Enable image caching in apache for better Google Page Speed results

High page speed and short page load times of your website are essential for good search engine rankings today. In this FAQ, I will show you how to enable caching of graphic and CSS files in apache on Ubuntu and Debian.

The first step is to enable the expires module in apache:

a2enmod headers expires

This module allows the apache web server to set HTTP headers, in this case, to set the modification header for static assets like image and CSS files that don't change often.

Add the following config snippet inside the vhost file of the web site or at the end of the file /etc/apache2/apache2.conf to enable it globally.

<FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
Header set Cache-Control "max-age=3024000, public"
</FilesMatch>

Finally reload apache to apply the configuration change.

service apache2 reload

On ISPConfig 3 servers, the snippet can be added in the "Apache Directives" field of the website instead. There is no apache reload required as ISPConfig takes care about that.

How to add PHP support for jailed SSH users in ISPConfig 3

Jailkit is an easy to use tool to create and maintain jail environments for shell users on Linux. In this guide, I will show you how to move PHP and its dependencies into the jail so that the jailed user can execute PHP scripts inside the jail.
Continue reading How to add PHP support for jailed SSH users in ISPConfig 3

How to Backup OpenVZ Containers with vzdump on CentOS 6

OpenVZ is a Linux based Kernel virtualization technology developed by SWSoft for its commercial product Virtuozzo. The modified Linux Kernel and the system utilities are released under an OpenSource license. Vzdump is a shell based backup program for OpenVZ virtual machines. It is made for containers that use the traditional "simfs" filesystem, it can not be used for containers with "ploop" filesystem.

Continue reading How to Backup OpenVZ Containers with vzdump on CentOS 6

How to use IPTables on CentOS 7

Centos 7 replaced the traditional IPTables Linux Kernel Firewall with the Firewalld service. There are still a lot of scripts available that require the use of IPTables. A common example is the software Fail2ban.

In this guide, I will explain the installation of IPTables on Centos 7.x

The first step is to stop and mask the firewalld service:

systemctl stop firewalld
systemctl mask firewalld

Then install the "iptables-services" package with the yum package installer:

yum install iptables-services

And enable the new service:

systemctl enable iptables

IPTables is now ready to be used on your server. For example you can block an external IP address now with the iptables command:

iptables -A INPUT -s 192.168.0.10 -j DROP

Rules that you set with iptables persist only until the next reboot. To save them permanently use the following command:

service iptables save

wget command – how to limit the download rate

Sometimes it is necessary to limit the download rate of the wget command, e.g. when you are downloading a large file over a slow internet connection. The parameter to apply a download speed limit is the --limit-rate option. This setting is followed by the rate limit plus "k" for Kbit or "m" for MBit.

Example:

wget --limit-rate 128k http://downloadserver.tld/bigfile.zip