HTTPD installation Configuration

www.httpd.apace.org

httpd

Create a process beforehand

Maintenance of appropriate processes on demand

module design, the core is relatively small, a variety of functions are modules added

Support Run configuration, support individual compile module

Support multiple ways of virtual host configuration

Socket Ip:port

Virtual Host:

IP-based virtual host;

A port-based virtual host;

Domain-based virtual hosting;

Support for HTTPS protocol (MOD_SSL)

Support user authentication

Support for IP-or host-name-based ACLs

Supports access control for each directory

Support URL rewriting,/image/a.jpeg,/bbs/images/a.jpeg

Installation:

1.RPM Pack

2. Source code Compilation

Httpd:selinux (Prior closure)

httpd

/USR/SBIN/HTTPD (Mpm:prefork)

Httpd:root:root leading process, managing idle processes (Master process)

Httpd:apche:apche (worker process))

/etc/rc.d/init.d/httpd

Port: (80/TCP), (SSL:443/TCP)

/ETC/HTTPD: The root directory of the work, the equivalent of the program installation directory

/ETC/HTTPD/CONF: Configuration file directory

Master configuration file: httpd.conf

/etc/httpd/conf.d/*.conf

/etc/httpd/modules: Module Catalog

/etc/httpd/logs-->/var/log/httpd: Log directory

There are two types of log files: Access log access_log, error log: Err_log

/var/www/

HTML static class capacity use of the road strength

Cgi-bin Dynamic class capacity use of the road strength

[Email protected] ~]# yum-y install httpd

Service httpd Start

[[Email protected] ~]# PS aux |grep httpd has started several idle processes to prepare the corresponding customer

Root 1848 0.0 0.3 11372 3332? Ss 09:24 0:00/usr/sbin/httpd

Apache 1850 0.0 0.2 11372 2116? S 09:24 0:00/usr/sbin/httpd

Apache 1851 0.0 0.2 11372 2116? S 09:24 0:00/usr/sbin/httpd

Apache 1852 0.0 0.2 11372 2116? S 09:24 0:00/usr/sbin/httpd

Apache 1853 0.0 0.2 11372 2116? S 09:24 0:00/usr/sbin/httpd

Apache 1854 0.0 0.2 11372 2116? S 09:24 0:00/usr/sbin/httpd

Apache 1855 0.0 0.2 11372 2116? S 09:24 0:00/usr/sbin/httpd

Apache 1856 0.0 0.2 11372 2116? S 09:24 0:00/usr/sbin/httpd

Apache 1857 0.0 0.2 11372 2116? S 09:24 0:00/usr/sbin/httpd

Root 1867 0.0 0.0 5976 728 pts/1 s+ 09:28 0:00 grep httpd

[[email protected] yum.repos.d]# vim/etc/httpd/conf.d/welcome.conf default Welcome screen

[Email protected] yum.repos.d]# cd/etc/httpd/conf

[[email protected] conf]# CP httpd.conf Httpd.conf.back back up the original configuration file

[[email protected] conf]# grep "section" httpd.conf

# # # section 1:global Environment

# # # 2: ' Main ' server Configuration Master server segment. and virtual host cannot be in effect at the same time

# # # section 3:virtual hosts virtual host

[Email protected] conf]# vim httpd.conf

Consists of instructions and parameters. Directives are case-insensitive

Value is likely to be differentiated as needed

[[email protected] conf]# yum-y Install httpd-manual Installing this package can automatically generate configuration files

[Email protected] conf.d]# cd/etc/httpd/conf.d/

[Email protected] conf.d]# vim manual.conf

[[Email protected] conf.d]# service httpd Restart change the configuration file will need to restart the server

Http://192.168.10.2/manual

URL Rewriting Guide Instructions Reference

By default, the server HTTP response header will contain the Apache and PHP version numbers. As in the following, this is dangerous, because this will allow the hacker to know the detailed version number to launch a known version of the vulnerability attack.
1.server:apache/2.2.17 (Unix) php/5.3.5
To prevent this, you need to set Servertokens to prod in httpd.conf, which displays "Server:apache" in the response header without any version information.
1.# VI httpd.conf
2.ServerTokens Prod
Here are some of the possible assignments for Servertokens:
Servertokens Prod display "Server:apache"
Servertokens Major Display "Server:apache/2″
Servertokens Minor Display "Server:apache/2.2″
Servertokens Min Display "Server:apache/2.2.17″
Servertokens OS Display "server:apache/2.2.17 (Unix)"
Servertokens full Display "server:apache/2.2.17 (Unix) Php/5.3.5″ (if you specify any value, this is the default return information)

Working directory for 3.ServerRoot "/ETC/HTTPD" servers

PID number of 4.PidFile run/httpd.pid process, save position in/etc/httpd/run/httpd.pid

5.Timeout 120 time, the user three times the waiting time of the handshake

6.KeepAlive 0ff whether to use a long connection, as long as the server access is not very large, open long connection can improve efficiency

7.MaxKeepAliveRequests 100 Open Long Connect user can request up to 100 resources at a time, set to 0 for unlimited times

8.KeepAliveTimeout 15 Long connection length of disconnection

LoadRunner Tools for testing servers

MPM multi-Channel processing module

MPM_WINNT is dedicated to Windows NT-optimized MPM (multi-processing module), which uses a separate parent process to produce a separate subprocess that, in turn, produces multiple threads in this subprocess to process requests. This means that mpm_winnt can only start a parent-child two process and not start multiple processes at the same time as Linux.

Prefork a request with a process response, stable and reliable. Poor performance

Worker one request responds with one thread, starts multiple processes, each process generates multiple threads

Event a process handles multiple requests

[Email protected] conf.d]# rpm-ql httpd |grep Bin

/usr/sbin/apachectl

/usr/sbin/htcacheclean

/usr/sbin/httpd

/usr/sbin/httpd.event

/usr/sbin/httpd.worker

/usr/sbin/httxt2dbm

/usr/sbin/rotatelogs

/usr/sbin/suexec

/var/www/cgi-bin

/var/www/icons/binary.gif

/var/www/icons/binary.png

/var/www/icons/binhex.gif

/var/www/icons/binhex.png

/var/www/icons/small/binary.gif

/var/www/icons/small/binary.png

/var/www/icons/small/binhex.gif

/var/www/icons/small/binhex.png

[Email protected] conf.d]# VIM/ETC/SYSCONFIG/HTTPD

Httpd=/usr/sbin/httpd.worker enable server to change to worker model

[[email protected] conf.d]# vim/etc/httpd/conf/httpd.conf defined model

# prefork MPM

......

<ifmodule prefork.c>

Startservers 8 server defines several idle processes at the start of the machine

Minspareservers 5 Minimum number of idle processes

Maxspareservers 20 Max Idle Process

Serverlimit 256 Maximum number of clients

MaxClients 256 Specify Serverlimit cap

Maxrequestsperchild 4000 The maximum number of times each child process can respond

</IfModule>

# worker MPM

......

<ifmodule worker.c>

Startservers 4

MaxClients 300

Minsparethreads 25 min Idle thread

MAXSPARETHREADS 75 Max Idle thread

Threadsperchild How many threads are generated by 251 processes

Maxrequestsperchild 0 Maximum number of requests per process 0 means unqualified

</IfModule>

Listen specifies the address and port to listen on, and you can listen to multiple port columns at the same time

Listen 80

Listen 8080

LOADMODULE Specifies the module that is loaded when the HTTPD service starts

This article from "Linux operation and Maintenance" blog, declined reprint!

HTTPD installation Configuration