Let me share with you my research on the web about the advantages and disadvantages of Lighttpd vs. Apache, and how it might possible affect your applications ins PHP. The following article is a compilation of what I have found on different sites on the net.

Lighttpd or “Lighty” is a lightweight webserver made with speed and load balancing in mind, Unlike Apache which comes with a lot of modules that consumes a lot of server resources. One of the features of Lighttpd is that it is an event-driven web server. It uses select/poll/epoll/kqueue from a single process/thread.

Now for the Pros and Cons: Read more »

I’ve recently found a very interesting and useful article from The Hacker Webzine on how to filter and log SQL Injections and Cross-site Scripting by using Apache’s .htaccess in this article.

From the article, you need to insert these lines to your .htaccess

Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} ("|%22).*(>|%3E|< |%3C).* [NC]
RewriteRule ^(.*)$ log.php [NC]
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC]
RewriteRule ^(.*)$ log.php [NC]
RewriteCond %{QUERY_STRING} (javascript:).*(;).* [NC]
RewriteRule ^(.*)$ log.php [NC]
RewriteCond %{QUERY_STRING} (;|'|"|%22).
*(union|select|insert|drop|update|md5|benchmark|or|and|if).* [NC]
RewriteRule ^(.*)$ log.php [NC]
RewriteRule (,|;|< |>|'|`) /log.php [NC]

Read more »

In my work, we had a server migration to relocate all of our files to a newer server to handle our company’s increasing load. However, something unexpected happened. In testing our PHP codes to ensure integrity, we had encountered a very strange bug. In some pages, includes, classes and functions began to have 2 or 3 instances in a page instead of having just one. Read more »