APACHE Web Server

Training Division
National Informatics Centre
New Delhi

1
Apache Web Server
• Installation
– Download
– Source Code
– Binary Distribution
– Options
– Starting, stopping and restarting
• Configuration
– httpd.conf
– Modules
– MPM (Multi Process Modules)
– Directives
• Hosting More then one web sites.
2
Apache Installation…..

3
Apache web server
• Apache is a powerful and highly configurable
– Wide variety of static pages
– Wide variety of dynamic pages
• Perl, php, java ,ruby
• Available in Source code and in binary distribution
• Source code can directly be download from
– www.apache.org
• Binary distribution.
– RPM
– SuSE

4
Apache Installation Methods
• Source Code
– Download source code and compile for specific
machine and operating system
– Source code can be customized, rebuilt and then
reinstall it.
– Source code comes with a configuration scripts, which
can examines the system to determine the best way to
built apache for maximum performance.
• Ready made binaries lag behind the current release.
• Binaries easier to install & includes standard modules

5
 Install Apache
• download from www.apache.org
• decompress –
– gunzip filename.tar.gz
– tar xvf filename.tar
Or
– tar xvzf filename.tar.gz
• Configuration
– ./configuration –prefix=PREFIX
• Build
– Make
• begins actual compilation after configuration files created
– make install
• moves all compile binaries and support files to default locations
6
Configuration options
# ./configure –prefix=/usr/sbin/httpd \
• several versions in different directory
>--enable-module=most \
• Not "all" - avoid unneeded modules
> --disable-module=auth_dbm \
• support DSOs (dynamic shared objects)
> --enable-shared=max

7
modules
Default Most All
Mod_access Mod_auth_anon Mod_cern_meta
Mod_actions Mod_auth_dbm Mod_mimr_magic
Mod_alias Mod_auth_digest Mod_unique_id
Mod_auth Mod_dav Mod_usertrack
Mod_autoindex Mod_dav_fs
Mod-cgi Mod_expires
Mod_dir Mod_headers
Mod_env Mod_info
Mod_http Mod_rewrite
Mod_imap

./configure –enable-module=all –disable-rewrite –disable-so

To compile the module as a DSO, add the option =shared. 8
Installation Locations
--prefix=/etc/httpd Install architecture-independent files.
--exec-prifix=/etc/httpd Installs architecture-dependent files.

--bindir=/usr/bin Installs user executable file

--sbindir=/usr/sbin Installs sys admin executables in DIR.
-- Installs configuration file such as httod.conf in DIR.
sysconfigdir=/etc/httpd/conf
--icondir=/var/www/icons Installs icons in DIR
--htdocsdir=/var/www/html Installs the default apache startup web page into DIR
--cgidir=/var/www/cgi-bin
--libexecdir=/usr/lib Installs program executables in DIR
--runtimedir=/var/run Installs run time data in DIR, pid, scoreboard and
lock files

9
Modules
• Apache is a modular server. Only the most basic
functionality is included in the core server. Extended
features are available in various modules. During the
configuration process, you must select which modules
to compile for use with your server
• Core (httpd_core.c)
– statically linked into kernel, cannot be removed
– available in all Apache servers
• Standard
– part of Apache distributions
– maintained by Apache Software Foundation
– can be removed for security or performance
• Third-party – not part of distributions
10
Multi Processing Module(MPM)
• Prefork MPM
– Server anticipate future demand by creating and
maintaining a pool of spare server in advance.
• ./configure –with-mpm=prefork
• Worker MPM
– Maintain a dynamic pool of processes, with each process
containing a fixed number of threads.All threads in all
processes are capable of answering any client request
received by the server.
• ./configure –with-mpm=worker
• Perchild MPM
– Maintain a static pool of process with each process
maintaining a dynamically changing threads.
• ./configure –with-mpm=perchild
11
Run Apache Server
• Manually
– % /usr/sbin/httpd –f /etc/httpd/httpd.conf
• rc script
– Make a link in rc directory that points to the
/etc/init.d/httpd file
• Apachectl – utility to control server
– apachectl start – checks if Apache running, if
not starts it

12
 Apache options
-D name Define a name for use in <ifDefine name> directive
-d directory Specify an alternative initial ServerRoot
-f file Specify an alternative initial ServerConfigFile
-C “directive” Process directive before reading configuration file
-c “directive” Process directive before reading configuration file
-v Show version number

-V Show compile number

-h List available command line options
-l List compiled in modules
-L List available configuration directives
-t Run syntax check for configuration file (with docroot)
-T Run syntax check for configuration file (without docroot)
13
Apache Administration….

14
Basic configuration
• What name it will have
– Server name is the name Apache uses in response
• What network connections it will respond to
– This is the IP address that Apache will receive HTTP
requests on.
• Where the server configuration and log files will
go
• Where the web site documents will reside

15
User and Group
• When Apache is started by root it spawns one or more
child processes to handle clients. If User and Group are
set, the children give up their root status and adopt the
configuration identity instead.
• Linux defines a special user and group nobody for
running unprivileged processes.
– User nobody defines Linux user that owns child processes
to handle user requests
– Group nobody to change ownership of child processes to
handle user requests
• Administrator can create his own private user and group
– groupadd –g 999 httpd
– useradd –u 999 –g httpd –s /bin/false –c ‘web server user’
16
How Server Listens for Connections
• Listen
– The Listen directive tells the server to accept incoming
requests only on the specified port or address-and-port
combinations.
– If only a port number is specified in the Listen directive,
the server listens to the given port on all interfaces.
– If an IP address is given as well as a port, the server will
listen on the given port and interface.
– Multiple Listen directives may be used to specify a
number of addresses and ports to listen on. The server will
respond to requests from any of the listed addresses and
ports.
– Listen 80
– Listen 8000

17
 httpd.conf
• Port 80
• User nobody
• Group nogroup
• ServerAdmin your_e-mail_address
• ServerRoot /var/www/html
• ErrorLog /var/www/error/
• TransferLog /var/www/error/
• PidFile /var/run/
• more directives:
– Keep Alive, Spare Servers, Proxy, Cache, Virtual Servers, ...
• DocumentRoot /home/httpd/htdocs/
• UserDir public_html
• DirectoryIndex index.html
• AccessFileName .htaccess
• DefaultType text/plain
• ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/
• more directives:
– Icons, Language, Handlers, ... ?
18
httpd.conf Sections
• Global environment – control operation of
the whole Apache server process
• Main or default – defines parameters of
default server – not of virtual host
– provides default settings default hosts
• Virtual hosts – settings for each virtual
hosts

19
Apache Directives
• Directives in the configuration files may apply to the entire
server, or they may be restricted to apply only to particular
directories, files, hosts, or URLs. This document describes
how to use configuration section containers or .htaccess
files to change the scope of other configuration directives.
• general rules:
– case insensitive (not true for file/directory names)
– comment lines begin with #
– one directive per line
– each line of these files consists of:
– directive data [data2 ... datan]
– extra whitespace is ignored

20
 Apache Core Directives
• Defines server behavior and configuration
options
• Instructions to supply information
• Directives originations
– Core Directives compiled into executable and
always available
– Other type – supplied by add-on modules
• Each directive associated with a module
• httpd.conf – location of directives
• Apache is modular! – need directives for each
module loaded 21
Directive Scope and Context
• General Server (server-level)– directives apply to
entire server
• Container – directives valid only in these
containers: <Directory>, <Files>, or <Location>
• Virtual Host -for each virtual host to override
general server directives
• .htaccess (per-directory)– like those in
<Directory>, disabled by AllowOverride
directive in httpd.conf
22
 Container Directives
• <Limit> restricts the scope of the directives contained
with in it to the HTTP methodes specified. It is mostly
used with access control and authentication directives.
<Limit POST PUT DELETE>
order deny,allow
deny from all
allow from 192.168
</Limit>
– <Limit> is allowed inside all containers except itself.
• <LimitExcept> The opposite of <Limit>, <LimitExcept>
applies to the HTTP methods not specified in the method
list.

23
Container Directives
• <Directory> Directive inside a <Directory>
container apply only to the directory and its
subdirectories.
<Directory />
options none
order allow, deny
deny from all
</Directory>
<Directory /home/www/alpha-complex>
options includes FollowSymLinks
AllowOverride FileInfo
Allow from all
</Directory>

24
 Container Directives
• <DirectoryMatch> is an alternative and preferred form
to the tilde form of <Directory> for specifying regular
expression instead of wildcard in the directory
specifications.
<DirctoryMatch “[a-z][0-9]{2}/”>
• <Files> are similar to <Directory> but matches files
instead directory.
<Directory /home/www/-alpha-complex/gallery>
<files *.gif>
SetHandler /cgi-bin/burn-gifs.cgi
</files>
</Directory>

25
Container Directives
• <FilesMatch> is an alternative and preferred form
to the tilde form of <Files> for specifying regular
expression instead of wildcards in the file’s
specifications.
<Directory /home/www/-alpha-complex/gallery>
<FileMatch “\.(gif|jpg)$”>
SetHandler /cgi-bin/process-image.cgi
</Files>
</Directory>

• <Location> operates in a similar manner to

<Directory>, but applies to a URL rather than a
physical file location.
<Location /server-info>
SetHandler server-info>
</Location>
26
 Container Directive
• <VirtualHost> allows additional hosts and web
sites to be defined alongside the main server host site.
Each virtual host can have its own name, IP address,
and error and access logs.
<VirualHost 192.168.0.2>
ServerName www.beta-complex.com
ServerAdmin troubleshooter@beta-compex.com
CustomerLog /logs/beta-comlex_log
ErrorLog /logs/beta-comples_log
DocumentRoot /home/www/beta-compex
</VirtualHost>

27
Apache's Order for Containers
• <Directory>
• <DirectoryMatch>
• <Files> & <FileMatch>
• <Location> or <LocationMatch>
• <Limit>&<LimitExecpt>

28
 Server-Level Directives
• Directives that make sense only at the server level must
be defined outside of any kind of container tag.
• They cannot be defined in a .htaccess file.
– Name of the server
– Port and IP address
– e-mail of the administrator and error and access log
ServerName www.trng.nic.in
ServerAdmin infra@alha.nic.in
CustomeLog /log/access-log
Global scope
DocumentRoot /home/www/alpha-complex
• All of then can be set on <VirtualHost>
ServerName www.trng.nic.in
ServerAdmin infra@alha.nic.in Local Scope
CustomeLog /log/access-log
DocumentRoot /home/www/alpha-complex
29
 Server-Level Directives
• ServerName directive – Apache must always know
hostname of server it is on
– ServerName www.mtsac.edu
• ServerRoot directive – directory where server lives
• DocumentRoot directive – lop level directory where
Apache serves files
• ScriptAlias directive – directory where executable
scripts are, e.g. /cgi-bin/
• ErrorDocument - defines easier to read custom error
responses
• DefaultType – redefine default MIME
30
Server-Level Directives
• To improve server security, we can specify a
default set of highly restricted privileges, and
then only enable them again in specific places.
<Director />
Options none
AllowOverride none
Order allow, deny
Deny from all
</Directory>
– Then
<Directory>
Allow from all
</Directory>

31
 Server-Level Directives
• Options
– Controls which server features available in a particular
directory
• All enables all options , which is usually not desirable
• ExecCGI permits execution of CGI scripts. This is required for any
kind of executable content to function.
• FollowSymLinks Files or directories referred to via symbolic links will
be followed.
• Includes permits Server Side Includes.
• IncludesNOEXEC disables #exec and #include of SSI scripts
• Indexes if a URL maps to a directory , apache will create and
return a formatted listing of the directory contents.
• MultiViews this allows contents negotiation.
• SymLinksIfOwnerMatch the server follow only sybmolic links
for which the target file or directory is owned by the
same userID as the link.
32
 Per-directory Directives
• .htaccess apache allows the server
configuration to be supplemented with per-
directory configuration files. It looks for files
called .htaccess and treats them as if they were
in a <Directory> container for that directory.
• When apache receives a URL that takes into
access to a directory for which overrides are
enabled, the directory and every parent directory
are examined for the presence of a .htaccess file.
Each on found is merged with any <Directory>
container defined for the same directory level.
33
 Per-Directory Directives
• Controls how .htaccess files are handled,Defines which
directives override others.
– All enables all overrides.
– None Disables all directives and prevents apache from
searching for parent directory configuration files.
– Authconfig Allows use of the authorization directives
provided by mod_auth and their equivelents in the
other authentication modules.
– FileInfo Allows use of directives controlling file types
and handle .
– Indexes Enables the directives controlling the
appearance of directory indices as genrated by
apache.
– Limit Allows use of the allow, deny, and order mod_access
directives.
– Options enables use of the options directives.. 34
Conditional Configuration
• Configuration files can contain sections that should
only be used under certain conditions. By enclosing
section of the configuration in <IfDefine> or
<IfModule> directives.
$httpd –D UserRewrite
<IfDefine UserRewrite>
LoadModule rewrite_module libexec/mod_rewrite.so
</IfDefine>
Or
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteLog logs/rewrite.log
RewriteLogLevele 9
</IfModule>

35
 Hosting more than one web site
• User home pages
– The simplest approach is to group all sites under one
controlling host name.
– User can maintain their own home pages without
reconfiguring the server each time a new user added.
– Users may use limited configuration by creating
.htaccess files inside their directory.
– Apache support this model with the UserDir
directive.
• UserDir public_html
• http://www.trng.nic.in/~user1/colours.html will expand to
• /home/user1/public_html/colours.html
36
 Hosting more than one web site
• Separate Servers
– By running more then one instance of Apache at
the same time.
– Each instance is configured with a differenet IP
address and Port number.
– It consume more memory than a single instance,
and there is no sharing of resources.
– Good when running an one secure and reliable
server and one testing server.
– Httpd –f conf/server1.conf
– Httpd –f conf/server2.conf

37
Hosting more than one web site
• IP-based virtual hosting
– Each web sites needs to have its own IP
address, therefore needs either mulitple network
interface or multiple IP addresses on one
interface.
– Allows multiple web sites to share the same
pool of server processes and configuration.

38
Hosting more than one web site
• Named-based virtual hosting
– Allows multiple web sites to share the same IP
address.
– Supports hosting based on names.
–

39
 User Home Directories
• Allow users to publish their own Web pages
• Relative path – directory that becomes
document root: userDir
• Absolute path
• Absolute with placeholder
• Redirect requests for user home directories

40
 User Home Directories – cont.
• Enabling/Disabling Mappings
• suExec
– Enables users to run CGI programs under their
own directories rather than that of server
– Configure Apache to use it
• Request Redirection – enables certain
directories to be used by others

41