HTTPD - Apache2 Web Server



Similar documents
A Beginner s Guide to Building Virtual Web Servers

Exercise 5 Server Configuration, Web and FTP Instructions and preparatory questions Administration of Computer Systems, Fall 2008

Exercise 5 Server Configuration, Web and FTP Instructions and preparatory questions Administration of Computer Systems, Fall 2008

E-Biz Web Hosting Control Panel

Firewall/Proxy Server Settings to Access Hosted Environment. For Access Control Method (also known as access lists and usually used on routers)

GETTING STARTED With the Control Panel Table of Contents

Implementing ifolder Server in the DMZ with ifolder Data inside the Firewall

Best Practice - Pentaho BA for High Availability

Mobile Device Manager Admin Guide. Reports and Alerts

CallRex 4.2 Installation Guide

Traffic monitoring on ProCurve switches with sflow and InMon Traffic Sentinel

Serv-U Distributed Architecture Guide

Webalo Pro Appliance Setup

Helpdesk Support Tickets & Knowledgebase

Configuring BMC AREA LDAP Using AD domain credentials for the BMC Windows User Tool

Configuring and Monitoring SysLog Servers

Custom Portlets. an unbiased review of the greatest Practice CS feature ever. Andrew V. Gamet

FINRA Regulation Filing Application Batch Submissions

Deployment Overview (Installation):

McAfee Enterprise Security Manager. Data Source Configuration Guide. Infoblox NIOS. Data Source: September 2, Infoblox NIOS Page 1 of 8

MaaS360 Cloud Extender

X7500 Series, X4500 Scanner Series MFPs: LDAP Address Book and Authentication Configuration and Basic Troubleshooting Tips

INUVIKA OPEN VIRTUAL DESKTOP ENTERPRISE

Avatier Identity Management Suite

STIOffice Integration Installation, FAQ and Troubleshooting

ScaleIO Security Configuration Guide

Ten Steps for an Easy Install of the eg Enterprise Suite

Archiving IVTVision Video (Linux)

HOWTO: How to configure SSL VPN tunnel gateway (office) to gateway

Release Notes. Dell SonicWALL Security firmware is supported on the following appliances: Dell SonicWALL Security 200

TaskCentre v4.5 Send Message (SMTP) Tool White Paper

Configuring and Monitoring AS400 Servers. eg Enterprise v5.6

PENNSYLVANIA SURPLUS LINES ASSOCIATION Electronic Filing System (EFS) Frequently Asked Questions and Answers

Emulated Single-Sign-On in LISTSERV Rev: 15 Jan 2010

AvePoint Privacy Impact Assessment 1

Outlook Plug-In. Send Conference Invites from Outlook. Downloading Outlook Plug-In CONFERENCING & COLLABORATION RESERVATIONLESS-PLUS

Serv-U Distributed Architecture Guide

BackupAssist SQL Add-on

Using Sentry-go Enterprise/ASPX for Sentry-go Quick & Plus! monitors

How To Install Fcus Service Management Software On A Pc Or Macbook

SBClient and Microsoft Windows Terminal Server (Including Citrix Server)

Preparing to Deploy Reflection : A Guide for System Administrators. Version 14.1

ISAM TO SQL MIGRATION IN SYSPRO

FOCUS Service Management Software Version 8.5 for Passport Business Solutions Installation Instructions

Perl for OpenVMS Alpha

Backing Up and Restoring Your MySQL Database From the command prompt

Instructions for Configuring a SAFARI Montage Managed Home Access Expansion Server

Server 2008 R2 - Generic - Case

Access to the Ashworth College Online Library service is free and provided upon enrollment. To access ProQuest:

Introduction LIVE MAPS UNITY PORTAL / INSTALLATION GUIDE Savision B.V. savision.com All rights reserved.

LogMeIn Rescue Web SSO via SAML 2.0 Configuration Guide

1 GETTING STARTED. 5/7/2008 Chapter 1

FOCUS Service Management Software Version 8.5 for CounterPoint Installation Instructions

Connecting to

Pexip Infinity and Cisco UCM Deployment Guide

Junos Pulse Instructions for Windows and Mac OS X

Getting Started Guide

User Guide Version 3.9

Integrating With incontact dbprovider & Screen Pops

Readme File. Purpose. Introduction to Data Integration Management. Oracle s Hyperion Data Integration Management Release 9.2.

Website Design Worksheet

Durango Merchant Services QuickBooks SyncPay

Adobe Sign. Enabling Single Sign-On with SAML Reference Guide

Getting Started Guide

990 e-postcard FAQ. Is there a charge to file form 990-N (e-postcard)? No, the e-postcard system is completely free.

The user authentication process varies from client to client depending on internal resource capabilities, and client processes and procedures.

ViPNet VPN in Cisco Environment. Supplement to ViPNet Documentation

Access EEC s Web Applications... 2 View Messages from EEC... 3 Sign In as a Returning User... 3

Staff and Student VPN User Documentation

How to deploy IVE Active-Active and Active-Passive clusters

:: ADMIN HELP AT A GLANCE Contents

Instant Chime for IBM Sametime Quick Start Guide

Configuring and Monitoring NetApp Products

Optimal Payments Extension. Supporting Documentation for the Extension Package v1.1

Aladdin HASP SRM Key Problem Resolution

Configuring an Client for your Hosting Support POP/IMAP mailbox

Copyright 2013, SafeNet, Inc. All rights reserved. We have attempted to make these documents complete, accurate, and

Service Desk Self Service Overview

Montana Acquisition & Contracting System (emacs) emacs Handbook. Vendor Registration and Data Management

Understand Business Continuity

HP ExpertOne. HP2-T21: Administering HP Server Solutions. Table of Contents

ROSS RepliWeb Operations Suite for SharePoint. SSL User Guide

The Relativity Appliance Installation Guide

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1

Configuring and Integrating LDAP

Remote Desktop Tutorial. By: Virginia Ginny Morris

Blue Link Solutions Terminal Server Configuration How to Install Blue Link Solutions in a Terminal Server Environment

Training Script: Documenting Provider

A COMPLETE GUIDE TO ORACLE BI DISCOVERER END USER LAYER (EUL)

Software Distribution

2. When logging is used, which severity level indicates that a device is unusable?

Readme File. Purpose. What is Translation Manager 9.3.1? Hyperion Translation Manager Release Readme

PS+ Assurance. User Guide Version: 1.0. Page 1

Transcription:

HTTPD - Apache2 Web Server Apache is the mst cmmnly used Web Server n Linux systems. Web Servers are used t serve Web Pages requested by client cmputers. Clients typically request and view Web Pages using Web Brwser applicatins such as Firefx, Opera, r Mzilla. Users enter a Unifrm Resurce Lcatr (URL) t pint t a Web server by means f its Fully Qualified Dmain Name (FQDN) and a path t the required resurce. Fr example, t view the hme page f the Ubuntu Web site a user will enter nly the FQDN. T request specific infrmatin abut paid supprt, a user will enter the FQDN fllwed by a path. The mst cmmn prtcl used t transfer Web pages is the Hyper Text Transfer Prtcl (HTTP). Prtcls such as Hyper Text Transfer Prtcl ver Secure Sckets Layer (HTTPS), and File Transfer Prtcl (FTP), a prtcl fr uplading and dwnlading files, are als supprted. Apache Web Servers are ften used in cmbinatin with the MySQL database engine, the HyperText Preprcessr (PHP) scripting language, and ther ppular scripting languages such as Pythn and Perl. This cnfiguratin is termed LAMP (Linux, Apache, MySQL and Perl/Pythn/PHP) and frms a pwerful and rbust platfrm fr the develpment and deplyment f Web-based applicatins. Installatin The Apache2 web server is available in Ubuntu Linux. T install Apache2: At a terminal prmpt enter the fllwing cmmand: sud apt-get install apache2 Cnfiguratin Apache is cnfigured by placing directives in plain text cnfiguratin files. The main cnfiguratin file is called apache2.cnf. In additin, ther cnfiguratin files may be added using the Include directive, and wildcards can be used t include many cnfiguratin files. Any directive may be placed in any f these cnfiguratin files. Changes t the main cnfiguratin files are nly recgnized by Apache2 when it is started r restarted. The server als reads a file cntaining mime dcument types; the filename is set by the TypesCnfig directive, and is mime.types by default. The default Apache2 cnfiguratin file is /etc/apache2/apache2.cnf. Yu can edit this file t cnfigure the Apache2 server. Yu can cnfigure the prt number, dcument rt, mdules, lg files, virtual hsts, etc.

Basic Settings This sectin explains Apache2 server essential cnfiguratin parameters. Refer t the Apache2 Dcumentatin fr mre details. Apache2 ships with a virtual-hst-friendly default cnfiguratin. That is, it is cnfigured with a single default virtual hst (using the VirtualHst directive) which can mdified r used as-is if yu have a single site, r used as a template fr additinal virtual hsts if yu have multiple sites. If left alne, the default virtual hst will serve as yur default site, r the site users will see if the URL they enter des nt match the ServerName directive f any f yur custm sites. T mdify the default virtual hst, edit the file /etc/apache2/sitesavailable/default. If yu wish t cnfigure a new virtual hst r site, cpy that file int the same directry with a name yu chse. Fr example, sud cp /etc/apache2/sites-available/default /etc/apache2/sites-available/mynewsite Edit the new file t cnfigure the new site using sme f the directives described belw. The ServerAdmin directive specifies the email address t be advertised fr the server's administratr. The default value is webmaster@lcalhst. This shuld be changed t an email address that is delivered t yu (if yu are the server's administratr). If yur website has a prblem, Apache2 will display an errr message cntaining this email address t reprt the prblem t. Find this directive in yur site's cnfiguratin file in /etc/apache2/sites-available. The Listen directive specifies the prt, and ptinally the IP address, Apache2 shuld listen n. If the IP address is nt specified, Apache2 will listen n all IP addresses assigned t the machine it runs n. The default value fr the Listen directive is 80. Change this t 127.0.0.1:80 t cause Apache2 t listen nly n yur lpback interface s that it will nt be available t the Internet, t (fr example) 81 t change the prt that it listens n, r leave it as is fr nrmal peratin. This directive can be fund and changed in its wn file, /etc/apache2/prts.cnf The ServerName directive is ptinal and specifies what FQDN yur site shuld answer t. The default virtual hst has n ServerName directive specified, s it will respnd t all requests that d nt match a ServerName directive in anther virtual hst. If yu have just acquired the dmain name ubunturcks.cm and wish t hst it n yur Ubuntu server, the value f the ServerName directive in yur virtual hst cnfiguratin file shuld be ubunturcks.cm. Add this directive t the new virtual hst file yu created earlier (/etc/apache2/sitesavailable/mynewsite). Yu may als want yur site t respnd t www.ubunturcks.cm, since many users will assume the www prefix is apprpriate. Use the ServerAlias directive fr this. Yu may als use wildcards in the ServerAlias directive. Fr example, ServerAlias *.ubunturcks.cm will cause yur site t respnd t any dmain request ending in.ubunturcks.cm.

The DcumentRt directive specifies where Apache shuld lk fr the files that make up the site. The default value is /var/www. N site is cnfigured there, but if yu uncmment the RedirectMatch directive in /etc/apache2/apache2.cnf requests will be redirected t /var/www/apache2-default where the default Apache2 site awaits. Change this value in yur site's virtual hst file, and remember t create that directry if necessary! The /etc/apache2/sites-available directry is nt parsed by Apache2. Symblic links in /etc/apache2/sites-enabled pint t "available" sites. Use the a2ensite (Apache2 Enable Site) utility t create thse symblic links, like s: sud a2ensite mynewsite where yur site's cnfiguratin file is /etc/apache2/sitesavailable/mynewsite. Similarly, the a2dissite utility shuld be used t disable sites. Default Settings This sectin explains cnfiguratin f the Apache2 server default settings. Fr example, if yu add a virtual hst, the settings yu cnfigure fr the virtual hst take precedence fr that virtual hst. Fr a directive nt defined within the virtual hst settings, the default value is used. The DirectryIndex is the default page served by the server when a user requests an index f a directry by specifying a frward slash (/) at the end f the directry name. Fr example, when a user requests the page http://www.example.cm/this_directry/, he r she will get either the DirectryIndex page if it exists, a server-generated directry list if it des nt and the Indexes ptin is specified, r a Permissin Denied page if neither is true. The server will try t find ne f the files listed in the DirectryIndex directive and will return the first ne it finds. If it des nt find any f these files and if Optins Indexes is set fr that directry, the server will generate and return a list, in HTML frmat, f the subdirectries and files in the directry. The default value, fund in /etc/apache2/apache2.cnf is " index.html index.cgi index.pl index.php index.xhtml". Thus, if Apache2 finds a file in a requested directry matching any f these names, the first will be displayed. The ErrrDcument directive allws yu t specify a file fr Apache t use fr specific errr events. Fr example, if a user requests a resurce that des nt exist, a 404 errr will ccur, and per Apache2's default cnfiguratin, the file /usr/share/apache2/errr/http_not_found.html.var will be displayed. That file is nt in the server's DcumentRt, but there is an Alias directive in /etc/apache2/apache2.cnf that redirects requests t the /errr directry t /usr/share/apache2/errr/. T see a list f the default ErrrDcument directives, use this cmmand: grep ErrrDcument /etc/apache2/apache2.cnf By default, the server writes the transfer lg t the file /var/lg/apache2/access.lg. Yu can change this n a per-site basis in yur

virtual hst cnfiguratin files with the CustmLg directive, r mit it t accept the default, specified in /etc/apache2/apache2.cnf. Yu may als specify the file t which errrs are lgged, via the ErrrLg directive, whse default is /var/lg/apache2/errr.lg. These are kept separate frm the transfer lgs t aid in trubleshting prblems with yur Apache2 server. Yu may als specify the LgLevel (the default value is "warn") and the LgFrmat (see /etc/apache2/apache2.cnf fr the default value). Sme ptins are specified n a per-directry basis rather than per-server. Optin is ne f these directives. A Directry stanza is enclsed in XML-like tags, like s: <Directry /var/www/mynewsite>... </Directry> The Optins directive within a Directry stanza accepts ne r mre f the fllwing values (amng thers), separated by spaces: ExecCGI - Allw executin f CGI scripts. CGI scripts are nt executed if this ptin is nt chsen. Mst files shuld nt be executed as CGI scripts. This wuld be very dangerus. CGI scripts shuld kept in a directry separate frm and utside yur DcumentRt, and nly this directry shuld have the ExecCGI ptin set. This is the default, and the default lcatin fr CGI scripts is /usr/lib/cgi-bin. Includes - Allw server-side includes. Server-side includes allw an HTML file t include ther files. This is nt a cmmn ptin. See the Apache2 SSI HOWTO fr mre infrmatin. IncludesNOEXEC - Allw server-side includes, but disable the #exec and #include cmmands in CGI scripts. Indexes - Display a frmatted list f the directry's cntents, if n DirectryIndex (such as index.html) exists in the requested directry. Fr security reasns, this shuld usually nt be set, and certainly shuld nt be set n yur DcumentRt directry. Enable this ptin carefully n a per-directry basis nly if yu are certain yu want users t see the entire cntents f the directry. Multiview - Supprt cntent-negtiated multiviews; this ptin is disabled by default fr security reasns. See the Apache2 dcumentatin n this ptin. SymLinksIfOwnerMatch - Only fllw symblic links if the target file r directry has the same wner as the link. Virtual Hsts Settings

Virtual hsts allw yu t run different servers fr different IP addresses, different hst names, r different prts n the same machine. Fr example, yu can run the website fr http://www.example.cm and http://www.antherexample.cm n the same Web server using virtual hsts. This ptin crrespnds t the <VirtualHst> directive fr the default virtual hst and IP-based virtual hsts. It crrespnds t the <NameVirtualHst> directive fr a name-based virtual hst. The directives set fr a virtual hst nly apply t that particular virtual hst. If a directive is set server-wide and nt defined within the virtual hst settings, the default setting is used. Fr example, yu can define a Webmaster email address and nt define individual email addresses fr each virtual hst. Set the DcumentRt directive t the directry that cntains the rt dcument (such as index.html) fr the virtual hst. The default DcumentRt is /var/www. The ServerAdmin directive within the VirtualHst stanza is the email address used in the fter f errr pages if yu chse t shw a fter with an email address n the errr pages. Server Settings This sectin explains hw t cnfigure basic server settings. LckFile - The LckFile directive sets the path t the lckfile used when the server is cmpiled with either USE_FCNTL_SERIALIZED_ACCEPT r USE_FLOCK_SERIALIZED_ACCEPT. It must be stred n the lcal disk. It shuld be left t the default value unless the lgs directry is lcated n an NFS share. If this is the case, the default value shuld be changed t a lcatin n the lcal disk and t a directry that is readable nly by rt. PidFile - The PidFile directive sets the file in which the server recrds its prcess ID (pid). This file shuld nly be readable by rt. In mst cases, it shuld be left t the default value. User - The User directive sets the userid used by the server t answer requests. This setting determines the server's access. Any files inaccessible t this user will als be inaccessible t yur website's visitrs. The default value fr User is www-data. Unless yu knw exactly what yu are ding, d nt set the User directive t rt. Using rt as the User will create large security hles fr yur Web server. The Grup directive is similar t the User directive. Grup sets the grup under which the server will answer requests. The default grup is als www-data. Apache Mdules Apache is a mdular server. This implies that nly the mst basic functinality is included in the cre server. Extended features are available thrugh mdules which can

be laded int Apache. By default, a base set f mdules is included in the server at cmpile-time. If the server is cmpiled t use dynamically laded mdules, then mdules can be cmpiled separately, and added at any time using the LadMdule directive. Otherwise, Apache must be recmpiled t add r remve mdules. Ubuntu cmpiles Apache2 t allw the dynamic lading f mdules. Cnfiguratin directives may be cnditinally included n the presence f a particular mdule by enclsing them in an <IfMdule> blck. Yu can install additinal Apache2 mdules and use them with yur Web server. Yu can install Apache2 mdules using the apt-get cmmand. Fr example, t install the Apache2 mdule fr MySQL authenticatin, yu can run the fllwing cmmand frm a terminal prmpt: sud apt-get install libapache2-md-auth-mysql Once yu install the mdule, the mdule will be available in the /etc/apache2/mdsavailable directry. Yu can use the a2enmd cmmand t enable a mdule. Yu can use the a2dismd cmmand t disable a mdule. Once yu enable the mdule, the mdule will be available in the the /etc/apache2/mds-enabled directry. HTTPS Cnfiguratin The md_ssl mdule adds an imprtant feature t the Apache2 server - the ability t encrypt cmmunicatins. Thus, when yur brwser is cmmunicating using SSL, the https:// prefix is used at the beginning f the Unifrm Resurce Lcatr (URL) in the brwser navigatin bar. The md_ssl mdule is available in apache2-cmmn package. If yu have installed this package, yu can run the fllwing cmmand frm a terminal prmpt t enable the md_ssl mdule: sud a2enmd ssl In rder fr Apache t prvide HTTPS, a certificate and key file are als needed. Fr infrmatin n generating a key and btaining a certificate see the sectin called Certificates T cnfigure Apache fr HTTPS add the fllwing fur lines t the /etc/apache2/sites-available/default file, r the cnfiguratin file fr yur secure virtual hst. They shuld be placed in the VirtualHst sectin under the DcumentRt line: SSLEngine n SSLOptins +StrictRequire SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key The directries /etc/ssl/certs and /etc/ssl/private are the default lcatins. If yu install the certificate and key in anther directry make sure t change SSLCertificateFile and SSLCertificateKeyFile apprpriately.

Once yu install yur certificate, and cnfigure Apache, yu shuld restart yur web server. Yu can run the fllwing cmmand at a terminal prmpt t restart yur web server: sud /etc/init.d/apache2 restart Depending n hw yu btained yur certificate yu may need t enter a passphrase when Apache starts. Yu can access the secure server pages by typing https://yur_hstname/url/ in yur brwser address bar. References Apache2 Dcumentatin Md SSL Dcumentatin

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information