apache ad mini start ion

8/8/2019 Apache Ad Mini Start Ion

1/41

1

APACHE Web Server

Training Division

National Informatics Centre

New Delhi


2/41

2

Apache Web Server

Installation Download

Source Code

Binary Distribution

Options Starting, stopping and restarting

Configuration

httpd.conf

Modules MPM (Multi Process Modules)

Directives

Hosting More then one web sites.


3/41

3

Apache Installation..


4/41

4

Apache web server

Apache is a powerful and highly configurable

Wide variety of static pages

Wide variety of dynamic pages

Perl, php, java ,ruby

Available in Source code and in binary distribution

Source code can directly be download from

www.apache.org

Binary distribution. RPM

SuSE


5/41

5

Apache Installation Methods

Source Code Download source code and compile for specific

machine and operating system

Source code can be customized, rebuilt and then

reinstall it. Source code comes with a configuration scripts, which

can examines the system to determine the best way tobuilt apache for maximum performance.

Ready made binaries lag behind the current release.

Binaries easier to install & includes standard modules


6/41

6

Install Apache

download from www.apache.org decompress

gunzip filename.tar.gz

tar xvf filename.tar

Or

tar xvzf filename.tar.gz

Configuration ./configuration prefix=PREFIX

Build Make

begins actual compilation after configuration files created

make install moves all compile binaries and support files to default locations


7/41

7

Configuration options

# ./configure prefix=/usr/sbin/httpd \ several versions in different directory

>--enable-module=most \

Not "all" - avoid unneeded modules> --disable-module=auth_dbm \

support DSOs (dynamic shared objects)

> --enable-shared=max


8/41

8

modules

Mod_imap

Mod_rewriteMod_http

Mod_infoMod_env

Mod_headersMod_dir

Mod_expiresMod-cgi

Mod_dav_fsMod_autoindex

Mod_usertrackMod_davMod_auth

Mod_unique_idMod_auth_digestMod_alias

Mod_mimr_magicMod_auth_dbmMod_actions

Mod_cern_metaMod_auth_anonMod_accessAllMostDefault

./configure enable-module=all disable-rewrite disable-so

To compile the module as a DSO, add the option =shared.


9/41

9

Installation Locations

Installs run time data in DIR, pid, scoreboard andlock files

--runtimedir=/var/run

Installs program executables in DIR--libexecdir=/usr/lib

--cgidir=/var/www/cgi-bin

Installs the default apache startup web page into DIR--htdocsdir=/var/www/html

Installs icons in DIR--icondir=/var/www/icons

Installs configuration file such as httod.conf in DIR.--sysconfigdir=/etc/httpd/conf

Installs sys admin executables in DIR.--sbindir=/usr/sbin

Installs user executable file--bindir=/usr/bin

Installs architecture-dependent files.--exec-prifix=/etc/httpdInstall architecture-independent files.--prefix=/etc/httpd


10/41

10

Modules

Apache is a modular server. Only the most basicfunctionality is included in the core server. Extendedfeatures are available in various modules. During theconfiguration process, you must select which modulesto compile for use with your server

Core (httpd_core.c) statically linked into kernel, cannot be removed

available in all Apache servers

Standard

part of Apache distributions maintained by Apache Software Foundation

can be removed for security or performance

Third-party not part of distributions


11/41

11

Multi Processing Module(MPM)

Prefork MPM Server anticipate future demand by creating and

maintaining a pool of spare server in advance. ./configure with-mpm=prefork

Worker MPM Maintain a dynamic pool of processes, with each processcontaining a fixed number of threads.All threads in allprocesses are capable of answering any client requestreceived by the server.

./configure with-mpm=worker

Perchild MPM Maintain a static pool of process with each process

maintaining a dynamically changing threads. ./configure with-mpm=perchild


12/41

12

Run Apache Server

Manually % /usr/sbin/httpd f /etc/httpd/httpd.conf

rc script

Make a link in rc directory that points to the/etc/init.d/httpd file

Apachectl utility to control server

apachectl start checks if Apache running, if

not starts it


13/41

13

Apache options

Run syntax check for configuration file (without docroot)-T

Run syntax check for configuration file (with docroot)-t

List available configuration directives-L

List compiled in modules-l

List available command line options-h

Show compile number-V

Show version number-v

Process directive before reading configuration file-c directive

Process directive before reading configuration file-C directive

Specify an alternative initial ServerConfigFile-f file

Specify an alternative initial ServerRoot-d directory

Define a name for use in directive-D name


14/41

14

Apache Administration.


15/41

15

Basic configuration

What name it will have Server name is the name Apache uses in response

What network connections it will respond to

This is the IP address that Apache will receive HTTPrequests on.

Where the server configuration and log files will

go

Where the web site documents will reside


16/41

16

User and Group

When Apache is started by root it spawns one or morechild processes to handle clients. If User and Group areset, the children give up their root status and adopt theconfiguration identity instead.

Linux defines a special user and group nobody for

running unprivileged processes. User nobody defines Linux user that owns child processes

to handle user requests

Group nobody to change ownership of child processes tohandle user requests

Administrator can create his own private user and group groupadd g 999 httpd

useradd u 999 g httpd s /bin/false c web server user


17/41

17

How Server Listens for Connections

Listen The Listen directive tells the server to accept incomingrequests only on the specified port or address-and-portcombinations.

If only a port number is specified in the Listen directive,

the server listens to the given port on all interfaces. If an IP address is given as well as a port, the server will

listen on the given port and interface.

Multiple Listen directives may be used to specify anumber of addresses and ports to listen on. The server will

respond to requests from any of the listed addresses andports. Listen 80

Listen 8000


18/41

18

httpd.conf Port 80

User nobody Group nogroup

ServerAdmin your_e-mail_address

ServerRoot/var/www/html

ErrorLog/var/www/error/

TransferLog/var/www/error/

PidFile/var/run/ more directives:

Keep Alive, Spare Servers, Proxy, Cache, Virtual Servers, ...

DocumentRoot/home/httpd/htdocs/

UserDir public_html

DirectoryIndex index.html

AccessFileName .htaccess DefaultType text/plain

ScriptAlias/cgi-bin/ /home/httpd/cgi-bin/

more directives:

Icons, Language, Handlers, ... ?


19/41

19

httpd.conf Sections Global environment control operation of

the whole Apache server process

Main or default defines parameters of

default server not of virtual host

provides default settings default hosts

Virtual hosts settings for each virtualhosts


20/41

20

Apache Directives

Directives in the configuration files may apply to the entireserver, or they may be restricted to apply only to particulardirectories, files, hosts, or URLs. This document describeshow to use configuration section containers or .htaccessfiles to change the scope of other configuration directives.

general rules: case insensitive (not true for file/directory names)

comment lines begin with #

one directive per line

each line of these files consists of: directive data [data2 ... datan]

extra whitespace is ignored


21/41

21

Apache Core Directives Defines server behavior and configuration

options

Instructions to supply information

Directives originations

Core Directives compiled into executable and

always available

Other type supplied by add-on modules

Each directive associated with a module httpd.conf location of directives

Apache is modular! need directives for each

module loaded


22/41

22

Directive Scope and Context

General Server (server-level) directives apply toentire server

Container directives valid only in these

containers: , , or Virtual Host -for each virtual host to override

general server directives

.htaccess (per-directory) like those in

, disabled by AllowOverride

directive in httpd.conf


23/41

23

Container Directives

restricts the scope of the directives containedwith in it to the HTTP methodes specified. It is mostlyused with access control and authentication directives.

order deny,allow

deny from all

allow from 192.168

is allowed inside all containers except itself.

The opposite of , applies to the HTTP methods not specified in the methodlist.


24/41

24


Directive inside a container apply only to the directory and itssubdirectories.

options noneorder allow, deny

deny from all

options includes FollowSymLinks

AllowOverride FileInfo

Allow from all


25/41

25


is an alternative and preferred formto the tilde form of for specifying regular

expression instead of wildcard in the directory

specifications.

are similar to but matches files

instead directory.

SetHandler /cgi-bin/burn-gifs.cgi


26/41

26

Container Directives is an alternative and preferred form

to the tilde form of for specifying regularexpression instead of wildcards in the filesspecifications.

SetHandler /cgi-bin/process-image.cgi

operates in a similar manner to, but applies to a URL rather than a

physical file location.

SetHandler server-info>


27/41

27

Container Directive

allows additional hosts and websites to be defined alongside the main server host site.

Each virtual host can have its own name, IP address,

and error and access logs.

ServerName www.beta-complex.com

ServerAdmin [email protected]

CustomerLog /logs/beta-comlex_log

ErrorLog /logs/beta-comples_log

DocumentRoot /home/www/beta-compex


28/41

28

Apache's Order for Containers

&

or &


29/41

29

Server-Level Directives Directives that make sense only at the server level must

be defined outside of any kind of container tag. They cannot be defined in a .htaccess file.

Name of the server

Port and IP address

e-mail of the administrator and error and access logServerName www.trng.nic.in


CustomeLog /log/access-log

DocumentRoot /home/www/alpha-complex

All of then can be set on ServerName www.trng.nic.in


CustomeLog /log/access-log

DocumentRoot /home/www/alpha-complex

Global scope

Local Scope


30/41

30

Server-Level Directives ServerName directive Apache must always know

hostname of server it is on ServerName www.mtsac.edu

ServerRoot directive directory where server lives

DocumentRoot directive lop level directory where

Apache serves files

ScriptAlias directive directory where executable

scripts are, e.g. /cgi-bin/

ErrorDocument - defines easier to read custom errorresponses

DefaultType redefine default MIME


31/41

31

Server-Level Directives

To improve server security, we can specify adefault set of highly restricted privileges, andthen only enable them again in specific places.

Options none

AllowOverride none

Order allow, deny

Deny from all

ThenAllow from all


32/41

32

Server-Level Directives

Options Controls which server features available in a particular

directory All enables all options , which is usually not desirable

ExecCGI permits execution of CGI scripts. This is required for any

kind of executable content to function. FollowSymLinks Files or directories referred to via symbolic links will

be followed.

Includes permits Server Side Includes.

IncludesNOEXEC disables #exec and #include of SSI scripts

Indexes if a URL maps to a directory , apache will create andreturn a formatted listing of the directory contents.

MultiViews this allows contents negotiation.

SymLinksIfOwnerMatch the server follow only sybmolic linksfor which the target file or directory is owned by thesame userID as the link.


33/41

33

Per-directory Directives

.htaccess apache allows the serverconfiguration to be supplemented with per-directory configuration files. It looks for filescalled .htaccess and treats them as if they were

in a container for that directory. When apache receives a URL that takes intoaccess to a directory for which overrides areenabled, the directory and every parent directory

are examined for the presence of a .htaccess file.Each on found is merged with any container defined for the same directory level.


34/41

34

Per-Directory Directives Controls how .htaccess files are handled,Defines which

directives override others. All enables all overrides.

None Disables all directives and prevents apache fromsearching for parent directory configuration files.

Authconfig Allows use of the authorization directives

provided by mod_auth and their equivelents in theother authentication modules.

FileInfo Allows use of directives controlling file typesand handle .

Indexes Enables the directives controlling the

appearance of directory indices as genrated byapache.

Limit Allows use of the allow, deny, and order mod_accessdirectives.

Options enables use of the options directives..


35/41

35

Conditional Configuration

Configuration files can contain sections that shouldonly be used under certain conditions. By enclosingsection of the configuration in or directives.

$httpd D UserRewrite

LoadModule rewrite_module libexec/mod_rewrite.so

Or

RewriteEngine onRewriteLog logs/rewrite.log

RewriteLogLevele 9


36/41

36

Hosting more than one web site User home pages

The simplest approach is to group all sites under onecontrolling host name.

User can maintain their own home pages withoutreconfiguring the server each time a new user added.

Users may use limited configuration by creating.htaccess files inside their directory.

Apache support this model with the UserDirdirective.

UserDir public_html http://www.trng.nic.in/~user1/colours.html will expand to

/home/user1/public_html/colours.html


37/41

37

Hosting more than one web site

Separate Servers By running more then one instance of Apache at

the same time.

Each instance is configured with a differenet IP

address and Port number. It consume more memory than a single instance,

and there is no sharing of resources.

Good when running an one secure and reliable

server and one testing server. Httpd f conf/server1.conf

Httpd f conf/server2.conf


38/41

38


IP-based virtual hosting Each web sites needs to have its own IP

address, therefore needs either mulitple network

interface or multiple IP addresses on one

interface. Allows multiple web sites to share the same

pool of server processes and configuration.


39/41

39


Named-based virtual hosting

Allows multiple web sites to share the same IP

address.

Supports hosting based on names.


40/41

40

User Home Directories Allow users to publish their own Web pages

Relative path directory that becomes

document root: userDir

Absolute path

Absolute with placeholder

Redirect requests for user home directories


41/41

41

User Home Directories cont. Enabling/Disabling Mappings

suExec

Enables users to run CGI programs under their

own directories rather than that of server

Configure Apache to use it

Request Redirection enables certaindirectories to be used by others

apache ad mini start ion

Documents