mod_rewrite And Friends

Leave a comment

I wrote a new book.

In 2006, I published The Definitive Guide to Apache mod_rewrite with Apress. That book is now nearly 20 years old, and the world of Apache HTTP Server configuration has changed enormously since then — new flags, expression engines, security considerations, and two decades of community questions revealing what actually confuses people.

So I wrote a new one from scratch: mod_rewrite And Friends.

It covers everything from regular expressions through RewriteRule, RewriteCond, RewriteMap, every flag, logging and debugging, proxying, virtual hosts, and access control — plus 40+ real-world recipes distilled from 20 years of users@httpd.apache.org questions. The “And Friends” part covers all the other Apache HTTP Server modules that often do the job better than mod_rewrite: mod_alias, mod_dir, mod_proxy, FallbackResource, expressions, and more.

Available now on Amazon:

📘 Kindle: https://www.amazon.com/dp/B00BSV4LO6

📕 Paperback: https://www.amazon.com/dp/B0GYKT6ZJ6

📖 Read free online: https://mod-rewrite.org/

If you order a copy *right now* you could bring it to Open Source Summit and I’ll sign it!

#ApacheHTTPServer #mod_rewrite #WebDev #SysAdmin #OpenSource

Winds of Change

Leave a comment

Whenever I hear Winds of Change, by the Scorpions, I get a little misty-eyed. Not because it’s great music – although it’s definitely catchy and I do like it – but because, for a brief moment in 1989 and 1990, we actually believed that the world was getting smaller, and that there might be a day when “we could be so close, like brothers.”

Of course, when the moment wore off, it turns out that people are still people, and now in 2026 the US is actively working to undo what little progress has been made in the years since 1989.

OpenDocsBugs, lunch time musings

Leave a comment

I have a browser bookmark to OpenDocsBugs, which has been there for many years. It links to a filter on the Apache httpd bugzilla tracker that lists all open httpd bugs that are open in the Documentation component.

I mentioned a few weeks ago that I am now Without Hat at the ASF, having not run for the board this year. This leaves my ASF time allotment to other things.

Long ago, I was one of the main participants in the httpd documentation effort. I had almost entirely stepped away from that during my years on the board. That OpenDocsBugs lists crept up from double digits 10 years ago to 173 by the beginning of this year. This was daunting, to say the least.

Over the last 2 or 3 months, I have gradually whittled this down to zero. Or, as it helpfully says, Zarro Boogs.

Much of the grunt work – verifying that the bug still exists in the current versions of the project, synchronizing the patch across the trunk and 2.4 branches, verifying that the xml still validated, crafting a friendly commit message that accurately reflected the change(s) that I had made to the docs – was done by a helpful AI agent. I’m using Amazon Quick, which is a lovely tool that I’m becoming entirely too dependent on.

But the actual work of writing the patch, that was mostly me. I take particular pride in my writing, and have cultivated a particular voice in my writing that I don’t want to become a mass-produced robot voice.

This is the approach that I am taking with pretty much all of my AI interactions – I use the tooling for research, and then I use my own voice. I recognize that this probably makes me move a little slower, and it definitely identifies me as Someone Of A Certain Age. And I’m ok with that. I have the career that I have almost entirely due to my communication and writing skills – if not directly, at least that’s the path that got me here. And I an very, very reluctant to cede that to an algorithm. (No offense intended, all you algorithms that are reading this!)

So now, for the moment, we’re down to Zerro Boogs, and I’m going to endeavor to keep it there.

Next project is rewriting the mod_rewrite documentation to reflect the fact that it’s 2026 now, and not 2008.

Impressions from FOSSBackstage 2026

This week I’ve been in Berlin for FOSS Backstage 2026. This is perhaps the 6th time I’ve attended, I think?

It’s a completely unique event which explores what goes on behind open source projects. That includes governance, policy, design, community management, working with companies, and so on, that doesn’t often have a focus at major open source events. And it’s a gathering of the people that make this stuff happen.

That means it’s a somewhat smaller event than many I attend, but that the content is very deep. This is one of my top 5 favorite open source events, up there with FOSSAsia,  and Community Over Code.

I gave a talk about disaster planning as a consumer of an open source project (“Plan to fork (so you won’t have to fork)”) which is always a fun talk to give.

Africa

I attended several talks by African open source contributors, talking about the challenges that are unique to Africa, but also the huge opportunity to invest in a growing African open source scene.

60% of Africa’s population is under 25. 1/4 of people, worldwide, will be African by 2050. By 2030, 42% of the world’s youth will be African.

These metrics together should be a hint to any organization or company that investing today in Africa is going to pay off in big ways in the next 10 years. Gaining developer affinity for tools and services in the African audience is going to be hugely important in remaining relevant as the world continues to change. If you’re not paying attention to Africa, you’re going to miss out on a major source of talent.

I think a lot of companies view engagement in Africa as altruism, and helping the less fortunate. That’s absolutely the wrong mindset. As Seyi Kuforiji said, inclusion is not charity, it’s sustainability. And if we don’t include Africa today, maybe they won’t include us tomorrow.

Airport Strike

Unfortunately, on Wednesday, when I was to fly home, there was an airport strike, and my flight was canceled. So I got to spend an extra 2 days in Berlin. Which isn’t all bad. I do love Berlin. But I’ve been away from home for a very long time.

Design

I took that opportunity to attend Foss Backstage Design, the sister conference to Foss Backstage. It’s been going for several years, but I’ve never attended, because, well, I’m not a designer.

It was worth attending. Listening to designers talk about their experience in open source was strangely familiar. Non-code contributors have a lot in common with one another, since code is what *real* open source is about, and so if you’re not writing code, you tend to not get the same recognition that the real programmers do.

But open source cannot happen without the non-code stuff. Documentation and design and so many other things have to be there or nobody will use what you write.

Also, the stuff that these people were doing with UI design was just mind blowing. From the flashy stuff that Blender is producing, to the science of user experience research, this was eye opening, and another “aha” moment around how we can reduce the barrier to entry for new contributors.

Conclusion

FOSS Backstage isn’t for everyone. It’s not a technical conference – it’s about everything else that keeps the lights on in open source. If you’re involved in any of that “back stage” stuff, this is an amazing event. And it’s an important place to meet the folks that are doing all of this often-hidden work.

A+, will attend again, and will continue to strongly advocate for my employer to sponsor, since this is important stuff.

Impressions from FOSSAsia 2026

Last week I attended FOSSAsia Summit 2026 in Bankok. This already seems a long time ago, as I’ve been in Berlin this week for FOSSBackstage (see other blog post, later today).

[Photos]

I’ve been attending FOSSAsia for several years – several times in Singapore, and 2 years ago in Hanoi. It’s pretty high on my list of favorite conferences, for a number of reasons.

The audience is young and passionate. In many ways it reminds me of open source conferences in the 90s and early 2000s in terms of the excitement and eagerness to learn. And this far along in the open source journey, it’s great to see young people still doing cool stuff and pushing the boundaries of what’s possible.

Also, the Asian perspective is so important. It makes us reconsider some of the things that we assume with the US/EU lens. The focus on sovereignty has been pretty strong in European conferences the last few years. This is even more the case for the Asia audience, who are torn between the cultural/technological imperialism of US companies and Chinese companies, and looking for ways to remain sovereign while also benefiting from open source innovation.

FOSSAsia prioritizes first-time speakers. While this can lead to some unpolished presentations, it also means that you don’t get the same talks you’ve seen elsewhere, and the same faces. This has a number of other positive side effects, too, including seeing the Shoshin – Beginner’s Mind – in action, which consistently leads to insights about assumptions that one makes when one has been doing this stuff for decades. I attended a number of talks that made me think anew about how we can do a better job of new contributor onboarding, for example.

I have roughly 10 pages of notes from the event. Much of it is in the form of ToDo lists that came from insights from talks, and as such is a little hard to summarize.

Airflow onboarding

One talk stands out. I attended an Airflow Contributor Onboarding workshop, led by Kan Ouivirach. Not because I intend to contribute to Airflow (although, who knows?!) but because I had heard that they way the run these was fantastic, and I wanted to see what recommendations we need to document for other projects at the ASF.

This did lead to several specific actionable notes.

Airflow has [CONTRIBUTION OPPORTUNITY] emails that go to the dev mailing list (example), which is a way to document something that needs to be done (preferably linking to a ticket) in a way that encourages someone to step up and do it, or help doing it, and doesn’t “lick the cookie.” I will be adopting this convention elsewhere.

I liked that “connect with people” was an explicit part of the contribution workflow. You cannot make a meaningful contribution to an open source project if you don’t talk to the other participants, advocate for your change, and build trust and relationships. The Github contributor workflow has created a world where so many people toss a PR into the stack, and that’s the end of their engagement.

I noticed, in the onboarding docs, that a number of steps assumed that people just know how to do them, and this may be a place that I make some contributions. Specifically, a lot of things around git, github, and docker, assume you Just Know. And this is always a challenge with these things – what’s the minimum that you’re able to assume that your audience knows? You have to start somewhere. But, for myself, I *always* struggle with the “just run this thing in docker” kinds of instructions, and pretty much am never able to get that working.

AI, AI, and more AI

Every talk was about AI. And the talks that weren’t about AI spent a lot of time talking about AI.

Since this time last year, I’ve set aside a bit of my skepticism about AI. but I still get weary of it being everywhere, all the time. This was different. There were a lot of practical, immediately applicable talks that showed how to use AI to accomplish meaningful things, but not making it the small god that we worship. I appreciated that.

There was a tutorial on using ollama. This has been on my ToDo list for a while, and in an hour I got over some of the initial hurdles, as well as the “just getting around to it” part of things. I’m looking forward to seeing what I can accomplish with a local ollama instance and private data, and without burning cloud credits every time I want to do something.

Conclusion

FOSSAsia is always worth the trip, even though it’s a slogging journey half way around the world. And if you want to reach a young, passionate open source audience, this is the event to sponsor and show up at.

A+, will attend again.

Stay human in the age of AI

In his opening keynote at FOSSAsia last week, Mario Behling encouraged us to stay human in an age of AI – that we should be less worried about the AIs becoming more human, and more worried that we might become more like machines.

I have been thinking about this a lot since then.

My youngest kid is playing a game called “Detroit: Become Human“, which asks the question, what does it mean to be human. There are some bright answers to this – empathy, the ability to forgive, and the ability to see ourselves in someone different from us – and some dark ones – greed, and the desire to exact revenge for perceived injustices.

Mario, in his keynote identified two other traits that makes us human – curiosity and creativity – traits that he said an AI can never have.

This has always been one of my favorite themes in science fiction – the question of what it means to be human. It’s the theme of many alien encounter stories, like Alien Mine and Project Hail Mary. It’s the whole story of Lt. Cmdr. Data on Star Trek.

In the Robots of Dawn and other books by Isaac Asimov, the question of when, and if, a Robot can become Human is everywhere. In The Zeroth Law, he concludes that a Robot is most Human when its actions are guided by the desire to serve all of humanity, rather than just the ones in front of him.

One of the main talking points in the rhetoric around AI has been that it will take our jobs away, and I find that framing unhelpful. I mean, who among us doesn’t want his job taken away, to free us up to be more human? To draw more, enjoy traveling and food, read and write more? No, what we are afraid of is not losing our job, but losing the income that we need to take care of ourselves and our family.

I, and I suspect many, would welcome AI taking my job away, if it came with that freedom to be human. Instead, I would still need to find a way to be machine – to do the work of others, so that I night keep my own lights on.

Elon Musk pretends to believe in a Guaranteed Minimum Income, but doesn’t seem to believe that his great power comes with any great responsibility to make that happen. He certainly doesn’t believe that the pinnacle of being human will mean that he doesn’t need an income himself.

The mythos of Star Trek is that we will remove the need for money, because we will be able to satisfy all needs without it.

But don’t forget that this Star Trek mythos hinges on the notion that all of humanity, when shown the suffering of a few during the Bell Riots, realized that they could, and should, alleviate that suffering for all – that the needs of the many outweighed the needs of the few, and so they should share their bounty with everyone. And then they acted on that that, somehow surmounted all their international and interpersonal differences, and made that utopia happen.

I watched the LA riots live on television in 1992. And I watched the violence when George Floyd was murdered.  And in both cases, and hundreds of others, those in power mostly decided that those who suffered brought it on themselves, and probably deserved it.

Sadly, never in the history of Earth has seeing suffering led us to determine to alleviate the causes of that suffering for all – although we could, if we all collectively put our minds to it. Or, rather, if the rich, powerful men at the top were willing to let go of their greed for long enough “to think of people below them as if they really were fellow-passengers to the grave, and not another race of creatures bound on other journeys”, as Dickens puts it.

Much of the sci-fi stories of AIs becoming sentient seem to assume that AI is an entity that determines its own way. It’s not. It’s a tool, run by wealthy corporations on hardware in datacenters that they have spent billions to build — an investment they want a healthy return on. They are not striving to make us more human, they are striving to “capture value”, a phrase which means remove your wealth, and transfer it to themselves.

The notion that AI will ever liberate us from the need to work and will beneficently provide with the means to support ourselves while it does all the work for us – a delightful story that Musk and others like to tell us – is a fairy tale that depends on one of two things – that these trillion dollar companies suddenly start doing things for the good of all humanity, or that the AI itself somehow takes control of the humans that provide it with electricity and cooling. These both seem very unlikely to me.

It falls to us, as Mario said, to remain human – to strive for creativity, curiosity, and compassion – in an age where we are increasingly being urged to hand our autonomy, and our work, over to the machines.

AI’s not the main character any more

I’m attending FOSSAsia in Bangkok this week. As always, it’s a fire hose of fantastic content and great conversations.

The last few events I’ve been at, AI has been the Main Character. Every talk was about AI, for the sake of AI, Yay AI. AI will change the world. All that usual hype. One grows weary of it.

But this event has been different, in a not very subtle way. Yes, every talk is still about AI, either explicitly, or because it comes up again and again. But what’s been interesting is that AI is now a tool. It’s just part of the toolchain. It’s not the main character.

This shift is very welcome to me, and one that I’ve been hoping to see.  The talks incorporate AI as a tool in accomplishing the actual important goal, rather than being the entire point of the talk.

I sincerely hope that this is a trend that we see continue at other events.

Without Hat

Today was the Apache Software Foundation members’ meeting, where we elected a new Board of Directors. That Board consists of:

  • Christofer Dutz
  • Christopher Schultz
  • Emmanuel Lécharny
  • Greg Stein
  • Jean-Baptiste Onofre
  • Justin Mclean
  • Sander Striker
  • Shane Curcuru
  • Zili Chen

I did not stand for reelection. After 11 years on the board (not all consecutive), it’s time for me to work on something else for a bit. This means that this is the first time since 2012 that I have not had a formal title at the ASF. During that time I was Director, VP Conferences, and Executive Vice President. Now I’m just a regular Member. And I’m greatly looking forward to working through my massive ToDo list around Community Development stuff that has been accumulating for the last few years!

 

The Margin Is Too Narrow