Category: Senza categoria

NGINX : owncloud + spdy

This is my example configuration for version nginx 1.7

# Example taken form owncloud administrator manual
# http://goo.gl/63Mb9k
server {
 listen 80;
 server_name cloud.moscheni.it;
 return 301 https://$server_name$request_uri; # enforce https
}
server {
 listen 443 deferred spdy ssl;
 listen [::]:443 deferred ssl spdy ipv6only=on;
 server_name cloud.moscheni.it;
 ssl_certificate /var/www/cert/moscheni.it/ssl-unified.crt;
 ssl_certificate_key /var/www/cert/moscheni.it/moscheni_it.key;
 ssl_trusted_certificate /var/www/cert/moscheni.it/ssl-trusted.crt;
 ssl_session_cache shared:SSL:10m; ## session cache
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ## no valurable SSLv3
 add_header Strict-Transport-Security max-age=31536000;
 ## always use https, don't allow http
 add_header X-Frame-Options DENY;
 ## don't allow to render site in frame
 ssl_prefer_server_ciphers on;
 ## let server decide which protocol fits best
 ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
 ## secure ciphers
 ssl_session_tickets on;
 ssl_stapling on;
 ssl_stapling_verify on;
 resolver 8.8.8.8 8.8.4.4 valid=300s;
 spdy_headers_comp 1;
 # Path to the root of your installation
 root /var/www/owncloud/;
 client_max_body_size 10G; # set max upload size
 fastcgi_buffers 64 4K;
 client_body_buffer_size 2M;
 rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
 rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
 rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
 index index.php;
 error_page 403 /core/templates/403.php;
 error_page 404 /core/templates/404.php;
 location = /robots.txt {
 allow all;
 log_not_found off;
 access_log off;
 }
 location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) {
 deny all;
 }
 location / {
 # The following 2 rules are only needed with webfinger
 rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
 rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
 rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
 rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
 rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
 try_files $uri $uri/ index.php;
 }
 location ~ \.php(?:$|/) {
 fastcgi_split_path_info ^(.+\.php)(/.+)$;
 include fastcgi_params;
 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 fastcgi_param PATH_INFO $fastcgi_path_info;
 #fastcgi_param HTTPS on;
 fastcgi_param HTTPS $server_https;
 fastcgi_pass php-handler;
 fastcgi_read_timeout 600; # Increase this to allow larger uploads
 access_log off; # Disable logging for performance
 fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on;
 }
 # Optional: set long EXPIRES header on static assets
 location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
 expires 365d;
 # Optional: Don't log access to assets
 access_log off;
 }
}
map $scheme $server_https {
 default off;
 https on;
}

share save 120 16 NGINX : owncloud + spdy

nginx + php5-fpm & php-apc + memcached

 Install Nginx 

add official repository

vi /etc/apt/source.list
# nginx
deb http://nginx.org/packages/debian/ wheezy nginx

install

aptitude install nginx nginx-extras mysql-server mysql-client memcached php5-fpm php5-gd php5-mysql php-apc php-pear php5-cli php5-common php5-curl php5-mcrypt php5-cgi php5-memcached

Enable Nginx microcache
Microcaching requires the presence of /var/cache/nginx/microcache directory which don’t exist by default. You must create it and grant the appropriate permissions to the Nginx user (in Debian 7 it’s www-data)

mkdir -p /var/cache/nginx/microcache/
chown www-data:www-data /var/cache/nginx/microcache

APC  – Alternative PHP Cache

tweak your APC settings with following or adjust as you wish

vi /etc/php5/mods-available/apc.ini

 

add this lines:
​apc.enabled=1
apc.shm_segments=1
apc.shm_size=64M
apc.ttl=7200
apc.write_lock = 1
apc.slam_defense = 0

 

Memcached

Is powerfull if use wordpress whit w3c total cache
Configuration file is located in etc folder: /etc/memcached.conf.
Probably is good to increase memory pool at least to 128MB (default is 64MB)
Change line 23 from -m 64 to -m 128

Ottimize Mysql 

just a little bit ottimization

edit /etc/my.ini
At “[mysqld]” block, add this:

# Activate query cache
query_cache_limit=2M
query_cache_size=64M
query_cache_type=1

# Max number of connections
max_connections=400

# Reduce timeouts
interactive_timeout=30
wait_timeout=30
connect_timeout=10

# secure values with reserve for web processes
# Increase number of incoming connections backlog
sysctl -w net.core.netdev_max_backlog=4096
sysctl -w net.core.somaxconn=4096
sysctl -w net.ipv4.tcp_max_syn_backlog=4096

PHP Sessions on tmpfs

Though I have been discussing this solution in the case of caches, file-based PHP sessions can be setup in a similar manner. You must first work out where session files for your PHP installation are stored. Note, that if your using PHP-FPM you may be required to modify the second configuration line.

# /etc/php.ini
session.save_path = /var/lib/php/session
# /etc/php-fpm.conf
php_value[session.save_path] = /var/lib/php/session

We can then make sure that the directory has been created, along with the fall-back permissions. So as to temporary see the performance increases, we are able to mount the ‘tmpfs’ partition to the session directory, setting ownership to the desired user.

mkdir -p /var/lib/php/session
# fallback
chown nginx:nginx /var/lib/php/session
chmod 755 /var/lib/php/session
# temporary mount
mount -t tmpfs -o size=32m,mode=0755,uid=$(id -u nginx),gid=$(id -g nginx) tmpfs /var/lib/php/session
umount /var/lib/php/session

If you are a satisfied with the configuration, you can persist the partition mount across reboots by adding the following line to your ‘fstab’ file.

echo "tmpfs /var/lib/php/session tmpfs size=32m,uid=$(id -u nginx),gid=$(id -g nginx),mode=0755 0 0" >> /etc/fstab

 

share save 120 16 nginx + php5 fpm & php apc + memcached

SonicWall NetExtender Client Linux

How to install  Dell SonicWall NetExtender Client on linux 64/32 bit

1) dowload lates version on :
https://sslvpn.demo.sonicwall.com/cgi-bin/portal , login demo password as ”  password  ”
click NetExtender

2)
# tar xzf NetExtender.Linux.7.0.749.x86_64.tgz
# cd netExtenderClient/
# ../install
— Dell SonicWALL NetExtender 7.0.749 Installer —
Checking library dependencies…
Checking pppd…
Do you want non-root users to be able to run NetExtender?
If so, I can set pppd to run as root, but this could be
considered a security risk.
Set pppd to run as root [y/N]? y
il modo di “/usr/sbin/pppd” è stato mantenuto pari a 4754 (rwsr-xr–)
il modo di “/usr/sbin/pppd” è stato cambiato da 4754 (rwsr-xr–) in 4755 (rwsr-xr-x)
il modo di “/etc/ppp” è stato mantenuto pari a 0755 (rwxr-xr-x)
il modo di “/etc/ppp/peers” è stato cambiato da 2750 (rwxr-s—) in 2754 (rwxr-sr–)
il modo di “/etc/ppp/peers/provider” è stato cambiato da 0640 (rw-r—–) in 0644 (rw-r–r–)
il modo di “/etc/ppp/peers” è stato cambiato da 2754 (rwxr-sr–) in 2755 (rwxr-sr-x)
Copying files…
Compatibility mode: SUSE/Ubuntu

———————— INSTALLATION SUCCESSFUL ———————–

To launch NetExtender, do one of the following:

1. Click the NetExtender icon under the Applications menu
(look under the ‘Internet’ or ‘Network’ category)
or
2. Type ‘netExtenderGui’

# netExtenderGui
2013-05-18 10:26:39 CEST INFO com.sonicwall.NetExtender Logging initialized.
2013-05-18 10:26:40 CEST INFO com.sonicwall.NetExtender NetExtender version 7.0.749
Making a global reference ot the NetExtenderControl object registered with JNI
Compatibility mode: SUSE/Ubuntu
NetExtender for Linux – Version 7.0.749
Dell SonicWALL
Copyright (c) 2013 Dell

2013-05-18 10:26:40 CEST INFO com.sonicwall.gui.PreferencesDialog createLogPanel()

 

 

share save 120 16 SonicWall NetExtender Client Linux

Get IP address of SSH remote user

To get the remote IP can

—————————————————————————————
IP_SORG=`last |head -1 |awk ‘{ print $3 }’`
echo ” Sei collageto dall’indirizzo: $IP_SORG”
—————————————————————————————
other way
—————————————————————————————
HOST=`who am i | sed -r “s/.*\((.*)\).*/\\1/”`
IP=`host $HOST | sed -r “s/.* has address (.*)/\\1/”`
——————————————————————————————
other way
——————————————————————————————-
echo $SSH_CLIENT | cut -d ‘ ‘ -f 1
oppure
echo $SSH_CONNECTION | cut -d ‘ ‘ -f 1
——————————————————————-

share save 120 16 Get IP address of SSH remote user

bing SEO tips

Anche se appena nato si può gia usare qualche “trucco” per piacere a “Bing”, il nuovo motore di ricerca creato Microsoft, da bravi SEO.
Nonostante “Live Search”che è il papà di Bing, che posiede appena l’8,2% del mercato ,molto indietro rispetto a Google (64,2%) e a Yahoo! (20,4%) vale la pena di dargli un occhi di rigiardo.

Read more… »

share save 120 16 bing SEO tips