HTTP Server for i (Powered by Apache) is the IBM i integrated web server. Although this unique implementation of Apache is well documented by IBM, that documentation can be hard to find. Internet searches often return outdated or irrelevant links.
Some key security measures, such as using TLS encryption (https://) are taken for granted. Others are often missed until they are flagged by a security scan.
Here are two easy changes that have helped some of our clients reduce perceived vulnerabilities. These changes, typically made in the Apache web server’s httpd.conf files, may stop unnecessary exposure of web server information, as well as satisfying security scanners.
Updated December 19, 2021
The Log4j Java library has been in the news recently. The details of vulnerability CVE-2021-44228 have been well documented by others, but to summarize, it allows arbitrary code execution through maliciously crafted messages. These messages cause the Java virtual machine to look up classes from an LDAP server and load them. This is obviously not good, but unless you’re familiar with Java, you might be concerned what is and isn’t vulnerable; this article aims to clarify that.
When we do performance assessments for web applications running on HTTP Server (Powered by Apache) for i, one of the first things we do is enable a powerful Apache extension called mod_deflate. Just as zipping up files on your PC saves space and accelerates file transfers, mod_deflate compresses output from your server before sending it over your network.
Does it really work? My tests show a speed improvement of 10 to 50 percent!
You might have heard that the major browser vendors were planning to block port 10080 – the port used by Zend Server through ZS 8 (PHP 5.6). Firefox made the first move, then Chrome followed. We have been receiving support requests on this issue since April 2021. Why did the browser vendors block port 10080, and what can you do to get your site working again?
A modest but powerful utility “stole the show” during last week’s Lunch & Learn with Alan Seiden and Paul Tuohy. Packaged with CommunityPlus+ PHP, Seiden Group’s siteadd creates an Apache HTTP instance and a FastCGI configuration customized for your needs. In seconds, you’ll be able to launch a sample PHP page to test your new web instance.
When your site gets busy, your web server may need a configuration change to handle the load. We often start with the Apache web server’s ThreadsPerChild directive.
ThreadsPerChild controls how many connections can exist at once. Defaulting to 40, its value can be set in your Apache instance configuration file (for example, /www/zendphp7/httpd.conf):
Starting January 27, 2015, I’ll be giving three free Tuesday webinars:
All three one-hour webinars will be held at 14:00 Central European Time (CET). That’s 8 AM Eastern Standard Time (EST). The registration page includes a time zone converter.
Details and to register: http://www.data3.se/?p=5287
Thanks to Torbjörn Appehl of Data3 (COMMON Sweden) for organizing these.
Join me for two events this week sponsored by COMMON, a Users Group:
Details on online workshop: http://www.common.org/index.php/webinars.html
This Tuesday, learn how to Let Your PHP applications fly on IBM i. Busy? You can attend while getting your work done, with three one-hour class segments separated by breaks.
“Our process now runs 30-50% faster, thanks to one tip from Alan’s presentation.”
—Mike Meszaros, Software Developer, Specialty Pipe & Tube
You’ll learn to quickly improve your application’s performance, including:
I’ll be there to answer your questions. What’s more, the presentation will be archived for 60 days so you can review the material afterward.
“Alan is the performance guru of PHP on IBM i. When we encountered unexpectedly slow queries and program calls, Alan showed us a configuration change that helped our application run 3x faster, creating happy users. Thanks, Alan!”
—Adam Chuk Shirley, PHP Developer, Sabel Steel Service
What: PHP on IBM i performance eLearning event
When: Tuesday, December 10, 2013: three one-hour segments with two one-hour breaks, starting 11AM and ending 4PM (ET).
Where: Online
Cost: $150 (but discounted to $99 through Friday, Dec. 6)