Apache - Quick reference guide

Apache quick reference Apache web server

[Type the abstract of the document here. The abstract is typically a short summary of the

contents of the document. Type the abstract of the document here. The abstract is

typically a short summary of the contents of the document.]

Apache quick reference

Joseph’s WebSphere Library|

1

Contents Introduction ......................................................................................................................... 2

Installing ............................................................................................................................. 3

Starting and Stopping and Restart....................................................................................... 4

Adding Modules.................................................................................................................. 5

Log files .............................................................................................................................. 7

Virtual Hosts ....................................................................................................................... 9

Alias and Redirections ...................................................................................................... 12

Httpd.conf file ................................................................................................................... 14



2 Introduction Apache is the most popular web server available freely under GNU public License. According to recent surveys, more 60% of the internet web servers are running on Apache. From this we can understand its popularity. It is basically used for serving web content. I am not going deep into explaining what is a web server, how it works and all since that content is available on the internet (see http://www.devshed.com/c/a/Apache/Apache-and-the-Internet/1/ )

http://www.devshed.com/c/a/Apache/Apache-and-the-Internet/1/



3 Installing Installing apache depends on which platform or the operating system you are working on. Apache is available as you source code which you can compile and install or it is available as binaries, as an executable for windows and as rpm if you are using redhat linux. Installation on windows is like normal installation of software. Double click and choose installation folder. You have the option of running it as a service. On Redhat linux boxes you can install it as “rpm -Uvh apache” from the directory where apache rpm is placed. From source code

Apache 1.3: % ./configure --prefix= /INSTALL PATH --with-layout=Apache

--enable-shared=max--enable-module=most

% make

# make install

For Apache 2.0: % ./buildconf

% ./configure --prefix= /INSTALL PATH --with-layout=Apache --enable-

modules=most --enable-mods-shared=all

% make

# make install

This should be run fro the directory where you extracted the apache.



4 Starting and Stopping and Restart On unix like machines you can find an utility named “apachectl” which can be used to achieve all the above actions. apachectl start

This will start the server if it isn't already running. If it is running, this option has no effect and may produce a warning message.

apachectl graceful

This option causes the server to reload its configuration files and gracefully restart its operation. Any current connections in progress are allowed to complete. The server will be started if it isn't running.

apachectl restart

Like the graceful option, this one makes the server reload its configuration files. However, existing connections are terminated immediately. If the server isn't running, this command will try to start it.

apachectl stop

This shuts the server down immediately. Any existing connections are terminated at once



5 Adding Modules There are a number of extremely popular modules for the Apache web server that are not included in the basic distribution. Most of these are separate because of licensing or support reasons. All these will add spice to the apache. Lets first see how to install a generic third-party module and then followed by mod_ssl and mod_perl.

Installing third party module

Move to the directory where the module's source file was unpacked, and then:

% /path/to/apache/ bin/apxs -cia module.c

The -cia options mean to compile, install, and activate. The first is pretty straightforward; install means put the .so file in the place Apache expects to find it, and activate means to add the module to the httpd.conf file.

Mod_ssl

In addition to the Apache source, mod_ssl requires that you have Perl and the OpenSSL libraries installed. Apache 2.0

mod_ssl is included with 2.0, although it is not automatically compiled nor installed when you build from source. You need to include the —enable-ssl option on your ./configure line, and enable it with LoadModule and AddModule directives.

Apache 1.3

To install mod_ssl on a Unixish system, download the tarball package from the http://www.modssl.org/ web site and unpack it. Then:

% cd mod_ssl-x.x.x.x.x

% ./configure \

> --with-apache=.. /apache_x.x.xx \(this is apache source dir)

> --with-ssl=SYSTEM \ (this tells apache to find the module)

> --prefix= INSTALL PATH

% cd ../apache_x.x.xx

http://www.modssl.org/default.htm



6 % make

% make certificate

Mod_perl:

Download and unpack the mod_perl source package from http://perl.apache.org/. Then use the following command:

% perl Makefile.PL \

> USE_APXS=1 \

> WITH_APXS= INSTALL PATH/bin/apxs \

> EVERYTHING=1 \

> PERL_USELARGEFILES=0

% make

% make install

Restart your server.

http://perl.apache.org/default.htm



7 Log files

Activity logging has been around since the Web first appeared, and it didn't take long for the original users to decide what items of information they wanted logged. The result is called the common log format (CLF). In Apache terms, this format is:

"%h %l %u %t \"%r\" %>s %b"

That is, it logs the client's hostname or IP address, the name of the user on the client (as defined by RFC 1413 and if Apache has been told to snoop for it with an IdentityCheck On directive), the username with which the client authenticated (if weak access controls are being imposed by the server), the time at which the request was received, the actual HTTP request line, the final status of the server's processing of the request, and the number of bytes of content that were sent in the server's response.

Before long, as the HTTP protocol advanced, the common log format was found to be wanting, so an enhanced format, called the combined log format, was created:

"%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""

The two additions were the Referer (it's spelled incorrectly in the specifications) and the User-agent. These are the URL of the page that linked to the document being requested, and the name and version of the browser or other client software making the request.

If You want to add a little more detail to your access log entries, Use the combined log format, rather than the common log format:

CustomLog logs/access_log combined

If You want more information in the error log in order to debug a problem, Change (or add) the LogLevel line in your httpd.conf file. There are several possible arguments, which are enumerated below:

emerg

Emergencies; web server is unusable

alert

Action must be taken immediately

crit



8 Critical conditions

error

Error conditions

warn

Warning conditions

notice

Normal but significant condition

info

Informational

debug

Debug-level messages

You want to automatically roll over the Apache logs at specific times without having to shut down and restart the server. Use CustomLog and the rotatelogs program:

CustomLog "| /path/to/rotatelogs /path/to/logs/access_log.%Y-%m-%d

86400" combined



9 Virtual Hosts

There are two different types of virtual host supported by Apache. The first type, called address-based or IP-based, is tied to the numeric network address used to reach the system. The other type of virtual host is name-based, because the server's response depends on what it is called.

Name based virtual hosts

This is useful when you have one IP and wants to run multiple sites.

ServerName 127.0.0.1

NameVirtualHost *

<VirtualHost *>

ServerName Joseph.org

DocumentRoot "C:/Apache/Sites/Joseph"

</VirtualHost>

<VirtualHost *>

ServerName Joe.com

DocumentRoot "C:/Apache/Sites/JustJoe"

</VirtualHost>

You want all requests, whether they match a virtual host or use an IP address, to be directed to a default host, possibly with a "host not found" error message, Add the following <VirtualHost> section, and list it before all of your other ones: <VirtualHost *>

ServerName default

DocumentRoot /www/htdocs

ErrorDocument 404 /site_list.html

</VirtualHost>

Address based virtual hosts ServerName 127.0.0.1

<VirtualHost 10.0.0.1>

ServerName Joseph.com

DocumentRoot "C:/Apache/Sites/Joseph"

</VirtualHost>

<VirtualHost 10.0.0.2>

ServerName Josephamrithraj.net

DocumentRoot "C:/Apache/Sites/ Josephamrithraj"

</VirtualHost>



10 If You want to create a virtual host to catch all requests that don't map to one of your address, Use the _default_ keyword to designate a default host:

<VirtualHost _default_>

DocumentRoot /www/htdocs

</VirtualHost>

The _default_ directive may be used in conjunction with a particular port number, such as:

<VirtualHost _default_:443>

Logging for each virtual host:

You want each virtual host to have its own logfiles.

Specify Errorlog and CustomLog within each virtual host declaration:

<VirtualHost *>

ServerName joe.example.com

DocumentRoot /home/joe/www/htdocs

ErrorLog /home/joe/www/logs/error_log

CustomLog /home/joe/www/logs/access_log combined

</VirtualHost>

Port based virtual hosts

Explicitly list the port number in the <VirtualHost> declaration:

Listen 8080

<VirtualHost 10.0.1.2:8080>

DocumentRoot /www/vhosts/port8080

</VirtualHost>

Listen 9090

<VirtualHost 10.0.1.2:9090>

DocumentRoot /www/vhosts/port9090

<VirtualHost>

Same content on several addresses

Specify both addresses in the <VirtualHost> directive:

NameVirtualHost 192.168.1.1

NameVirtualHost 172.20.30.40



11

<VirtualHost 192.168.1.1 172.20.30.40>

DocumentRoot /www/vhosts/server

ServerName server.example.com

ServerAlias server

</VirtualHost>



12 Alias and Redirections

You want to serve content out of a directory other than the DocumentRoot directory, use

Alias /desired-URL-prefix /path/to/other/directory

You have an existing directory which you want to access using a different name, Use an Alias directive in httpd.conf:

Alias /newurl /www/htdocs/oldurl

You want requests to a particular URL to be redirected to another server, Use a Redirect directive in httpd.conf, and give an absolute URL on the second argument: Redirect /example http://www.other.server/new/location

You want certain parts of your non-SSL web space to be redirected to a secured area, You can redirect everything that is attached to port 80 with the following RewriteRule:

RewriteCond "%{SERVER_PORT}" "^80$"

RewriteRule "^(.*)$" "https://%{SERVER_NAME}$1" [R,L]

Or, you can simply use the Redirect directive in the http section of httpd.conf file to to cause a URL to be served as HTTPS:

Redirect / https://secure.example.com/

You want to make sure that files outside of your web directory are not accessible. <Directory />

Order deny,allow

Deny from all

AllowOverride None

Options None

</Directory>

If you wanted to create an Alias to some other section of your filesystem, you would need to explicitly permit this with the following:

Alias /example /var/example

<Directory /var/example>

http://www.other.server/new/location



13 Order allow,deny

Allow from all

</Directory>

Error Handling: You want to display a customized error message, rather than the default Apache error page, Use the ErrorDocument directive in httpd.conf: ErrorDocument 405 /errors/notallowed.html

You want all "not found" pages to go to some other page instead, such as the front page of the site, so that there is no loss of continuity on bad URLs, Use the ErrorDocument to catch 404 (Not Found) errors: ErrorDocument 404 /index.html

DirectoryIndex index.html /path/to/notfound.html

You have an ErrorDocument correctly configured, but IE is displaying its own error page, rather than yours, Make the error document bigger—at least 512 bytes.



14 Httpd.conf file Lets examine the configuration file of apache web server. This is httpd.conf, nad is organized as 3 parts.

The Global Environment section The Main server configuration section The Virtual Hosts section

Iam not giving the complete configuration and what is what but listing which are the options in that. This is what I have found in my apache configuration file on my laptop. I am suggesting you to open the httpd.conf file in your favorite editor before reading this section.

Global Environment Configuration Options

The ServerType Directive

You can configure the ServerType option with two modes, inetd or standalone. The inetd mode is used only when you install Apache on UNIX platforms.

The ServerRoot Directive

You use the ServerRoot directive to specify the location where the following important files will be located:

Configuration files Error files Log files

The LockFile Directive

You use the LockFile directive to specify the path for the lockfile

The PidFile Directive

Pid stands for process identification number. Whenever Apache starts, it is allocated a process ID. This Pid is stored in a file

The ScoreBoardFile Directive



15 You use the ScoreBoardFile directive to specify the location for a file named httpd.score-board. You use this file to store information related to internal server processes

The ResourceConfig and AccessConfig Directives

You use the ResourceConfig directive to store the path for the file srm.conf and the AccessConfig directive to store the path for the file access.conf.

The Timeout Directive

You use the Timeout directive to specify the time that Apache will wait before it sends a timeout message

The KeepAlive Directive You use the KeepAlive directive to specify whether Apache should use the persistent connections feature. The MaxKeepAliveRequests Directive

If you enabled support for the KeepAlive directive, you might want to specify the maximum number of requests that should be allowed for each connection. You use the MaxKeepAliveRequests directive to specify the number of maximum requests that can be sent to the server for each connection if persistent connections are enabled.

The KeepAliveTimeout Directive

You use the KeepAliveTimeout directive to specify the time at which Apache will close a keepalive connection if the client has not sent any more requests

The MinSpareServers and MaxSpareServers Directives

You use the MinSpareServers and MaxSpareServers directives to specify the number of minimum servers and the number of maximum processes that are idle and waiting for requests at a given time

The StartServers Directive

The StartServers directive allows you to specify the number of child processes that should be created during startup. However, being an intelligent Web server, Apache takes into account the server load before deciding how many child processes should be running at a given time



16 The MaxClients Directive The MaxClients directive helps you specify the maximum number of clients that can connect simultaneously at a given time

The MaxRequestsPerChild Directive

You use the MaxRequestsPerChild directive to specify the maximum number of requests that a child process handles before Apache terminates it and starts another process to take its place

The Listen Directive

The Listen directive is an important directive that can be configured for performance and security. You can configure it so that Apache listens to IP addresses and ports other than the default ones. You can specify the IP interface or a combination of the IP interface and port number

The BindAddress Directive

You use the BindAddress directive to specify the IP address on which Apache will listen. The BindAddress directive can contain any of these three values:

*. This value directs Apache to listen to all IP addresses configured on the server machine. If you want to specify only one IP address, you must specify the IP address exclusively.

IP address. An IP address that is used by the server can be specified. However, only one IP address can be specified if you want to specify an IP address.

Domain name. A fully qualified domain name can be specified in the BindAddress directive. Doing so directs Apache to listen only to the Internet domain name specified. Unlike the Listen directive, only one BindAddress directive can be specified in the configuration file

The LoadModule Directive

You use the LoadModule directive for each DSO that you use in your server

The ClearModuleList Directive

Apache is installed with a built-in list of active modules. The ClearModuleList directive is used to clear this list

The AddModule Directive



17 you use the AddModule directive to repopulate the list of modules. Any module specified in the LoadModule section should also have a corresponding AddModule entry

The ExtendedStatus Directive

You use this directive to specify whether the extended status information for each request should be tracked

Main Server Configuration Options

The Port Directive

You use the Port directive to specify the port number on which Apache will listen to requests

Sometimes, you might want to use SSL for secure transmission of data. To do so, you need to explicitly specify the port number that will be used by Secure HyperText Transfer Protocol (HTTPS). This port number is ideally 443 and is specified with the Listen directive as shown here

## When we also provide SSL we have to listen to the ## standard HTTP port (see above) and to the HTTPS port ## <IfDefine HAVE_SSL> Listen 80 Listen 443 </IfDefine>

Notice that the <IfDefine> and </IfDefine> directives check whether SSL support is required.

The User and Group Directives

You use the User and Group directives to store the default user information that runs Apache. Initially, the root user starts Apache. Later, it is run by a user with low privileges. This is particularly useful for security because running a service with root privileges might create a threat to the system.

The ServerAdmin Directive

You use the ServerAdmin directive to specify an e-mail address. This e-mail address appears in certain Web pages that are generated by the server



18 The ServerName Directive

As its name suggests, you use the ServerName directive to specify the name by which the server is identified

The DocumentRoot Directive

You use the DocumentRoot directive to specify the document root of a Web server. The document root is the location where all Web site-related content files are stored

The <Directory> and </Directory> Directives: Configuration for the / (Root) Directory

The <Directory> and </Directory> directives are used to enclose other directives. These directives are applicable only to the directory specified in the <Directory> directive

The UserDir Directive

When a user accessing the Web server from a client machine tries to connect, a directory is appended to a user's home directory

Controlling Access to UserDir Directories

The configuration lines from the following extract need to be uncommented if you want to implement user control on UserDir directories.

The following example shows how to control access to UserDir directories:

# Control access to UserDir directories. The following is an example # for a site where these directories are restricted to read-only. # #<Directory /home/*/public_html> # AllowOverride FileInfo AuthConfig Limit # Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec # <Limit GET POST OPTIONS PROPFIND> # Order allow,deny # Allow from all # </Limit> # <LimitExcept GET POST OPTIONS PROPFIND> # Order deny,allow # Deny from all # </LimitExcept> #</Directory>



19 The DirectoryIndex Directive

You use the DirectoryIndex directive to specify the resources that should be searched in the Web server when the client specifies a / at the end of the directory name.

The AccessFileName Directive

This is one of the most important directives used for access control and ensuring security. You use the AccessFileName directive to specify a name of the file that will be checked in each directory before allowing access to the resources of the directory

The CacheNegotiatedDocs Directive

If uncommented, this directive allows the proxy to cache content-negotiated documents. This helps clients behind the firewall extract the cached documents and, as a result, save time and bandwidth.

The UseCanonicalName Directive

The canonical name is the primary name used by the Web server. However, there can be situations in which you want to specify more than one hostname for your Web server. You can achieve this by creating aliases to the existing canonical name. You can use the UseCanonicalName directive to specify whether you want to use the canonical name for your server

The TypeConfig Directive

You use the TypesConfig directive to set a location for the configuration file that contains details about the MIME types. The MIME type configuration file contains details about the mapping of file extensions to the associated content type

The DefaultType Directive

At times, a client might request a document that has a MIME type the server does not recognize. In such cases, the server responds to the request using a default MIME type. You use the DefaultType directive to specify the default MIME type that will be used by the Web server

The MIMEMagicFile Directive

The Apache Web server uses a module called mod_mime_magic. This module enables Apache to examine the contents of a file, look for hints, and determine the type of



20 the file. You use the MIMEMagicFile directive to specify the location where the module_mime_magic module can look for hints that help determine the file type

The HostnameLookups Directive

This directive is responsible for specifying whether DNS lookups should be enabled. DNS lookups are used to log the names of the clients. However, enabling this option can slow down the server considerably because every client request initiates a lookup request to the DNS server

The ErrorLog Directive

As the name suggests, you use the ErrorLog Directive to specify the location where the error logs will be stored

The LogLevel Directive

You use the LogLevel directive to specify the type of messages that are recorded in the error logs

The LogFormat Directive

As the name suggests, you use the LogFormat directive to specify the names of log formats for the log file

The CustomLog Directive

The CustomLog directive uses three arguments to log requests to the server. The arguments specified are used do the following:

Specify the location where the logs will be stored. Specify what will be written to the log file. Specify whether a particular request should be logged. This is an optional

argument

The ServerSignature Directive

Specifying the value On for the ServerSignature directive implies that a server signature will be included at the end of the document when error messages are generated. If you set the value Off for this directive, the server signature will not be generated in the footer of the document.

The Alias Directive



21 The main use of the Alias directive is to enable Apache store documents on a location other than the directory specified in the DocumentRoot directive. This section can have any number of aliases.

The Redirect Directive

From time to time, you may want to remove certain documents from the site. In such situations, the URLs that point to these documents cease to work. You use the Redirect directive to redirect the client to an alternate location instead of the old location. To redirect the user to an alternate location, you need to use the old URL as well as the new URL with the Redirect directive

Directives Used for Directory Listing

The directives that are used for directory listing occupy a considerable amount of space in the httpd.conf file. You can use several directives to customize the directory listing on your server. The following directives are used:

Fancy Indexing. Use this directive to set fancy indexing for a directory. IndexOptions. This directive is responsible for specifying how directory

indexing should behave. Several options that determine the behavior of directory indexing can be specified with the IndexOptions directive.

AddIconByEncoding. Use this directive to display an icon next to files that are MIME encoded.

AddIconByType. Use this directive to display an icon next to files that are of MIME-type.

AddIcon. Use this directive to display an icon next to different files depending on the type of file. For example, different icons will be displayed for text files and executable files.

DefaultIcon. As the name suggests, you use the DefaultIcon directive to specify the default icon that will be used for files whose file type is not recognized.

AddDescription. Use the AddDescription directive to specify that a description will be displayed for each file that is displayed as a part of the indexed directory.

ReadmeName. Use this directive if you want a file to be appended to the end of the index listing.

HeaderName. Use this directive to specify that a file will be added to the header of the indexing list.

IndexIgnore. Use this directive to specify a list of files that you don't want to display with all other files in the indexed directory.

Directives Used for Document Types



22 Several directives are used in the portion of httpd.conf that allows you to configure certain options for document types. The main directives in this section are as follows:

AddEncoding. This directive is solely used for mapping filename extensions to a corresponding encoding type.

AddLanguage. Use this directive to map the extension of a file to the specified content language.

LanguagePriority. Use this directive to specify which languages will have primacy over other languages.

AddHandler. Use this directive to map the extension of a file with the handler name.

The Action Directive

You use the Action directive to specify an action. This action activates a cgi-script when a request from the client triggers an action-type. The cgi-script is a URL path. This path points to a resource that is configured as a CGI script. On the other hand, the action-type is either a handler or a MIME content type

The MetaDir Directive

You use the MetaDir directive to specify the location for meta information files. Meta information files are used to store information that is hidden from the user. In the Apache context, meta information files store additional HTTP headers that are included in the document before it is sent to the client

The MetaSuffix Directive

You use this directive to specify the suffix for the meta information files

The ErrorDocument Directive

You use the ErrorDocument directive to specify an action the Web server will take if a problem or error is encountered. This directive can be configured so that the following occurs:

A hard-coded message appears when an error is encountered. A customized message appears in the event of an error. The URL specified by the client is redirected to a local URL, which in turn

solves the problem or error. The URL specified by the client is redirected to an external URL, which in turn

solves the problem or error.



23 The BrowserMatch Directive

You use the BrowserMatch directive to define environment variables. These environment variables are based on the HTTP request header field named User-Agent

Allow Server Status Reports

To allow server status reports, you uncomment the following lines Allow Remote Server Configuration The configurable lines from the following extract need to be uncommented in order to allow the generation of remote server configuration reports

Proxy Server Directives

The configurable lines from the following extract need to be uncommented if you want to configure Apache as a proxy server

Virtual Host section

You use the NameVirtualHost directive to specify that you will use name-based virtual hosts. The syntax of this directive is

NameVirtualHost address [:port]

where address is the IP address of the virtual host and port is the port number that the virtual host will listen to. This directive should be configured only for name-based virtual hosts.

You use the <VirtualHost> and </VirtualHost> directives to specify a list of configuration directives for a virtual host. These directives are referred when a document is requested from the virtual host. The syntax for using this directive is

<VirtualHost address[:port]>

…add configuration directives

</VirtualHost>

where address is either the IP address of the virtual host or a fully qualified domain name.Several directives are specified within the <VirtualHost> and </VirtualHost> section. These directives include, ServerAdmin, DocumentRoot, ServerName, ErrorLog, and CustomLog.

You use the ErrorLog and CustomLog directives to maintain necessary logs for the virtual host configured on the Apache Web server.



24

Technology

Apache - Quick reference guide