From 5be1cff078ec1be5115607b3c0f72a2ade8515e2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no>
Date: Thu, 6 Mar 2008 16:37:19 +0000
Subject: [PATCH] some notes on server php, memcache and apache setup

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@368 44740490-163a-0410-bde0-09ae8108e29a
---
 docs/source/simplesamlphp-maintenance.xml | 25 +++++++++++++++++++----
 1 file changed, 21 insertions(+), 4 deletions(-)

diff --git a/docs/source/simplesamlphp-maintenance.xml b/docs/source/simplesamlphp-maintenance.xml
index 1b1cb9b9f..4456adfed 100644
--- a/docs/source/simplesamlphp-maintenance.xml
+++ b/docs/source/simplesamlphp-maintenance.xml
@@ -137,6 +137,21 @@
 	'memcache_store.expires' =&gt;  36 * (60*60), // 36 hours.
 
 </programlisting>
+
+      <important>
+        <para>Setup a firewall restricting access to the memcache
+        server.</para>
+      </important>
+
+      <para>Configure memcahce to not do internal failover. This parameter is
+      configured in <filename>php.ini</filename>.</para>
+
+      <programlisting>memcache.allow_failover = Off</programlisting>
+
+      <para>Because simpleSAMLphp uses a timestamp to check which session is
+      most recent in a fail-over setup, it is very important to run
+      syncrhonized clocks on all webservers where you run
+      simpleSAMLphp.</para>
     </section>
   </section>
 
@@ -163,12 +178,14 @@
     <title>PHP configuration</title>
 
     <para>Secure cookies.</para>
+
+    <para>Turn off PHPSESSID in query string.</para>
   </section>
 
   <section>
     <title>Getting ready for production</title>
 
-    <para>Here are some steps that should be checked </para>
+    <para>Here are some steps that should be checked</para>
 
     <itemizedlist>
       <listitem>
@@ -183,8 +200,8 @@
       </listitem>
 
       <listitem>
-        <para>Make sure you have the latest security upgrades on your OS, and
-        </para>
+        <para>Make sure you have the latest security upgrades on your OS,
+        and</para>
       </listitem>
 
       <listitem>
@@ -221,7 +238,7 @@
 
     <para>All XHTML templates are stored in the simplesamlphp/templates
     directory. They are stored in a two level hierarchy; first the theme name,
-    and then the language code. </para>
+    and then the language code.</para>
 
     <example>
       <title>Example of organization of themes</title>
-- 
GitLab