Apache Tomcat

八月 25 2015

調整 Apache HTTPD & Apache Tomcat & nginx 的 content cache & compression

前陣子調整了一些 Apache HTTPD & Tomcat & nginx 的 cache 機制與內容壓縮機制,稍微紀錄一下。

Apache HTTPD 的 cache:

<IfModule mod_expires.c>
  ExpiresActive On
  ExpiresByType image/gif "access plus 1 month"
  ExpiresByType image/jpeg "access plus 1 month"
  ExpiresByType image/png "access plus 1 month"
  ExpiresByType text/css "access plus 1 month"
</IfModule>

Apache HTTPD 的壓縮:

<IfModule mod_deflate.c>
  DeflateCompressionLevel 9
  AddOutputFilterByType DEFLATE text/html text/plain text/xml application/x-httpd-php
  AddOutputFilter DEFLATE js css
</IfModule>

Tomcat 的 cache(在 application 的 web.xml 做調整):

  <filter>
    <filter-name>ExpiresFilter</filter-name>
    <filter-class>org.apache.catalina.filters.ExpiresFilter</filter-class>
    <init-param>
      <param-name>ExpiresByType image</param-name>
      <param-value>access plus 1 month</param-value>
    </init-param>
    <init-param>
      <param-name>ExpiresByType text/css</param-name>
      <param-value>access plus 1 month</param-value>
    </init-param>
    <init-param>
      <param-name>ExpiresByType application/javascript</param-name>
      <param-value>access plus 1 month</param-value>
    </init-param>
  </filter>
  <filter-mapping>
    <filter-name>ExpiresFilter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
  </filter-mapping>

Tomcat 的壓縮(在 conf/server.xml 做調整):

<Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               compression="on" compressableMimeType="text/html,text/xml,text/plain,text/css,application/javascript"
               redirectPort="8443" />

nginx 的 cache(在 server tag 內做調整):

location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
    expires 1M;
}

nginx 的壓縮(在 http tag 內做調整):

gzip_vary on;
gzip_proxied any;
gzip_comp_level 9;
gzip_buffers 8 32k;
gzip_http_version 1.0;
gzip_types text/plain text/css application/json
           application/javascript application/x-javascript text/javascript
           text/xml application/xml application/rss+xml application/atom+xml application/rdf+xml;

大概就調這些,其他多媒體檔案就看需求了…

By WWW • Tags: , , , , , ,

二月 22 2014

[Apache Tomcat] Enhance security

我沒有在使用 Apache Tomcat 的後台,佈署軟體/程式都是透過 scp/sftp/ftp 等方式做傳輸。
所以在解開 Apache Tomcat 的壓縮檔之後,我會執行以下指令,把不必要的檔案清掉,增強安全性:

cd apache-tomcat-* && \
/bin/rm -rf webapps/docs webapps/examples webapps/host-manager webapps/manager && \
/bin/rm -f webapps/ROOT/*.gif webapps/ROOT/*.xml webapps/ROOT/*.ico webapps/ROOT/*.txt webapps/ROOT/*.svg && \
/bin/cat /dev/null > webapps/ROOT/index.jsp &&
/bin/cat /dev/null > webapps/ROOT/index.html

By Computer Software • Tags: ,