Skip to content. | Skip to navigation

Sections
Personal tools
You are here: Home News & views WebLion Hosting 1.1 Released

Posted Mar 25, 2009

WebLion Hosting 1.1 Released

by Erik Rose

If you use WebLion's hosting service, your server has just been updated with the latest tweaks for security, performance, and convenience.

Gentle users of WebLion Hosting:

I'm pleased to announce the release of WebLion Hosting 1.1. This means that your server was upgraded around 4am last night to include the following:

  • Access Account-based ssh, for those of you who log into your servers using ssh
  • ssh on a more obscure port and no more root ssh login, for a little more resistance to opportunistic scripted attacks. Log in using your personal account and use su if you have/need root access.
  • Nightly ZODB packing, for more efficient use of disk space
  • ZEO log rotation
  • Lower KeepAliveTimeout for Apache to better withstand high-traffic periods
  • Client-side slash normalization, so all the ways of getting to the same page are merged in Google Analytics
  • Possibility for Squid to cache even for authenticated users, potentially greatly speeding logged in performance. Please revisit your machines' CacheFu settings to take advantage of this. I'm available to help.
  • Larger Squid max cached object size (200MB, up from 10MB), meaning large PDFs, movies, and such can be cached
  • Improvements to the Apache configuration inversion-of-control framework ([6611], [6694], [7088]):
    • Added a more generic pre-proxying hook, prepare-to-proxy.conf and prepare-to-proxy-https.conf. This will let me insert other things prior to proxying, even in additional vhosts created by local admins (or me). Fixes #1164 incidentally.
    • Commented out the guts of serve-zmi-over-https.conf, since WebServerAuth takes care of that (see #320).
    • Quit clearing the HTTP_X_REMOTE_USER header in the alias vhost example. What was the point? The thing we redirect to will do it.
    • Went ahead and included RewriteEngine On in normalize-slashes.conf. Why not make it easy on callers?
    • Took allow-proxying.conf out of proxy-url-root-to-plone-root*.conf; they're done in preare-to-proxy*.conf.
    • Stopped passing user-generated malicious PURGE requests through to Squid. Fixes #870.
  • New WebServerAuth, supporting customization of where the challenge handler and login link send users.

Things on the docket for the next release are listed here.

Enjoy the improvements, and let me know if you encounter any weirdnesses!

Document Actions
Need help now?

Immediate assistance is available during university work hours:

News & views…
Posted Oct 13, 2009 Portlets gone wild with ContentWellPortlets 2.0.1 This new release adds the ability to add portlets to the footer area. It also has 6 portlet managers per area. This means 20 total portlet managers including the 2 on the sides that ship with plone.
Posted Sep 17, 2009 Plone 4 – An interview with Zope News Jan Ulrich Hasecke interviews me for Zope News.
Posted Aug 31, 2009 Web Services API for Plone Alpha 3 Release Details the release of the wsapi4plone.core package and the plans for future releases. The final report of the AtomPub for Plone Google Summer of Code project.
Posted Aug 28, 2009 Content editing and creation in Plone is faster with archetypes.schematuning Some bench marks of content editing and creation in Plone with and without archetypes.schematuning installed.
More news & views…