ãµã€ãã®èªèšŒãšç»é²ã®ã¢ã«ãŠã³ãã«ããã€ãã®ä»®å®ã远å ããã€ããã§ããããç¡ç äžè¶³ããããŸãã¯ä»æ¥é£²ãã å€ãã®ã³ãŒããŒãããç§ã¯èéã«åŒã蟌ãŸããŸããã ããã€ãã®ã¡ã¢ãã¹ã±ããããŸããã ããªãèªèº«ã®äžã«ã¯äœãæ°ãããã®ãèŠã€ãã人ãããã°ã誰ããããªãã®ããã«æ°ããã«ãŒã«ãæããŠããããããããªããã誰ããç§ãä¿®æ£ããŠã¬ãã¹ã³ãäžããŠããããããããŸããã 以äžã¯ãããŒã¿ããŒã¹ã®æäœã«é¢ããæ³šæäºé ã§ããããã«äœãã®ã¯ããµãŒããŒèªäœã®æäœãªã©ã«é¢ããæ³šæäºé ã§ãã
ããå§ããŸããã
å®éãéåžžãç§ãã€ã³ã¿ãŒãããã§èŠã€ããã»ãšãã©ãã¹ãŠã®èšäºã¯ããµã€ãäžã®ç»é²/æ¿èªã¡ã«ããºã ããŸãã¯ãã®ãããªã¡ã«ããºã ã®ã»ãã¥ãªãã£ã«ã€ããŠè©±ããŸãã ãã®ãšã³ããªã¯ããªãarbitraryæçã§ããããµã€ãäžã®ç»é²/æ¿èªã¡ã«ããºã ã®ããžãã¯ã®äž»èŠãªç¬éãå«ãå¯èœæ§ããããŸãã
0ïŒãŠãŒã¶ãŒanycolorã«ããã³ã¡ã³ãïŒ
PHPã¯ãcrypt颿°ã®äœ¿çšãæšå¥šããŠããŸãã md5ã«ã€ããŠã¯å¿ããŠãã ããã php 5.5ã®ç»å Žã«ããããã¹ã¯ãŒããèšå®ããããã®çµã¿èŸŒã¿é¢æ°ãæ¢ã«ååšããããã«ãªããŸãã
Md5ã¯ä»¥äžã§äœ¿çšãããŠããŸããã代ããã«cryptïŒïŒãç¹å¥ãªåé¡ã«ãªããšã¯æããŸããã
ããã«ã alexkbsã瀺åããããã«ïŒ
ææ°ã®å ¬çã«ã¢ã¯ã»ã¹å¯èœãªããŒããŠã§ã¢äžã®md5ïŒmd5ïŒïŒïŒã«ãœã«ãã§ãã£ãã·ã¥ããã4æ¡ãã7æ¡ã®å°ããªã©ãã³æåãšæ°åã®ãã¹ãŠã®ãã¹ã¯ãŒãã¯ã1å以å ã«æŽçã§ããŸãã ãªã³ã¯
ãŠãŒã¶ãŒãã«ãã³ãä¿ããããã«ãèæ ®ããããšã¯çã«ããªã£ãŠããŸãïŒ
bcryptã¯ããã¹ã¯ãŒãä¿è·ãä¿åããããã«èšèšãããé©å¿æå·åããã·ã¥é¢æ°ã§ãã ãã°ã«åºã¥ããŠããŸãã Wiki
PBKDF2ïŒè±èªã®ãã¹ã¯ãŒãããŒã¹ã®ããŒæŽŸç颿°ïŒã¯ããã¹ã¯ãŒãããŒã¹ã®ããŒçææšæºã§ãã ãŠã£ã
1ïŒãã¹ã¯ãŒããå¡©ã§ä¿åããŸãã
æ toã®ããããã¹ãŠãæžãæããããšãããã³ä»¥äžã®ç¡æå³ãã¯å ã®æçš¿ãžã®ãªã³ã¯ã§ãããããããã¯äžéšã®ã¿ãåãäžããŸãã
ãªã³ã¯
ããã·ã¥ãã¹ã¯ãŒãã®éžæãåé¿ããããïŒäžéšã®ã€ã³ã¿ãŒããããµãŒãã¹ã¯ãã®ãµãŒãã¹ãç¡æããã³ç¡æã§æäŸããŠããŸãïŒããããåŽã«è¡ã£ãå ŽåïŒããŒã¿ããŒã¹ãªãŒã¯ãªã©ïŒã
ãã¹ã¯ãŒãã¯æå·åããã圢åŒã§ä¿åãããŸãããåãŠãŒã¶ãŒã«åºæã®ã©ã³ãã ãªæåãããã€ã远å ããŸãïŒãããããœã«ãïŒã ããã«è¯ãããšã«ãå¡©ã§äºéã®md5ãç¶æããŸãã ãã®æ¹æ³ã§ãããã³ã°ããããšã¯ã»ãšãã©äžå¯èœã§ãã userããŒãã«ã«ã¯ã2ã€ã®ãã£ãŒã«ããå¿ èŠã§ãã
1.å¡©ãä¿ç®¡ããããã®å¡©ç°ã
2. md5ããã®ããã·ã¥ãä¿åããããã®ãã¹ã¯ãŒããã£ãŒã«ãïŒmd5ïŒãã¹ã¯ãŒãïŒ+ saltïŒã
ããšãã°ããŠãŒã¶ãŒèªèšŒïŒ
// $user â user
if (md5(md5($_POST['password']).$user['salt']) == $user['password']) {
// . !
}
å¡©ã¯ã©ãã§å ¥æã§ããŸããïŒ ç»é²ã¹ã¯ãªããã§æ°ãããŠãŒã¶ãŒããšã«ãœã«ããçæããå¿ èŠããããŸãã ãããè¡ãã«ã¯ãæ¬¡ã®æ©èœã䜿çšã§ããŸãã
function generateSalt() {
$salt = '';
$length = rand(5,10); // ( 5 10 )
for($i=0; $i<$length; $i++) {
$salt .= chr(rand(33,126)); // ASCII-table
}
return $salt;
}
æåãªãšã³ãžã³ã®ããŸããŸãªå¡©æŒ¬ããªãã·ã§ã³ïŒ
md5ïŒ$ passã$ saltïŒ-Joomlaã§äœ¿çš
md5ïŒmd5ïŒ$ passïŒã$ saltïŒ-vBulletinã§äœ¿çš
md5ïŒmd5ïŒ$ saltïŒ.md5ïŒ$ passïŒïŒ-æ°ããIP.Boardã§äœ¿çš
ãã®æ¹æ³ã«ããããµã€ãã§ããŒã¿ããŒã¹ãªãŒã¯ãçºçããå Žåã®ã»ãã¥ãªãã£ãå€§å¹ ã«åäžããŸãã
maximwã«ããã³ã¡ã³ãïŒ
ããã·ã¥ã®éãåããã䜿çšãããšãããã·ã¥æéãé·ããªããŸãããè¡çªã®å¯èœæ§ãé«ããªããŸãã ãããã£ãŠãæåã«é ãã¢ã«ãŽãªãºã ã䜿çšããæ¹ããéãã¢ã«ãŽãªãºã ãæ°å䜿çšãããããåªããŠããŸãã ãããã£ãŠãpnp.netã§ã¯ããããŒãã£ãã·ã¥ããã·ã¥ãæäŸããmd5ããã³sha1ã¢ã«ãŽãªãºã ã®äœ¿çšãæšå¥šããŠããŸããã
PHPã§ãœã«ããçæããããã®çŽ æŽãããuniqidïŒïŒé¢æ°ãããããã¬ãã£ãã¯ã¹ã䜿çšããŠãä¿èšŒãããäžæã®ãœã«ããç°¡åãã€è¿ éã«ååŸã§ããŸãã
2ïŒãã¹ã¯ãŒãæšæž¬æ¹æ³ãã管çè æš©éãååŸããããã«æ¬è³ªçãã€ç³»çµ±çã«é©çšãããŸãã ãŠãŒã¶ãŒã ãããããã®æ¹æ³ãããŸãåã³ããããããªãããã«ïŒå€ãã¯captchaãæãåºããŠæ£ããè¡ããŸãããcaptchaãè¡ãã¡ã«ããºã ã«é¢ä¿ãªãããããããã€ãã¹/èªèããã¢ã«ãŽãªãºã ãªã©ãåžžã«ååšããåŸåããããŸãïŒã ãã ãããã¹ã¯ãŒãã®æšæž¬ãéåžžã«é·ããŠèŠçãªããã»ã¹ã«å€ããã«ã¯ãèªèšŒé¢æ°ã®sleepïŒïŒé¢æ°ã®åœ¢åŒã®é å»¶ããŠãŒã¶ãŒããŒã¿æ€èšŒã³ãŒãèªäœã«è¿œå ããã ãã§ååã§ãã 誰ãããµã€ã¯ã«ãªã©ã远å ããŸãããèªè»¢è»ã®äŸ¡å€ã¯ãªããšæããŸãã åã ã®ãŠãŒã¶ãŒã®çŽ10ç§ã¯å¿ é ã§ã¯ãããŸãããã詊è¡ãããã³ã«+10ç§å»¶é·ãããŸãã åæã«ã1000åã®è©Šè¡ã¯ãã§ã«10,000ç§ã§ãããã»ãŒ3æéã«ãªããŸãã
ãã ãããã®å Žåãæ¿èªèŠæ±ã®äžŠååãååºŠèæ ®ããå¿ èŠããããŸãã ã€ãŸããå®éã«ã¯ã人ã¯ããã«ããã€ãã®æ¿èªèŠæ±ãã¹ããŒã§ãããããéžæãå€§å¹ ã«é«éåãããŸãã ãããã£ãŠããã®å¯èœæ§ãå¶éããå¿ èŠããããŸããã1ã€ã®ãããã€ããŒã®äžã«åº§ã£ãŠããè€æ°ã®ãŠãŒã¶ãŒãåŒãç¶ããã°ã€ã³ã§ããããã«ããããã§ãã å®éãäœããã®æ¹æ³ã§ãã°ã€ã³ããã°ããã®IPã®æ°ãã¡ã¢ãªã«ä¿æããäžå®ã®ã¿ã€ã ã¢ãŠãåŸã«ããããåé€ããå¿ èŠããããŸãã ã€ãŸããå®éã«ã¯ãããšãã°ã1ã€ã®IPãã15ç§éã®èš±å¯ã3åç¹°ãè¿ãããŸãã ããŒã¿ããŒã¹ã«åãIPã®3ã€ã®ã€ã³ã¹ã¿ã³ã¹ãååšããå Žåãã¹ãªãŒãæ©èœã§æ°ç§éã¹ãªãŒãç¶æ ã«ãªããå床ããã«ãã§ãã¯ããŸãããã®åŸãã1ã€ã®IPããã®èªèšŒè©Šè¡åæ°ãè¶ ããŸããã æ°ååŸã«è©ŠããŠã¿ãããç ãã«ã€ããŠããäžåºŠç¢ºèªããŠãã ããã ãã§ã«æå¿ããããŸãã èŠããŠããã¹ãäž»ãªããšã¯ãéå°ã«ã¡ã«ããºã ããªãŒããŒããŒããã䟡å€ã¯ãªãããµãŒããŒã®è² è·ã«æ¯äŸããŠçŽæ¥å¿çããããšã§ãã å®éããµãŒããŒã®ãã¡ã€ã¢ãŠã©ãŒã«ã¬ãã«ã§ããã«å·§åŠã«è¡åããããšãã§ããŸããããšãã°ãåãiptablesãåãIPããã®æ¥ç¶æ°ãå¶éããå¶éãè¶ ããŠããããããå ŽåããããŸãã ã¡ã¢ãæè¡çãªå®è£ ãããæ¬è³ªçã«è³¢æã§ãããšããäºå®ãèæ ®ããŠãç§ã¯èŠåãäžããŸããã
youloseãŠãŒã¶ãŒã®ããã³ãããšããŠïŒ
ã¹ãªãŒãã¯ééã£ã解決çã§ããããŸã.PHPã€ã³ã¿ãŒããªã¿ãŒã§ã¢ã€ãã«ã¹ã¬ããã䜿çšããã ãã§ãããããã¯å€ãã®ã¡ã¢ãªãæ¶è²»ããŸãããããã¯DOSæ»æã®å¥ã®ææ®µã§ããããããããã·ãµãŒããŒãä»ããŠãã®ãããªä¿è·ãåãããã¹ãã£ã³ã°ãç°¡åã«éä¿¡ã§ããŸãã nginxã®å Žåã¯limit_req_zoneããApacheã®å Žåã¯mod_evasiveã«ã€ããŠãèªã¿ãã ããã
æ€èšãã䟡å€ããããŸãã
ãŠãŒã¶ãŒãèªèšŒãé ãããšãæããªãããã«ããŠãŒã¶ãŒèªèº«ã®ããŒã¿ãä¿è·ããããã«äœãèµ·ãã£ãŠãããã«ã€ããŠã®ã¡ãã»ãŒãžã衚瀺ããããã»ã¹ãå®è¡äžã§ãã³ã°ããŠããªãããšã瀺ãç»åããã³ã°ã¢ããããŸãã
ãã1ã€ã®ãã€ã³ãã¯ããŠãŒã¶ãŒã®èªèšŒã«å€±æããåŸã®ã¢ã«ãŠã³ãããã¯ã¢ãŠãã®å®è£ ã§ãããããã誰ããæ¢ã«ç¥ã£ãŠããŸãããå¿ããªãã§ãã ããã
amaraoãŠãŒã¶ãŒã瀺åããããã« ããã®æ¹æ³ã§ã¢ã«ãŠã³ããæç¢ºã«ãããã¯ã§ããŸãã ã»ãšãã©ã®å ŽåãIPã«ãã£ãŠãããã¯ããå¿ èŠããããIPãããããã¯ãè§£é€ããã«ã¯ã¿ã€ã ã¢ãŠãã«ãã£ãŠãããã¯ããå¿ èŠããããŸãã
3ïŒã©ã®æ¹æ³ã§ãµã€ããåããããšãã§ããããæšæž¬ããããšã«ããã®ã§ãç§ãæãã€ããæ¬¡ã®ã¢ã€ãã¢ã¯ãäžèšã®æ¹æ³ãç»é²ã«é©çšãããšããã¢ã€ãã¢ã§ãããç»é²ã§ããŸããã ãããã£ãŠããµã€ããç Žå£ãããã®åœã奪ãããã«ãæ°ãããŠãŒã¶ãŒããã®ãµã€ããã奪ããŸãã ããã¯ä»¥åãšåæ§ã«å¯ŸåŠããŸãã æéãšIPç»é²ãå¶éããŸãã ããã€ãã®ããŒãžãããããŒã¿ããŒã¹ãæã€ãã¡ã€ã«ãããªããã³ã°ããããŠãŒã¶ãŒã®ã¹ã¯ãªããããŠã§ããµã€ãã«ç»é²ããŸãã ä¿è·ãšããŠããµã€ãäžã®ãã®ãããªããŒã¿ããŒã¹ãããŒã«ããã¯ããã«ã¯ãããã¯ããŒã ãç»é²ãããIPããããšãã°LastIpãã£ãŒã«ãã§ç€ºãã確èªããå¿ èŠã®ããäžæã®é»åã¡ãŒã«ã®è¡šç€ºã§èªç¶ã«ç»é²ããæ¹ãè¯ãã§ãã ãã®åŸããã®ãããªç»é²ãããããã¯ããŒã ã¯ããŒã¿ããŒã¹ãããã°ããåé€ã§ãããããäžè¬ãŠãŒã¶ãŒãåå空éãè§£æŸã§ããŸãã
maximwã«ããã³ã¡ã³ãïŒ
ããµã€ããŒã¹ã¯ã¯ããã£ã³ã°ããã°ã€ã³ãåé¿ããã«ã¯ã確èªã¡ãŒã«ããã°ã€ã³ãšããŠäœ¿çšããã ãã§ååã§ãã ãŸãã確èªã®æéããããšãã°æ¥æ°ã«å¶éããŸãã
4ïŒç»é²äžã«ãªã³ã¯ãä»ããŠã¡ãŒã«ããã¯ã¹ã確èªããç¬éãç°¡åã«ããããã«ãæå®ãããã¡ãŒã«ããã¯ã¹ã«èªåçæããããã¹ã¯ãŒããéä¿¡ããŠããŠãŒã¶ãŒããµã€ãã«ãã°ã€ã³ããŠãã¹ã¯ãŒããèªåã®ãã®ã«å€æŽã§ããããã«ããŸãã
ãŠãŒã¶ãŒxnimãæšæºãã¹ã¯ãŒããæå®ãããããããèªäœã§ãã¹ã¯ãŒãèªäœã«ååãªã¬ãã«ã®ã»ãã¥ãªãã£ãæ¢ã«æç€ºããŠããã¯ãã§ããããã¹ã¯ãŒãã®ã©ã³ãã åãšæå·åæ¹æ³ã䜿çšããå¿ èŠããããŸãã ããšãã°ãphpã®å ŽåïŒ
$ pswd = substrïŒmd5ïŒæ¥ä»ïŒ "FY hã®l dSïŒiïŒs A"ïŒãrandïŒïŒïŒã5.15ïŒ;
5ïŒãã¹ã¯ãŒãã®å埩ã¯ãæåã«ããŒãã¡ãŒã«ããã¯ã¹ã«éä¿¡ããããšã«ãã£ãŠã®ã¿è¡ãããŸãããã®åŸããŠãŒã¶ãŒã¯ã¡ãŒã«ããã¯ã¹ã§åä¿¡ããããŒãå ¥åãããã¹ã¯ãŒããèªåã®ãã¹ã¯ãŒãã«å€æŽããããèªåçã«ãã¹ã¯ãŒããçæããŠéä¿¡ãããµã€ãã«ãã°ãªã³ããŠãã¹ã¯ãŒãã倿Žããå¿ èŠããããŸãã
æ€èšãã䟡å€ã®ããyouloseã«ããã³ã¡ã³ãïŒ
ãã®ããŒãèªåçã«æ¿å ¥ããããªã³ã¯ãéä¿¡ããå¿ èŠããããŸãããªã³ã¯ãã¯ãªãã¯ãããšããã§ã«ãã¹ã¯ãŒã倿Žãã©ãŒã ããããŸãã 圹ã«ç«ããªãæ å ±ããŠãŒã¶ãŒãå ¥åããªããã°ãªããªãã»ã©ããµã€ãã®ãŠãŒã¶ãŒã¯å€ããªããŸã=ïŒ
6ïŒåœç¶ããœã«ããšããã·ã¥ã«å ããŠããã¹ã¯ãŒããã¯ãªã¢ãªåœ¢åŒã§ä¿åããã®ã§ã¯ãªãããµã€ããŠãŒã¶ãŒããCookieãçãŸãããã©ããã確èªãããã§ãã¯ãå®è£ ããå¿ èŠããããŸãã å®éãæ¬¡ã®ãããªç¹å®ã®ã¢ã«ãŽãªãºã ã§ç¢ºèªããŸãã
if ($sess_key == md5(md5($ip).md5($uagent)) )
ãŠãŒã¶ãŒã®ãã©ãŠã¶ãšãã®IPã¢ãã¬ã¹ã確èªããäœãã倿Žãããå Žåãã»ãã·ã§ã³ãç Žæ£ããŸãã
session_destroyïŒïŒ;
7ïŒã³ãŒãã€ã³ãžã§ã¯ã·ã§ã³ãŸãã¯SQLã€ã³ãžã§ã¯ã·ã§ã³ã®ãŠãŒã¶ãŒå ¥åãã£ãŒã«ããå¿ ã確èªããŠãã ãããããã«ã¯ãããšãã°æ¬¡ã®ãããªããŸããŸãªæ©èœããããŸãã
strip_tagsïŒïŒ
ã¹ããªããã¹ã©ãã·ã¥ïŒïŒ
htmlentitiesïŒïŒ
HTMLã³ãŒãã®äžéšãæ®ãå¿ èŠãããå Žåãæ¬¡ã®é¢æ°ããããŸãã
æååstrip_tagsïŒæååstr [ãæååallowed_tags]ïŒ
ãã®é¢æ°ã¯ãHTMLããã³PHPã¿ã°ãåãåã£ãstræååãè¿ãããšããŸãã äžå®å šãŸãã¯åœã®ã¿ã°ãããå ŽåãèŠåãšãšãã«ãšã©ãŒãã¹ããŒããŸãã
ãŸãããããã¯ãŒã¯äžã§ã¯ãäžèŠãªã¿ã°ãåé€ããããééãæ€åºããããJSã³ãŒãã€ã³ãžã§ã¯ã·ã§ã³ã䜿çšããŠXSSã詊è¡ãããªã©ã®äžèŠãªéšåãåé€ãããããã©ã€ãã©ãªãåé¡ãªãèŠã€ããããšãã§ããŸãã
8ïŒ GETãªã¯ãšã¹ãã¯ãæ¬åœã«å¿ èŠãªå Žåã«ã®ã¿äœ¿çšããŸãã ã€ãŸããäž»ã«POSTã䜿çšããŸããäž»ãªå©ç¹ã¯ãäœåãªãã®ãèŠãããéä¿¡ãããããŒã¿ãeyes玢奜ããªç®ããé ãããŠããããšã§ããããããåæã«URLã¯èŠæ ããããããŠãŒã¶ãŒããŠãŒã¶ãŒã«ããããªãªã³ã¯ãæããããšã劚ããŸããã ããããå¯äžã®å©ç¹ã§ã¯ãããŸããã
9ïŒ Cookieãä»ããã»ãã·ã§ã³IDã®éä¿¡ããã以å€ã®å Žåã¯ãURLã§ç€ºãããŸããããã¯ãæ€çŽ¢ãšã³ãžã³ã奜ãŸãªããªã³ã¯ãæ¬è³ªçã«ãå°ç¡ãã«ããŸããã
10ïŒãšã©ãŒãèšé²ããããšãå¿ããªãã§ãã ããã åäŸå€ã¯ãã°ã«èšé²ããå¿ èŠããããŸããããã«ãããåŸã§çè§£ãã¹ãããšãã誰ãããµã€ããæ·åããŠãããã©ããã確èªã§ããŸãã
11ïŒããŒã¿ããŒã¹ããå¿ èŠãªããŒã¿ã®ã¿ã ãããè¡ãå ŽåïŒãŠãŒã¶ãŒãã*ãéžæããŸãã ãããŠãããã¯ããŒã¿ãèªæããããšã倿ããããããªãã¯ã©ãã§ããã®ãããªç¿æ £ããæžãåºãã§ããããé ããæ©ããééããç¯ãããŠãŒã¶ãŒããŒã¿ã¯ãããã¯ãŒã¯ãä»ããŠæŒæŽ©ããŸãã 第äºã«ãããŒã¿ããŒã¹ããååŸããããŒã¿ãå€ãã»ã©ãã¯ãšãªã«ãããæéãé·ããªããããããã¹ãŠãè² è·æã®ããã©ãŒãã³ã¹ã«ç¢ºå®ã«åœ±é¿ããŸãã ããªãã¯ãããã»ã©ç°¡åã§ã¯ãªãäœæ¥ã«æ £ããå¿ èŠããããŸããããããããã§ããããã«ãããããåé¡ã¯ãããŸããã
12ïŒæ€çŽ¢ãšã³ãžã³ãšã¡ã¿ã¿ã°ã®ãµã€ããããã®XMLãã¡ã€ã«ã®çæã ããã«ãããæ€çŽ¢çµæãããçšåºŠå¢å ããŸãã ãããã¯ãŒã¯ã«ã¯ãçŽ æããã¡ã¿ã¿ã°ãçæããããã®æ¢æã®ã¢ã«ãŽãªãºã ããããŸãã
13ïŒã¿ã¹ã¯ã«åŸã£ãŠãã¬ãŒã ã¯ãŒã¯ãŸãã¯CMS / CMFã䜿çšããŸãã åãµã€ãã¯ããªãã®éã®äœæ¥ã§ããããããã®ç®çã®ããã®åªããåºç€ã¯ãå¿ èŠãªä»ã®ãããžã§ã¯ããžã®ãã¬ãŒã ã¯ãŒã¯ïŒé·å¹Žã«ããã£ãŠèç©ãããïŒã®å¯¿åœãšç§»æ€æ§ãå€§å¹ ã«ç°¡çŽ åããŸãã ããšãã°ããããåãªãããã°ã§ããå ŽåãDrupalãWordPressããã®ä»ãªã©ã®CMSã䜿çšã§ããŸããã¿ã¹ã¯ãããã°ããŒãã«ã§ããšã³ãžã³ã®åäœæãããªãé£ããå Žåã¯ãkohanaãyiiãzendãªã©ã®ãã¬ãŒã ã¯ãŒã¯ã䜿çšããããšããå§ãããŸãã ãã®ãããªãã¬ãŒã ã¯ãŒã¯ã«ã¯ãããŒã¿ããŒã¹ã¯ãšãªã³ã³ã¹ãã©ã¯ã¿ããã£ãã·ã¥ã·ã¹ãã ïŒããã©ãŒãã³ã¹ã«ãã©ã¹ã®åœ±é¿ãäžããïŒãã«ãŒãã£ã³ã°ã·ã¹ãã ãç»ååŠçãORMãããŒã¿æ€èšŒãããã³äœæè ãŸãã¯ã³ãã¥ããã£ãéçºãã远å ã¢ãžã¥ãŒã«ãæ¥ç¶ããæ©èœãæ¢ã«å«ãŸããŠããŸãã ããã«ããããããã°ãããã³ãŒããšããã©ãŒãã³ã¹ãžã®ååãªæ³šæã«ãããéçºãšãããã°ã®æéãå€§å¹ ã«ççž®ãããŸãã
14ïŒ imgã¿ã°å ã®ç»åã«é«ããšå¹ ã®å±æ§ã䜿çšãã代ããã«ãèªã¿èŸŒã¿æã«ç°ãªããã©ã¡ãŒã¿ãŒã§è€æ°ã®ç»åãµã³ãã«ãä¿åããããšããå§ãããŸããããšãã°ãfull_img.pngïŒfullïŒãpreview_img.pngïŒå°ããªã³ããŒïŒã倧ããªç»åïŒããŒãžã®èªã¿èŸŒã¿é床ãšãã£ãã«å æçãäœäžãããïŒãå¿ èŠã§ããããã©ãŠã¶ã¯ãããã¹ã±ãŒãªã³ã°ããå¿ èŠããªããããŒãžã®è¡šç€ºé床ã«åœ±é¿ããŸãã
15ïŒããŒã¿ããŒã¹ã®ãã£ãŒã«ãã®ã€ã³ããã¯ã¹ä»ãã ã€ã³ããã¯ã¹ä»ããã£ãŒã«ããäœæãããšãããŒã¿ããŒã¹ãšãµã€ãå šäœã®ããã©ãŒãã³ã¹ã«å€§ãã圱é¿ããŸãã 倿°ã®ãªã¯ãšã¹ããããå Žåãããã¯ãµãŒããŒã®è² è·ãå€§å¹ ã«åæžããã³ã¹ããåæžããŸãã
anycolor ïŒ
ãã£ãŒã«ããè³¢ãã€ã³ããã¯ã¹ä»ãããå¿ èŠããããŸããããããªããšãå€ãã®åé¡ãèªåèªèº«ã«è¿œå ããããšãã§ããŸãã ãã¹ãŠã®ã€ã³ããã¯ã¹ãè¯ãçµæãããããããã§ã¯ãããŸããã ãŸããé ãã¯ãšãªã®ãããã¡ã€ã«ãäœæããEXPLAINãç£èŠããå¿ èŠããããŸãããã®åŸãããŒã®äœæãšæ±ºå®ã«ã€ããŠæ±ºå®ããŸãã
16ïŒããŒã¿ãšã¯ãšãªã®äž¡æ¹ã®ãã£ãã·ã¥ã䜿çšããŸãã ããšãã°ãkohana 3ã§ã¯ã-> cachedïŒ30ïŒã远å ããŠããŒã¿ããŒã¹ã¯ãšãªããã£ãã·ã¥ã§ããŸããã¯ãšãªãäœæãããšãã¯ãšãªã30ç§éãã£ãã·ã¥ããããã¡ã€ã«ãã£ãã·ã¥ãmemcachedãsqliteãªã©ã®éžæã«ãããã£ãã·ã¥ãããããŒã¿å šäœãä¿åãããŸãã ã ãã ãããã£ãã·ã¥ã§ã¯ãããŒã¿ãå€ããªã£ãŠããå¯èœæ§ããããããäžç€ã«åºå·ããå¿ èŠãããããšãå¿ããªãã§ãã ãããããšãã°ããŠãŒã¶ãŒãèšäºã調æŽããããããã®å ŽåããŠãŒã¶ãŒãå€ãããŒã¿ãæäŸããªãããã«ãã®ä¿åããããã£ãã·ã¥å€ããªã»ããããå¿ èŠããããŸãã 圌ã¯ç¢ºãã«ãã®ãããªåå¿ãçè§£ããªãã§ãããã
17ïŒå°çšãµãŒããŒãããå Žåã¯ãnginxãããã³ããšã³ããšããŠäœ¿çšããapache2ïŒãŸãã¯ä»£æ¿ïŒãããã¯ãšã³ããšããŠäœ¿çšããŠãè² è·ãå ±æããŸãã ããã«ã€ããŠã¯ããããäžã§å€ãã®ããšãæžãããŠããŸãã
18ïŒãªãã³ãŒãããã£ãã·ã¥ããããã«xcache / eaccelerator / otherã䜿çšããŸããããã¯ããã€ãã®ç¹ã§ããã©ãŒãã³ã¹ã«åœ±é¿ããŸãã
19ïŒåºæ¬çãªã«ãŒã«ã®1ã€ã¯ãããŒã¿ããŒã¹ã®æ£èŠåãšèšèšã¯åãªãèšèã§ã¯ãªããšããããšã§ãã ããã¯äžçš®ã®ç§åŠã§ãããå°éçã«ãããè¡ã人ã ã®é»éåŸã§ãã ããŒã¿ããŒã¹äžã«Webãµã€ããäœæããªãã§ãã ããã1ã€ã®ããŒãã«ã«ã¯ãããšãã°80ã®ãã£ãŒã«ãããããŸãã ããã¯ãæåã¯ããããµã€ããšèŠãªãããšãã§ããŸãã ããŒã¿ãããŒãã«ã«è«ççã«ããŒãã£ã·ã§ã³åå²ããããŒã䜿çšããæ®ãã®æ£èŠåã«ãŒã«ïŒãã¡ãããããã«åãããªãã§ãã ããïŒã¯ãããã©ãŒãã³ã¹ã«æãçŽæ¥çãªåœ±é¿ãäžããå¿ èŠããããŸãã
maximwã«ããã³ã¡ã³ãïŒ
çŸåšãWebéçºã§ã¯ãã¯ãšãªãé«éåããããã«ããŒã¿ããŒã¹ã®éæ£èŠåãéåžžã«éèŠã§ãã ããã«ã€ããŠèšåããŠãããšããã§ãããã
鿣èŠåã¯ãŠãŒã¶ãŒJuliaTem ã«ãã£ãŠãã®æçš¿ã§èª¬æãã ãŸãã
20ïŒç®¡çã®æãéèŠãªã«ãŒã«ã®1ã€ã¯ã次ã®ãããªãã®ã§ãããæåã«ãã¹ãŠãçŠæ¢ããæ¬¡ã«å¿ èŠãªãã®ã ããèš±å¯ãããã å€ãã®äººã«ãšã£ãŠããã¹ãŠãèš±å¯ããŠããçŠæ¢ãããã®ã¯ç°¡åã§ããããã®ã¢ãããŒãã§ã¯ééããªãäœããå¿ããŠããŸãããµã€ãã®ã»ãã¥ãªãã£ãèããæãªãããŸãã
21ïŒã¯ãšãªã§JOINã䜿çšããæ¹ããããã€ãã®åå¥ã®ã¯ãšãªãããåªããŠããŸãã JOINæŒç®åã«ã€ããŠååã«çè§£ããŠããå Žåãæ®ãã説æããã®ã¯ç¡æå³ã ãšæããŸãã ããŒã¿ããŒã¹ãžã®ã¯ãšãªãå°ãªãã»ã©ããµã€ãã¯é«éã«ãªãããµãŒããŒ/ãã¹ãã£ã³ã°ã®è² è·ãå°ãªããªããŸãã ããã«ãJOINæŒç®åã䜿çšããã¯ãšãªã®çµåã¯ãã€ã³ããã¯ã¹ä»ããã£ãŒã«ãã§å®è¡ããå¿ èŠããããŸãã
ãŠãŒã¶ãŒmaximwããã®èª¬æ ïŒ
JOINã«ã€ããŠç©è°ãéžã声æã ç¹å®ã®ç¶æ³ã«å€§ããäŸåããŸãã ããšãã°ã2ã€ã®é£ç¶ããSELECTãé«éã«ãªããŸãã
ç°¡åã«èšãã°ãé©åãªããŒã«ãé©åãªå Žæã§äœ¿çšããå¿ èŠããããŸãã =ïŒ
22ïŒããŒã¿ããŒã¹ã®ããŒã¿æŽåæ§ã ãŠãŒã¶ãŒãåé€ããªãããã«ããŒã¿ããŒã¹å ã®ããŒã¿ãåžžã«ç£èŠããå¿ èŠããããŸããããŠãŒã¶ãŒã®èšäºãåé€ããããã³ã¡ã³ããåé€ããã«èšäºèªäœãåé€ãããããªãã§ãã ããã ãããã£ãŠãããŒã¹ãæ¡å€§ãããã®äžã«ãŽããèç©ãããŸããããã¯ãè«çãã§ãŒã³å šäœãäžåºŠã«èšç®ããããã远跡ãšã¯ãªãŒãã³ã°ãå°é£ã§ãã
23ïŒããŒã¿ã¯æçåãããŠãããããã©ãŒãã³ã¹ã«åœ±é¿ãããããããŒã¿ããŒã¹å ã®åãããŒã¿ãæã æé©åããå¿ èŠããããŸãã MySQLã§ã¯ããã®ããã«å¿ èŠãªãã®ã¯ãã¹ãŠãã§ã«æäŸãããŠããŸãã
FAQãžã®ãªã³ã¯ ã
Q. MySQLã§ã¹ãã¬ãŒãžãæé©åããæ¹æ³ã¯ïŒ
ããŒã«ã®æ¶å»ïŒããã©ã°ïŒãçµ±èšã®æŽæ°ãããã³ã€ã³ããã¯ã¹ã®ãœãŒãïŒ
OPTIMIZE TABLE table_name;
ãŸãã¯äœ¿çšïŒmyisamchk --quick --check-only-changed --sort-index --analyze
泚æãmyisdãèµ·åããªããšãã«myisamchkãèµ·åããå¿ èŠããããŸããããã§ãªãå Žåã¯ãmysqlcheckãŠãŒãã£ãªãã£ã䜿çšããå¿ èŠããããŸãã
ïŒmysqlcheck --repair --analyze --optimize --all-databases --auto-repairïŒ
ãªããã£ãã€ã¶ãŒçµ±èšã®æŽæ°ïŒ
ANALYZE TABLE table_name;
ãŸãã¯äœ¿çšïŒmyisamchk --analyze
宿çã«å®è¡ããããšããå§ãããŸãã
isamchk -r --silent --sort-index -O sort_buffer_size = 16M db_dir / *ãISM
myisamchk -r --silent --sort-index -O sort_buffer_size = 16M db_dir / *ãMYI
24ïŒé ãã¯ãšãªã远跡ããå¯èœãªéãæé©åã詊ã¿ãŸãã
mysqlæ§æïŒmy.cnfïŒã§ã次ã®2è¡ãèšè¿°ããå¿ èŠããããŸãã
log_slow_queries = /var/log/mysql/mysql-slow.log
long_query_time = 1
説æããïŒ
log_slow_queries-ä¿åãããã¡ã€ã«
long_query_time-ãã§ã«èªçŽããã®ã«ååã ãšæãããã¯ãšãªå®è¡æéã ç§æ°ã
25ïŒããŸããŸãªãªãã·ã§ã³ãæ€èšããŸã...æè¡çãªè©³çްã§ã¯ãªãå¯èœæ§ãé«ãã§ããã...çŸåšãSQLãšNoSQLã®äž¡æ¹ã®å€ãã®DBMSããã¬ãŒã ã¯ãŒã¯ãã©ã€ãã©ãªãªã©ããããŸãã ããã¯ãã¹ãŠãèšè𿮵éã§æ€èšããããšãéåžžã«æãŸããããšã§ãã ãããžã§ã¯ãã匷åãªãã®ã«æé·ããå Žåãééãã¯ãã¹ãŠç¢ºå®ã«çºçããŸãã mysqlã§åãããŒã¿ããŒã¹ãšã³ãžã³ã䜿çšããŠããäž¡æ¹ã®å©ç¹ãèæ ®ããã®ã«ååãªæ°ã®ãšã³ãžã³ã䜿çšããŸãã MariaDBãäŸã«ãšããš... PostgreSQLã , ⊠? ? , . , ⊠, , SQL , NoSQL .
26) . . , MySQL Apache2 Nginx. - .
27) frontend-. - . nginx . . .
28) , , , , . . , . Ext2/3/4, ReiserFS, FAT, NTFS, .
29) , /. , , , . sysctl (- Linux, BSD, ) . :
sysctl -a
:
sysctl net.ipv4.ip_forward=1
:
/etc/rc.local
, .
, .
/.
Nixã®ãããªã·ã¹ãã ã«ã¯ãããã®ããã€ãããããŸãããŠãŒã¶ãŒã·ã¹ãã çšã«èšèšããããã®ãããµãŒããŒçšã«èšèšããããã®ãªã©ããããŸããå®éã«ã¯ããããã«é¢ããååãªæ å ±ããããŸããäŸãã°ã次ã®ãšããã§ããScheduler
IO
30ïŒããã»ã¹ãèµ·å/ç£èŠããããã®ã·ã¹ãã ãšããŠã®Systemdããã®æ®µèœã§ã¯ãç§ã¯ããŒã¢ã³ãæ¬åœã«å¥œãã ã£ãã®ã§åºåã®å¯èœæ§ãé«ããDebianã§ã¯ããã©ã«ãã§ã¯äŸ¡å€ããããŸãããã眮ãããšã¯åé¡ã§ã¯ãããŸããã SystemDèªäœãåç §ããŠèª¬æããŸãããããã§
ã¯ãSystemDã®å©ç¹ãç°¡åã«èª¬æããŸããSystemdbuns
ïŒ
â , , . required, , , , , SysV, , .
- , systemd, . , :
â SysV , grep, find . systemd , .
â SysV sh-, systemd.
â ! cgroups . , , . .
â ! systemd . ! monit pid, ! , , .
â Systemd .
â systemd //_-_ .
â ! .., SysV, fstab /etc/init.d/-_ start/stop
â D-Bus.
31) . . . Gentoo . . Debian apt-build, , . make, . , , /, //_ , . , , . .
32) . , , . , ssh, . , fail2ban ssh , , iptables, host.deny IP . . Portsentry , , . chkrootkit â . iptables, . PHP .
PS .
PPS , .