Joomla Website Performance

SEO and PERFORMANCE

http://www.joomlaaa.com/Joomla-Articles/optimization/How-can-I-make-my-Joomla-site-load-faster.html

http://www.joomlaperformance.com

http://www.websiteoptimization.com

http://www.pathos-seo.com/joomla-technical-optimization/making-a-faster-joomla-website.html

http://www.pathos-seo.com/joomla-technical-optimization/making-a-faster-joomla-website.html

 

http://www.wzcreativetechnology.com/joomla-tips-and-tricks/74-how-to-make-joomla-site-load-fast.html

http://extensions.joomla.org/extensions/site-management/cache/7350

http://www.open-source-depot.com/archives/13-MySQL-Performance-Tip-on-CentOS4-on-GoDaddy.html

http://www.open-source-depot.com/archives/13-MySQL-Performance-Tip-on-CentOS4-on-GoDaddy.html

http://www.cyberciti.biz/tips/enable-the-query-cache-in-mysql-to-improve-performance.html

 

http://forum.joomla.org/viewtopic.php?f=433&t=344013l

http://kb.siteground.com/article/How_to_optimize_a_MySQL_database_using_phpMyAdmin.html

http://www.electrictoolbox.com/mysql-optimize-table-cli/

http://forum.joomla.org/viewtopic.php?p=1250059

http://kb.siteground.com/article/How_to_optimize_a_MySQL_database.html

http://developer.yahoo.com/performance/rules.html

http://www.mightyjoomla.com/Joomla-Tips-Tricks/enable-and-use-gzip-compression-in-joomla-cms-to-enhance-website-performance.html

http://forum.joomla.org/viewtopic.php?t=50278

 

 

www.websiteoptimization.com/services/analyze/

 

http://forum.joomla.org/viewtopic.php?t=50278

http://www.phpmagicbook.com/htaccess-essential-tricks-for-blog-website-performance-a-guide/

http://www.dquinn.net/htaccess-adding-etags-gzip-expires-headers/

Tagged : / / / / / / / /

20 Great Google Secrets

http://www.pcmag.com/article2/0,4149,1306756,00.asp

 

excl.gif No Active Links, Read the Rules – Edit by Ninja excl.gif

 

Google is clearly the best general-purpose search engine on the Web (see www.pcmag.com/searchengines

 

But most people don’t use it to its best advantage. Do you just plug in a keyword or two and hope for the best? That may be the quickest way to search, but with more than 3 billion pages in Google’s index, it’s still a struggle to pare results to a manageable number.

 

But Google is an remarkably powerful tool that can ease and enhance your Internet exploration. Google’s search options go beyond simple keywords, the Web, and even its own programmers. Let’s look at some of Google’s lesser-known options.

 

Syntax Search Tricks

 

Using a special syntax is a way to tell Google that you want to restrict your searches to certain elements or characteristics of Web pages. Google has a fairly complete list of its syntax elements at

 

www.google.com/help/operators.html

 

. Here are some advanced operators that can help narrow down your search results.

 

Intitle: at the beginning of a query word or phrase (intitle:”Three Blind Mice”) restricts your search results to just the titles of Web pages.

 

Intext: does the opposite of intitle:, searching only the body text, ignoring titles, links, and so forth. Intext: is perfect when what you’re searching for might commonly appear in URLs. If you’re looking for the term HTML, for example, and you don’t want to get results such as

 

www.mysite.com/index.html

 

, you can enter intext:html.

 

Link: lets you see which pages are linking to your Web page or to another page you’re interested in. For example, try typing in

 

link:http://www.pcmag.com

 

Try using site: (which restricts results to top-level domains) with intitle: to find certain types of pages. For example, get scholarly pages about Mark Twain by searching for intitle:”Mark Twain”site:edu. Experiment with mixing various elements; you’ll develop several strategies for finding the stuff you want more effectively. The site: command is very helpful as an alternative to the mediocre search engines built into many sites.

 

Swiss Army Google

 

Google has a number of services that can help you accomplish tasks you may never have thought to use Google for. For example, the new calculator feature

 

(www.google.com/help/features.html#calculator)

 

lets you do both math and a variety of conversions from the search box. For extra fun, try the query “Answer to life the universe and everything.”

 

Let Google help you figure out whether you’ve got the right spelling—and the right word—for your search. Enter a misspelled word or phrase into the query box (try “thre blund mise”) and Google may suggest a proper spelling. This doesn’t always succeed; it works best when the word you’re searching for can be found in a dictionary. Once you search for a properly spelled word, look at the results page, which repeats your query. (If you’re searching for “three blind mice,” underneath the search window will appear a statement such as Searched the web for “three blind mice.”) You’ll discover that you can click on each word in your search phrase and get a definition from a dictionary.

 

Suppose you want to contact someone and don’t have his phone number handy. Google can help you with that, too. Just enter a name, city, and state. (The city is optional, but you must enter a state.) If a phone number matches the listing, you’ll see it at the top of the search results along with a map link to the address. If you’d rather restrict your results, use rphonebook: for residential listings or bphonebook: for business listings. If you’d rather use a search form for business phone listings, try Yellow Search

 

(www.buzztoolbox.com/google/yellowsearch.shtml).

 

www.BangaloreOrbit.com

Oline Portal for Bangalore and Karnataka People                                                               n

Tourist Destination | Pilgrims Destination | News | Forum | Games | Jobs | Groups |

Taste of Kannada | Bangalore Darshan | Latest Event |

Tagged : / / / /

Log Management Tools using splunk and other alternatives

Splunk

Splunk (the product) captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.
Splunk aims to make machine data accessible across an organization and identifies data patterns, provides metrics, diagnoses problems and provides intelligence for business operation. Splunk is a horizontal technology used for application management, security and compliance, as well as business and web analytics.Splunk has over 7,900 customers worldwide.

Graylog2 + Elasticsearch + MongoDB

based on elastic search and Open Source. Graylog2 has powerful real-time text-based search, basic analytics, dashboards, and flexible alerts. Graylog2 is under heavy development. Graylog2 is Java. Both are no real equivalent to SPLUNK, SPLUNK is multiple years ahead, but it’s possible that these tools are also meet your requirement. Graylog2 is an open source log management system. It’s built with Ruby on Rails and MongoDB and uses its own JSON-based log format called GELF (Graylog Extended Log Format).

Apache Flume + Elastic Search + Apache Lucene
Cloudera CTO Jeff Hammerbacher suggests using Apache Flume, an open source log aggregation tool, and Elastic Search, an open source search system based on Apache Lucene, to create an open source log file search system

Fluentd + Elasticsearch + Kibana

Elasticsearch is an open source search engine known for its ease of use.
Kibana is an open source Web UI that makes Elasticsearch user friendly for marketers, engineers and data scientists alike.
Fluentd is an open source data collector, which lets you unify the data collection and consumption for a better use and understanding of data.
By combining these three tools (Fluentd + Elasticsearch + Kibana) we get a scalable, flexible, easy to use log search engine with a great Web UI that provides an open-source Splunk alternative, all for free.

Logstash + Elasticsearch + Kibana

logstash is a tool for managing events and logs. You can use it to collect logs, parse them, and store them for later use (like, for searching). Speaking of searching, logstash comes with a web interface for searching and drilling into all of your logs.It is fully free and fully open source. The license is Apache 2.0, meaning you are pretty much free to use it however you want in whatever way.setting it up is way more complicated than setting up Splunk, but it offers similar – but not as complete – feature set. Elasticsearch is an open source search engine known for its ease of use. Kibana setting it up is way more complicated than setting up Splunk, but it offers similar – but not as complete – feature set.

Elasticsearch <=> Indexer
Logstash <=> Heavy Forwarder
Kibana <=> Search Head

OpenTSDB
OpenTSDB is an open source database sponsored by StumbleUpon. It’s designed for aggregating and visualizing machine data. It’s built on top of Apache Hbase and boasts the ability to “collect many thousands of metrics from thousands of hosts and applications, at a high rate (every few seconds).”

Sumo Logic
Sumo Logic is a cloud-based log management and analytics service that leverages machine-generated big data to deliver real-time IT insights

Reference – 
http://softwarerecs.stackexchange.com/questions/16/free-equivalent-for-splunk-log-manager
http://docs.fluentd.org/articles/free-alternative-to-splunk-by-fluentd
http://www.infoworld.com/article/2610524/log-analysis/splunk-feels-the-heat-from-stronger–cheaper-open-source-rivals.html

http://kmlbblog.co.in/entries/general/splunk-vs-elk-elasticsearch-logstash-kibana

 

Tagged : / / / / / / / / / / / /

Know about Certificates and SSLs

DRAFT VERSION

HTTPS

Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol with the SSL/TLS protocol to provide encrypted communication and secure identification of a network web server. HTTPS connections are often used for payment transactions on the World Wide Web and for sensitive transactions in corporate information systems.

Secure socket layer (SSL): how it works

1.   An SSL certificate enables encryption of sensitive information during online transactions.

2.   Each SSL certificate is a unique credential identifying the certificate owner.

3.   A certificate Authority authenticates the identity of a certificate owner before it is issued.
What is SSL and Certificate

SSL and Certificates

The Secure Socket Layer protocol was created by Netscape to ensure secure transactions between web servers and browsers. The protocol uses a third party, a Certificate Authority (CA), to identify one end or both end of the transactions. This is in short how it works.

  • A browser requests a secure page (usually https://).
  • The web server sends its public key with its certificate.
  • The browser checks that the certificate was issued by a trusted party (usually a trusted root CA), that the certificate is still valid and that the certificate is related to the site contacted.
  • The browser then uses the public key, to encrypt a random symmetric encryption key and sends it to the server with the encrypted URL required as well as other encrypted http data.
  • The web server decrypts the symmetric encryption key using its private key and uses the symmetric key to decrypt the URL and http data.
  • The web server sends back the requested html document and http data encrypted with the symmetric key.
  • The browser decrypts the http data and html document using the symmetric key and displays the information.

What Happens When a Web Browser Connects to a Secure Website?

  • A browser attempts to connect to a Web site secured with SSL.

keytool -genkey -alias bf-sandbox -keyalg RSA -keystore buildForgeKeyStore.p12 -keysize 2048

[root@ tmp]# keytool -genkey -alias bf-sandbox -keyalg RSA -keystore buildForgeKeyStore.p12 -keysize 2048
Enter key store password: XXXX
Enter key password for : XXX

You are about to enter information that will be incorporated into
your certificate request.  This information is what is called a
Distinguished Name or DN.  There are quite a few fields but you
can use supplied default values, displayed between brackets, by just
hitting , or blank the field by entering the character
before hitting .

keytool -certreq -sigalg RSA -alias bf-sandbox -file bf-sandbox.csr -keystore buildForgeKeyStore.p1Insallation Certificates in BuildForge

Point 1: You would need to update the bfclient.conf to make Build Forge aware of the certifications. As long as the certificates are in the correct it will work with Build Forge.

Point 2: The easiest way to update the cert would be change the new cert name to the name of the previous cerr. Then update the passwords.

Point 3:
Please use the following command to validate the keystore:

keytool -list -storetype pkcs12 -keystore fullyQualifiedNameOfFile.p12 -v

 

The Symmetric key

Well, Private Key/Public Key encryption algorithms are great, but they are not usually practical. It is asymmetric because you need the other key pair to decrypt. You can’t use the same key to encrypt and decrypt. An algorithm using the same key to decrypt and encrypt is deemed to have a symmetric key. A symmetric algorithm is much faster in doing its job than an asymmetric algorithm. But a symmetric key is potentially highly insecure. If the enemy gets hold of the key then you have no more secret information. You must therefore transmit the key to the other party without the enemy getting its hands on it. As you know, nothing is secure on the Internet. The solution is to encapsulate the symmetric key inside a message encrypted with an asymmetric algorithm. You have never transmitted your private key to anybody, then the message encrypted with the public key is secure (relatively secure, nothing is certain except death and taxes). The symmetric key is also chosen randomly, so that if the symmetric secret key is discovered then the next transaction will be totally different.

Symetric Key–>[Public Key]–>Encrypted Symetric Key–>[Private Key]–>Symetric Key

Encryption algorithm:

There are several encryption algorithms available, using symmetric or asymmetric methods, with keys of various lengths. Usually, algorithms cannot be patented, if Henri Poincare had patented his algorithms, then he would have been able to sue Albert Einstein… So algorithms cannot be patented except mainly in USA. OpenSSL is developed in a country where algorithms cannot be patented and where encryption technology is not reserved to state agencies like military and secret services. During the negotiation between browser and web server, the applications will indicate to each other a list of algorithms that can be understood ranked by order of preference. The common preferred algorithm is then chosen. OpenSSL can be compiled with or without certain algorithms, so that it can be used in many countries where restrictions apply.

The Hash:

A hash is a number given by a hash function from a message. This is a one way function, it means that it is impossible to get the original message knowing the hash. However the hash will drastically change even for the slightest modification in the message. It is therefore extremely difficult to modify a message while keeping its original hash. It is also called a message digest. Hash functions are used in password mechanisms, in certifying that applications are original (MD5 sum), and in general in ensuring that any message has not been tampered with. It seems that the Internet Enginering Task Force (IETF) prefers SHA1 over MD5 for a number of technical reasons (Cf RFC2459 7.1.2 and 7.1.3).

Signing:

Signing a message, means authentifying that you have yourself assured the authenticity of the message (most of the time it means you are the author, but not neccesarily). The message can be a text message, or someone else’s certificate. To sign a message, you create its hash, and then encrypt the hash with your private key, you then add the encrypted hash and your signed certificate with the message. The recipient will recreate the message hash, decrypts the encrypted hash using your well known public key stored in your signed certificate, check that both hash are equals and finally check the certificate.
The other advantage of signing your messages is that you transmit your public key and certificate automatically to all your recipients.
There are usually 2 ways to sign, encapsulating the text message inside the signature (with delimiters), or encoding the message altogether with the signature. This later form is a very simple encryption form as any software can decrypt it if it can read the embedded public key. The advantage of the first form is that the message is human readable allowing any non complaint client to pass the message as is for the user to read, while the second form does not even allow to read part of the message if it has been tampered with.

PassPhrase:

“A passprase is like a password except it is longer”. In the early days passwords on Unix system were limited to 8 characters, so the term passphrase for longer passwords. Longer is the password harder it is to guess. Nowadays Unix systems use MD5 hashes which have no limitation in length of the password.

Public Key Infrastructure

The Public Key Infrastructure (PKI) is the software management system and database system that allows to sign certifcate, keep a list of revoked certificates, distribute public key,… You can usually access it via a website and/or ldap server. There will be also some people checking that you are who you are… For securing individual applications, you can use any well known commercial PKI as their root CA certificate is most likely to be inside your browser/application. The problem is for securing e-mail, either you get a generic type certificate for your e-mail or you must pay about USD100 a year per certificate/e-mail address. There is also no way to find someone’s public key if you have never received a prior e-mail with his certificate (including his public key).

Tagged : / / / / / / / /

npm – Node Packaged Modules

Install a package
SYNOPSIS

npm install (with no args in a package dir)
npm install <tarball file>
npm install <tarball url>
npm install <folder>
npm install <name> [–save|–save-dev|–save-optional]
npm install <name>@<tag>
npm install <name>@<version>
npm install <name>@<version range>
npm i (with any of the previous argument usage)

This command installs a package, and any packages that it depends on. If the package has a shrinkwrap file, the installation of dependencies will be driven by that. See npm-shrinkwrap(1).

A package is:

a) a folder containing a program described by a package.json file
b) a gzipped tarball containing (a)
c) a url that resolves to (b)
d) a <name>@<version> that is published on the registry with (c)
e) a <name>@<tag> that points to (d)
f) a <name> that has a “latest” tag satisfying (e)
g) a <git remote url> that resolves to (b)

Even if you never publish your package, you can still get a lot of benefits of using npm if you just want to write a node program (a), and perhaps if you also want to be able to easily install it elsewhere after packing it up into a tarball (b).

 

More info …

https://npmjs.org/doc/install.html

Tagged : / / /

JSHINT

JSHint is a community-driven tool to detect errors and potential problems in JavaScript code and to enforce your team’s coding conventions. It is very flexible so you can easily adjust it to your particular coding guidelines and the environment you expect your code to execute in. JSHint is open source and will always stay this way.

goal

The goal of this project is to help JavaScript developers write complex programs without worrying about typos and language gotchas.

Any code base eventually becomes huge at some point, and simple mistakes—that would not show themselves when written—can become show stoppers and waste hours of debugging. And this is when static code analysis tools come into play and help developers to spot such problems. JSHint scans a program written in JavaScript and reports about commonly made mistakes and potential bugs. The potential problem could be a syntax error, a bug due to implicit type conversion, a leaking variable or something else.

Only 15% of all programs linted on this website pass the JSHint checks. In all other cases, JSHint finds some red flags that could’ve been bugs or potential problems.

Please note, that while static code analysis tools can spot many different kind of mistakes, it can’t detect if your program is correct, fast or has memory leaks. You should always combine tools like JSHint with unit and functional tests as well as with code reviews.

 

How to install and verify version:

npm install jshint

which jshint
/usr/local/bin/jshint

/usr/local/bin/jshint -version
jshint v2.3.0

Tagged : / / / /

Know about nodejs?

What is nodejs?

Node.js untangles concurrency by replacing the Java platform’s standard, multithreaded approach with single-threaded, event-driven I/O.

Node.js (Node) is an I/O environment built on top of Google Chrome’s JavaScript runtime — essentially, a server-side implementation of JavaScript. Node’s asynchronous, event-driven I/O model makes it easy for developers with JavaScript knowledge to build high-performing, scalable, and highly concurrent web applications rapidly and run them in the cloud.

Tagged : / / / /

Java Command Line Options

-client       to select the “client” VM
-server       to select the “server” VM
-hotspot      is a synonym for the “client” VM  [deprecated]
The default VM is client.

-cp <class search path of directories and zip/jar files>
-classpath <class search path of directories and zip/jar files>
A ; separated list of directories, JAR archives,
and ZIP archives to search for class files.
-D<name>=<value>
set a system property
-verbose[:class|gc|jni]
enable verbose output
-version      print product version and exit
-version:<value>
require the specified version to run
-showversion  print product version and continue
-jre-restrict-search | -jre-no-restrict-search
include/exclude user private JREs in the version search
-? -help      print this help message
-X            print help on non-standard options
-ea[:<packagename>…|:<classname>]
-enableassertions[:<packagename>…|:<classname>]
enable assertions
-da[:<packagename>…|:<classname>]
-disableassertions[:<packagename>…|:<classname>]
disable assertions
-esa | -enablesystemassertions
enable system assertions
-dsa | -disablesystemassertions
disable system assertions
-agentlib:<libname>[=<options>]
load native agent library <libname>, e.g. -agentlib:hprof
see also, -agentlib:jdwp=help and -agentlib:hprof=help
-agentpath:<pathname>[=<options>]
load native agent library by full pathname
-javaagent:<jarpath>[=<options>]
load Java programming language agent, see java.lang.instrument
-splash:<imagepath>
show splash screen with specified image

Tagged : / / /