MichaelOldroyd.co.uk

Cattle vs Kittens – On Cloud Platforms No One Hears the Kittens Dying

When you are enter a discussion about Cloud Computing with legacy IT people, you often (always) tell the story of handling IT infrastructure with the "Cattle vs Kittens". The story highlights the d...

Laravel Forge – Hosting on AWS

Laravel Forge originally had support for Rackspace and AWS (Amazon Web Services), but for various reasons it now supports three options: DigitalOcean, Linode, and "Custom VPS." Today we're going to get a rudimentary single-instance application running on AWS, managed by Forge, using the "Custom VPS" option. This post assumes little-to-no experience with AWS, but does assume general competency with managing servers, and experience with Forge. 1. Sign up for AWS # Visit http://aws.amazon.com/console and choose Sign Up. Have a credit card and a phone ready to verify your identity and to add payment information. Even though you're entering your credit information, what we're setting up today will keep you on the Free tier, so you don't have to worry about being charged immediately. 2. Visit the AWS console # Once you're signed up and have verified your account, visit the AWS console. Click on the "EC2" button to take you to the management console for EC2, or "Elastic Compute Cloud"--Amazon's service for creating and managing Virtual Machines. 3. Launch a new Instance # From here, click "Launch Instance". 4. Choose your Machine Image # This allows you to specify which Machine Image--that is, which pre-created recipe for a Virtual Machine--you'd like to base this intance off of. For Forge, you'll want to use Ubuntu Server 14.04 LTS (HVM), so Select that one. 5. Choose Instance Type # For this demo, we'll go for the lowest power, free option: t2.micro. Rather than Launching now, let's walk piece by piece through the configuration process. 6. Configure Instance Details # You can now configure all the specific configuration details for this instance. The defaults here are fine for a demo, although if you plan to rely on this simple server for anything you'll probably want to check Enable Termination Protection so the server will reboot if anything happens to shut it down. When you're done, move to the next screen. 7. Add Storage # We can configure the amount and type of storage our instance will have available. The default is an 8GiB SSD drive, so let's just keep that as-is and move on. 8. Tag Instance # AWS allows you to tag each instance with up to 10 key/value pairs. This can be useful if you want to sort or add permissions to instances later (using IAM roles) based on client (Client=Bob), environment (Environment=Staging), management service (Managed-By=Forge), or more. If this is confusing, feel free to just skip it. I just added Managed-By=Forge. 9. Configure Security Group # Security Groups allow you to associate multiple instances together with a single set of security permissions. Security Groups allow you to both apply the same settings to multiple instances, and create an instant firewall surrounding just the members of that group--one of the primary permissions options for rules is "only members of this security group." Therefore, you'll want to create a new security group...

Using syslog for your php applications

Linux, and other unices have an excellent system to centralize log events. This is done through syslog. This system removes the need for every application ...

How To Configure Virtual Memory Swap File on a VPS

This article will cover the pros and cons of using virtual memory or a swap file (paging), determining if your droplet already uses virtual memory or paging, the differences between a swap partition and a swap file, information on how to create a swap

Solving a Pound HTTPS Redirect Issue

I recently had a problem where a Magento store would infinitely redirect, from TLD to sub-domain (i.e. non-www to www). The server was configured behind a reverse proxy, which was handled by Pound (acting as a load balancer and SSL wrapper). Pound is great for handling hand-overs between a caching proxy and application servers, in addition to load balancing multiple servers and wrapping SSL connections to the client.

Filed under Servers

PHP 5.6 alpha

How to install/setup latest version of PHP 5.5 on Debian Wheezy 7.0/7.1

API Callback URLs and HTTP Authentication

When developing web applications that use APIs, it is usually necessary to have the development site accessible for API callback URLs. A good example would be when working with payment gateway systems, which typically post back success or failure of transactions. In this event it is convenient to use HTTP authorisation to prevent outside access (users, crawlers, etc.). The issue with this is that API systems don’t always work with the http://[user]@[password]:[url] method of manually passing through this authentication method.

Filed under Development, Snippets

Installing XHProf on Debian Squeeze

I was working on a project which was randomly failing to load certain views outside the development environment. It turns out that the system was running out of memory. After searching some of the error messages output by the script, I stumbled upon the xhprof PHP module. It was originally created by Facebook, and released under an open source license.

Filed under Servers, Snippets

Disabling Apache Server Signature

I have been trying to disable the server signature for a while, but I found that turning off the ServerSignature directive didn’t work for all servers. The signature might read something like:

Apache/2.2.X (Ubuntu) mod_ssl/2.X.X OpenSSL/0.X.X

If your server exposes this information, it’s easier for an attacker to compromise a system based on flaws in a particular server software version (especially if your server software is allowed to become outdated, or your distribution is slow to release security updates). By default, it will display this on error pages in plain text, and also present it as a Server header on every request.

To disable completely, you should set the following directives in your Apache configuration:

ServerSignature Off
ServerTokens Prod

via Nixtechnica

Filed under Snippets