Apache overview and basic configuration

1. Apache introduction:
Apache is the world's top Web server. According to a survey conducted by Netcraft (www. netsraft. co. uk), more than 50% of the world's Web servers are using Apache.
In April 1995, the earliest apache version 0.6.2 was released by Apache Group. apache Group is a non-profit organization that operates completely over the Internet. It determines what content should be included in the standard release of Apache Web servers. allow anyone to modify hidden errors, provide new features and port them to the new platform, and perform other work. when the new Code is submitted to the Apache Group, the Group reviews the specific content of the Code for testing. If satisfied, the code will be integrated into the main Apache release.
Apache features:
1) It can run on almost all computer platforms.
2) supports the latest HTTP/1.1 protocol
3) simple and powerful file-based configuration (httpd. conf ).
4) General Gateway Interface (CGI) supported)
5) supports virtual hosts.
6) supports HTTP authentication.
7) Integrate Perl.
8) Integrated Proxy Server
9) you can use a web browser to monitor the server status and customize logs.
10) the server can contain commands (SSI ).
11) supports Secure Socket Layer (SSL ).
12) tracking the user session process.
13) FastCGI support
14) supports Java Servlets.
...
"Disadvantage" (maybe it is, maybe not ):
Apache does not provide graphical user interfaces (guis) for administrators, but the latest Apache version already supports GUI.

The following are Apache licenses
/* ===================================================== ====================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2000 the Apache Software Foundation. All rights
* Reserved.
*
* Redistribution and use in source and binary forms, with or
* Modification, are permitted provided that the following conditions
* Are met:
*
* 1. redistributions of source code must retain the above Copyright
* Notice, this list of conditions and the following disclawing.
*
* 2. redistributions in binary form must reproduce the above Copyright
* Notice, this list of conditions and the following disclawing in
* The documentation and/or other materials provided with
* Distribution.
*
* 3. The end-user documentation has ded with the redistribution,
* If any, must include the following acknowledgment:
* "This product has DES software developed by
* Apache Software Foundation (http://www.apache.org /)."
* Alternately, this acknowledgment may appear in the software itself,
* If and wherever such third-party acknowledgments normally appear.
*
* 4. the names "Apache" and "Apache Software Foundation" must
* Not Be used to endorse or promote products derived from this
* Software without prior written permission. For written
* Permission, please contact apache@apache.org.
*
* 5. products derived from this software may not be called "Apache ",
* Nor may "Apache" appear in their name, without prior written
* Permission of the Apache Software Foundation.
*
* This software is provided ''as is ''and any expressed or implied
* Warranties, including, but not limited to, the implied warranties
* Of merchantability and fitness for a special purpose are
* Disclaimed. In no event shall the Apache Software Foundation or
* Its contributors be liable for any direct, indirect, incidental,
* Special, exemplary, or consequential damages (including, but not
* Limited to, procurement of substitute goods or services; loss
* Use, data, or profits; or business interruption) however caused and
* On any theory of liability, whether in contract, strict liability,
* Or tort (including negligence or otherwise) arising in any way out
* Of The use of this software, even if advised of the possibility
* Such damage.
* ===================================================== ==================================
*
* This software consists of voluntary contributions made by role
* Individuals on behalf of the Apache Software Foundation. For more
* Information on the Apache Software Foundation, please see
* <Http://www.apache.org/>.
*
* Portions of this software are based upon public domain software
* Originally written at the National Center for supercomputing applications,
* University of Illinois, Urbana-Champaign.
*/

It can be seen that Apache does not require anyone to make public changes to Apache (not subject to GPL terms ).

Ii. basic configuration and description of Apache:

1. Obtain Apache:

The easiest way to get Apache source code is to go to the http://www.apache.org and select the latest version. Then,
Tar xvzf apache_x.xx.tar.gz

2. Compile Apache
Under the src directory
./Configure available./configure -- help | less get help,
Make, make install, install

3. Apache startup and Shutdown
Sbin/apachectl start
Sbin/apachectl stop
Sbin/apachectl restart (restart)

4. Introduction to some modules:
The following group modules control access and Verification
Acess entry control
Auth checks the basic verification of Unix-style passwords and group files.
Auth-Anon uses anonymous FTP-style usernames and passwords.
Auth-dBm uses the Berkeley dB file to store usernames, passwords, and group information. This is useful if you have a lot of usernames and are concerned about performance.
Digest uses HTTP digest authentication, which is safer than basic authentication.
The expire module allows you to customize the expire expiration time.

5. The default directory layout of apache1.3 is:
./Bin
Server binary, apachectl original
./Conf
Apache configuration file
./Include/Apache
Apache title File
./Libexec
Shared object files
./Man
Man page
./Sbin
Server binary, apachectl original, log Rotator
./Cgi-bin
Default CGI original/binary directory
./Share/htdocs
Default file Root
./Htdocs/manual
Apache Manual
./Share/icon
Directory containing various GIFs icons
./Var/Apache/log
Log File directory
./Var/Apache/Proxy
Proxy cache directory
./Var/Apache/run
Httpd. PID (file containing the main HTTPd process identifier) in this directory

6. The main file is as follows:
Httpd. conf in/usr/local/Apache/conf or/etc/httpd/Conf
Apachectl, under/usr/local/Apache/bin or/etc/httpd/bin
Access_log, which records user access information in ../logs
Error_log, which records user access error information, which is also in ../logs

7. httpd. conf Basic settings
Which TCP port does Apache listen on? The default http port is 80. If you use another port, You have to specify a port in URLs to connect to your server,

For security reasons, you can set user and group to nobody in Linux.

The serverroot parameter should be the basis for Apache installation. Unless you move the surrounding data, the value is the same as the value you have given.

Servername: If your machine has multiple names or IP addresses, set Apache to indicate the name of the server.

DocumentRoot is the root directory of the Web tree,

Enable userdir ~ When username processes the request, this command tells apache which directory is appended to the user's home directory ). Userdir is set to public_html. Users will only have basic web service functions,

<Directory> is a container command. </Directive>.

The purpose of the <directive> and related <files> and <filesmatch> commands is to allow you to control Apache behavior based on each directory or file. The command is placed in <directory> and also applies to sub-directories.

The followsymlinks option tells Apache that it can trace symbolic links from inside the document root directory to outside the document root directory. Within the root directory of the document, followsymlinks and indexes are both enabled (on ). If the default index file (usually index.html) does not exist, the directory list is allowed to be displayed.

In directory, you can use the Options command to control what options are allowed.

Options command:
1) The execcgi CGI script program can run on this directory tree.
2) followsymlinks is in this directory, and the server will track the symbolic links. Note: even if the server traces the symbolic link, it does not change the path name used to match different regions. Note: This option is ignored if it is set in the region.
3) The nodes server is allowed.
4) The IncludesNOEXEC server reference is allowed, but # include of the # EXEC command and CGI script program is forbidden.
5) If indexes requires the URL mapped to the directory and there is no directoryindex(for example, index.html) in the directory, the server returns the formatted directory list.
6) Multiviews is allowed to process multiple browsing contents.
7) symlinksifownermatch uses the same link as the user ID. The server only tracks the symbolic links of the target file or directory.
8) All except Multiviews. If there is no options command, the default value is all.

Accessfilename command to set (the default value is. htaccess ). In any directory, Apache configuration commands can be put into a file called. htaccess. Commands can also be applied to subdirectories in directories. In the access file,

AllowOverride controls which command will be used. If AllowOverride is set to none. Apache does not even check access files.

AllowOverride parameters:
1) authconfig, which of the authorization commands can be used;
2) fileinfo, a command used to control document types and handling methods;
3) indexes: Use one of the commands to control the display of directory lists and icons;
4) limit: Allows commands to control host access;
5) Options: Use one of the options commands.

The "allow" and "deny" commands are used to control access. The third command "order" controls the order in which these commands are used. If you set the sequence to allow and deny without specifying which host is denied, all hosts are assumed to be inaccessible. In this example, the allow command is selected and the deny command is widely used. In the. htaccess file or <directory> command, more typical configurations may be:
Order allow, deny
Allow from all
Deny aaa.com
All Hosts are allowed, except those from the aaa.com domain.

If the opposite is true,
Order deny, allow
Deny from all
Allow from 11.23.44
Deny is checked first. Only hosts from the 11.23.44 IP network can be accessed. It may also specify the network mask. The parameter 11.23.44.0/255.255.255.0 is equivalent to the above example.

Iii. Special Configuration:
1. Support for the user's personal homepage:
In./CONF/httpd. conf, add
Userdir/home/*/public_html
Set the user to use CGI and so on:
<Directory/home/*/public_html/cgi-bin>
Options execcgi
Sethandler cgi-bin # If addhandler cgi-bin. cgi is set globally ...,
# No need to set it here
</Directory>

2. VM settings:

1) IP-based VM
If the IP address of the machine is 192.168.0.2 and the virtual IP address is 192.168.0.3
First, bind multiple IP addresses to the network card of a machine to serve multiple virtual hosts.
#/Sbin/ifconfig eth0: 0 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.11.255 up
#/Sbin/route add-host 192.168.0.2 eth0: 0

Set the./CONF/httpd. conf file:
Check what DocumentRoot is. If it is/home/httpd
<Virtualhost 192.168.0.3>
DocumentRoot/home/httpd/AAA
</Virtualhost>

Create directory
/Home/httpd/AAA,

2) Name-based VM:
Edit ../CONF/httpd. conf

Namevirtualhost 192.168.0.2
<Virtualhost 192.168.11.2>
DocumentRoot/home/httpd/AAA
Servername aaa.yourdomain.com
</Virtualhost>

The namevirtualhost must be at the beginning, and each virtual host should be listed below in sequence,
You also need to direct the DNS of aaa.yourdomain.com to the IP address 192.168.0.2.

3. Apache user authentication
Basic Apache user authentication
Assume that user authentication is required for files in the/home/AAA directory.
Add the following rows
<Directory "/home/AAA">
AllowOverride authconfig
Order allow, deny
Allow from all
</Directory>
Used in the/home/AAA directory to delegate the file. htaccess, the content is as follows:
Authname "please give me your ID number and password"
Authtype basic
Authuserfile/etc/. passwd
Require valid-user

Use htpasswd to generate the file/etc/. passwd,
Htpasswd-C/etc/. passwd Username