Running apache server, browser response says it's nginx - apache

My original problem was that I can't get mod_deflate working despite ensuring it is properly installed and enabled and trying all possible .htaccess combinations. What is even more strange is that the document itself is gzipped while JS and CSS files aren't.
So this led to me another strange observation: response headers contain a line Server: nginx, even though I am convinced I am using Apache. How am I convinced? If I run service apache2 stop, the website is down. So it seems rather strange to me and I am curious why it happens and maybe it will help me to solve my original problem.
OS I am using is Debian 7, Plesk is used for configuration of Apache, and the website is running Laravel (which is of little significance I guess, but still).
I hope someone can help me, thanks in advance.

I use the same configuration as you with one of my servers. Nginx is used to manage the SSD cache after Apache.
You can change Nginx configuration with Plesk:
Websites & Domains > domain > Web Server Settings (Additional nginx directives).
I use Gzip with:
gzip on;
gzip_comp_level 9;
gzip_disable “MSIE [1-6]\.(?!.*SV1)”;
gzip_types text/plain text/html text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js;

Related

Enabling CORS .htaccess restrictions

I am encountering some behaviour from a produciton server and I was wondering if someone could confirm if something is possible and how it might have been done.
I have a website www.example.com with SSL enabled and all traffic forwarding to https
On that site I have a font file https://www.example.com/wp-content/assets/fonts/icons.ttf
I have additional campaign sites (e.g www.examplecampaign.com) that use the css file from example.com which loads in a font face using that font file. I am actually adding all the relevant file types woff, etc but will refer to ttf for simplicity. The icon font displays fine on www.example.com but on www.examplecampaign.com because in Firefox I get the error
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.example.com/wp-content/assets/fonts/icons.ttf. This can be fixed by moving the resource to the same domain or enabling CORS.
So here begins my problem. On our stage server which we have full access to I can add
# BEGIN REQUIRED FOR WEBFONTS
AddType font/ttf .ttf
AddType font/eot .eot
AddType font/otf .otf
AddType font/woff .woff
<FilesMatch "\.(ttf|otf|eot|woff)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
# END REQUIRED FOR WEBFONTS
to the .htaccess file and that solves the problem. However on our produciton server which is owned and managed by the client this header modification is ignored. I am using http://web-sniffer.net/ to test this.
To further complicate things I hvae found that if I just added
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
on my stage site the header would appear when requesting any page or resource BUT on the production server if I added that the Access-Control-Allow-Origin would appear on all pages apart from the font files (and possible other resources).
So my question is, is it possible in Apache to disable / ignore header modification for a certain file type(s) and how would that be done. It's weird that it's so specific. We no longer have sudo access and have to request changes to conf files which is one of the reasons im making this change in .htaccess not that I think that would matter where this is set? Also example.com is a wordpress site but I don't think that would affect anything? As it's working on stage but not produciton.
Does anyone know of the Apache configuration that would restrict the use of mod_header in that way?

Simple Rails 4 ActionController::Live example not working with Apache + Passenger

I am attempting to get ready to move our environment to Rails 4 and working through all the issues. Regretfully we are currently on Centos 5.5 so there were some hurdles to jump through just to get Rails up and running. This included installing python 2.6 and node.js in order to get extjs working.
And now I am stuck. With a fresh rails 4.0.2 app I have simple ActionController::Live example working fine in development with Puma. But in production with Apache + Passenger it simply doesn't send the data back to the browser (Firefox)
production.rb has
config.allow_concurrency = true
Here is the HTML/JS in index.html.
<script>
jQuery(document).ready(function(){
var source = new EventSource("/feed");
source.addEventListener('update', function(e){
console.log(e.data);
});
});
</script>
Here is the controller:
class LiveController < ApplicationController
include ActionController::Live
respond_to :html
def feed
response.headers['Content-Type'] = 'text/event-stream'
response.headers['X-Accel-Buffering'] = 'no'
while true do
response.stream.write "id: 0\n"
response.stream.write "event: update\n"
data = {time: Time.now.to_s}.to_json
response.stream.write "data: #{data}\n\n"
sleep 2
end
end
end
I can see the request go out to the server in Firebug notice the spinner on /feed :
Apache/Passenger Config has this:
LoadModule passenger_module /usr/local/ordernow/lib/ruby/gems/2.0.0/gems/passenger-4.0.27/buildout/apache2/mod_passenger.so
PassengerRoot /usr/local/ordernow/lib/ruby/gems/2.0.0/gems/passenger-4.0.27
PassengerDefaultRuby /usr/local/ordernow/bin/ruby
RailsAppSpawnerIdleTime 0
PassengerMinInstances 1
The Apache logs don't show anything. Like it never connects to the server. Another weird thing is that curl from the command line works:
curl -k -i -H "Accept: text/event-stream" https://10.47.47.44:8446/feed
HTTP/1.1 200 OK
Date: Thu, 27 Mar 2014 16:52:52 GMT
Server: Apache/2.2.20 (Unix) mod_ssl/2.2.20 OpenSSL/1.0.0e Phusion_Passenger/4.0.27
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-UA-Compatible: chrome=1
X-Accel-Buffering: no
Cache-Control: no-cache
X-Request-Id: 46fca6bb-4c6a-49f4-b0d6-2cbc5f0a63a5
X-Runtime: 0.002065
X-Powered-By: Phusion Passenger 4.0.27
Set-Cookie: request_method=GET; path=/
Status: 200 OK
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/event-stream
id: 0
event: update
data: {"time":"2014-03-27 10:52:52 -0600"}
id: 0
event: update
data: {"time":"2014-03-27 10:52:54 -0600"}
I figure it must be something in Apache , but I am not sure.
Okay I finally figured this out by a pile of googling that lead me to an indication that mod_deflate ( used for compressing responses to the browser ) will interfere with non-buffered responses like text/event-stream.
Looking at my httpd.conf I found this:
SetOutputFilter DEFLATE
SetEnvIfNoCase Request_URI \.(?:gif|jpg|png|ico|zip|gz)$ no-gzip
# Restrict compression to these MIME types
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/css
# Level of compression (Highest 9 - Lowest 1)
DeflateCompressionLevel 9
SetOutputFilter DEFLATE turns on compression for all responses making the rest of the AddOutputFilterByType directives unnecessary. This was obviously a bug in the httpd.conf . I removed this line, and verified that compression was still working for html pages.
And now everything works great! As well as the dashing dashboard tool that I was trying to get going in the first place.
We've experienced some similar issue when we wanted to push some notifications with the Rails Action::LiveController as the feature was released with Rails 4.0 - in development with Puma everything works fine, but in production the streams we're not closed. This was resulting in a steadily increasing number of processes.
Back then we came back to a different solution.
But just today I started some research (very interesting SO answer by one of the Passenger authors: https://stackoverflow.com/a/4113570) on this topic again and ended up here - right after I've read that Phusion Passenger supports Concurrency and Multithreading only with the Enterprise version (Phusion Passenger Enterprise Features).
Is it possible that a production environment with an Apache2 Web Server integration Phusion Passenger Open Source Edition isn't suitable for Rails Live Streaming?
Honestly, I have no idea - but wanted to let you know of my thoughts on this.
To prevent the Server (nginx to be honest) from deflating in specific cases, we set
response.headers['Cache-Control'] = 'no-transform, no-cache, private'
Maybe one of these is enough ;)
Rails 5

What configuration is responsible for a working deflate / gzip?

I had a look in my (standard configurated) httpd.conf on my Apache 2.2 webserver and I was not able to identify what configuration is responsibly that gzip compression is working fine?
I searched for keywords like DEFLATE, AddOutputFilterByType or mod_deflate. But none of these keywords are in my httpd.conf.
Can anyone tell me, why compression works fine with the standard configuration? What configuration line is responsible for that?
You're looking for exactly the right thing, but you're probably not looking in all of your configuration files. You're probably using a multi-file layout, or looking in the complete wrong file.
Try looking for Include, or load mod_info to review the config that way in merged form.
I found the solution: A mod_deflate code in my .htaccess file in a subdirectory on my WordPress blog (Plugin WPSuperCache and Autoptimize) were responsible for the working gzip compression.

How can I make my server use gzip compression?

I'd like to make my server apply gzip compression to html, php, javascript and css files.
I think I can do it by editing the .htaccess file. Can someone give me the exact code that I would have to add?
Also, if I add the appropriate code to an .htaccess file in the parent directory, does it automatically apply to all sub-directories too? For instance, if I have http://domain1.com pointed at my root directory and http://domain2.com pointed at a sub-directory, will the second domain provide compressed files without me needing to edit the .htaccess file in that directory too?
Thanks
Use mod_deflate
More info here: http://httpd.apache.org/docs/2.2/mod/mod_deflate.html
From the document that Peter Hall referenced on mod_deflate:
AddOutputFilterByType DEFLATE text/html text/css text/plain text/javascript application/javascript
And I believe that the answer is "yes" about the setting propagating down the directory tree to subdirectories. The best thing to do is check the response headers from the site (using FireBug or similar tool where you can watch the network traffic) and verify that the contents are compressed.

How do I enable HTTP compression in Apache?

What is the recommended way to configure Apache to enable HTTP compression for CSS and JS fiels, using .htaccess? I have seen several different directives used in examples on the web. I have tried some of these and yet I have not been able to get it to work. I am checking the HTTP headers using Firebug.
Ensure that mod_deflate and mod_mime are enabled and add something like:
AddOutputFilterByType DEFLATE application/x-javascript text/javascript text/css
to your .htaccess.
See also: http://brightscape.net/blog/compress-your-web-pages-with-mod_deflate/