Analysis of SSI and CGI settings in Apache server

Article Title: Analysis of SSI and CGI settings in Apache server. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

Apache is highly portable and supports over 30 operating systems, including Unix, Windows, and Darwin, most of the domains registered on the network currently use Apache Web servers. ApacheSoftware Foundation is currently developing Apache2.0, which is now in alpha testing. Here, I will discuss how to modify Server options so that the Server can provide simple dynamic web content, that is, support for CGI programs and Server-Side Include (SSI) programs.

1. Preparations

First, I suppose you have installed Apache and your Apache can provide static Web pages for browsing. Apache installation will automatically include a static HTML test page, that is, if you can see the test page, it means that your Apache can work normally. Apache under Basic installation only provides static HTML web pages. However, you can use modules to improve its functions. In the original settings, Apache compilation will contain mod_include and moc_cgi modules. You can run./httpd-l in the bin subdirectory to check whether your Apache has these two modules. The output will be a long string of all modules installed by Apache. If the mod_include and moc_cgi modules are not in the list, you must recompile the server. During re-compilation, determine how to include the description of mod_include and moc_cgi modules. In addition, you must have Server-Side endpoints des (http://www.oreilly.com/catalog/apache/excerpt/ch10.html) that provides real-time web pages ). With server-side distributed des (SSI) support, you can create real-time dynamic web pages. Next, I will start with the server's SSI support settings and then write CGI.

2. Apache settings

First, you must find the Apache configuration file. The original installation directory of Apache is/usr/local/apache under Unix, and c: \ Program Files \ Apache under Windows. In the conf subdirectory, you will find the httpd. conf file. This is the Apache configuration file. This setting file is a plain text file, so you can use a general text editor, such as vi or Notepad, to edit it. First, note that the starting text of some rows in this profile is the # symbol, which indicates that all the texts in this row are comments. It is a good habit to annotate your profile properly, because it helps you remember the settings you have made and why.

3. Execute the SSI Program

Enable the settings file and search for the following text:

# # To use server-parsedHTMLfiles # # AddType text/html. shtml # AddHandler server-parsed. shtml

Delete the # symbol before the AddType and AddHandler commands. The addtypedirective requires the server to use text or HTML as the content format of the file to be returned when a webpage with the name of .shtml is transferred back. AddHandler is used to instruct the server to send the file content to mod_include for processing. Then, mod_include will determine how to respond to such a file. Next, search for the following text:

There will be a line of option line (options line) between this line of text and corresponding lines ). The original settings are as follows:

Options Indexes FollowSymLinks MultiViews

When the end of this line is added with the pair des, The result looks like this:

Options Indexes FollowSymLinks MultiViews Includes

This requires Apache to execute the server-side pair des program in the htdocs subdirectory. To make these changes take effect, we must restart the server. Run "kill-HUP 'cat/usr/local/apache/logs/httpd. Pi'" to reactivate the service on Unix '". In Windows, Run "Apache-k restart ". Now let's try the setting result. Add a file test.shtml in the/usr/local/apache/htdocs directory. This file must contain the following program code:

The file hello.txt is long and it was last modified on

The SSI program reads a file named hello.txt and outputs the file size and the last modification date to the webpage. Obviously, we must add this hello.txt file in the htdocs directory. There is only one line of text in my hello.txt file: how are you !. After adding these files, open your usual browser and open the http: // localhost/test.shtml webpage. If your server is not installed by the root user, you may have to enable http: // localhost: 8080/test.shtml. The following result is displayed:

How are you! The file hello.txt is 1 k bytes long and it was last modified on Wednesday, 02-Aug-2000 20:18:28 PDT

Another way to activate the support for SSI is called XbitHack settings (related URL: http://www.apache.org/docs/mod/mod_include.html#xbithack ). The origin of this method is that when you set the user-executable bit of a text file to an executable state, Apache regards those files as SSI program files.

To activate this function, you must place the following command (directive) in the. htaccess file in all directories: the value of XbitHack status on (or full) status can be set to on, off, or full. The on setting forces the server to treat all files that can be executed by users as SSI items. If Off, the server ignores the user's executable settings. If it is set to Full, the server regards the executable files of all users as SSI items, and the inspection team is also executable (group-executable bit ). If the executable items in the group are set to executable, the value of last modified time of the returned header will be set to the last modified time of the file. This setting allows the client's browser and proxy to cache (caching ). However, you must be careful when using such a function. For example, if your webpage provides a rotation advertisement dashboard, you do not want to set the executable bit of the Group to the enabled status, this will cache the first downloaded advertisement, so that the user can no longer see the advertisement on other pages.

4. Execute CGI program

In the original Apache installation, two groups of cgi programs, test-CGI and printenv are attached to the cgi-bin sub-directory, but these two groups of programs have potential security vulnerabilities. However, since we only need to perform a setup test, and we will not directly place such original installation settings on the live server, we will still activate a group of CGI programs, let's see how Apache was set to execute this program. Finally, we will write a simple CGI program.

First, make sure that this group of programs can be executed. Go to the cgi-bin subdirectory and check whether the program file is set to Executable by the user (the user when the server executes) and the group (the group when the server executes. This step should be unnecessary for Windows systems. Then, the following content is required for the server:

Http: // localhost: 8080/cgi-bin/test-cgi

Note: port 8080 must be specified only when the server is installed by a non-root user ). This test-cgi program built in Apache lists the variable values that CGI programs will access. To activate CGI, you can set the ScriptAlias command section in the httpd. conf setting file. The original value of this command segment is:

ScriptAlias/cgi-bin/"/usr/local/apache/cgi-bin /"

This command tells Apache that if the requested webpage path starts with cgi-bin, these files can be found in the/usr/local/apache/cgi-bin/directory. This command also tells Apache to execute files in this directory. Below I have prepared an output "How are you! . I name it how. sh.

#!/bin/sh echo "Content-type: text/html" echo echo "How are you!"

Modify the permission of this file to make it an executable file and submit the following requirements to your server:

Http: // localhost: 8080/cgi-bin/how. sh

Although this group of CGI is written using shell scripts, it can be written in any language suitable for the system. If you have the opportunity to write CGI programs, I will discuss them in depth.

Conclusion:

All SSI commands supported by Apache can be found in Apachedocumentation. All Apache functions can be debugged through the config file. Here, I will only introduce the knowledge of setting files. The original configuration file contains a very detailed description file, and each system version is accompanied by a description file of the core module and standard module. If you spend some time exploring these files, you will find any features you want.