Quality Website Hosting

Ubuntu PHP Application Clustering with Mod Proxy

What is Clustering

Clustering is the technique of linking many computers together to act like a single computer. Generally, a PHP cluster is composed of multiple webservers running PHP individually which then is load-balanced either by a hardware or a software based load balancer. Common examples of hardware load balancer could be F5 BigIP, Nortel’s (Alteon), AceDirector AD3 etc and software load balancer are Apache httpd server, Nginx etc.

Requirements for PHP Cluster

To set a PHP cluster, following are required:

  1. Three Linux servers – One server as a load balancer and other two as the PHP application nodes. They can run any Linux OS. We would be using Debian 9 and CentOS 64bits edition in these three environments in two separate examples. We will refer to load balancer node as LB and the application nodes as s1 and s2 respectively from now.
  2. Apache httpd v2.5 with mod_rewrite, mod_proxy – Apache httpd should be installed on all the three servers with the support of mod_rewrite, mod_proxy, mod_proxy_http modules.
  3. PHP – PHP should be installed on the two Linux servers acting as application nodes (s1 and s2). You can refer my earlier post – The Perfect LAMP Stack to setup the application nodes. We will use PHP only for testing our cluster setup.

Theory of Operation

The setup will make load balancer (LB) to act as the reverse proxy in front of the application nodes (A1 and A2). When a client will send the request to our server, the LB will pass it to the application nodes based on a predefined method as set by us in the Apache httpd configuration.

How to cluster with PHP Debian

After installing the above mentioned applications, to setup the PHP clusters, now we only require to create Apache httpd configuration on LB server to make it act like a reverse proxy.

Open the VirtualHost file default in /etc/apache2/sites-available

  • ServerName will have your URL or ip for the load balancer (LB) server.

ServerName lb.example.com

  • DocumentRoot will be your path to publicly available documents.

DocumentRoot /var/www/

  • ProxyRequests off will prevent your load balancer to act as a forward proxy server.

Note: When you compile mod_proxy with Apache httpd, it can allow you to use the server to act either as a forward proxy or reverse proxy server. The above setting is just used for prevention.

ProxyRequests Off

  • directive will allow you to enforce rules upon the proxied content. Here you can set what constraint you want to apply on the proxied content for e.g. you can only allow few ip range to access the load balancer. In our case we are going to allow from all as it is the load balancer in front of public.

  <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>

  • ProxyPass directive will configure the url mapping from the reverse proxy server to the application nodes. You can also configure which url should be translated and sent to backend and which should not. In the following settings, we have configured that when the /balancer-manager is requested, it should not be sent to the backend whereas all other requests should be forwarded there. The balancer://mycluster/ defines our clusters where we will transmit the load and which we will be configuring in next step. The stickysession directive is used here for the sessions which I will explain later in some other post. nofailover directive is related to sessions.

ProxyPass /balancer-manager !

ProxyPass / balancer://mycluster/ stickysession=PHPSESSID $

ProxyPassReverse / http://s1.example.com/

ProxyPassReverse / http://s2.example.com/

  • Once again, we would be defining the directive, but this time we will be using it to enhouse our balancer configurations. The BalancerMember directive is used to add the add the application nodes to the cluster and as of our configuration, we are going to add our two application nodes a1 and a2. The route directive value will be appended to the session id. The ProxySet directive is used to define the additional balancer configuration parameters. In our case, we are going to define the load balancing method which we are going to use in the lbmethod parameter and that is byrequests. The other available methods are bytraffic and bybusyness. To know more about load balancing methods, please refer to https://httpd.apache.org/docs/trunk/mod/mod_proxy.html

  <Proxy balancer://mycluster>
                BalancerMember http://s1.example.com  route=s1
                BalancerMember http://s2.example.com  route=s2
 
                ProxySet lbmethod=byrequests
        </Proxy>

  • Next, we have defined the settings of the balancer-manager which allows us to view the dynamic update of balancer members i.e. the application nodes. You would be requiring to enable mod_status module in Apache httpd to use the balancer-manager

<Location /balancer-manager>
                SetHandler balancer-manager
                Order deny,allow
                Allow from all
        </Location>

Note: We have explained the very basic settings here to setup the Apache httpd to act as a reverse proxy load balancer. You can fine tune the settings according to your needs and to know more about the available options, please refer to http://httpd.apache.org/docs/current/mod/mod_proxy.html

  • The complete settings which we have explained earlier can be seen below:

<VirtualHost *:80>
        ServerName lb.example.com
        DocumentRoot /var/www/
        ProxyRequests Off
 
        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>
 
                ProxyPass /balancer-manager !
                ProxyPass / balancer://mycluster/ stickysession=PHPSESSID $
                ProxyPassReverse / http://s1.example.com/
                ProxyPassReverse / http://s2.example.com/
        <Proxy balancer://mycluster>
                BalancerMember http://s1.example.com  route=s1
                BalancerMember http://s2.example.com  route=s2
                ProxySet lbmethod=byrequests
        </Proxy>
 
        <Location /balancer-manager>
                SetHandler balancer-manager
                Order deny,allow
                Allow from all
        </Location>
</VirtualHost>

  • Save the default VirtualHost after making the above settings and restart the server. That will complete our task of creating Apache httpd as reverse proxy load balancer server.

Testing PHP Cluster

Now, to test your PHP cluster setup, create a file test.php in your application nodes s1 and s2. The source code for the file would be very simple and as below: For s1 node,

<?php
 echo ‘Hi, I am from Server 1’;
 ?>
For s2 node, 
<?php
 echo ‘Hi, I am from Server 2’;
 ?>

  • After creating these files, try to load these files from your load balancer url i.e. http://lb.example.com/test.php for multiple times.
  • To see, how your load balancer is performing and if you have set it up as explained earlier, you can visit the url http://lb.example.com/balancer-manager
Read more

Internet Not Working? Try This

 

If your internet connection is not working on your laptop or desktop devices, try following these 3 quick steps:

  1. Open ‘Control Panel’, and click on ‘Internet Options’
  2. Select ‘Connections’ Tab in the Pop Up Window – ‘Internet Properties’. Select ‘LAN Settings’ which is displayed in the bottom of the window.
  3. Unchecked all the boxes in the window – ‘Local Area Network (LAN) Settings’. Click ‘OK’ on all Windows and Close.

Are you able to access the internet now? If yes, glad we could help!

If your problem persists, please call your city’s Sam’s Tech Networks Customer Care number, and we’ll be happy to assist!

 

Your Sam’s Tech Networks Team,

 

PS: These steps are documented with screenshots here.

Simple Ways to Secure Your WiFi

 

Simple Ways to Secure Your Home’s Wi-Fi

In a country with a population of over a billion, just about a quarter have a personal Internet connection. And of this small percentage, only a very tiny handful are actually taking action to secure their Internet connection. These days, if you’re using our a broadband Internet connection then it’s almost certain that you have a Wi-Fi access point set up in your house. Securing this connection is very simple, and not doing so is just inviting trouble.

With data caps, you could risk freeloaders who use your network without your knowledge, leading to you spending more money, unnecessarily. If someone uses your connection for an illegal activity, it could be traced back to your Wi-Fi network, which could lead to problems too. Merely purchasing the best high-speed Internet connection is not enough – it’s unquestionably important to ensure that your Internet connection is secure, and here are some easy ways to accomplish this.

1. Change the password of your router

With the most basic technical skills, any rookie can hack into your router’s admin panel. In order to protect your Wi-Fi from freeloaders enjoying your Internet without your permission, you need to start by securing your router’s firmware. Even before you actually connect your router to the Internet, make sure you login into your router’s admin panel and change the default username password.

Most users can access the admin panel routers by typing http://192.168.1.1 in the address bar of their browser. This is router’s default IP address, if it doesn’t work, it might be 192.168.0.1 or 192.168.2.1 based on the manufacturer of your router. The default username and password should be listed in your router’s documentation, on a sticker on the side of your router. Many IoT devices get hacked due to use of default passwords.

 

2. Secure Wi-Fi by a strong password

While this may sound obvious, even today many people do not realise that any password which is easy to guess (like your name, mobile number, or date of birth) is the reason why neighbours are commonly the first ones piggybacking on your Wi-Fi without your knowledge. Even though we are more reliant on the Internet than ever, ‘123456’ remains the most common password. If you have to share your WiFi password with friends or acquaintances, make sure you change your password afterwards. Periodically changing your password might sound like a task because you will need to login again from all of your devices, but the biggest advantage it serves is that every time you reset it, you reset the number of people who can connect to your network back to one – only you.

 

3. Upgrade your router’s firmware

Firmware is the software that is embedded into your router and controls how your device behaves. If you’re facing any issues with your wireless signal, updating your router’s firmware may just resolve your issues and offer stable connectivity. Periodically check for any available upgrades in your router’s firmware and enjoy latest security patches, safety updates, performance enhancements, and improved network connectivity.

 

4. Disable UPnP

Universal Plug and Play (UPnP) is a potential security threat because it bypasses firewall on your network, assumes certain programs to be trustworthy, and allows them. Basically, as its name suggests, it allows users to simply plug in a device and immediately start using it without configuring it. For instance, a network printer can be accessed by any device on the network without having to install the printer in the device. It is not advisable to have UPnP enabled unless you regularly use P2P apps, gaming servers, or VoIP programs. In order to find how to disable UPnP, simply run a Google search with the name of your router manufacturer and disable UPnP. For example, disable UPnP in D-Link router, and you’ll get the specific instructions.

 

5. Do not enable port forwarding

Generally, in any router port forwarding is turned off by default. The router uses it to route network requests via IP to specific devices on the network also bypassing the network firewall. Unless you have an absolute need for it, like if you are using CCTV camera, you should keep port forwarding disabled. Because after you connect to the Internet, by default your external IP address is shared in the public domain. In case, port forwarding is enabled then the same connection can be hacked by anyone. You can disable port forwarding from the admin panel of your router.

 

6. Disable WPS in router

Wi-Fi protected set-up or WPS works similarly to UPnP and is likely to be enabled by default. It was devised to be used as a secure and faster way to connect a router to wireless devices. However, in recent few years, loopholes have been discovered. Thus, it was found that it made users susceptible to hacking especially those on personal Wi-Fi. Ever since it has been repeatedly advised to simply turn off the WPS from your router’s admin panel.

 

7. MAC-Address Filtering

If you have a fixed number of devices connecting to your router, then the best way forward is MAC address filtering. MAC address is a device’s unique network address. With MAC filtering you can allow only specific MAC addresses to access the WiFi. This way you can further secure your network apart from the above seven steps.

This will prevent your WiFi from hackers as the computers which are not in the list will not be able to connect to your network.

Stay Connected – Stay Safe
The crux of the matter is, that irrespective of whether or not you have successfully configured multiple devices on your wireless network, you are not safe. It is high time, you prioritise and address the security concerns of your home Wi-Fi. Make sure your network is secure, keep a tab on unwelcome internet users and look out for any suspicious behaviour on your network. Last but not the least, turn off the Wi-Fi router when not in use.

The above ways might not guarantee a fool proof way to secure your network, but these steps will certainly minimise risks. As far as security flaws are concerned, these seven methods are the simplest ways to ensure security of your personal data in the long-run. If you need help contact us.

Provides The Specialized IT Support

 

Sam’s Tech provides the specialized IT support that can help you achieve your business goals. With computer network support that is better mapped to your everyday business processes, you can finally focus on running your business. We offer the computer repair and network solutions that can drive your business to become more profitable, productive, and stress-free.

Offers free internet access

Offers free internet access under ‘Zero’ plan.

Free internet service is provided under the free usage tier. For the first 2 days following your sign-up date, you get up to 30 mins – 500MB of free service each day.

When your free usage tier expires, you can pay standard, pay-as-you-go service rates after subscribing to any of our services under prices and plans.

Click here to apply for free tier

*No Fee,

Just Self Regeneration!.

Happy night free unlimited internet

 

 Free Unlimited Internet Access 11PM till 5AM

Valid to 29 – July –  2017

 

Sams Tech Networks always happy to serve you

Welcome to Sam’s Tech – IT Support Solutions and Service Management,

Internet Service Provider Cable & Wireless.

Fastest, Cheapest, and Most Reliable!

We always happy to serve you!

#ITSolutions  #Service #ISP #WISP #Internet

WiFi disconnects on sleep mode, iPhone / iOS devices? Problem solved!

 

Some iOS versions seem to have a problem with Wi-Fi, that disconnects every time the iPhone is locked. This is due to the battery saving settings, that by default are set to disconnect from Wi-Fi while on standby.

Even though it may seem like a nice feature for battery saving, it probably has some problems. While some devices switch off and on the radios when needed (for example, the radio switches on again when an email / push notification is coming through), some others experience problems with the wifi radio, that doesn’t switch back on when needed. This issue may be caused by some changes to settings you made in the past, while resetting your devices.

When this problem occurs, and wifi disconnects everytime the phone is locked, it is one of the most annoying things in the world. For example, users that use Whatsapp as their primary messaging app don’t get Whatsapp notifications anymore – or, that is worst, Whatsapp uses mobile data for its push notifications while the phone is in sleep mode, consuming the users’ data plans even if they’re in a Wi-Fi area.

Some made some tests with Apple devices (iPhone 6s, iPad, iPod running the latest iOS versions). Posts in the Apple official community suggest that the issue is in the channel configuration of your router, but all our tests confirmed that this problem has nothing to do with the router configuration, the channels, or  the network settings in general.

All our devices disconnected from wifi while on stand by – sleep mode – screen off – phone locked: the only procedure that worked to make them behave “normally” (no disconnections anymore) is the one that is described on the internet.

Please consider that we doesn’t take any responsibility for the described procedure and its consequences. It only worked for our devices, ok? By following the instructions, you will basically disable the POWER SAVING mode that causes this issue. This procedure can have different consequences on your device’s performances… please do it carefully.

if anyone has a better alternative, please let us know… :)

 

INSTRUCTIONS BY MONAL.IM

  1. Turn wifi on (doesn’t matter if you connect to a wifi network now or later, but the wifi toggle must be on). If your ios device supports mobile data, turn it off for now.
  2. Turn off the device (by keeping the sleep button pressed and then swiping)
  3. Wait 30s
  4. Turn it on
  5. After the home screen loads, reset it (hold the home and sleep buttons down and keep holding until you see the apple logo)
  6. That’s it.

Please let us know if we can be of further assistance