Enable image caching in apache for better Google Page Speed results

High page speed and short page load times of your website are essential for good search engine rankings today. In this FAQ, I will show you how to enable caching of graphic and CSS files in apache on Ubuntu and Debian. The first step is to enable the expires module in apache: a2enmod headers expires ... Read more

Apache mod_security settings for WordPress and ModX

If you use the apache mod_security module on your apache server, you might encounter wrong 403 errors for several URL's of the cms systems. Here are some exception rules to avoid that: For WordPress Blogs <locationmatch "/wp-admin/admin-ajax.php"> SecRuleRemoveById 300013 SecRuleRemoveById 300015 SecRuleRemoveById 300016 SecRuleRemoveById 300017 </locationmatch> <locationmatch "/wp-admin/page.php"> SecRuleRemoveById 300013 SecRuleRemoveById 300015 SecRuleRemoveById 300016 SecRuleRemoveById ... Read more

Fix “HTTP request length 134926 (so far) exceeds MaxRequestLen” error on Debian Linux

When you get a 500 error in a webpage hosted on Debian Linux (6.0) with apache webserver and fastcgi, take a look into the apache error.log file. This can either be the global error.log or the error.log of the website where you got the error. If you find a error similar to this one: [Fri Apr ... Read more

Apache mod-security installation on Debian 6.0 (squeeze)

Install the apache mod-security 2 module with apt from the Debian repositories apt-get install libapache-mod-security Create the folder for the mod-security configuration files mkdir /etc/apache2/mod-security chmod 600 /etc/apache2/mod-security Download and unpack the mod-security rules cd /tmp wget http://www.modsecurity.org/download/modsecurity-core-rules_2.5-1.6.1.tar.gz tar fvx modsecurity-core-rules_2.5-1.6.1.tar.gz mv *.conf /etc/apache2/mod-security/ ln -s /var/log/apache2 /etc/apache2/logs Configure apache to load the activated mod-security ... Read more

Webalizer error opening the file /usr/share/GeoIP/GeoIP.dat on Debian Linux

The Webalizer package in Debian 6 has currently small bug as the required package for the  GeoIP database is not installed automatically when Webalizer is installed. The symptoms are that Webalizer statistics was not created and this error message is displayed when Webalizer is run: Error Opening file /usr/share/GeoIP/GeoIP.dat The solution is to install the ... Read more

Redirect http requests to a new folder with apache rewrite rules

When you reorganize the structure of a website, you might want to redirect requests to files in a old folder to a new one without loosing the pagerank. In this example, I will redirect all requests from directory "olddir" to directory "newdir", so that requests like http://www.yourdomain.tld/olddir/page.htm get redirected to http://www.yourdomain.tld/newdir/page.htm without loosing the Google pagerank ... Read more

Prevent DOS attacks on apache webserver for DEBIAN linux with mod_evasive

The following guide explains the installation of the apache module "mod_evasive". Mod_evasive tracks the number of requests of files at the apache webserver and blocks the delivery in case that a certain limit has been reached. Installation apt-get install libapache2-mod-evasive Create the log directory for mod_evasive mkdir -p /var/log/apache2/evasive chown -R www-data:root /var/log/apache2/evasive Now we ... Read more

Apache webserver: redirect requests for domain.com to www.domain.com

Many webmasters want to redirect users that access their websites with "domain.tld" automatically to "www.domain.tld". If you use the Apache web server, you can do this by using Apache rewrite rules. Add a .htaccess file with the following content in the root directory of the website: RewriteEngine On RewriteCond %{HTTP_HOST} !^www\.domain\.com RewriteRule (.*) http://www.domain.com/$1 [L,R=301] ... Read more

Get a list of all virtual hosts which are defined in all apache configuration files

Have you ever searched where the virtual host of a website is defined in the apache config files? There is a handy option of the apache2ctl script which might help then. When you run the command: apache2ctl -S on the shell, you will get a list of all virtual hosts and default servers incl. the ... Read more

How to disable Apache mod_security for a website in ISPConfig 3.

If you use mod_security on your server you might encounter that a website script is not compatible with mod_security. To disable mod_security (v2) for a website, add the following code into the apache directives field: <IfModule mod_security2.c&gt SecRuleEngine Off </IfModule&gt For the older mod_security 1 version, use these configuration directives: <IfModule mod_security.c> SecFilterEngine Off </IfModule> ... Read more