% -------------------------------------------
% latex generated by: booktolatex.cgi
% from source file : ../htdocs/books/apache/apache-book.txt
% on: 19 April 2024, 6:57am
% querystring: books/apache/apache-book.txt
% document-root: /var/www/html
% script-name: /cgi-bin/booktolatex.cgi
% Server-name: bumble.sourceforge.net
% Sed-script: booktolatex.sed
% -------------------------------------------
\documentclass[a4paper,12pt]{article}
\usepackage[margin=0.4cm,noheadfoot]{geometry}
\usepackage{color} %% to use colours, use "xcolor" for more
\usepackage{multicol} %% for multiple columns
\usepackage{keystroke} %% for keyboard key images
\usepackage[toc]{multitoc} %% for multi column table of contents
\usepackage{tocloft} %% to customize the table of contents
\setcounter{tocdepth}{2} %% only display 2 levels in the contents
\setlength{\cftbeforesecskip}{0cm} %% make the toc more compact
\usepackage{listings} %% for nice code listings
%\lstset{language={},
\lstset{language=,
%% define special comment delimiters '##(' and ')'
moredelim=[s][\color{grey}\itshape\footnotesize\ttfamily]{~(}{)},
basicstyle=\ttfamily, %% fixed pitch font
xleftmargin=1cm, %% margin on the left outside the frames
breaklines=true, %% break long code lines
breakatwhitespace=false, %% break long code lines anywhere
breakindent=10pt, %% reduce the indent from 20pt to 10
postbreak=\mbox{{\color{blue}\small$\Rightarrow$\space}}, %% mark with arrow
showstringspaces=false, %% dont show spaces within strings
framerule=5pt, %% thickness of the frames
rulecolor=\color{lightgrey}, frame=l} %% source code settings
\usepackage{graphicx} %% to include images
\usepackage{fancybox} %% boxes with rounded corners
\usepackage{wrapfig} %% flow text around tables, images
\usepackage{tabularx} %% change width of tables
\usepackage[table]{xcolor} %% alternate row colour tables
\usepackage{booktabs} %% for heavier rules in tables
\usepackage[small,compact]{titlesec} %% sections more compact, less space
\usepackage{enumitem} %% more compact and better lists
\setlist{noitemsep} %% reduce list item spacing
\usepackage{hyperref} %% make urls into hyperlinks
\hypersetup{ %% add "pdftex," if only pdf output is required
colorlinks=true, %% set up the colours for the hyperlinks
linkcolor=black, %% internal document links black
urlcolor=black, %% url links black
filecolor=red,
citecolor=red,
bookmarks=true, pdfpagemode=UseOutlines}
% define some colours to use
\definecolor{lightgrey}{gray}{0.70}
\definecolor{grey}{gray}{0.30}
\titleformat{\section}[frame] %% titlesec: create framed section headings
{\normalfont}
{\filleft \footnotesize \enspace Section \thesection\enspace\enspace}
{3pt} {\bfseries\itshape\filright}
\title{The Apache Web Server}
\author{}
\date{27 October 2011, 6:33pm}
\setlength{\parindent}{0pt}
% \setlength{\parskip}{1ex}
% label lists with stars
\renewcommand{\labelitemi}{$\star$}
\begin{document}
\centerline{\Large \bf The Apache Web Server} \medskip
\begin{center}
{\huge ``}\textit{}{\huge ''}
\textsc{}
\end{center}
% -----------------------------------
% the toc should be 2 columns because of the \multitoc package
\tableofcontents
The apache web server is the most widely used webserver on the
internet. It is a large program with a myriad of configuration options
and other tools.
\section{Getting Help}
The apache webserver has very detailed documentation which should
(eventually) help you out of any tight spots.
\begin{description}[labelindent=1cm, leftmargin=2cm, style=nextline]
\item[\url{http://httpd.apache.org/docs/2.2/}]
official documentation for apache version 2.2
\end{description}
\emph{ Install documentation for apache2 on a debian style linux }
\begin{lstlisting}
sudo apt-get install apache2-doc
\end{lstlisting}
\emph{ Show options which can be used with apache }
\begin{lstlisting}
man apache2
\end{lstlisting}
\begin{lstlisting}
man apache ~(the same, for an older version)
\end{lstlisting}
\section{Installation}
\emph{ Install apache version 2 on a debian-style linux }
\begin{lstlisting}
sudo apt-get install apache2
\end{lstlisting}
\begin{lstlisting}
sudo aptitude install apache2 ~(the same)
\end{lstlisting}
\emph{ Test the installation from the webserver computer itself }
\begin{lstlisting}
firefox 127.0.0.1
\end{lstlisting}
\begin{lstlisting}
firefox localhost
\end{lstlisting}
\emph{ See what the status (running, stopped etc) of the webserver is }
\begin{lstlisting}
sudo apache2ctl status
\end{lstlisting}
\subsection{Lamp Installation}
\emph{ Install Apache2 wth the MySQL database server and PHP on a 'debian' system }
\begin{lstlisting}
sudo tasksel install lamp-server
\end{lstlisting}
\begin{description}[labelindent=1cm, leftmargin=2cm, style=nextline]
\item[\url{http://www.ubuntugeek.com/how-to-install-apache2-webserver-with-phpcgi-and-perl-support-in-ubuntu-server.html}]
how to install apache2 with php and cgi but not mysql
\end{description}
\section{Symbolic Links}
\emph{ Make apache serve documents referenced by unix-style symbolic links }
\begin{lstlisting}
options followsymlinks
\end{lstlisting}
\section{Cgi Configuration}
\emph{ Execute all scripts in the folder as cgi scripts }
\begin{lstlisting}
ScriptAlias /cgi-bin/ /usr/local/apache2/cgi-bin/
\end{lstlisting}
\emph{ Allow cgi execution of '.cgi' and '.pl' in a particular folder }
\begin{lstlisting}
Options +ExecCGI
AddHandler cgi-script .cgi .pl
\end{lstlisting}
\emph{ All cgi execution of all files in all user cgi-bin folders }
\begin{lstlisting}
Options ExecCGI
SetHandler cgi-script
\end{lstlisting}
\emph{ A perl script to show all environment variables }
\begin{lstlisting}
#!/usr/bin/perl
print "Content-type: text/html\n\n";
foreach $key (keys %ENV) {
print "$key --> $ENV{$key}
";
}
\end{lstlisting}
\subsection{Perl Cgi Support}
\begin{description}[labelindent=1cm, leftmargin=2cm, style=nextline]
\item[\url{http://slashdot.org}]
an example of a site using the apache perl module with the
web server and perl scripts
\end{description}
\emph{ Install the perl-cgi module for apache }
\begin{lstlisting}
sudo aptitude install libapache2-mod-perl2
\end{lstlisting}
\emph{ Create a cgi folder }
\begin{lstlisting}
sudo mkdir /home/www/cgi-bin
\end{lstlisting}
\emph{ Add to the virtual host configuration }
\begin{lstlisting}
ScriptAlias /cgi-bin/ /home/www/cgi-bin/
Options ExecCGI
AddHandler cgi-script cgi pl
\end{lstlisting}
\emph{ Test perl cgi support }
\begin{lstlisting}
cd /home/www/cgi-bin
sudo vim test.pl
#!/usr/bin/perl -w
print "Content-type: text/html\r\n\r\n";
print "Hello there!\n";
sudo chmod a+x test.pl
lynx http://yourserverip/cgi-bin/test.pl
\end{lstlisting}
\subsection{Php Installation}
\emph{ Install php5 to run with apache }
\begin{lstlisting}
sudo aptitiude install php5 libapache2-mod-php5
\end{lstlisting}
\emph{ Install php4 to run with apache }
\begin{lstlisting}
sudo aptitiude install php4 libapache2-mod-php4
\end{lstlisting}
\emph{ Load the php4 or 5 modules into apache }
\begin{lstlisting}
sudo a2enmod php5
\end{lstlisting}
\begin{lstlisting}
sudo a2enmod php4
\end{lstlisting}
\emph{ Test if the php installation worked swimmingly }
\begin{lstlisting}
sudo nano /var/www/testphp.php
\end{lstlisting}
\begin{lstlisting}
add the line ''
\end{lstlisting}
\begin{lstlisting}
lynx http://localhost/testphp.php
\end{lstlisting}
\section{Starting And Stopping The Server}
\emph{ Restart the apache server }
\begin{lstlisting}
sudo apache2ctl restart
\end{lstlisting}
\section{Configuration Tools}
\arrayrulecolor{gray}
\begin{center}
\begin{tabular}{ |rl| }
\multicolumn{2}{c}{\textbf{ some configuration tools }} \\
\hline
\texttt{ rapache } & Graphical configuration \\
\hline
\end{tabular}
\end{center}
\section{Modules}
\begin{description}[labelindent=1cm, leftmargin=2cm, style=nextline]
\item[\url{http://127.0.0.1/doc/apache2-doc/manual/en/mod/index.html}]
the location of module documentation when apache2 documentation has
been installed in the webserver
\item[\url{http://www.debian-administration.org/articles/136}]
how to enable a module
\end{description}
\emph{ Show all loaded modules }
\begin{lstlisting}
apache2ctl -M
\end{lstlisting}
\begin{lstlisting}
apachectl -M ~(the same for older version of apache)
\end{lstlisting}
\begin{lstlisting}
httpd -M ~(for old versions of apache)
\end{lstlisting}
\emph{ Show which modules are enabled }
\begin{lstlisting}
ls /etc/apache2/mods-enabled/
\end{lstlisting}
\emph{ Load the php4 module into apache }
\begin{lstlisting}
sudo a2enmod php4; sudo apache2ctl restart
\end{lstlisting}
\section{Htaccess Configuration}
To check if .htaccess files are actually being considered
put junk in them and restart the server.
\emph{ Allow .htaccess files to have effect }
\begin{lstlisting}
AllowOverride all
\end{lstlisting}
\emph{ Prevent the directives in '.htaccess' files from having any effect }
\begin{lstlisting}
AllowOverride None
\end{lstlisting}
\section{Global Configuration}
\emph{ Show options for apache2 (which can be used with apache2ctl as well) }
\begin{lstlisting}
man apache2
\end{lstlisting}
\emph{ Show where the global configuration file is }
\begin{lstlisting}
apache2ctl -V | grep SERVER_CONFIG_FILE
\end{lstlisting}
\emph{ Show verbose information about the installation }
\begin{lstlisting}
apache2ctl -V
\end{lstlisting}
\emph{ Edit the apache2 global configuration file }
\begin{lstlisting}
sudo nano /etc/apache2/apache2.conf
\end{lstlisting}
\begin{lstlisting}
sudo vim /etc/apache2/apache2.conf ~(for the intrepid)
\end{lstlisting}
\emph{ Change the default document root to '/home/www/' }
\begin{lstlisting}
DocumentRoot /home/www/
\end{lstlisting}
\begin{lstlisting}
and the following tag
\end{lstlisting}
\begin{lstlisting}
\end{lstlisting}
\begin{lstlisting}
...
\end{lstlisting}
\begin{lstlisting}
\end{lstlisting}
\emph{ Edit the configuration file for a virtual host }
\begin{lstlisting}
sudo vim /etc/apache2/sites-available/default
\end{lstlisting}
\section{Aliases}
\section{Redirections}
\emph{ Place redirections in the ``.htaccess'' file }
\begin{lstlisting}
Redirect / http://www.site.com
\end{lstlisting}
\emph{ Redirect any requests to '/msadc' to microsoft }
\begin{lstlisting}
redirect /msadc http://www.microsoft.com
\end{lstlisting}
\emph{ Redirect any request to a 'cmd.exe' file to microsoft }
\begin{lstlisting}
RedirectMatch (.*)\cmd.exe$ http://www.microsoft.com$1
\end{lstlisting}
\subsection{Using Mod Rewrite}
\begin{description}[labelindent=1cm, leftmargin=2cm, style=nextline]
\item[\url{http://httpd.apache.org/docs/2.2/rewrite/rewrite_guide.html}]
solving specific problems using the rewrite module
\item[\url{http://www.tutorio.com/tutorial/enable-mod-rewrite-on-apache}]
how to enable the rewrite module
\end{description}
\emph{ Redirect filenames ending in ``.txt.html'' to the cgi script 'text2html.cgi' }
\begin{lstlisting}
RewriteRule ^(.*)\.txt\.html$ /cgi-bin/text2html.cgi?$1
\end{lstlisting}
For example a request to
\begin{lstlisting}
www.server.org/path/file.txt.html
\end{lstlisting}
Is translated to
\begin{lstlisting}
www.server.org/cgi-bin/text2html.cgi?path/file.txt.html
\end{lstlisting}
\emph{ Redirect 'www.m.org' to 'www.m.org/cgi-bin/test.cgi? }
\begin{lstlisting}
RewriteRule ^$ /cgi-bin/test.cgi?$1
\end{lstlisting}
\emph{ Allow editing of the '.htaccess' file (probably not a great idea) }
\begin{lstlisting}
RewriteRule ^htaccess$ /cgi-bin/edit.cgi?../htdocs/.htaccess
\end{lstlisting}
If the user makes a request to 'www.m.org/htaccess' she will be redirected to
'www.m.org/cgi-bin/edit.cgi?../htdocs/.htaccess. If the 'edit.cgi' script
allows editing of files, then this is one, extremely insecure way of update
the '.htaccess' file.
\subsection{Conditional Redirections}
\emph{ Redirect requests from 192.12.131.1 to the page 'about.html' .,, }
SetEnvIf REMOTE\_ADDR 192.12.131.1 REDIR=``redir''
RewriteCond \%$\{$REDIR$\}$ redir
RewriteRule \^{}/\$ /about.html
,,,
\section{Denying Access}
In some cases it is advisable to disallow any web-access to
a file on the web-server.
\emph{ Deny access from anybody to a web-folder }
\begin{lstlisting}
deny from all
\end{lstlisting}
\emph{ Forbidd access to all files with a '.cfg' filename extension }
\begin{lstlisting}
order allow,deny
deny from all
\end{lstlisting}
\emph{ Forbid access for anyone to the file 'config.inc.php' }
\begin{lstlisting}
order allow,deny
deny from all
\end{lstlisting}
\section{Allow Access By Ip Address}
Allow connections only from the ip address 192.126.12.199 .,,
order allow deny
deny from all
allow from 192.126.12.199
,,,
\subsection{Using Basic Authentication}
\begin{description}[labelindent=1cm, leftmargin=2cm, style=nextline]
\item[\url{http://www.htpasswdgenerator.com/apache/htaccess.html}]
a simple introduction to the htaccess file
\end{description}
\emph{ Create a password file for user 'jon' to use with basic authentication }
\begin{lstlisting}
htpasswd -c /path/to/passwordfile jon
\end{lstlisting}
\emph{ Place the text 'restricted zone' in the title bar of the login box }
\begin{lstlisting}
AuthName "restricted zone"
\end{lstlisting}
\emph{ Set a password for the file 'private.txt' }
\begin{lstlisting}
AuthName "Users zone"
AuthType Basic
AuthUserFile /pub/home/your_login/.htpasswd
\end{lstlisting}
\emph{ Require a password to access all files which end with ``x.cgi'' }
\begin{lstlisting}
AuthType Basic
AuthName "Password Protected"
AuthUserFile /home/users/www/.htpasswd
Require valid-user
\end{lstlisting}
\emph{ Require a password to access all files which end with ``x.cgi'' }
\begin{lstlisting}
AuthType Basic
AuthName "Password Protected"
AuthUserFile /home/users/www/.htpasswd
Require valid-user
\end{lstlisting}
\emph{ Require a password to access all files which end with 'cgi' or 'txt' }
\begin{lstlisting}
AuthType Basic
AuthName "Password Protected"
AuthUserFile /home/users/www/.htpasswd
Require valid-user
\end{lstlisting}
\emph{ Require a password to access an entire folder }
\begin{lstlisting}
AuthName "Private zone"
AuthType Basic
AuthUserFile /pub/home/user/.htpasswd
require valid-user
\end{lstlisting}
This should be placed in a '.htaccess' file in the folder
which you wish to protect, or else in a $<$directory$>$ tag in the
global configuration file.
\section{Log Files}
\arrayrulecolor{gray}
\begin{center}
\begin{tabular}{ |rl| }
\multicolumn{2}{c}{\textbf{ log file tools }} \\
\hline
\texttt{ ip2host } & Substitute servernames for ip addresses in the log files \\
\texttt{ jdresolv } & Alternative to logresolv \\
\texttt{ logstalgia } & Access log visualizer \\
\texttt{ visitors } & Access log analyser \\
\texttt{ vlogger } & Log file rotator \\
\hline
\end{tabular}
\end{center}
\emph{ Show the apache2 error log on a debian-style linux system }
\begin{lstlisting}
less /var/log/apache2/error.log
\end{lstlisting}
\emph{ Look in configuration files to see where the error log file is }
\begin{lstlisting}
grep -sri errorlog /etc/apache2
\end{lstlisting}
\section{Monitoring}
\arrayrulecolor{gray}
\begin{center}
\begin{tabular}{ |rl| }
\multicolumn{2}{c}{\textbf{ apache webserver monitoring tools }} \\
\hline
\texttt{ apachetop } \\
\hline
\end{tabular}
\end{center}
\section{Load Testing}
\texttt{ jmeter } & Load testing and metering \\
\hline
\end{tabular}
\end{center}
\section{Other Web Servers}
\arrayrulecolor{gray}
\begin{center}
\begin{tabular}{ |rl| }
\multicolumn{2}{c}{\textbf{ some alternatives to apache }} \\
\hline
\texttt{ mini-httpd } & A small server with cgi \\
\texttt{ lighttpd } & Small server \\
\texttt{ cherokee } & Another one \\
\texttt{ nanoweb } & Web server written in php (!?) \\
\texttt{ nginx } & \\
\hline
\end{tabular}
\end{center}
\section{Notes}
\emph{ Restart apache only if config works }
\begin{lstlisting}
alias restart='apache2ctl configtest && apache2ctl restart'
\end{lstlisting}
\emph{ List apache2 virtualhosts }
\begin{lstlisting}
/usr/sbin/apache2ctl -S 2>&1 | perl -ne 'm@.*port\s+([0-9]+)\s+\w+\s+(\S+)\s+\((.+):.*@ && do { print "$2:$1\n\t$3\n"; $root = qx{grep DocumentRoot $3}; $root =~ s/^\s+//; print "\t$root\n" };'
\end{lstlisting}
\emph{ Restart the web server gracefully }
\begin{lstlisting}
apache2ctl graceful
\end{lstlisting}
\end{document}