Sysadmins of the North
Don't forget to share this post!

Create your own PHP based Origin Pull CDN

The advantage of having your website content hosted on a Content Delivery Network (CDN) is having your content distributed and stored across the Globe. Utilizing the network of the Content Delivery Network provider. Hosting your WordPress website on a Content Delivery Network is an important WordPress optimization tip. Here is how to create your own Origin Pull CDN with just a few lines of PHP…

Continue reading

Cache MySQL query results with PHP WinCache

In November 2011, I wrote a post about MySQL query caching with PHP/Zend_Cache, and I recently stumbled upon a blog post caching MySQL query results in memcached by “KutuKupret”. This made me wonder if the same would be easily done with the Windows Cache Extension for PHP.

Continue reading

Calculate MySQL database size with PHP (off the old shelf)

Calculate the MySQL database size in PHP. Sometimes you’d be amazed what you find when cleaning out your old script archives. I found an old PHP script to calculate the size of a MySQL database. I post it here just for the fun of it.

Continue reading

Convert .htaccess to web.config

This post describes some of the IIS URL Rewrite equivalents of commonly used Apache .htaccess settings. This is useful when you want to convert your .htaccess to web.config. The second part of this post outlines how to use Internet Information Services Manager to import and convert .htaccess to web.config.

Continue reading

PHP with WinCache on IIS

In this article you’ll learn how to install PHP with Windows Cache Extension (WinCache) on Windows Server IIS. WinCache enabled PHP gives a great PHP performance boost for WordPress, Drupal or Joomla websites, and decreases CPU usage. This post will show you it’s not hard to set up a high performing PHP stack on Windows Server (IIS). And as a bonus, we’ll dive a bit into Windows TCP/IP tuning too. Learn how this very blog optimized it’s PHP hosting on Windows!

Continue reading

Remove ETags HTTP response header in IIS

Yahoo! YSlow recommends removing Entity tags – also known as ETag. Unfortunately removing the ETag response header is not an easy task on Windows Server IIS web servers. Here I show you how to properly remove ETag HTTP response headers with an Outbound rewrite rule…

Continue reading

“Joomla sites misused to deploy malware” – Update

The Internet Storm Center reports that a large number of Joomla sites are currently deploying malicious code and infecting visitors with malware; some WordPress sites are also thought to be affected. The German CERT-Bund⁠ Computer Emergency Response Team, which is operated by the German Federal Office for Information Security (BSI), has confirmed that similar attacks on and via Joomla servers have also been observed in Germany.

Continue reading

WordPress Crayon Syntax Highlighter Plugin “wp_load” Remote File Inclusion Vulnerability

Charlie Eriksen has discovered a vulnerability in the Crayon Syntax Highlighter plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the “wp_load” parameter in wp-content/plugins/crayon-syntax-hightlighter/util/ajax.php and wp-content/plugins/crayon-syntax-hightlighter/util/preview.php is not properly verified before being used to include files. This can be exploited to include arbitrary PHP files from external FTP resources.

Continue reading

"The length of the URL for this request exceeds the configured maxUrlLength value"

The length of the URL for this request exceeds the configured maxUrlLength value is an IIS error telling you the length of the given URL exceeds a limit. The Windows Server IIS maximum URL length is defined by the HttpRuntimeSection.MaxUrlLength property. Its value is 260 characters. This may cause problems with longer than configured maxUrlLength URL’s, and here is how to resolve this issue…

Continue reading

DMARC: “Domain-based Message Authentication, Reporting & Conformance”

Just came across DMARC.org, which looks like a promising specification to fight email-based abuse. From its website:

Continue reading

“htaccess files should not be used for security restrictions”

Acunetix’ Bogdan Calin wrote an article explaining why .htaccess files should not be used to secure sensitive data: htaccess files should not be used for security restrictions.

Continue reading

WordPress HyperDB is an advanced database class that supports replication

HyperDB database class. HyperDB: an advanced database class for WordPress, that supports replication and partition of data. HyperDB is a replacement for the standard wpdb class, which adds the ability to use multiple databases. HyperDB supports partition of data as well as replication.

Continue reading

Multiple IIS 6.0/7.5 Vulnerabilities

Multiple vulnerabilities found in IIS 6.0 and 7.5 web servers. On the Full-Disclosure mailinglist Kingcope posted several IIS 6.0 and 7.5 bugs. Because I am a Windows Server and IIS admin, I took some time to test the various vulnerabilities …

Continue reading

How to filter web traffic with blacklists

Block and filter unwanted web HTTP traffic with blacklists, on both IIS and Apache. Protect your website easily with this PHP blacklist class. Let’s create our own HTTP web blacklist filter.

Continue reading
Skip to content
kLS l qNLk q LdYjEo UZWxv G