouncing as a result of SPEWS, I can tell you that for sure. I would greatly appreciate it if you could remove relays.osirusoft.com from your example file to stop users who may not know what they are doing following your guide and accidentally using this SPEWS zone data and blocking legitimate messages. The sbl.spamhaus.org zone on the other hand I have found to be very well maintained and targeted exclusively at spammer IP ranges and not one legit message has been lost as a result of my using this zone. The worst thing is it is next to impossible to be removed from SPEWS – if you are an ISP offering a competitive price and a spammer signs up on your service then you are screwed. Even if you have strict anti spam policies and remove them from the network you do not get delisted, so I do not see how their “pressure tactics” against ISPs will help anything – the ISP has no incentive to boot spammers if they will still remain listed.

I would also appreciate it if you could perhaps do your own research on SPEWS and recommend to people not to use them if you feel the same way as I do. I have put a little article on my website at http://www.r1ch.net. There are also some recent articles on theregister.co.uk and msnbc.com about SPEWS. SPEWS obviously is not going away any time soon so it is up to people to convince mail server admins not to use their zone data. I think a lot of people are using the DNSBL without even realizing it since it is incorporated into the relays.osirusoft.com zone. It really sucks that I have bought a new dedicated server and because my ISP offers good pricing, spammers take advantage of them and SPEWS then goes and ruins it for everyone by listing us and causing mail to bounce from the whole IP range.

Thus, relays.osirusoft.com is gone from my SMTP execution script.

This simple gcc howto will help most users out there to get source distributions to compile properly. As you might know, latest versions of gcc do have compilation problems. mySQL, vmailmgr and some other programs will simply refuse to compile on newer versions of gcc. After doing some research, I found out that the best and most stable version of gcc is 2.95.3. In this quick howto you will configure and install the best gcc version.

GCC 2.95.3 Guide
or
A simple GCC howto for beginners

1) Who should use this guide?
Those of you who need mySQL and other sources to compile properly.

2) On what operating systems has this guide been tested on?
This guide should work on any Linux, FreeBSD and OpenBSD system. I have successfully compiled gcc on Redhat Linux 7.3 and 8.0. If you make it work on any other platform, please let me know.

3) Downloading gcc 2.95.3 source
Download the following source into /usr/local/src:
- GCC v2.95.3 from http://gcc.gnu.org

(more…)

I wrote this guide for a couple of reasons. First, the existing qmail guides that I’ve found on the net did not provide a complete qmail solution. My first qmail installation was such a pain for me, that I had to go through a tough qmail learning process (yes, qmail can sometimes be a real pain, especially for newbies) and discover some things by myself. Of course, such great Internet resources as mailing lists and other qmail contributions made my life a lot easier :-) Konstantin Riabitsev‘s “Qmail-Vmailmgr-Courier-Squirrelmail Installation Guide” was the first guide that really helped me out. That’s where I borrowed some stuff from while writing this guide – of course, with his agreement. Second, I simply love qmail and would like to contribute to its development, even a little bit. Third, I think that many admins out there will find this guide useful and practical. And fourth, every once in a while I do install qmail on different servers for various reasons and I simply got tired of carrying installation notes with me all the time. So, in a way, this guide is for myself too ;-) (more…)