Category: Apache

As you readers probably know, I can’t stand XAMPP and MAMP, being two steaming piles of crap, and have long advocated that you set up VirtualBox & Vagrant, then head over to, fill in the forms to configure your VM,  generate the config.yaml, and then unzip it and run ‘vagrant up’ to install it. Brilliant so far.

Yesterday I had a total downer of a day, trying to run an old legacy PHP 5.3 app. PuPHPet doesn’t have the EOL PHP 5.3, so at first I settled as a one off for MAMP, but it was slow and horrible.

Then I thought, wait! If I don’t configure Apache or PHP in puphpet, I could get a box up and install 5.3 myself. That’s when I discovered the awesomeness of the puphpet/files folder.

The only thing I used in there was the ssh keys. But there are empty folders waiting for .sh files (shell scripts) to be dropped in.

So for this box, I created exec-once/ which contained the following:

yum -y install httpd php
yum -y install php-mysql php-devel php-gd php-pecl-memcache php-pspell php-snmp php-xmlrpc php-xml

Then upon running vagrant provision, it not only looked for changes in config.yaml, but it checks for changes in these files too!

I then made, and, which look like these:

echo "
Adding vhosts to /etc/httpd/conf/httpd.conf
echo "
<VirtualHost *:80>

   DocumentRoot /var/www/fife/web
   ServerName fife
   ErrorLog /var/www/fife/log/error.log

   <Directory "/var/www/fife">
      Options -Indexes +FollowSymLinks
      Order allow,deny
      Allow from all
      AllowOverride All

" >> /etc/httpd/conf/httpd.conf

And …

mysql -u root --password=123 --database=fortdev < /var/www/fife/data/sql_scripts/symf_fortdev.sql

I take it by now you get the idea! So now you can totally destroy your VM, and put any customisations in these shell scripts, so your full setup can be back up in 5 minutes flat with a vagrant up and vagrant provision!!!

You can then also start thinking about using puPHPet for deploying your setup to your production server 🙂 There’s a vagrant plugin called Vagrant Managed Servers, which will take care of that for you. . I haven’t looked at it yet, but of course you can expect a blog post on it here when I figure it all out!!

If you’ve ever used a self signed SSL certificate, you’ll know that although the connection is secure, you don’t get the full green padlock in the browser. You’re about to fix that, and speed your website up at the same time.

The secret is to pump your DNS through Cloudflare! If you visit there and sign up, you can add your domain names and point them to your server. By setting up Cloudflare, your site will improve in speed due to cacheing, and be more secure from DDOS attacks.

The first step is to create your SSL certificate. Log in to your server, and run the following commands as the root user:

➜ mcleandigital openssl genrsa -out "/home/mcleandigital/ssl.key" 2048 
Generating RSA private key, 2048 bit long modulus
e is 65537 (0x10001)
➜ mcleandigital openssl req -new -key "/home/mcleandigital/ssl.key" -out "/home/mcleandigital/ssl.csr" 
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:GB
State or Province Name (full name) [Some-State]:Scotland
Locality Name (eg, city) []:Glasgow
Organization Name (eg, company) [Internet Widgits Pty Ltd]:McLean Digital Limited
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:*
Email Address []

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:McLean Digital Limited
➜ mcleandigital openssl x509 -req -days 1095 -in "/home/mcleandigital/ssl.csr" -signkey "/home/mcleandigital/ssl.key" -out "/home/mcleandigital/ssl.crt" 
Signature ok
subject=/C=GB/ST=Scotland/L=Glasgow/O=McLean Digital Limited/CN=*
Getting Private key

The above output has generated the SSL certificate. Next step is to set your virtual hosts:

<VirtualHost *:80>
    RedirectPermanent /

<VirtualHost *:443>

        DocumentRoot /var/www/

        SSLEngine on
        SSLCertificateKeyFile /home/mcleandigital/ssl.key
        SSLCertificateFile /home/mcleandigital/ssl.crt

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        <Directory "/var/www/">
                Options -Indexes +FollowSymLinks
                Order allow,deny
                Allow from all
                AllowOverride All
                Require all granted

The above configuration redirects all port 80 traffic to port 443. Now if you restart the server, you will be able to access your website securely, however, the green padlock is not showing. This is expected as usually you would pay for a certificate from a certificate authority (CA) .

Now the fun part. Sign in to, and add your website.They give you instructions, and it’s pretty easy to setup.

If your site is hosted on a different server than your hosting company, you need to change the DNS on the domain name hosting provider to point to cloudflare, and not directly to your server. So a request will hit the domain company, which DNS sends to cloudflare, and the DNS on cloudflare points to the IP of your server.

Lastly, in cloudflare, click on the crypto tab, and set SSL to full. The great thing is, you get the cloudflare certificate presented to the end user, and our self signed certificate is hidden away behind cloudflare!

It turns out domain validated SSL’s will be free from December 3rd anyway (checkout, however, this may still be the better option due to all the nice free features cloudflare offers! As always, have fun!

I’m making some Apache redirects from an old domain to a new domain. I need the old domains blog posts to redirect to the new domain. So I need the WordPress permalinks.

In MySQL, you can say the following to get your permalinks.

SELECT wpp.post_title, wpp.guid,wpp.post_date,
    wpo.option_value,'%year%', date_format(wpp.post_date,'%Y'))
    ,'%postname%',wpp.post_name )
    ,'%category%',wpc.slug )
) as permalink
FROM wp_posts wpp
INNER JOIN wp_options wpo ON wpo.option_name='permalink_structure'
INNER JOIN wp_options wpo_su ON wpo_su.option_name='siteurl'
    SELECT wtr.object_id ID, max(wpt.slug) slug
    FROM wp_term_relationships wtr
    INNER JOIN wp_term_taxonomy wtt ON wtt.term_taxonomy_id=wtr.term_taxonomy_id AND wtt.taxonomy='category'
    INNER JOIN wp_terms wpt on wpt.term_id=wtt.term_id
    GROUP BY  wtr.object_id
) wpc ON wpc.ID=wpp.ID
WHERE wpp.post_type = 'post'
AND wpp.post_status = 'publish'
ORDER BY wpp.post_date DESC

If you aren’t using the built in php server for development, and like me you are using a vagrant box configured by puPHPet, this will save you a lot of wasted time wondering why you get 401s and 403s when you aren’t expecting them.

In your vhost section , under the setenv option, we add a new setenvif option:

     - 'Authorization "(.*)" HTTP_AUTHORIZATION=$1'

Without this option, the Authorization header is being stripped! Run vagrant provision, and suddenly everything should be working correctly. Now get on with building that API!

So I pushed my changes to the production repository, only to discover that Memcache wasn’t installed on the server at work (a cPanel installation running over CentOS(6 i think)). Time to install it then!

in the terminal, get memcached installed. Nice n easy.

sudo yum install memcached

Then launch it!

memcached -d -u nobody -m 512 -p 11211

Then install memcache PHP extension. You do this in cPanels WHM. Search module installers in WHM

In Find a PHP Pecl, type memcache, and get it installed! You may or may not have to restart apache, but go to a phpinfo() and you should now see it running on your system!

See my previous post for how to use memcache in your PHP 🙂

Yay! Free OS upgrade! But oh! Something’s bound to be affected, my apache or php or something. And you’d be right. So here are my list of issues I had, and how I overcame them.

First up, Mavericks looks really cool, and seems to zip along a lot faster than lion did. Nice one! A few other nice looking things, I’ll get into those later, but are my sites loading? I open Safari, type in one of my vhosts, and then it displays a white web page with a times new roman bold h1 tag claiming ‘It works!’. Yes, Apache is working, but not a lot else! :-s

When I finally realised a while back that all-in-one things like XAMPP are actually no good for serious development, I got my PHP running with the built in Apache, and the same tweaks apply here. Edit /etc/apache2/httpd.conf :

#LoadModule php5_module libexec/apache2/
LoadModule php5_module libexec/apache2/

And allow use of .htaccess to override:

AllowOverride All

That should bring you back up. I wasn’t getting any db connection, so I checked to see if my MySQL server was still running. It reported so, so I fired up SequelPro and was able to get access to my data. Hmm.

My next thought that possibly more modules for apache were needing installed or something. I checked a phpinfo();  It was running v5.4.17, with no debug or anything installed, so I guessed it was the Mavericks installed PHP. I thought, well, if I’m updating, we might as well have PHP 5.5 installed, so I went to work on that.

The terminal command ‘port’ experienced difficulties, and I quickly realised that I would need to update Xcode, and Xcode Developer Command Line Tools. Once you have done that, open Xcode up, and agree to the terms and conditions, then close it. If you don’t do this some of the terminal commands will fail.  Then you can run :

sudo port self update
sudo port upgrade outdated

I came across a hanging point when it was trying to build a thing called ‘boost’. Apparently other people on the net were complaining about the same thing but no one had an answer. After failing a few times I decided I would concentrate on just upgrading packages that I needed, so I typed this to see what was already installed: (results listed to give you an idea of what i have running)

$ port -qv installed
  apache2 @2.2.22_2+preforkmpm platform='darwin 11' archs='x86_64'
  apache2 @2.2.25_0+preforkmpm (active) platform='darwin 13' archs='x86_64'
  apr @1.4.6_1 platform='darwin 11' archs='x86_64'
  apr @1.4.8_0 (active) platform='darwin 13' archs='x86_64'
  apr-util @1.4.1_0 platform='darwin 11' archs='x86_64'
  apr-util @1.5.2_1 (active) platform='darwin 13' archs='x86_64'
  autoconf @2.69_0 platform='darwin 11' archs='noarch'
  autoconf @2.69_2 (active) platform='darwin 13' archs='noarch'
  automake @1.12_0 platform='darwin 11' archs='noarch'
  automake @1.14_0 (active) platform='darwin 13' archs='noarch'
  boost @1.50.0_0+no_single+no_static (active) platform='darwin 11' archs='x86_64'
  bzip2 @1.0.6_0 (active) platform='darwin 13' archs='x86_64'
  corkscrew @2.0_0 (active) platform='darwin 11' archs='x86_64'
  cppunit @1.12.1_0 (active) platform='darwin 11' archs='x86_64'
  curl @7.27.0_1+ssl (active) platform='darwin 11' archs='x86_64'
  curl-ca-bundle @7.27.0_0 (active) platform='darwin 11' archs='noarch'
  db46 @4.6.21_6 platform='darwin 11' archs='x86_64'
  db46 @4.6.21_8 (active) platform='darwin 13' archs='x86_64'
  db_select @0.1_2 (active) platform='darwin 13' archs='noarch'
  dirac @1.0.2_1 (active) platform='darwin 11' archs='x86_64'
  docbook-xml @5.0_0 (active) platform='darwin 11' archs='noarch'
  docbook-xml-4.1.2 @4.1.2_1 (active) platform='darwin 11' archs='noarch'
  docbook-xml-4.2 @4.2_0 (active) platform='darwin 11' archs='noarch'
  docbook-xml-4.3 @4.3_0 (active) platform='darwin 11' archs='noarch'
  docbook-xml-4.4 @4.4_0 (active) platform='darwin 11' archs='noarch'
  docbook-xml-4.5 @4.5_0 (active) platform='darwin 11' archs='noarch'
  docbook-xml-5.0 @5.0_0 (active) platform='darwin 11' archs='noarch'
  docbook-xsl @1.76.1_1 (active) platform='darwin 11' archs='noarch'
  dyld-headers @239.3_0 (active) platform='darwin 13' archs='noarch'
  expat @2.1.0_0 (active) platform='darwin 13' archs='x86_64'
  ffmpeg @0.7.13_2+gpl2+mmx (active) platform='darwin 11' archs='x86_64'
  fftw-3 @3.3.2_0 (active) platform='darwin 11' archs='x86_64'
  fontconfig @2.9.0_1 (active) platform='darwin 11' archs='x86_64'
  freetype @2.4.10_0 (active) platform='darwin 11' archs='x86_64'
  gdbm @1.10_1 platform='darwin 11' archs='x86_64'
  gdbm @1.10_2 (active) platform='darwin 13' archs='x86_64'
  gettext @ platform='darwin 11' archs='x86_64'
  gettext @ (active) platform='darwin 13' archs='x86_64'
  ghostscript @9.05_3 (active) platform='darwin 11' archs='x86_64'
  glib2 @2.32.4_0 (active) platform='darwin 11' archs='x86_64'
  gperf @3.0.4_2 (active) platform='darwin 13' archs='x86_64'
  gsed @4.2.1_2 (active) platform='darwin 11' archs='x86_64'
  help2man @1.40.5_3 platform='darwin 11' archs='x86_64'
  help2man @1.40.10_0 (active) platform='darwin 11' archs='x86_64'
  htop @ (active) platform='darwin 11' archs='x86_64'
  icu @4.8.1_0 platform='darwin 11' archs='x86_64'
  icu @51.2_1 (active) platform='darwin 13' archs='x86_64'
  ImageMagick @6.7.9-0_1+q16 (active) platform='darwin 11' archs='x86_64'
  ircii @20111115_0 (active) platform='darwin 11' archs='x86_64'
  jbig2dec @0.11_1 (active) platform='darwin 11' archs='x86_64'
  jbigkit @2.0_2 (active) platform='darwin 11' archs='x86_64'
  jpeg @8d_0 (active) platform='darwin 11' archs='x86_64'
  lame @3.99.5_0 (active) platform='darwin 11' archs='x86_64'
  lcms2 @2.3_0 (active) platform='darwin 11' archs='x86_64'
  libedit @20120601-3.0_0 platform='darwin 11' archs='x86_64'
  libedit @20121213-3.0_0 (active) platform='darwin 13' archs='x86_64'
  libffi @3.0.11_0 (active) platform='darwin 11' archs='x86_64'
  libiconv @1.14_0 (active) platform='darwin 13' archs='x86_64'
  libidn @1.25_0 (active) platform='darwin 11' archs='x86_64'
  libmcrypt @2.5.8_1 (active) platform='darwin 11' archs='x86_64'
  libogg @1.3.0_1 (active) platform='darwin 11' archs='x86_64'
  libpaper @1.1.24_0 (active) platform='darwin 11' archs='x86_64'
  libpcap @1.2.1_0 (active) platform='darwin 11' archs='x86_64'
  libpng @1.5.12_0 (active) platform='darwin 11' archs='x86_64'
  libsdl @1.2.15_0+x11 (active) platform='darwin 11' archs='x86_64'
  libtheora @1.1.1_1 (active) platform='darwin 11' archs='x86_64'
  libtool @2.4.2_0 platform='darwin 11' archs='x86_64'
  libtool @2.4.2_2 platform='darwin 11' archs='x86_64'
  libtool @2.4.2_3 (active) platform='darwin 13' archs='x86_64'
  libunwind-headers @35.1_1 (active) platform='darwin 13' archs='noarch'
  libvorbis @1.3.3_0 (active) platform='darwin 11' archs='x86_64'
  libvpx @1.1.0_0 (active) platform='darwin 11' archs='x86_64'
  libxml2 @2.8.0_0 (active) platform='darwin 11' archs='x86_64'
  libxslt @1.1.26_0 (active) platform='darwin 11' archs='x86_64'
  lynx @2.8.7rel.1_1+ssl (active) platform='darwin 11' archs='x86_64'
  lzo2 @2.05_1 (active) platform='darwin 11' archs='x86_64'
  m4 @1.4.16_0 (active) platform='darwin 13' archs='x86_64'
  mhash @ (active) platform='darwin 11' archs='x86_64'
  ncurses @5.9_1 platform='darwin 11' archs='x86_64'
  ncurses @5.9_2 (active) platform='darwin 13' archs='x86_64'
  nspr @4.8.9_0 (active) platform='darwin 11' archs='x86_64'
  openjpeg @1.5.0_3 (active) platform='darwin 11' archs='x86_64'
  openssl @1.0.1b_0 platform='darwin 11' archs='x86_64'
  openssl @1.0.1c_0 platform='darwin 11' archs='x86_64'
  openssl @1.0.1e_1 (active) platform='darwin 13' archs='x86_64'
  orc @0.4.16_0 (active) platform='darwin 11' archs='x86_64'
  p5.12-locale-gettext @1.50.0_6 platform='darwin 11' archs='x86_64'
  p5.12-locale-gettext @1.50.0_7 (active) platform='darwin 11' archs='x86_64'
  pcre @8.31_0 platform='darwin 11' archs='x86_64'
  pcre @8.33_0 (active) platform='darwin 13' archs='x86_64'
  perl5 @5.12.3_1+perl5_12 platform='darwin 11' archs='noarch'
  perl5 @5.12.4_0+perl5_12 (active) platform='darwin 13' archs='noarch'
  perl5.12 @5.12.4_0 platform='darwin 11' archs='x86_64'
  perl5.12 @5.12.4_1 platform='darwin 11' archs='x86_64'
  perl5.12 @5.12.4_2 (active) platform='darwin 13' archs='x86_64'
  php53 @5.3.16_1+libedit (active) platform='darwin 11' archs='x86_64'
  php53-curl @5.3.16_1 (active) platform='darwin 11' archs='x86_64'
  php53-ftp @5.3.16_1 (active) platform='darwin 11' archs='x86_64'
  php53-iconv @5.3.16_1 (active) platform='darwin 11' archs='x86_64'
  php53-mbstring @5.3.16_1 (active) platform='darwin 11' archs='x86_64'
  php53-mcrypt @5.3.16_1 (active) platform='darwin 11' archs='x86_64'
  php53-mongo @1.2.12_0 (active) platform='darwin 11' archs='x86_64'
  php53-mysql @5.3.16_1+mysqlnd (active) platform='darwin 11' archs='x86_64'
  php53-openssl @5.3.16_1 (active) platform='darwin 11' archs='x86_64'
  php53-soap @5.3.16_1 (active) platform='darwin 11' archs='x86_64'
  php53-sqlite @5.3.16_1 (active) platform='darwin 11' archs='x86_64'
  php53-xdebug @2.2.1_0 (active) platform='darwin 11' archs='x86_64'
  php53-xsl @5.3.16_1 (active) platform='darwin 11' archs='x86_64'
  php53-zip @5.3.16_1 (active) platform='darwin 11' archs='x86_64'
  php54 @5.4.6_1+libedit (active) platform='darwin 11' archs='x86_64'
  php54-apache2handler @5.4.6_1 (active) platform='darwin 11' archs='x86_64'
  php54-curl @5.4.6_1 (active) platform='darwin 11' archs='x86_64'
  php54-ftp @5.4.6_1 (active) platform='darwin 11' archs='x86_64'
  php54-gd @5.4.6_1 (active) platform='darwin 11' archs='x86_64'
  php54-iconv @5.4.6_1 (active) platform='darwin 11' archs='x86_64'
  php54-mbstring @5.4.6_1 (active) platform='darwin 11' archs='x86_64'
  php54-mcrypt @5.4.6_1 (active) platform='darwin 11' archs='x86_64'
  php54-mongo @1.2.12_0 (active) platform='darwin 11' archs='x86_64'
  php54-mysql @5.4.6_1+mysqlnd (active) platform='darwin 11' archs='x86_64'
  php54-openssl @5.4.6_1 (active) platform='darwin 11' archs='x86_64'
  php54-soap @5.4.6_1 (active) platform='darwin 11' archs='x86_64'
  php54-sqlite @5.4.6_1 (active) platform='darwin 11' archs='x86_64'
  php54-xdebug @2.2.1_0 (active) platform='darwin 11' archs='x86_64'
  php54-xsl @5.4.6_1 (active) platform='darwin 11' archs='x86_64'
  php54-zip @5.4.6_1 (active) platform='darwin 11' archs='x86_64'
  php_select @1.0_0 (active) platform='darwin 11' archs='noarch'
  pkgconfig @0.27_0 (active) platform='darwin 11' archs='x86_64'
  python27 @2.7.3_0 platform='darwin 11' archs='x86_64'
  python27 @2.7.6_0 (active) platform='darwin 13' archs='x86_64'
  python_select @0.3_1 platform='darwin 11' archs='noarch'
  python_select @0.3_3 (active) platform='darwin 13' archs='noarch'
  re2c @0.13.5_0 (active) platform='darwin 11' archs='x86_64'
  readline @6.2.000_0 (active) platform='darwin 11' archs='x86_64'
  schroedinger @1.0.11_0 (active) platform='darwin 11' archs='x86_64'
  scons @2.2.0_0 (active) platform='darwin 11' archs='noarch'
  snappy @1.0.5_0 (active) platform='darwin 11' archs='x86_64'
  speex @1.2rc1_0 (active) platform='darwin 11' archs='x86_64'
  spidermonkey @1.7.0_5 (active) platform='darwin 11' archs='x86_64'
  sqlite3 @3.7.14_1 platform='darwin 11' archs='x86_64'
  sqlite3 @ (active) platform='darwin 13' archs='x86_64'
  tiff @3.9.5_0 (active) platform='darwin 11' archs='x86_64'
  urw-fonts @1.0.7pre44_0 (active) platform='darwin 11' archs='noarch'
  webp @0.2.0_1 (active) platform='darwin 11' archs='x86_64'
  x264 @20111210_0 (active) platform='darwin 11' archs='x86_64'
  xmlcatmgr @2.2_1 (active) platform='darwin 11' archs='x86_64'
  xorg-kbproto @1.0.6_0 (active) platform='darwin 11' archs='noarch'
  xorg-libice @1.0.8_0 (active) platform='darwin 11' archs='x86_64'
  xorg-libpthread-stubs @0.3_0 (active) platform='darwin 11' archs='noarch'
  xorg-libsm @1.2.1_0 (active) platform='darwin 11' archs='x86_64'
  xorg-libX11 @1.5.0_0 (active) platform='darwin 11' archs='x86_64'
  xorg-libXau @1.0.7_0 (active) platform='darwin 11' archs='x86_64'
  xorg-libxcb @1.8.1_2+python27 (active) platform='darwin 11' archs='x86_64'
  xorg-libXdmcp @1.1.1_0 (active) platform='darwin 11' archs='x86_64'
  xorg-libXext @1.3.1_0 (active) platform='darwin 11' archs='x86_64'
  xorg-libXrandr @1.3.2_0 (active) platform='darwin 11' archs='x86_64'
  xorg-libXt @1.1.3_0 (active) platform='darwin 11' archs='x86_64'
  xorg-randrproto @1.4.0_0 (active) platform='darwin 11' archs='noarch'
  xorg-renderproto @0.11.1_0 (active) platform='darwin 11' archs='noarch'
  xorg-xcb-proto @1.7.1_0+python27 (active) platform='darwin 11' archs='noarch'
  xorg-xextproto @7.2.1_0 (active) platform='darwin 11' archs='noarch'
  xorg-xproto @7.0.23_0 (active) platform='darwin 11' archs='noarch'
  xrender @0.9.7_0 (active) platform='darwin 11' archs='x86_64'
  XviD @1.3.2_3 (active) platform='darwin 11' archs='x86_64'
  xz @5.0.3_0 platform='darwin 11' archs='x86_64'
  xz @5.0.4_0 platform='darwin 11' archs='x86_64'
  xz @5.0.5_0 (active) platform='darwin 13' archs='x86_64'
  zlib @1.2.6_0 platform='darwin 11' archs='x86_64'
  zlib @1.2.7_0 platform='darwin 11' archs='x86_64'
  zlib @1.2.8_0 (active) platform='darwin 13' archs='x86_64'

As you can see I have quite a few! But I was incredibly lucky, I typed in :

sudo port upgrade curl

And it installed, also fixing the boost problem, allowing me to continue with ‘sudo port upgrade outdated’ without the error happening!

Be prepared to wait a while for all of this compiling to go on! Once you are bang up to date we can install PHP 5.5. First lets get rid of all the old stuff compiled for your old OS (actually this works when if you put a -u flag on the sudo port -u upgrade outdated):

sudo port uninstall inactive

Now for 5.5! Feel free to add more PHP modules, full list available at the macports website.

sudo port install php55 php55-curl php55-ftp php55-iconv php55-mbstring php55-mcrypt php55-mongo php55-mysql php55-openssl php55-soap php55-sqlite php55-xdebug php55xsl php55-zip php55-apache2handler

cd /opt/local/apache2/modules
sudo /opt/local/apache2/bin/apxs -a -e -n php5

Now edit your httpd.conf to load 5.5:

LoadModule php5_module /opt/local/apache2/modules/

sudo apachectl restart

Job done. My thoughts on all this? First you had all in one nonsense like MAMP and XAMPP. No good. Then we have the option of using a package manager such as MacPorts or Homebrew (macports in my case), but in all honesty I really think manually compiling and configuring everything is a much better idea, as per my other posts regarding the Ubuntu server in my work.

Sick of having to recompile everything after an OS upgrade? Think about setting up a Ubuntu Server Virtual Machine using VirtualBox! And then your server can run on any machine with any configuration, and the pain will be a lot less in the future!

Feel free to comment on anything you may have come across during the process! Everyone’s set up is different!

You got Varnish serving up cached pages! Great!
Until you realise that when you grab a users $_SERVER[‘REMOTE_ADDR’], you get your server IP address!
Not good! Lets fix that, using reverse proxy add forward module for Apache (mod_rpaf)

tar -zxvf mod_rpaf-0.6.tar.gz
cd mod_rpaf-0.6
apxs -i -c -n mod_rpaf-2.0.c

Now it’s installed, you need to add some guff to your Apache httpd.conf. If you are crippled by a cPanel install, then you edit it by going into WHM, clicking Apache Configuration, Include Editor, and under Pre Main Include select all versions of Apache.  Paste in the following, inserting your servers IP address where I’ve written “Server.IP.Goes.Here”.

LoadModule rpaf_module modules/
# mod_rpaf Configuration
RPAFenable On
RPAFsethostname On
RPAFproxy_ips Server.IP.Goes.Here
RPAFheader X-Forwarded-For

Thats you! cPanel/WHM should restart the Apache server. Obviously command line commandos will type service httpd restart or one of the other similar commands, depending on your OS.
Now when you check, you will find you are getting the correct REMOTE_ADDR again!

Without messing with cPanel or Apache’s setup, we can still install Varnish to cache our pages a lot quicker, via the iptables firewall!

The problem was that changing the apache httpd.conf didnt work as expected, as cPanel does a lot of auto generating and tweaking of system files. yuk. i much prefer a terminal any day. Anyway! Lets have a look:

yum install varnish
nano /etc/sysconfig/varnish

comment out configuration 1, 3, and 4, uncomment config 2 and set as follows:

DAEMON_OPTS = " -a :8080 \                                          
                -T localhost:6082 \             
                -f /etc/varnish/default.vcl \              
                -S /etc/varnish/secret \             
                -s malloc,256m"

The -a line is the port varnish will run on. In a normal configuration, Varnish will take over port 80, so make it port 80. In the case of a server using cPanel, if you cant change your apache port to 8080, then you can set varnish to 8080 instead.

nano /etc/varnish/default.vcl

backend default {
    .host = "";
    .port = "80";

The backend is Apache. In a normal varnish setup, this port should be 8080.  Using a reverse system using iptables, apache stays as port 80. Also, the host should become the external IP in this configuration.

Now, depending on your setup, depends what happens next.

Without cPanel, under a standard setup, you will have set Varnish to port 80 and Apache to port 8080. In this case, you must edit your apache httpd.conf, searching and replacing :80 with :8080. Then just stop and start the services as below, skipping the iptables stuff.

With cPanel, we can leave that alone and instead use an iptable rule to send all port 80 requests to varnish at port 8080. Edit ~/.bashrc, pasting this in:

alias varnishon='iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080'
alias varnishoff='iptables -t nat -D PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080'
alias varnishstatus='iptables -L -t nat |grep -q 8080; if [ "test$?" = "test0" ]; then echo "Varnish On"; else echo "Varnish Off"; fi'


You can now call, varnishon, varnishoff, and varnishstatus next login. So logout and login.

Restart Apache and start up varnish:

service httpd restart
service varnish start

You should be able to access your site on port 80 AND port 8080. The difference? Run a curl command to see the headers:

curl -I
curl -I

You’ll see the port 8080 mentions varnish.

Last thing to do is enable the iptables rule: Type in your alias command you put in bashrc:


Now port 80 is routing to port 8080, and you have varnished pages, and haven’t touched your cPanel setup!

Considerations: the header shows the page in this weird cPanel workaround setup as 301 moved permanently. Also, the site i was using captured IP addresses, but due to the proxy nature of this setup, the ips captured belonged to the server! The actual way should be to have Apache on 8080 and varnish on 80, and no ip rules at all. If you have access to WHM or cPanel, you are looking for tweak settings, and change the default apache port to 8080 in there! Good luck!

This look familiar?

PHP Warning:  PHP Startup: memcached: Unable to initialize module
Module compiled with module API=20090626
PHP    compiled with module API=20100525
These options need to match

I don’t know about you, but i like to be up to date! My PHP is on 5.5, and I had to install some modules. But sometimes, old versions can rear their ugly head, and cause all manner of grief. Package managers do a good job to take care of all this for you, but sometimes they just don’t work. Leaving you to compile yourself! So lets do it! I’m going to install memcached, and then the imagick libraries (now i know what i’m doing!)

I’m doing this on a CentOS 6 server, but as we are doing the old skool way of compiling etc, this should work on any other flavour of Linux, or indeed Mac OS X.

First step is to download your .tar.gz  then unzip it with tar -zxvf file.tar.gz and change into the folder.
Bring up a web page displaying your servers php.ini. You are looking for the version of PHP API, and the extension_dir.
In your terminal, cd into the module source code folder, and type phpize.

If when you check the API versions , they are different from your php.ini, then an old version of php is being used in the terminal, and your module will not work! In this case, you need to get it to use the correct phpize.

type 'which phpize' to find out where the offending file is. (mine was /usr/bin/phpize)

My PHP appeared to be in /usr/local, so I tried running /usr/local/phpize. The API’s matched. So then I did the following:

mv /usr/bin/phpize /usr/bin/phpize-old
 ln -s /usr/local/bin/phpize /usr/bin/phpize

Half way there! We need to do the same for php-config

mv /usr/bin/php-config /usr/bin/php-config-old
 ln -s /usr/local/bin/php-config /usr/bin/php-config

Now you have done that, installation should be trivial, and work as per loads of tutorial/instrruction pages on the web.

 make install

Finally edit your php.ini and add ‘extension =’ (or whatever module you compiled), and restart your apache server!

EDIT : you may need to run ‘phpize –clean’ if it is still compiling with the older stuff from within the modules source folder

Slouch on the CouchDB

No doubt you will know about the new generation of document oriented databases designed to work using the HTTP protocol, such as Mongo and CouchDB. They come pretty much with a built in API! So it’s time to mess around with it!

I downloaded Couchbase Server community edition (which is pretty nifty I’ll admit). Once you get that installed you can access localhost on port 8091 and it will take you into a cool looking admin panel:

One of the admin screens on couchbase server

One of the admin screens on couchbase server

It comes with a sample database, and you can access the API on port 8092. The full range of ports is as follows:

Port Description Node to Node Node to Client Cluster Administration XDCR
8091 Web Administration Port Yes Yes Yes Yes
8092 Couchbase API Port Yes Yes No Yes
11209 Internal Cluster Port Yes No No No
11210 Internal Cluster Port Yes Yes No No
11211 Client interface (proxy) Yes Yes No No
4369 Erlang Port Mapper (epmd) Yes No No No
21100 to 21199 (inclusive) Node data exchange Yes No No No

There are some great videos at that show you how couch works. This is the introductory video:

The curl syntax should be something like:

curl  localhost:8092/

As you can know, being able to query a database and perform CRUD over HTTP would be incredibly useful, so this is very promising!

It’s stupid O’clock and I’ve been up all night but this looks great! I will update this post when I return to have a play with my new toy! 🙂