Tag Archives: apache

how to setup apache proxy for django application

Apache HTTP Server can be configured in both a forward and reverse proxy (also known as gateway) mode.

forward proxy

An ordinary forward proxy is an intermediate server that sits between the client and the origin server. In order to get content from the origin server, the client sends a request to the proxy naming the origin server as the target. The proxy then requests the content from the origin server and returns it to the client. The client must be specially configured to use the forward proxy to access other sites.

A typical usage of a forward proxy is to provide Internet access to internal clients that are otherwise restricted by a firewall. The forward proxy can also use caching (as provided by mod_cache) to reduce network usage.

The forward proxy is activated using the ProxyRequests directive. Because forward proxies allow clients to access arbitrary sites through your server and to hide their true origin, it is essential that you secure your server so that only authorized clients can access the proxy before activating a forward proxy.

reverse proxy

reverse proxy (or gateway), by contrast, appears to the client just like an ordinary web server. No special configuration on the client is necessary. The client makes ordinary requests for content in the namespace of the reverse proxy. The reverse proxy then decides where to send those requests and returns the content as if it were itself the origin.

A typical usage of a reverse proxy is to provide Internet users access to a server that is behind a firewall. Reverse proxies can also be used to balance load among several back-end servers or to provide caching for a slower back-end server. In addition, reverse proxies can be used simply to bring several servers into the same URL space.

A reverse proxy is activated using the ProxyPass directive or the [P] flag to the RewriteRule directive. It is not necessary to turn ProxyRequests on in order to configure a reverse proxy.

django application

I am running my gunicorn application on port 8090 using following command.

“`/opt/venv/bin/python3.6 /opt/venv/bin/gunicorn –config /etc/controlpanel/gunicorn/controlpanel.py –pid /var/run/controlpanel.pid controlpanel.wsgi:application“`

static files path is “`/opt/controlpanel/ui-ux/static/“`

apache config (/etc/apache2/sites-enabled/cp.conf)

  • enable mod_proxy module in apache
<VirtualHost *:80>

ServerName devcontrol.lintel.com
ErrorLog /var/log/httpd/cp_error.log
CustomLog /var/log/httpd/cp_access.log combined

ProxyPreserveHost On
ProxyPass /static !
ProxyPass / http://127.0.0.1:8090/
ProxyPassReverse / http://127.0.0.1:8090/
ProxyTimeout 300

Alias /static/ /opt/controlpanel/ui-ux/static/
<Directory "/opt/controlpanel/ui-ux/static/">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>

</VirtualHost>

after deploying on Apache you can use lets encrypt to install SSL certificates.

How to enable gzip compression in apache

What is gzip compression? Why do we need to enable it?

Gzip is the file format and method of compression and decompression of files using it’s algorithm to reduce the file size. It is used in web server, where web servers  send data to http client with gzip compression for faster data transfer and low bandwidth consumption.

Enabling gzip compression is the best practice and it is highly recommended, so pages are likely to load faster in browsers.

Enable gzip compression to improve website speed

How to check gzip compression enabled or not

You can check if gzip compression is enabled or not on a particular website using following methods.

You can use the google PageSeep Insights tool not only to check gzip compression but also to analyze performance of a website.

You can also check if gzip compression is  enabled on server or not using command line tool curl on linux. Try out the following,

curl -I -H 'Accept-Encoding: gzip'  http://www.google.co.in

Replace the URL with what ever the website that you want to check for gzip compression.

Where,

-I   means, only make HEAD request to server to get headers

-H    specify the accepted encoding gzip using header ‘Accept-Encoding’

If you see header Content-Encoding with gzip in response headers, then compression is enabled on server and it’s working

It works in such a way that, client would specify it’s supported compression and encoding using header Accept-Encoding. Server will use compression if it is enabled on server else will send plain text back to client. Server will notify encoding format and compression to client through header Content-Encoding in response headers.

Here is the curl request on google.co.in to verify gzip compression

$ curl -I -H 'Accept-Encoding: gzip'  http://www.google.co.in
HTTP/1.1 200 OK
Date: Thu, 04 Aug 2016 16:12:40 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/answer/151657?hl=en for more info."
Content-Encoding: gzip
Server: gws
Content-Length: 4915
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: NID=83=crFkLu-3gxYf8zmcCt9a7x3nQx2HjZbxugSvdSfft73lKKTw0nSGSL-Tf91NowmbP_eYuu65BpOlV3B2d2phbaGbxkyX3Bx_6GwkY5nmfwne7tS3MWXGNZ3Iz89WhCeS; expires=Fri, 03-Feb-2017 16:12:40 GMT; path=/; domain=.google.co.in; HttpOnly

We can see that, the header Content-Encoding: gzip in response headers. Means gzip compression is enabled.

Enable gzip compression in apache

The gzip compression can be enabled  by directly changing httpd conf file. That is httpd.conf  or you can use .htaccess file to target only specific directory or path or site.

Add the following code to  /etc/httpd/conf/httpd.conf    if apache is installed somewhere add the that specific httpd.conf file

AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript

To enable gzip compression via .htaccess, put the following code into .htaccess file which  in the desired site directory.

<ifModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file .(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</ifModule>

Restart the apache. That’s it, apache will compress the response which is being sent to client. Enabling gzip compression absolutely would boost your site performance.

You can test if gzip compression is enabled or not using curl as mentioned in this article.

The gzip compression is recommended on all types of text files including following files and extensions

.html
.php
.css
.js
.txt
.json

But, gzip compression is not recommended on graphic files or .zip (in the sense files which are compressed already). Because by compressing these kind of files we hardly save few bytes. Thus increase in loading time because of added unaffected compression task.

Why GZIP compression ?

As explained, gzip compression saves the lot of bandwidth by reducing file size. It saves up to 50% to 80% of bandwidth. So, it reduces download and waiting time of browser for resources. If you enable gzip compression, it won’t affect unsupported browsers, where they can fallback to normal(no compression) data download.

 

Summary

GZIP compression is process of zipping or compressing files on server before they get delivered or transferred via network to browser. Browser will uncompress the data before it uses. As it saves 50% to 80% of bandwidth, if it enabled performance of  website will increase considerably.

Monitor apache webserver realtime using Apachetop

Apachetop is a monitoring tool to monitor  the  performance of apache server and to watch request which are being served live. It’s very likely based on application mytop. It displays current number of reads, writes,  number of requests processed so far and current request being processed. This tool will use apache access_log to  Monitor apache webserver realtime using apachetop

Install apachetop

If you are using CentOS you can install this application by using yum as follows

$ yum install apachetop

On Debian based systems you can install using apt-get as follows,

$ apt-get install apachetop

If you wanna install it from source, download/clone it from github and then compile/install.

Clone Repository

$ git clone https://github.com/tessus/apachetop.git

How to apachetop

Run the application to monitor apache webserver, to do so, type apachetop command. You would see the screen something like below

last hit: 23:26:57         atop runtime:  0 days, 00:00:25             23:26:59
All:           46 reqs (   2.7/sec)       1407.2K (   82.8K/sec)      30.6K/req
2xx:	  46 ( 100%) 3xx:	0 ( 0.0%) 4xx:     0 ( 0.0%) 5xx:     0 ( 0.0%)
R ( 25s):      46 reqs (   1.8/sec)       1407.2K (   56.3K/sec)      30.6K/req
2xx:	  46 ( 100%) 3xx:	0 ( 0.0%) 4xx:     0 ( 0.0%) 5xx:     0 ( 0.0%)

 REQS REQ/S    KB KB/S URL
    2  0.12   0.2  0.0 /image/log.png
    1  0.06  45.3  2.8 /includes/css/dashicons.min.css
    1  0.06  19.5  1.2 /includes/css/bar.min.css

If you open apachetop. You can see the help by hitting letter h.

ApacheTop version 0.15.6, Copyright (c) 2003-2004, Chris Elsworth

ONE-TOUCH COMMANDS
d : switch item display between urls/referrers/hosts
n : switch numbers display between hits & bytes or return codes
h or ? : this help window
p : (un)pause display (freeze updates)
q : quit ApacheTop
up/down : move marker asterisk up/down
right/left : enter/exit detailed subdisplay mode

SUBMENUS:
s: SORT BY: [the appropriate menu will appear for your display]
r) requests R) reqs/sec b) bytes B) bytes/sec
2) 2xx 3) 3xx 4) 4xx 5) 5xx

t: TOGGLE SUBDISPLAYS ON/OFF:
u) urls r) referrers h) hosts

f: MANIPULATE FILTERS:
a) add/edit menu c) clear all s) show active (not done yet)
a: ADD FILTER SUBMENU
u) to urls r) to referrers h) to hosts



You can filter request by URL or referrers or hosts. You can toggle filter by using f when apachetop is running

 

This application by default assumes that the path of access_log file as /var/log/httpd/access_log. If you have a custom installation of apache or running apache on SCL (Software Collections).You can specify the path with option -f. i.e,

$apachetop -f /opt/rh/httpd24/root/etc/httpd/logs/access_log