&& The Apache Web Server
  ------------------------:

  The apache web server is the most widely used webserver on the
  internet. It is a large program with a myriad of configuration options
  and other tools.

GETTING HELP

  The apache webserver has very detailed documentation which should
  (eventually) help you out of any tight spots.

  @@ http://httpd.apache.org/docs/2.2/
    official documentation for apache version 2.2

  * install documentation for apache2 on a debian style linux
  >> sudo apt-get install apache2-doc

  * show options which can be used with apache 
  >> man apache2
  >> man apache   ##(the same, for an older version)

INSTALLATION

  * install apache version 2 on a debian-style linux
  >> sudo apt-get install apache2
  >> sudo aptitude install apache2    ##(the same)

  * test the installation from the webserver computer itself
  >> firefox 127.0.0.1
  >> firefox localhost

  * see what the status (running, stopped etc) of the webserver is
  >> sudo apache2ctl status

LAMP INSTALLATION ....

  * install Apache2 wth the MySQL database server and PHP on a 'debian' system
  >> sudo tasksel install lamp-server

  @@ http://www.ubuntugeek.com/how-to-install-apache2-webserver-with-phpcgi-and-perl-support-in-ubuntu-server.html
    how to install apache2 with php and cgi but not mysql

SYMBOLIC LINKS 

  * make apache serve documents referenced by unix-style symbolic links
  >> options followsymlinks

CGI CONFIGURATION

  * execute all scripts in the folder as cgi scripts 
  >> ScriptAlias /cgi-bin/ /usr/local/apache2/cgi-bin/ 

  * allow cgi execution of '.cgi' and '.pl' in a particular folder 
  ----------------------------------------------------------------
    <Directory /usr/local/apache2/htdocs/somedir>
    Options +ExecCGI
    AddHandler cgi-script .cgi .pl 
    </Directory> 
  ,,,

  * all cgi execution of all files in all user cgi-bin folders
  ------------------------------------------------------------
    <Directory /home/*/public_html/cgi-bin>
    Options ExecCGI
    SetHandler cgi-script
    </Directory> 
  ,,,

  * a perl script to show all environment variables
  -------------------------------------------------
    #!/usr/bin/perl
    print "Content-type: text/html\n\n";
    foreach $key (keys %ENV) {
      print "$key --> $ENV{$key}<br>";
    } 
  ,,,

PERL CGI SUPPORT ....

  @@ http://slashdot.org
    an example of a site using the apache perl module with the 
    web server and perl scripts

  * install the perl-cgi module for apache
  >> sudo aptitude install libapache2-mod-perl2

  * create a cgi folder
  >> sudo mkdir /home/www/cgi-bin

  * add to the virtual host configuration
  ---------------------------------------
     ScriptAlias /cgi-bin/ /home/www/cgi-bin/
     <Directory /home/www/cgi-bin/>
       Options ExecCGI
       AddHandler cgi-script cgi pl
     </Directory>
  ,,,

  * test perl cgi support
  -----------------------
  cd /home/www/cgi-bin
  sudo vim test.pl
  #!/usr/bin/perl -w
   print "Content-type: text/html\r\n\r\n";
   print "Hello there!\n";

  sudo chmod a+x test.pl
  lynx http://yourserverip/cgi-bin/test.pl
  ,,,

PHP INSTALLATION ....

  * install php5 to run with apache
  >> sudo aptitiude install php5 libapache2-mod-php5

  * install php4 to run with apache
  >> sudo aptitiude install php4 libapache2-mod-php4

  * load the php4 or 5 modules into apache
  >> sudo a2enmod php5
  >> sudo a2enmod php4

  * test if the php installation worked swimmingly
  >> sudo nano /var/www/testphp.php
  >> add the line '<?php phpinfo(); ?>'
  >> lynx http://localhost/testphp.php

STARTING AND STOPPING THE SERVER

  * restart the apache server
  >> sudo apache2ctl restart

CONFIGURATION TOOLS

  == some configuration tools 
  .. rapache - graphical configuration
  ..

MODULES

  @@ http://127.0.0.1/doc/apache2-doc/manual/en/mod/index.html
     the location of module documentation when apache2 documentation has
     been installed in the webserver
  @@ http://www.debian-administration.org/articles/136
     how to enable a module

  * show all loaded modules
  >>  apache2ctl -M
  >>  apachectl -M     ##(the same for older version of apache)
  >>  httpd -M         ##(for old versions of apache)

  * show which modules are enabled
  >> ls /etc/apache2/mods-enabled/

  * load the php4 module into apache
  >> sudo a2enmod php4; sudo apache2ctl restart

HTACCESS CONFIGURATION

  To check if .htaccess files are actually being considered
  put junk in them and restart the server.

  * allow .htaccess files to have effect
  >> AllowOverride all

  * prevent the directives in '.htaccess' files from having any effect
  >> AllowOverride None

GLOBAL CONFIGURATION

  * show options for apache2 (which can be used with apache2ctl as well)
  >> man apache2

  * show where the global configuration file is
  >> apache2ctl -V | grep SERVER_CONFIG_FILE

  * show verbose information about the installation
  >> apache2ctl -V

  * edit the apache2 global configuration file
  >> sudo nano /etc/apache2/apache2.conf
  >> sudo vim /etc/apache2/apache2.conf    ##(for the intrepid)

  * change the default document root to '/home/www/'
  >> DocumentRoot /home/www/
  >> and the following <Directory> tag 
  >> <Directory /home/www/>
  >> ...
  >> </Directory>

  * edit the configuration file for a virtual host
  >> sudo vim /etc/apache2/sites-available/default

ALIASES


REDIRECTIONS

  * place redirections in the ".htaccess" file
  >> Redirect / http://www.site.com

  * redirect any requests to '/msadc' to microsoft
  >> redirect /msadc http://www.microsoft.com

  * redirect any request to a 'cmd.exe' file to microsoft
  >> RedirectMatch (.*)\cmd.exe$ http://www.microsoft.com$1

USING MOD REWRITE ....

  @@ http://httpd.apache.org/docs/2.2/rewrite/rewrite_guide.html
     solving specific problems using the rewrite module
  @@ http://www.tutorio.com/tutorial/enable-mod-rewrite-on-apache
     how to enable the rewrite module

  * redirect filenames ending in ".txt.html" to the cgi script 'text2html.cgi'
  >> RewriteRule ^(.*)\.txt\.html$ /cgi-bin/text2html.cgi?$1

  For example a request to 
    >> www.server.org/path/file.txt.html
  Is translated to
    >> www.server.org/cgi-bin/text2html.cgi?path/file.txt.html

  * redirect 'www.m.org' to 'www.m.org/cgi-bin/test.cgi?
  >> RewriteRule ^$ /cgi-bin/test.cgi?$1

  * allow editing of the '.htaccess' file (probably not a great idea)
  >> RewriteRule ^htaccess$ /cgi-bin/edit.cgi?../htdocs/.htaccess

  If the user makes a request to 'www.m.org/htaccess' she will be redirected to
  'www.m.org/cgi-bin/edit.cgi?../htdocs/.htaccess. If the 'edit.cgi' script
  allows editing of files, then this is one, extremely insecure way of update
  the '.htaccess' file.


CONDITIONAL REDIRECTIONS ....

  * redirect requests from 192.12.131.1 to the page 'about.html' .,,
    SetEnvIf REMOTE_ADDR 192.12.131.1 REDIR="redir"
    RewriteCond %{REDIR} redir
    RewriteRule ^/$ /about.html
  ,,,

DENYING ACCESS

  In some cases it is advisable to disallow any web-access to
  a file on the web-server.

  * deny access from anybody to a web-folder
  >> deny from all

  * forbidd access to all files with a '.cfg' filename extension
  --------------------------------------------------------------
   <Files ~ "\.(cfg)$">
    order allow,deny
    deny from all
   </Files>
  ,,,

  * forbid access for anyone to the file 'config.inc.php'
  -------------------------------------------------------
    <Files config.inc.php>
      order allow,deny
      deny from all
    </Files>
  ,,,

ALLOW ACCESS BY IP ADDRESS

  Allow connections only from the ip address 192.126.12.199 .,,

    order allow deny
    deny from all
    allow from 192.126.12.199
  ,,,

USING BASIC AUTHENTICATION ....

  
  @@ http://www.htpasswdgenerator.com/apache/htaccess.html
     a simple introduction to the htaccess file

  * create a password file for user 'jon' to use with basic authentication
  >>  htpasswd -c /path/to/passwordfile jon 

  * place the text 'restricted zone' in the title bar of the login box
  >> AuthName "restricted zone"

  * set a password for the file 'private.txt'
  -------------------------------------------
    <Files private.txt>
      AuthName "Users zone"
      AuthType Basic
      AuthUserFile /pub/home/your_login/.htpasswd
    </Files>
  ,,,

  * require a password to access all files which end with "x.cgi"
  ---------------------------------------------------------------
    AuthType Basic
    AuthName "Password Protected"
    AuthUserFile /home/users/www/.htpasswd
    <Files ~ "\.x\.cgi$">
        Require valid-user
    </Files>
  ,,,

  * require a password to access all files which end with "x.cgi"
  ---------------------------------------------------------------
    AuthType Basic
    AuthName "Password Protected"
    AuthUserFile /home/users/www/.htpasswd
    <Files ~ "\.x\.cgi$">
        Require valid-user
    </Files>
  ,,,

  * require a password to access all files which end with 'cgi' or 'txt' 
  ---------------------------------------------------------------
    AuthType Basic
    AuthName "Password Protected"
    AuthUserFile /home/users/www/.htpasswd
    <Files ~ "\.(cgi|txt)$">
        Require valid-user
    </Files>
  ,,,

  * require a password to access an entire folder
  -----------------------------------------------
   AuthName "Private zone"
   AuthType Basic
   AuthUserFile /pub/home/user/.htpasswd
   require valid-user
  ,,,

  This should be placed in a '.htaccess' file in the folder
  which you wish to protect, or else in a <directory> tag in the
  global configuration file.

LOG FILES

  == log file tools
  .. ip2host - substitute servernames for ip addresses in the log files
  .. jdresolv - alternative to logresolv
  .. logstalgia - access log visualizer
  .. visitors - access log analyser
  .. vlogger - log file rotator

  * show the apache2 error log on a debian-style linux system
  >> less /var/log/apache2/error.log

  * look in configuration files to see where the error log file is
  >> grep -sri errorlog /etc/apache2

MONITORING

  == apache webserver monitoring tools
  .. apachetop
  ..

LOAD TESTING

  ==
  .. jmeter - load testing and metering
 
OTHER WEB SERVERS

  == some alternatives to apache
  .. mini-httpd - a small server with cgi
  .. lighttpd - small server
  .. cherokee - another one
  .. nanoweb - web server written in php (!?)
  .. nginx - 
  ..

NOTES 

  * restart apache only if config works
  >> alias restart='apache2ctl configtest && apache2ctl restart'

  * List apache2 virtualhosts
  >> /usr/sbin/apache2ctl -S 2>&1 | perl -ne 'm@.*port\s+([0-9]+)\s+\w+\s+(\S+)\s+\((.+):.*@ && do { print "$2:$1\n\t$3\n"; $root = qx{grep DocumentRoot $3}; $root =~ s/^\s+//; print "\t$root\n" };'

  * Restart the web server gracefully
  >> apache2ctl graceful

DOCUMENT-NOTES:
 
  # this section contains information about the document and
  # will not normally be printed.

  # A small (16x16) icon image to identify the book
  document-icon:
  # A larger image to identify or illustrate the title page
  document-image:
  # what sort of document is this
  document-type: book
  # in what kind of state (good or bad) is this document 
  document-quality: just beginning
  # work which has been carried out on this document
  document-history:
  @@ 2009
     document begun, in a very rudimentary fashion. 
  @@ jan 29, 2010
     adding some configuration information
  # who wrote this
  authors: mjbishop at fastmail dot fm
  # a short description of the contents, possible used for doc lists
  short-description: how to administer the apache web server
  # the script which will be used to produce html (a webpage)
  make-html: booktohtml.cgi
  # the script which will produce 'LaTeX' output (for printing, pdf etc)
  make-latex: booktolatex.cgi


  * Watch for when your web server returns
  >> watch -n 15 curl -s --connect-timeout 10 http://www.google.com/
 
  * Analyse an Apache access log for the most common IP addresses
  >> tail -10000 access_log | awk '{print $1}' | sort | uniq -c | sort -n | tail