the next door (so called) geek @rakkimk | your next door geek | friend | blogs mostly on technology, and gadgets.

People do want to remove this header as a part of some of their security audit that claims to know the server software running their site, and that knowledge will make an attacker craft malicious attacks known for that server version. If you are on latest versions of any server side framework, you should be good. But, some think it is always a good idea to remove that.

In PHP, you have to set the expose_php setting to Off to hide the PHP version information from the response headers. In Windows Azure Web Site, you can have optional .user.ini file where some of the PHP settings can be overridden. You can look at the steps mentioned in this article. For example, look at this blog by one of my colleague talking about increasing the upload limit for the files. However, there are a few core PHP settings that cannot be overridden from this .user.ini file. Don’t worry, WAWS gives you an option to host your custom PHP runtime. This article has steps for the same.

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
    <rewrite>
      <outboundRules>
                <rule name="Set PoweredBy Header" preCondition="IsHtml">
                    <match serverVariable="RESPONSE_X_Powered_By" pattern="(.+)" />
                    <action type="Rewrite" value="" />
                </rule>
                <preConditions>
                    <preCondition name="IsHtml">
                        <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
                   </preCondition>
                </preConditions>
      </outboundRules>
    </rewrite>
    </system.webServer>
</configuration>

Hope this helps!

Users moving to Windows Azure Web Sites (WAWS) is increasing day by day. Happy to see many of the PHP websites being hosted with WAWS. If you are hosting your high traffic website with WAWS, I would like you to consider increasing the queueLength property of FastCGI handler for PHP that handles your request. By default, the value for queueLength property is 1000, which means only 1000 concurrent requests can be in the queue getting processed. For a many high traffic websites, this might seem to be a low number, and you would start seeing 503 errors in your instance logs.

With help from David Ebbo from the WAWS Product Team here at Microsoft, I was able to tweak this number with the below steps.

Steps to increase FastCGI PHP on Windows Azure Web Sites

1. Create a file named applicationhost.xdt under /SiteExtensions/<YourFolder>

Login to your website root using FTP, and create a folder /SiteExtensions. Create another folder inside it with some name, in this case, you can name it PHPQueueLength. This name is not important. Now, create a file inside that folder named applicationHost.xdt, and the content of the file is below. This specifically looks for the version PHP 5.4. If you are using a different version, then please change it to the appropriate path. Take help from the steps mentioned in this page that will let you download the copy of applicationHost.config.

<?xml version="1.0"?>

<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">

    <system.webServer>

      <fastCgi>

<application xdt:Locator="Match(fullPath)" xdt:Transform="SetAttributes(queueLength)" fullPath="D:\Program Files (x86)\PHP\v5.4\php-cgi.exe" queueLength="5000">

            </application>

       </fastCgi>

    </system.webServer>

</configuration>

2. Create an App Setting called WEBSITE_PRIVATE_EXTENSIONS for the website, with a value 1.

Login to your Azure Management portal. You can find the App Settings for your website under the ‘CONFIGURE’ tab of your website. Add a new configuration setting with name WEBSITE_PRIVATE_EXTENSIONS and value 1.

3.  Restart the site from your management portal.

You can verify if this transform is applied. You could follow the steps mentioned in this page, under the ‘Debugging private Extensions’ section. This configuration will definitely help you getting rid of those server errors which are of 503s for PHP processing. However, you should still work on to see if there are any requests taking more time to get processed, and debug the same.

Here are a few blog articles which can help you to debug slow running PHP pages in WAWS, if you aren’t aware of them already.

http://blogs.msdn.com/b/asiatech/archive/2013/11/15/azure-websites-find-php-performance-bottleneck.aspx

http://ruslany.net/2013/01/php-troubleshooting-in-windows-azure-web-sites

Happy hosting with WAWS!