Category: Basic

Apache Web Server Basic Security fixes and Optimisation: –

If you are utilising the apache web server HTTP for your website hosting and you maintain that server, then you must consider the following points,

  • Turn on LOGS and installing mod_log_config. You can check the list of modules by this command : apache2ctl -M
  • Implement Firewall MOD_SECURITY module
https://modsecurity.org/ is an open source, cross-platform web application firewall (WAF) module. Known as the "Swiss Army Knife" of WAFs, it enables web application defenders to gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections.
https://github.com/Rev3rseSecurity/wordpress-modsecurity-ruleset
  • Implement mod_evasive module
  • Disable Extra  module which are not utilized to improve performance
  • Cross check  Directory Indexing. apache2.conf | httpd.conf | <vhost>.conf | .htaccess
    Options -Indexes
  • Setup following variables in apache2.conf or httpd.conf
    SET HTTP Limits
    • KeepAlive=on
    • KeepAliveTimeout
    • LimitRequestBody
    • LimitRequestFields
    • LimitRequestFieldSize
    • LimitRequestLine
    • LimitXMLRequestBody
    • MaxClients
    • MaxKeepAliveRequests
    • MaxRequestWorkers
    • RequestReadTimeout
    • TimeOut
  • Disable server signature . Add these lines in apache2.conf |  <vhost>.conf | .htaccess
    ServerSignature Off
    ServerTokens Prod
server signature
  • If web-server language is PHP,  By Default PHP version is available in response header, Remove PHP version from header from php.ini
    • expose_php = Off
  • Add these headers  to prevent XSS

X-Frame-Options: SAMEORIGIN 
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8

Big Data Vs BI (Business Intelligence)?

Traditional BI methodology works on the principle of assembling all the enterprise data in a central server.  The online transaction processing (OLTP) transactional data is transferred to a denormalized environment called as a data warehouse. The data is usually structured  with very little unstructured data.

Big Data BI
Data is retained in a distributed file system Data is retained on a central server
Code To Data (The processing functions are taken to the data) Data To Code (data being taking to the functions)
Data is of different formats, both structured as well as unstructured. Mostly Structured
Data is both real-time data as well as offline data. Mostly Offline