One of the most powerful and complicated aspects of Apache is the mod_rewrite module. As its name implies, mod_rewrite provides the ability to rewrite URIs.
Although this feature does not necessarily represent a significant performance problem, for each rule that matches and each URI that must be rewritten, system resources are expended. The key is to try to avoid processing URIs too many times and to keep away from the URIs that you don't need to process.
One way of addressing this problem is to use the [L] option. This option tells Apache that it has reached the last rule it should apply to the given URI. That is, no further rules are processed. Unfortunately this is not as easy as it seems.
If the rewrite rule does in fact cause a redirection, the new URI is itself processed, and everything starts over again. In many cases you can avoid this with the use of re-write conditions (RewriteCond), so that if the URI matches a given condition, you won't need to process it further.
A related option is the [S] or skip flag. This flag will skip over a given number of rewrite rules. For example, if the URI is not a file (e.g., a directory) you can tell Apache to skip over rules that only apply to files. In other words, you don't avoid the rewrite rules completely, but you reduce the number you need to process.
In your development environment, you might want to have your files loaded with comments, but comment lines are detrimental on live servers. Comments that are structured properly can be removed easily with the use of shell scripts, which means you can comment your files for the testing phase and then remove the comments before you move files to the live server.
The Pareto principle (80:20 rule) applies to web server performance tuning. Implementing many of the concepts described in this article can increase your performance relatively quickly; however, to squeeze out the last bit of advantage, you probably need to spend a lot more time. Depending on the kind of server you run, your mileage will vary.
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.