The Apache-based IBM HTTP Server for i is a vital defense in web and API security for IBM i. As such, it requires regular attention. IBM Support’s PCI Compliance web page is a resource we use to help our clients protect their systems. Even if your organization does not process, store, or transmit credit card information, applying the PTFs recommended for PCI compliance constitutes a general best practice for IBM i web and API security.
When supporting our Seiden CP+ PHP, we found that documentation for the “classic” ibm_db2 extension for IBM i wasn’t easy to find. To help ourselves as well as others, we updated the PHP.net manual to describe each ibm_db2.i5_* setting. This blog post links to that manual page and highlights a few of our favorite ibm_db2 settings.
If you are using the Code for i extension and would like to “browse” or view certain source members without the risk of modifying them, use the “Read only” or “Protected” capability.
The Apache web server—included on IBM i as HTTP Server for i—contains a powerful feature known as mod_rewrite that can convert URLs (API or Web) from their original versions to any format you need. This article offers a small taste of what URL Rewriting can do.
From the Seiden SmartSupport mailbag: One issue I keep coming across is the inability to search for text in source members across all libraries. We use a commercial tool, but it is expensive and cumbersome. Coming from the Linux world, where I can “grep” for anything, I find this a ridiculous restriction.
Open source saves the day once again. When one of our open source support clients discovered that Tomcat plugin for Apache was not supported on their test IBM i 7.5 system, they needed a solution. They relied on Tomcat to serve their Java web applications.
The inclusion in PHP 8.3 of two enhancements by Seiden Group’s own Calvin Buckley* inspired me to write this post. PHP is moved forward by its community. Each year there is a new major release with enhancements, each month a maintenance release. PHP 8.3 is another achievement in the steady cycle of improvements. Here are some key resources for understanding how the PHP language is built and enhanced.
This alert was originally published in Seiden Group’s July 2023 Support Bulletin. Seiden PHP+ fully supports IBM i 7.5. IBM i 7.5 includes OpenSSL 1.1.1, an upgrade that can disable older PASE applications that were tied to 1.0.2 or earlier.
Those of us who help support Code for i, the popular IDE for IBM i based on VS Code, often need to look at the code that makes it work. Fully open source, the code that runs Code for i is available on Github repositories. From there, the code can be viewed and even enhanced by the public.
A client asked for help addressing a Denial of Service (DoS) vulnerability that their security company discovered. The company found it could slow down the Apache web server by sending it incorrect headers. By sending an artificially high “Content-Length” header, they caused the web server to wait for data that would never come.