ApacheCon 2016

The new HTTP/2 protocol and the corresponding TLS/SSL are common to Traffic Server, HTTP Server and Tomcat. The presentation will shortly explain the new protocol and the ALPN extensions and look to the state of the those in our 3 servers and show the common parts and the specifics of each servers. A demo configuration of each server will be run.

Django + httpd (Jeff Trawick, emptyhammock.com) - Django applications can be deployed with httpd in several different ways, and other references commonly recommend mod_wsgi as the interface. This presentation will cover pros and cons of different interfaces but promote a mod_proxy-based mechanism, showing recommended configuration and exploitation by the application of advanced features. The key aspects of a real world application deployment orchestrated with Ansible will be explained.

Jim will talk about the Reverse Proxy capability in Apache 2.4.x

The extensive work over the years on the proxy modules has given httpd a degree of flexibility and intelligence that rivals some hardware load balancers. In this session, the speaker will discuss how a few features of different load balancing solutions line up and why mod_proxy/mod_proxy_balancer may be the best choice for you. After providing an overview of configuration directives, the session will begin exploring solutions to many problems that may arise in today's world of complex web applications and cloud-based systems where mod_proxy just makes it all that much easier.

Complicated load balancing setups? No problem! Misbehaving backend applications? Child's play! After this session, the functional basis will be set for handling nearly any proxy situation you can think of.

Thevast nature of the Web has forced researchers to continually develop advanced data acquisition strategies that overcome a multitude of obstacles in order to acquire relevant topical content and assimilate it with their needs. Many groups have researched focused Web crawling techniques in order to better guide their data acquisition efforts, however few approaches consider the scenario where one wishes to undertake DD on the open Web for which no prior semantic knowledge resources are available. Sujen and his team have investigated and developed a new application of the cosine similarity metric (CSM) which has been implemented as part of a novel strategy for domainspecificDD.

In this presentation, Sujen would review the recent work in focused crawling and the ability to run similarity scoring within a production ready, scalable Web crawler, Apache Nutch.

One of the major drivers of CDN capabilities is hosting user generated content. This is much more challenging than static content and although similar in many ways to video content delivery there are a number of distinct challenges.

This talk will cover the design basics of Yahoo's next generation CDN. The overall architecture will be described followed by an examination of how this supports rapid delivery of very large sets of user generated content. Trade offs with third party object storage vs. internally hosted content will be discussed and mechanisms for blending these, along with caching, to improve performance while managing costs. Multi-tenant issues will be examined, both at the level of handling differing requirements and how to build in adaptability for changing requirements.

The private key is the linchpin to web server authentication. If an attacker gains the private key to yahoo.com, he can set up another server that will authenticate without error as yahoo.com. In a content delivery network, the private key must be distributed to all Edge devices, creating a bigger attack surface. In this presentation, Susan and Dave describe how they augmented Apache Traffic Server using openssl engines to work with a CryptoProxy server hosted in a more secure location. They analyze the costs and benefits and show that not only does a CryptoProxy solution increase security but it also improves performance in many cases. While their solution uses Apache Traffic Server similar techniques could be used for other network servers.