Apache Session Management Within Dynamic Sites

As a follow on to an earlier piece about session management natively in Apache, I’ve written a follow up that looks more closely at the issue of developing sites that use cookies for ID and session management. In this article, I cover the mechanics, internals and security of the cookie system, and look at how to use cookies within Perl CGI scripts. Here’s the intro from the piece:

As Web sites get more complicated and more dynamic, developers want to give users a more cohesive environment. This cohesion can provide all sorts of functionality, from a simple method of tracking a shopping basket to providing full-blown customization of stories, templates, and information shown to users as they use the Web site. The key to this system is the session – a unique identifier that enables developers to identify users, either for relatively short periods (e.g., in shopping baskets) or longer (full customization).In a previous article “Session Tracking with Apache,” we described how to use cookies and the sessions system within Apache to track user access for the purposes of monitoring site usage in the logs and recording which pages were viewed. We can adapt the same basic principles – primarily cookies – through programmable components, such as Perl and PHP to provide customized Web sites.This article will look at how Apache can help with session management and how that information can be used with Perl and PHP scripts.

Read on for the full article.

Develop SQL databases with Eclipse, SQLExplorer, and Clay

Robi Sen, friend and fellow IBM developerWorks author, has written a great piece on using SQL databases from within Eclipse. He’s done a great job on what was originally my idea and outline but which I just didn’t have the time to carry forward when the proposal was approved by IBM. The tutorial covers the use of SQLExplorer (my favourite interface) and Clay (which I admit I’ve probably never extracted the best from because I don’t have time to devote to it at the moment). From Robi’s own intro:

Learn how to use Eclipse and the SQLExplorer plug-in to connect to any database that supports a JDBC driver. These tools allow you to view database schemas, view table data, add and edit table data, and write, edit, and execute SQL. You will also learn how to use Azzurri Clay to create Entity Relationship Diagrams (ERDs), reverse-engineer databases, add tables, edit tables, delete tables, edit relationships, add indexes, and change your underlying data model into different SQL dialects.

If you do any sort of database development using Eclipse you should at least check out the article and better still, add the plug-ins to your environment.

Apache 2.2.0: Should I Stay or Should I Go?

Apache 2.2.0 is out and ServerWatch asked me to do a quick write up of the main features and some thoughts on whether you should upgrade to the latest version. I’ll leave my recommendations for the article, but if you use Apache 2.2.0 for serving websites, and even more importantly if you develop Apache modules and components, then you should check out the article to find out the realy differences between the previous stable release and the new one.

Understanding LAMP

I spend a lot of time working with LAMP technology and telling people how to make the best of the LAMP stack. But you’d be surprised about how many people don’t really understand what the LAMP stack actually is. The reality of course is that it is many things to many people – some consider the LAMP stack to be a development environment, others a deployment environment. Some also confuse the technologies in use. Some take LAMP to mean PHP, others Perl, others Python. The truth of course is that all of these are technically correct. I’ve gone into more detail through this article at ServerWatch. LAMP is just one of a number of similar acronyms for development deployment environments based on some of these technologies, and I cover some of those acronyms in the article as well.

Beyond The Big Three BSDs, BSD Alternatives

A while back I wrote an article for ServerWatch.com that covered the three main BSD distributions; FreeBSD, OpenBSD and NetBSD. The article looked at the ‘other’ free software operating system range (BSD) and how it compared to Linux. I also looked at Mac OS X (or more specifically Darwin), which is based on NetBSD.After writing that piece I was contacted by a few people who wanted to point out that there are some other BSD variants available. So I started looking around. BSD variants are much harder to come by in comparison to the hundreds (probably thousands) of different Linux-based distributions available. The resulting piece is available now. I started writing this piece many months ago, and since then OpenSolaris has been released. Perhaps a comparison between OpenSolaris, Linux and BSD is in order – let me know if you’d like to see this.

Using HTTP Compression

I have a new article up at ServerWatch which looks at the benefits and configuration of HTTP compression within Apache and IIS. Here’s an excerpt from the intro:

There’s a finite amount of bandwidth on most Internet connections, and anything administrators can do to speed up the process is worthwhile. One way to do this is via HTTP compression, a capability built into both browsers and servers that can dramatically improve site performance by reducing the amount of time required to transfer data between the server and the client. The principles are nothing new — the data is simply compressed. What is unique is that compression is done on the fly, straight from the server to the client, and often without users knowing.HTTP compression is easy to enable and requires no client-side configuration to obtain benefits, making it a very easy way to get extra performance. This article discusses how it works, its advantages, and how to configure Apache and IIS to compress data on the fly.

Read on for the full article.

Session Tracking With Apache

My new piece on how to track user sessions on your website with Apache is available on ServerWatch.com. Here’s an excerpt:

Using HTTP logs to track the users who visit your site isn’t always as useful as you think it’s going to be. While metrics, like the total number of page hits and, within that, page hits over time or from a specific IP address, easily identify, they don’t always tell how people are viewing your site or answer specific questions the marketing department may pose.This article looks at how to track progress through a site using an Apache module and provides answers to some of the more complex marketing-led questions that may be posed.

Read on for the rest of the article.

Unraveling BIND 9.3

BIND 9.3 incorporates a huge number of changes intended to enhance the functionality and improve on the security of what is a critical component for both Internet and LAN users. A new article, over on ServerWatch.com, looks at some of the main features of the new release. Here’s a short excerpt from the article:

The Domain Name System (DNS) is a component of the Internet often taken for granted. Although knowledgeable users are aware that the Internet works off of IP addresses, the reality is that we all type in names rather than impossible-to-remember long numbers. The DNS is based on an open standard, and, thus, numerous choices are available for managing DNS information. The best known method by far is the open source Berkeley Internet Name Domain, more commonly referred to as BIND.BIND 9.3, the most recent release, has been available since September 2004. It features a number of key enhancements in terms of both security and the way it is supported. This article covers the main improvements in the release and discusses how to make the best use of these features.

Read on for the full article.

Optimizing Server Performance

Apache was designed to be as fast as possible. It’s easy, with a fairly low-powered machine, to completely saturate a low-end Internet link with little effort. However, as sites become more complex and the bandwidth needs of different connection types increase, getting the best performance out of an Apache installation and Web sites becomes more important.Enhancing performance means nothing if the changes achieved are only minor gains. Spending hours or even days finely tuning a server for just a few percentage points is a waste of time. The first step, therefore, is to determine how fast the server is running and its general performance level so you can work out how to improve performance and measure the changes.This is not the first time we’ve discussed Apache testing (see Staying Out of Deep Water: Performance Testing Using HTTPD-Test’s Flood). As was noted previously, determining which parts of your Web application are causing the problem — particularly identifying whether it’s Apache or the application environment you are using with dynamic sites — can be difficult. Identifying problems in dynamic applications is beyond the scope of this article, but we will look at ways to generally improve the speed of Apache and how it interacts with other components to support a Web site. Read the full article at ApacheToday.com.

Differentiating Among BSD Distros

Organizations that want to use a public Unix variant have two solutions from which to chose: Linux and BSD. The much talked about Linux camp contains a variety of distributions that include different utilities and tool sets. The same is true of the less frequently covered BSD camp. This article compares and contrasts the four main BSD variants and offers recommendations for both server- and desktop-based solutions.The full article contains more detailed information on each of the BSD solutions.