Finding Security Fixes for Apache on IBM i

API and web security for IBM iThe Apache-based IBM HTTP Server for i is a vital defense in web and API security for IBM i. As such, it requires regular attention.

IBM Support’s PCI Compliance web page is a resource we use to help our clients protect their systems.

Even if your organization does not process, store, or transmit credit card information, applying the PTFs recommended for PCI compliance constitutes a general best practice for IBM i web and API security.

Read more

IBM i API Examples Using RPG, Node.js, PHP, and Python

The Toronto User Group recently invited Alan to speak with them about how to implement secure, flexible APIs to connect IBM i applications to other systems.

Using several real-world code examples written in various free tools and languages—including RPG, PHP, Python, and Node.js—Alan demonstrated how others send and receive data safely using their favorite language paired with IBM i business logic. This video contains the details.

Read more

Install and Use Node.js iToolkit for IBM i

node.js ibm iNode.js has joined other popular IBM i open-source technologies, such as PHP and Python, for web application and API development. A server-side runtime for JavaScript, Node.js can run both on IBM i and on other platforms such as Linux.

The Node.js iToolkit lets you leverage your company’s investment in RPG and COBOL business logic while developing front ends and APIs with Node.js. As with Node.js itself, iToolkit can run on your IBM i or can connect to IBM i from your PC or an external web server.

This post explains how to install Node.js and its iToolkit on your IBM i, then use iToolkit to call an RPG service program.

Read more

Case-Insensitive Queries using ODBC on IBM i

ODBC with Db2 for IBM iWhen querying for character data using SQL, case matters. “A” is not equal to “a”. Even so, you might want to find all matches, whether uppercase, lowercase, or mixed case.

Read more

Encrypting IBM i ODBC Connections from Linux with TLS/SSL

ODBC with Db2 for IBM i

ODBC connections between Linux and IBM i should be encrypted to keep their Db2 data safe in transit.

To encrypt ODBC data, IBM recommends the industry-standard TLS encryption protocol (the successor to SSL).

Read more

Use IBM’s Apache Directive Finder Instead of Google

Apache HTTP Server ProjectWhen it comes to finding information on HTTP Server for IBM i (based on Apache), Google is NOT the way to go!

Recently Calvin did a web search for Apache’s ServerUserID directive. It returned old forum posts that could have taken anyone down a rabbit hole—a waste of time at best.

Read more

Easy Security Improvements for Apache Websites

Apache HTTP Server ProjectSome key security measures, such as using TLS encryption (https://) are taken for granted. Others are often missed until they are flagged by a security scan.

Here are two easy changes that have helped some of our clients reduce perceived vulnerabilities.  These changes, typically made in the Apache web server’s httpd.conf files, may stop unnecessary exposure of web server information, as well as satisfying security scanners.

Read more

Simplify with Subsystems

IBM iA major differentiator of the IBM i operating system is the use of subsystems to separate workloads, often for managing memory and optimizing performance. While those are still valid reasons for separating work into multiple subsystems, today’s large memory sizes and fast processors reduce the need to optimize performance in this way.

In this article, I’ll explain how subsystems can make today’s web-oriented application workloads much easier to manage. Read more

PHP 7.3 Enters End of Life Today—Free Upgrade Assessment

PHP on IBM iPHP 7.3 entered end of life today and will no longer receive fixes—including security fixes.

If you’re still running applications on PHP 5.4, 5.6 or 7.3 (run php -v to check), it’s time to schedule a free upgrade assessment.

PHP upgrades are easier now, thanks to IBM’s adoption of RPM-based open source packages. Over the past year, our clients have reported smooth and even enjoyable migrations to CommunityPlus+ PHP 7.4 and 8.0.

Read more

PHP 8.1 Released for IBM i

PHP 8.1 and IBM i

Good news everyone! In cadence with the release of PHP 8.1 by PHP.net last week, companies running PHP on IBM i can now download PHP 8.1 for use with their own applications.

According to this briefing with IBM i’s Open Source Business Architect, Jesse Gorzinski, staying current with PHP is a best practice for many reasons—for security and security audits, to fix deprecated code before you dig a huge technical debt hole, to keep your PHP environment running smoothly, and so on.

I’ll cover how to access the IBM i version of PHP 8.1 later in this post. First, though, let’s survey our favorite enhancements in this new release. We’re a big fan of PHP’s own release notes, so we recommend that you read them.

Read more