The Apache Web Server

Table of Contents

last revision
27 October 2011, 6:33pm
book quality
just beginning

:

The apache web server is the most widely used webserver on the internet. It is a large program with a myriad of configuration options and other tools.

Getting Help ‹↑›

The apache webserver has very detailed documentation which should (eventually) help you out of any tight spots.

www: http://httpd.apache.org/docs/2.2/
official documentation for apache version 2.2
install documentation for apache2 on a debian style linux
 sudo apt-get install apache2-doc

show options which can be used with apache

 man apache2
 man apache   the same, for an older version

Installation ‹↑›

install apache version 2 on a debian-style linux

 sudo apt-get install apache2
 sudo aptitude install apache2    the same

test the installation from the webserver computer itself

 firefox 127.0.0.1
 firefox localhost

see what the status (running, stopped etc) of the webserver is

 sudo apache2ctl status

Lamp Installation ‹↑›

install Apache2 wth the MySQL database server and PHP on a 'debian' system

 sudo tasksel install lamp-server

www: http://www.ubuntugeek.com/how-to-install-apache2-webserver-with-phpcgi-and-perl-support-in-ubuntu-server.html
how to install apache2 with php and cgi but not mysql

Symbolic Links ‹↑›

make apache serve documents referenced by unix-style symbolic links

 options followsymlinks

Cgi Configuration ‹↑›

execute all scripts in the folder as cgi scripts

 ScriptAlias /cgi-bin/ /usr/local/apache2/cgi-bin/

allow cgi execution of '.cgi' and '.pl' in a particular folder

    <Directory /usr/local/apache2/htdocs/somedir>
    Options +ExecCGI
    AddHandler cgi-script .cgi .pl 
    </Directory> 

all cgi execution of all files in all user cgi-bin folders

    <Directory /home/*/public_html/cgi-bin>
    Options ExecCGI
    SetHandler cgi-script
    </Directory> 

a perl script to show all environment variables

    #!/usr/bin/perl
    print "Content-type: text/html\n\n";
    foreach $key (keys %ENV) {
      print "$key --> $ENV{$key}<br>";
    } 

Perl Cgi Support ‹↑›

www: http://slashdot.org
an example of a site using the apache perl module with the web server and perl scripts
install the perl-cgi module for apache
 sudo aptitude install libapache2-mod-perl2

create a cgi folder

 sudo mkdir /home/www/cgi-bin

add to the virtual host configuration

     ScriptAlias /cgi-bin/ /home/www/cgi-bin/
     <Directory /home/www/cgi-bin/>
       Options ExecCGI
       AddHandler cgi-script cgi pl
     </Directory>

test perl cgi support

  cd /home/www/cgi-bin
  sudo vim test.pl
  #!/usr/bin/perl -w
   print "Content-type: text/html\r\n\r\n";
   print "Hello there!\n";

  sudo chmod a+x test.pl
  lynx http://yourserverip/cgi-bin/test.pl

Php Installation ‹↑›

install php5 to run with apache

 sudo aptitiude install php5 libapache2-mod-php5

install php4 to run with apache

 sudo aptitiude install php4 libapache2-mod-php4

load the php4 or 5 modules into apache

 sudo a2enmod php5
 sudo a2enmod php4

test if the php installation worked swimmingly

 sudo nano /var/www/testphp.php
 add the line '<?php phpinfo(); ?>'
 lynx http://localhost/testphp.php

Starting And Stopping The Server ‹↑›

restart the apache server

 sudo apache2ctl restart

Configuration Tools ‹↑›

Modules ‹↑›

www: http://127.0.0.1/doc/apache2-doc/manual/en/mod/index.html
the location of module documentation when apache2 documentation has been installed in the webserver
www: http://www.debian-administration.org/articles/136
how to enable a module
show all loaded modules
  apache2ctl -M
  apachectl -M     the same for older version of apache
  httpd -M         for old versions of apache

show which modules are enabled

 ls /etc/apache2/mods-enabled/

load the php4 module into apache

 sudo a2enmod php4; sudo apache2ctl restart

Htaccess Configuration ‹↑›

To check if .htaccess files are actually being considered put junk in them and restart the server.

allow .htaccess files to have effect

 AllowOverride all

prevent the directives in '.htaccess' files from having any effect

 AllowOverride None

Global Configuration ‹↑›

show options for apache2 (which can be used with apache2ctl as well)

 man apache2

show where the global configuration file is

 apache2ctl -V | grep SERVER_CONFIG_FILE

show verbose information about the installation

 apache2ctl -V

edit the apache2 global configuration file

 sudo nano /etc/apache2/apache2.conf
 sudo vim /etc/apache2/apache2.conf    for the intrepid

change the default document root to '/home/www/'

 DocumentRoot /home/www/
 and the following <Directory> tag
 <Directory /home/www/>
 ...
 </Directory>

edit the configuration file for a virtual host

 sudo vim /etc/apache2/sites-available/default

Aliases ‹↑›

Redirections ‹↑›

place redirections in the ".htaccess" file

 Redirect / http://www.site.com

redirect any requests to '/msadc' to microsoft

 redirect /msadc http://www.microsoft.com

redirect any request to a 'cmd.exe' file to microsoft

 RedirectMatch (.*)\cmd.exe$ http://www.microsoft.com$1

Using Mod Rewrite ‹↑›

www: http://httpd.apache.org/docs/2.2/rewrite/rewrite_guide.html
solving specific problems using the rewrite module
www: http://www.tutorio.com/tutorial/enable-mod-rewrite-on-apache
how to enable the rewrite module
redirect filenames ending in ".txt.html" to the cgi script 'text2html.cgi'
 RewriteRule ^(.*)\.txt\.html$ /cgi-bin/text2html.cgi?$1

For example a request to

 www.server.org/path/file.txt.html
Is translated to
 www.server.org/cgi-bin/text2html.cgi?path/file.txt.html

redirect 'www.m.org' to 'www.m.org/cgi-bin/test.cgi?

 RewriteRule ^$ /cgi-bin/test.cgi?$1

allow editing of the '.htaccess' file (probably not a great idea)

 RewriteRule ^htaccess$ /cgi-bin/edit.cgi?../htdocs/.htaccess

If the user makes a request to 'www.m.org/htaccess' she will be redirected to 'www.m.org/cgi-bin/edit.cgi?../htdocs/.htaccess. If the 'edit.cgi' script allows editing of files, then this is one, extremely insecure way of update the '.htaccess' file.

Conditional Redirections ‹↑›

redirect requests from 192.12.131.1 to the page 'about.html' .,, SetEnvIf REMOTE_ADDR 192.12.131.1 REDIR="redir" RewriteCond %{REDIR} redir RewriteRule ^/$ /about.html ,,,

Denying Access ‹↑›

In some cases it is advisable to disallow any web-access to a file on the web-server.

deny access from anybody to a web-folder

 deny from all

forbidd access to all files with a '.cfg' filename extension

   <Files ~ "\.(cfg)$">
    order allow,deny
    deny from all
   </Files>

forbid access for anyone to the file 'config.inc.php'

    <Files config.inc.php>
      order allow,deny
      deny from all
    </Files>

Allow Access By Ip Address ‹↑›

Allow connections only from the ip address 192.126.12.199 .,,

order allow deny deny from all allow from 192.126.12.199 ,,,

Using Basic Authentication ‹↑›

www: http://www.htpasswdgenerator.com/apache/htaccess.html
a simple introduction to the htaccess file
create a password file for user 'jon' to use with basic authentication
  htpasswd -c /path/to/passwordfile jon

place the text 'restricted zone' in the title bar of the login box

 AuthName "restricted zone"

set a password for the file 'private.txt'

    <Files private.txt>
      AuthName "Users zone"
      AuthType Basic
      AuthUserFile /pub/home/your_login/.htpasswd
    </Files>

require a password to access all files which end with "x.cgi"

    AuthType Basic
    AuthName "Password Protected"
    AuthUserFile /home/users/www/.htpasswd
    <Files ~ "\.x\.cgi$">
        Require valid-user
    </Files>

require a password to access all files which end with "x.cgi"

    AuthType Basic
    AuthName "Password Protected"
    AuthUserFile /home/users/www/.htpasswd
    <Files ~ "\.x\.cgi$">
        Require valid-user
    </Files>

require a password to access all files which end with 'cgi' or 'txt'

    AuthType Basic
    AuthName "Password Protected"
    AuthUserFile /home/users/www/.htpasswd
    <Files ~ "\.(cgi|txt)$">
        Require valid-user
    </Files>

require a password to access an entire folder

   AuthName "Private zone"
   AuthType Basic
   AuthUserFile /pub/home/user/.htpasswd
   require valid-user

This should be placed in a '.htaccess' file in the folder which you wish to protect, or else in a <directory> tag in the global configuration file.

Log Files ‹↑›

some configuration tools
rapache - graphical configuration

show the apache2 error log on a debian-style linux system

 less /var/log/apache2/error.log

look in configuration files to see where the error log file is

 grep -sri errorlog /etc/apache2

Monitoring ‹↑›

log file tools
ip2host - substitute servernames for ip addresses in the log files
jdresolv - alternative to logresolv
logstalgia - access log visualizer
visitors - access log analyser
vlogger - log file rotator

Load Testing ‹↑›

apache webserver monitoring tools
apachetop

Other Web Servers ‹↑›

jmeter - load testing and metering

Notes ‹↑›

restart apache only if config works

 alias restart='apache2ctl configtest && apache2ctl restart'

List apache2 virtualhosts

 /usr/sbin/apache2ctl -S 2>&1 | perl -ne 'm@.*port\s+([0-9]+)\s+\w+\s+(\S+)\s+\((.+):.*@ && do { print "$2:$1\n\t$3\n"; $root = qx{grep DocumentRoot $3}; $root =~ s/^\s+//; print "\t$root\n" };'

Restart the web server gracefully

 apache2ctl graceful

DOCUMENT-NOTES:

some alternatives to apache
mini-httpd - a small server with cgi
lighttpd - small server
cherokee - another one
nanoweb - web server written in php (!?)
nginx -