Book Image

Lighttpd

By : Andre Bogus
Book Image

Lighttpd

By: Andre Bogus

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Lighttpd
Andre Bogus
Oct, 2008 | 240 pages
No titles found
Table of Contents (20 chapters)
Lighttpd
Lighttpd
Credits
Credits
About the Author
About the Author
About the Reviewer
About the Reviewer
Preface
Preface
Free Chapter
1
Introduction to Lighttpd
Introduction to Lighttpd
Installing Lighttpd
Building Lighttpd using Autotools
Building Lighttpd using CMake
Summary
2
Configuring and Running Lighttpd
Configuring and Running Lighttpd
Starting Lighttpd by Hand
Other Core Options
Mime Types
Selectors
Rewriting and Redirecting Requests
Including Variables, Files, and Shell-code
Summary
3
More Virtual Hosting and CGI
More Virtual Hosting and CGI
Extended Virtual Hosting
MySQL based Virtual Hosting
Going Dynamic
CGI with mod_cgi
FastCGI
SCGI
mod_proxy_core and backends
Summary
4
Downloads and Streams
Downloads and Streams
Core Settings
Traffic Shaping
Showing Directory Contents
Securing Downloads
Streaming Content
Putting it All Together
Summary
5
Big Brother Lighttpd
Big Brother Lighttpd
Privacy
O Browser, Where Art Thou?
Access Logging
Tracking Users
Other Data Points
Summary
6
Encryption: SSL
Encryption: SSL
Self-Signed Keys
Being our own Certificate Authority
Obtaining a Key Pair from a Third-Party Supplier
Configuring Lighttpd to use SSL
Summary
7
Securing Lighttpd
Securing Lighttpd
Barriers to Entry
Evading Denial of Service Attacks
Know Your Foe
Summary
8
Containing Lighttpd
Containing Lighttpd
Giving up Privileges
Changing Root
Separating the Backend
Summary
9
Optimizing Lighttpd
Optimizing Lighttpd
Installing http_load
Specific Optimizations
Profiling with gprof
Summary
10
Migration from Apache
Migration from Apache
Adding Lighttpd to the Mix
Excursion: mod_proxy
Reducing Apache Load
mod_perl, mod_php, and mod_python
.htaccess
Rewriting Rules
WebDAV
Summary
11
CGI Revisited
CGI Revisited
Ruby on Rails
WordPress
phpMyAdmin
MediaWiki
Trac
AWStats
AjaxTerm
Summary
12
Using Lua with Lighttpd
Using Lua with Lighttpd
Lua: A small Primer
Useful Lua Libraries
Lua/FastCGI
Running mod_magnet
Example: A Shoutbox
Summary
13
Writing Lighttpd Modules
Writing Lighttpd Modules
Handling Configuration
Rewriting the Request
Manipulating the Response
Summary
HTTP Status Codes
HTTP Status Codes
Module/Configuration Index
Module/Configuration Index
Internal
mod_access
mod_accesslog
mod_alias
mod_auth
mod_cgi
mod_cml
mod_chunked
mod_compress
mod_deflate
mod_dirlisting
mod_evasive
mod_evhost
mod_expire
mod_fastcgi
mod_flv_streaming
mod_indexfile
mod_magnet
mod_proxy
mod_proxy_core
mod_redirect
mod_rewrite
mod_rrdtool
mod_scgi
mod_secure_download
mod_setenv
mod_simple_vhost
mod_sql_vhost_core, mod_mysql_vhost
mod_ssi
mod_staticfile
mod_status
mod_trigger_b4_dl
mod_uploadprogress
mod_userdir
mod_usertrack
mod_webdav

Separating the Backend

If we use Lighttpd to serve web applications, we may use an external spawner for our application instead of letting Lighttpd spawn the backend processes. This spawner and the needed runtime can be put in a separate chroot environment.

Keeping the backend separate allows us to spawn it under different user privileges or even in a different chroot environment. This reduces the privileges the Lighttpd server needs at the cost of some convenience and perhaps even some avenues for optimization. (For example, X-Lighttpd-send-file, requires a path that both environments can read or write, thereby undermining the security of both the environments).

Note that if we need access to static files from the backend, we must copy or link them into both the environments. The first is a hassle, and introduces the risk of having different versions of the same file in each backend. The second negates the effect of separating both the environments. Thus, if we really cannot do without accessing...

Previous Section
End of Section 4
Next Section