I'm blogging about Emacs, Drupal, php and exciting subjects

This is how you enable logging in MySQL

SET GLOBAL general_log=1;
SET GLOBAL general_log_file='/var/log/mariadb.log';
SET GLOBAL slow_query_log_file='/var/log/mariadb-slow.log';
SET GLOBAL slow_query_log=1;

Docker has fundamentally changed how PHP applications are deployed. Modern Symfony, Laravel, and custom PHP systems increasingly rely on containers for local development, CI/CD pipelines, horizontal scaling, and production infrastructure consistency.

But Docker has also created a dangerous misconception inside the PHP ecosystem:

many developers assume Docker automatically improves security.

In reality, Docker often makes insecure infrastructure easier to reproduce consistently.

PHP-FPM has become the standard execution model for modern PHP infrastructure. Whether applications run on bare metal servers, inside Docker containers, or in Kubernetes clusters, PHP-FPM usually sits directly behind Nginx and processes every dynamic request entering the application stack.

Despite its importance, PHP-FPM security remains heavily under-discussed in the PHP ecosystem. Many production environments still run every application inside a shared execution context with weak process isolation, overly permissive filesystem access, and minimal runtime hardening.

Modern PHP infrastructure has evolved far beyond the traditional model of deploying a small application onto a single Linux server and exposing it directly to the internet. Production environments today often consist of multiple interconnected layers that include reverse proxies, application clusters, container platforms, internal APIs, Redis instances, queue workers, monitoring systems, deployment pipelines, cloud networking, and distributed databases.

Modern PHP applications rarely fail because of a simple SQL injection vulnerability or a missing input validation rule alone. Real-world compromises increasingly occur at the infrastructure layer through exposed services, weak deployment pipelines, leaked credentials, misconfigured containers, vulnerable dependencies, or poorly isolated application environments.

Choosing the right infrastructure automation platform is one of the most important decisions organizations make when scaling server management and DevOps workflows. Two of the most widely used configuration management tools are Puppet and Ansible.

Both platforms automate infrastructure tasks, reduce manual administration, and improve operational consistency. However, they use very different architectures and operational models.

Understanding the strengths and limitations of each platform is essential when building modern infrastructure automation strategies.

SSL certificate problems are among the most common and frustrating issues administrators encounter when managing Puppet infrastructure. Puppet relies heavily on certificate-based authentication between agents and the Puppet server, and even minor certificate problems can prevent entire infrastructure environments from receiving configuration updates.

Understanding how Puppet certificates work, why they fail, and how to troubleshoot them effectively is essential for maintaining reliable infrastructure automation.

Most structured data guides begin and end with Article, Product, and BreadcrumbList. For developer-focused sites — blogs covering tools, libraries, and technical how-tos — two schema types deserve far more attention: TechArticle and SoftwareApplication. Both are valid Schema.org types that Google's Rich Results Test recognises, both are chronically underused, and both map naturally onto the kind of content a developer blog publishes.

SSL Labs' A+ rating is the benchmark for a correctly hardened HTTPS configuration. Achieving it requires more than just installing a certificate — you need to restrict protocol versions, configure cipher suites appropriately, enable OCSP stapling, set strict HSTS headers, and tune session resumption. This article covers a complete Nginx TLS 1.3 configuration for a Drupal site, with explanations for every directive.