Sunday, January 31, 2016

PHP Sessions in AWS

Php sessions helps creating persistence for the php based applications.

The Elastic load balancer follows the Round robin algorithm to deliver the traffic to the backend servers. If a request asking for the authentication is served from a server it generates a token which is used to check the authenticated users. The problem comes when the request has been authenticated by a server reaches to other server due to ELB sending next request to another backend server but since it does not have that session id so it won't be able to authenticate in that case.

To Overcome this problem in AWS, you can use the Session Stickiness on the ELB. The ELB would generate a token and send it to client in the form of cookie. In this case ELB would be able to determine which server authenticated and would create a persistence between the server and the client request so that everytime the request comes from that client is delivered from the same server as defined in the timeout value. For e.g if you set up time out to 1800 seconds or 30minutes , ELB would continuously route the authenticated traffic of a client to that server only instead of the round robin request.

Php Sessions

PHP sessions is a way to help create a sense of persistence for php based applications.
Most systems just set the php sessions to go to files, usually /tmp. Settings can be adjusted with the following:
session.save_handler = files
session.save_path = "/tmp"
for systems having issues with persistence because of CDNs like Akamai, we can put the php session data into memcache. To configure php to use memcache, do the following:
Install and setup pecl memcache (pecl install pecl/memcache)
Setup a memcached instance for
Edit php.ini to use memcache (extension = memcache.so)
session.save_handler = memcache
session.save_path = "tcp://"

Apache Vhosts Examples

The following are the Vhost Examples which could serve most of the Lamp Environment needs


ServerAdmin [email protected]
DocumentRoot /var/www/FQDN.com
ServerName FQDN.com
ServerAlias www.FQDN.com
ErrorLog logs/FQDN.com-error_log
CustomLog logs/FQDN.com-access_log combined

AddHandler cgi-script .cgi
Options -Indexes FollowSymLinks ExecCGI Includes
AllowOverride All
Order Allow,Deny
Allow from all

ExpiresActive On
ExpiresDefault "access plus 5 minute"
RewriteEngine On
RewriteRule .* - [F]

Ansible Introduction

Ansible in short is an IT Automation, configuration management and provisioning tool.

It uses playbook to deploy, Manage, Build, test and configure anything from full server environments to websites to custom source code for applications.

It brings together aspects of environment Management that have been traditionally separate and managed independently.

Saturday, January 30, 2016

Walk-In Interviews in TCS at Delhi: 1 February to 7 February 2016

TCS Walk-In Interview on 1 February to 7 February 2016 in Bangalore, Bhubaneswar, Chennai, Delhi, Kolkata, Hyderabad, Mumbai, Pune, Kochi, Trivandrum

3 to 7 Years
Install/configure DNS, NIS, NFS, Cluster, Virtual / LAPR environment and Backup Management System.Suggest New Hardware Architecture.Perform root cause analysis and provide recommend remediation.

Devops Job Openings in Gurgaon

The Devops Openings in Gurgaon

1. Devops Consultant with Polaris (gurgaon)
Job Description: 
Exp :4 -9 years 
Location: Gurgaon 
Must have: 
1.  1 OS power user skills out of Windows or Unix/Linux 
2.  1 database power user skills out of Oracle, SQL Server, DB2, etc.
3. 1 continuous integration tools out of Jenkins, Cruise Control, Bamboo, BuildForge etc.
4. 1 deployment management tool out of Weblogic, Websphere, Jboss, Tomcat etc.
5. 1 scripting language out of Shell, Perl, Python etc.
5.  Expertise in Chef or Puppet 
6. Expertise in 1 Virtualization platforms out of VMWare, VirtualBox etc.

Thursday, January 14, 2016

Using filezilla to connect Ec2 with a jump server using the ssh tunnel

If you are using an Jump Server(bastion) to connect to other server like webservers than you need to create a tunnel first in order to connect the filezilla for the SFTP file transfer. Winscp has a built in tunnel  which you can use to connect to the Ec2 instance without any need for tunneling through ssh.

1. You would first need to connect to the server using the ssh as follows

ssh -i username.pem -D 8001 username@

2. Next open the Filezilla and click on the Settings in the Filezilla

Settings  > Generic Proxy > Socks 5 > 
Proxy host:
Proxy Port:8001

Save the Settings now.

Thats it , now connect in the normal way as you use to connect via filezilla i.e. sftp://internal-server-ip username and password and port 22 and click connect. You should be connected now.

Remember you would always need to do ssh first and than connect via filezilla to the Ec2 instance.

Tuesday, January 5, 2016

Preventing Hotlinking on Web Application

The Hotlinking is a kind of attack where exploiter can simply copy the Web-application code over the random sites with the unrelevant high amount of traffic so that every time there is a request on that page out web-application code would also be loaded , this specially cause problem in case of images, videos, media, css and js. This can choke your network and can exploit too much of your resources.