Brotli is a new compressed data format developed by Google for compressing web data. It is documented in RFC7932. Currently, almost all modern web browser support Brotli which compressed better and faster than Deflate.
Brotli is can be enabled in most popular web server including:
- Apache HTTPD – through mod_brotli (for release after 2.4.26)
- Nginx – ngx_brotli (provided by Google)
- Node.js (trough shrink-ray module
- LightSpeed (since version 5.2)
- Microsoft IIS (through IIS-brotli extension, for IIS 7.5 and above)
Testing for Brotli Support
KeyCDN.com has provided a tool for testing whether your website supports Brotli compression.
You can go over the website and get your server tested. For nginx webserver, ngx_brotli will automatically downgrade to gzip if the browser does not support brotli encoding
For those who are seeking free web hosting to test their PHP / MySQL application can look into InfinityFree.net service which has interesting offers:
- 99% uptime
- No advertisement
- PHP 7.0
- MySQL 5.6
- Includes FTP account access (rare !!)
- Up to 10 Email Account
- Apache 2.4 with .htaccess
- 400 MySQL database
- User can add their own domain
- Free DNS service (including custom CNAME and MX record)
- Unlimited Disk space and Bandwidth
- Support Cloudflare CDN
- Support SSL Certificate
The main advantages which entice me to InfinityFree are their support for SSL Certificate, 99% uptime guarantees and support for adding own domain name with their own free DNS.
The support for SSL certificate means that you can host Telegram Bot, Google Map web application and web app which utilizes OAuth API!
A rare sight for a completely free web hosting provider.
The only downside for InfinityFree is the free hosting only support up to 50,000 hits on the web server, which is fair by me as the free hosting could provide a good playground for Students and Web App Enthusiast to experiment with their code.
Here is a how to on how to solve the dreaded warning “Your connection is encrypted using obsolete cipher suit” from Google Chrome.
Firstly the warning had nothing to do with using cheap or self-signed TLS/SSL security certificate, but it has to do with cipher suite used on the server part.
So if you are a system administrator, you can edit the site config to include a more modern cipher.
Using nginx, add the line containing “ssl_cipers” to the site config.
listen 443 ssl;
ssl_protocols TLSv1.1 TLSv1.2;
sudo service nginx restart
Apache HTTP Server
For those who are using Apache HTTP server, you can edit the VirtualHost file from “/etc/apache2/sites-enable/” directory.
# Intermediate configuration, tweak to your needs
SSLProtocol all -SSLv2 -SSLv3
# OCSP Stapling, only in httpd 2.3.3 and later
# On Apache 2.4+, SSLStaplingCache must be set *outside* of the VirtualHost
# Enable this if your want HSTS (recommended)
# Header add Strict-Transport-Security "max-age=15768000"
You can restart Apache HTTP server by running
sudo service apache2 restart
Found a great Python code snippet for listing the most popular URL from Apache / NGINX ‘access.log’ file. Very practical!
logfile = open("access.log", "r")
for line in logfile:
# copy the URLS to an empty list.
# We get the part between GET and HTTP
counter = collections.Counter(clean_log)
# get the Top 50 most popular URLs
for count in counter.most_common(50):
print(str(count) + "\t" + str(count))
The code is very handy if you want to find out the most popular URL or pages in your website, crucial information for optimization, IMHO.
In my humble opinion, a must have tool for those who are just migrated from Apache to Nginx web server.
The online tool is able to convert Apache rewrite rules to nginx compatible rules on the fly, very convenient!
Although security by obscurity is not the best policy to protect your IS assets, but it is still useful to thwarts simple network scanner or newbie crackers.
Note: This tip is written for Ubuntu Linux, the steps is similar to other GNU/Linux distro, albeit with a slight variant.
Hiding Apache2 version
Add these lines at the end of the file:
sudo /etc/init.d/apache2 restart
Hiding PHP version
Edit /etc/php5/apache2/php.ini file
Find these lines, and switch it off:
expose_php = Off
display_errors = Off
Additionally you may disable certain ‘risky’ functions in php by editing the disable_functions line:
disable_functions = phpinfo, system,show_source,
Finally, you may restart Apache2 web server.
sudo /etc/init.d/apache2 restart