ImageResizer (as standalone image server) and backend image sources - imageresizer

Current Setup: Large CMS that has an "authoring" server and multiple "delivery" servers. Both the authoring and delivery servers are Windows servers running 64-bit Apache. The Apache Web root is setup on each server exactly the same--points to a directory on a SAN. The delivery servers are load balanced via another Windows server running Apache. I just finished setting up the ImageResizer server as a standalone image server and wanted to see what the best approach to getting the ImageResizer server to access and thus serve up the images.
authoring server - a.site.com
delivery server - d.site.com
image server - i.site.com
So I guess the question is, what is the best way to allow the ImageResizer server access to the images that are part of a large CMS site? RemoteReader plugin? Setup the IIS site with the Web root as the same as the authoring and delivery servers? Any security issues with this approach? Any suggestions/alternate approaches?
Thank you!

If the SAN is well-behaved, SMB2 or later, and low-latency, you could mount the directory as a virtual folder within the IIS root (which you might want to keep separate).
For performance, it would be best to disable FCNMode - http://imageresizing.net/docs/v3/docs/fcnmode - particularly if you have lots of directories in the SAN.
Alternatively, you could use RemoteReader and point it to your Apache web servers, although you'll sacrifice the ability to update existing files (RemoteReader perma-caches everything to make performance reasonable).

Related

Security Risks Associated With Local Web Servers

If I set up a local server using, say, Apache or WAMP are there any associated security risks? I'm not planning on hosting or making any content "publicly accessible," I just want to set up an environment where I can learn PHP and develop using an HTML5 game engine. Sorry if this is a completely naive question; I'm just a bit confused about how server security works.
If you don't open up any ports in your router to allow for public access to your web server, then it won't add any security risks. Just installing the local web server won't do this.
On a side note, WAMP is a collection of tools that includes Apache as the web server, they are not examples of two different web servers.

Apache and Apache Solr together

I've got a question: I came across Apache Solr as requirement for a module I'm installing and even after reading the documentation on Apache Solr's official homepage I'm still not sure whether Apache runs alongside regular Apache or does it require it own server? If it does work alongside Apache, is there any known issues/problems that I should be aware of? How would this architecture (Apache and Apache Solr) in terms of file system and serving pages? I'm sorry if the question might sound silly but I'm very new to the whole server-side programming/setup world.
You will need to install Tomcat or some other container to install Solr on a Linux box. Tomcat and Solr can be installed along side regular Apache web server, or you can use a different server.
I have done both, installed Solr on same server as well as use different server. Both work fine. It comes down to your scale, requirements, budget and other factors.
In the attached diagram1 Solr runs under Tomcat on same server as Apache web server
In the attached diagram2 Solr runs under Tomcat on different server than Apache web server. Here we have a separate server for Solr.
Let me know if you have any more questions about architecture.

More than just repositories with VisualSVN Server?

I recently installed VisualSVN Server and have several repositories migrated to the server. It works charmingly.
However, I was wondering, is it possible to host files that are not in a repository within the local network using VisualSVN Server in addition to the hosted repositories?
Specifically, All of my repositories are stored in the local directory F:Repositories they are accessible in a browser via "https://MyServer.com/svn/". What I want to do is leave the repositories mapped to that location so they are accessible as usual, but I also want to host files in C:\Data and/or F:\Data somewhere using the same instance of Apache. I would like to host it in either "https://MyServer.com/Data/" or something similar even as a subdirectory of /svn/. Can I do this and if so how?
I couldn't find any documentation on doing this. So I have tried editing the *.conf files that are used to configure Apache server in the VisualSVN Server in a number of ways, but have been entirely unable to make any headway.
The Apache HTTP Server instance of VisualSVN Server is isolated and is not intended to be used as general-purpose web server.
Check the disclaimer in %VISUALSVN_SERVER%\conf\httpd.conf:
# This is configuration file for Apache HTTP server which is
# part of VisualSVN Server.
#
# DO NOT EDIT THIS FILE IT WILL BE REGENERATED AUTOMATICALLY BY VISUALSVN SERVER
#
# Contact with VisualSVN Ltd. (support#visualsvn.com) if you have suggestions and
# improvements.
I suppose that you can complete the task that you describe by manually modifying %VISUALSVN_SERVER%\conf\httpd-custom.conf. However I strongly advise you to consider using separate web server for serving regular files, web pages, whatever.

Installing OTRS on DreamHost

I'm using a Debian VPS on DreamHost and wanted to install a feature-rich customer issue-tracking system (not for software development like Bugzilla). OTRS made my shortlist and I followed the Installation Instructions through the "Web Server Configuration" step (/etc/init.d/apache2 restart), but the restart step reported failure. Nevertheless pgrep apache showed it was running. In fact, it turned out that although www.mysite/otrs/installer.pl was running, my regular website showed a page claiming it had no content (but when I looked in the website's folder, its content was fine, just not being served).
DreamHost Support was very helpful, but explained that they don't use the standard Debian Apache server for hosting websites and instead use their own. Specifically, the Debian server is in /etc/apache2, but the DreamHost server is in /dh/apache2. DreamHost Support determined that the OTRS installation instructions were configuring the usual Debian Apache location which somehow prioritized that server instead of the DreamHost server. They tried moving the otrs.conf file into /dh/apache2, but though the regular website was working again, the OTRS page wasn't.
Has anybody had success installing OTRS on a DreamHost VPS?
I've consulted one of our admins on this, and these are our suggestions:
You will either need to:
Adapt DreamHost's Apache build to incorporate the OTRS modifications
Get Debian Apache up and running
Both options will require an admin user and some knowledge of Linux command line and Apache management tools. You will also need to set your VPS to UNMANAGED, which means that any changes in the DH Web Panel to any of your domains will have no effect whatsoever. Just make sure the DNS records for any domains are pointing to your server. You will also need to be able to manage your own Apache configurations.
NOTE: This will also essentially mean that DreamHost support cannot and will not troubleshoot your domains. Unmanaged means unsupported in any way!
There are a few core differences between DreamHost's apache2 configuration and the default Debian build. The first issue I observe is that DreamHost's configuration does not allow for extra configuration files to be loaded in the manner that the OTRS documentation suggests. This means if choosing option 1, you will need to manually insert the OTRS directives into DreamHost's configuration files, which may prove difficult.
I would recommend moving or otherwise disabling the /dh folder entirely after setting your VPS to unmanaged. This will not allow DH-default Apache to start when the VPS starts. You may also need to remove the DH Apache startup script in /etc/rc3.d/S02httpd2 and the actual script at /etc/init.d/httpd2.
Once you have your own version of Apache running successfully, you might consider copying the VirtualHosts that were previously at /dh/apache2/apache2-ps/etc/httpd.conf into your own domain configuration files in your conf.d directory, or you can shuffle your website files around and configure your Apache to your desire.
Once you've got your own flavor of Apache running, you should be able to implement the OTRS instructions per their wiki. :)

Ideal railo + tomcat vhost setup for busy production server

I'm migrating a lot of websites from Resin 3 to Tomcat 7 (centos 4/apache 2.20) and I'm struggling to determine what type of configuration matches my requirements. In particular:
proxy_ajp vs mod_jk vs mod_proxy for passing requests to Tomcat/Railo
automating deployment of new sites
putting WEB-INF outside the site roots (to simplify cloning sites)
using apache itk with tomcat so each vhost runs as a different user and process
having a single shared railo server administrator config
support for SES URLs with no extension (ie: /path/to/page)
SSL support required
I've read a lot of howtos already but most are out of date or provide conflicting advice. I would like to see some examples from people who run many railo vhosts and deploy them automatically or programmatically. In general I'd prefer efficiency/speed over simplicity as I want to get the most out of limited resources.
I could have asked these questions separately but I want to be sure any answers take into account all the above factors (assuming the requirements are actually compatible).
firstly, check out the vivotech installers - they are a hosting company, so use their installers as your base, they are flawless. (it uses tomcat)
railo 3.3 makes it a lot easier to deploy contexts from admin, so scripting this shouldn't be that hard.
web-inf should be automatically put into a site when it is defined in tomcat
if you give each user a new context-root, then they will have their own admin
every webserver (apache/iis2k8/even tomcat) supports url-rewrite
everything supports ssl
you might also want to look at how you're going to tune your jvm's for this senario, then do some load testing to see how they fare.
drop an email to sean corfield, google railo and his name and you'll get his email.