Scribd Logo
Upload

Welcome to Scribd!

  • Networking Slides

    Uploaded by

    Nisal Upendra
    23 views20 pages
    networking slides assignment

    Original Title

    networking slides

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    networking slides assignment

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    23 views20 pages

    Networking Slides

    Uploaded by

    Nisal Upendra
    networking slides assignment

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 20

    APACHE CONFIGURATION ASSIGNMENT

    Assignment 4- ICT3014System and Network Administration Name: K. A. N. Upendra Index: 10020705

    ANSWER FOR QUESTION 1 Firstly apache must be installed. (If it is not installed, use the command
    sudo apt-get install apache2 to install it) The following directories and files must be created. For that we can use the terminal and enter following commands. Location for contents of site (Path- var/www/htdocs/ucsc) cd /var/www mkdir htdocs cd htdocs

    mkdir ucsc

    Location for access logs (Path var/log/access/ucsc) cd /var/log

    mkdir access
    cd access touch ucsc.log

    Location for error logs (Path var/log/error/ucsc)


    cd /var/log mkdir error cd error

    touch ucsc.log
    Or alternatively Nautilus can be used in sudo mode using the command sudo nautilus

    Afterwards, go to the server configuration file apache.conf at etc/apache2/ and append the following highlighted lines.
    <VirtualHost 192.168.1.100:80> ServerName www.ucsc.cmb.ac.lk ServerAdmin webmaster@ucsc.lk ServerAlias www.ucsc.lk DocumentRoot /var/www/htdocs/ucsc ErrorDocument 404 /error.html <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/htdocs/ucsc> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog /var/log/error/ucsc/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/access/ucsc/access.log simpleformat </VirtualHost>

    <VirtualHost 192.168.1.100:80> ServerName www.ucsc.lk ServerAdmin webmaster@ucsc.lk ServerAlias www.ucsc.lk DocumentRoot /var/www/htdocs/ucsc ErrorDocument 404 /error.html <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/htdocs/ucsc> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog /var/log/error/ucsc/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/access/ucsc/access.log simpleformat </VirtualHost>

    Now add the domain information to the local DNS file hosts at /etc/. 127.0.0.1 127.0.1.1 localhost ubuntu.ubuntu-domain ubuntu

    192.168.1.100 www.ucsc.cmb.ac.lk www.ucsc.lk 192.168.1.100 # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet

    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes ff02::2 ip6-allrouters

    After setting up the configuration, you need to restart apache using he following command. /etc/init.d/apache2 restart

    ANSWER TO QUESTION 2
    When we type 192.168.1.100 in the browser address bar, the page for www.ucsc.cmb.ac.lk will show. The reason for this is that high priority is given to the first domain in the hosts file at /etc.

    ANSWER TO QUESTION 3
    To view defaultpage.html when we type 192.168.1.100, we have to add another virtual host to the apache2 configuration file and the local DNS. Add this to apache2.conf: <VirtualHost 192.168.1.100:80> ServerName 192.168.1.100 ServerAdmin webmaster@ucsc.lk

    DocumentRoot /var/www/htdocs/ucsc
    DirectoryIndex defaultpage.html ErrorDocument 404 error.html

    ErrorLog /var/log/access/ucsc/error.log

    CustomLog /var/log/error/ucsc/access.log SimpleFormat


    </VirtualHost>

    Change the local DNS as follows:


    127.0.0.1 127.0.1.1 localhost ubuntu.ubuntu-domain ubuntu

    192.168.1.100 www.ucsc.cmb.ac.lk

    www.ucsc.lk

    192.168.1.100

    # The following lines are desirable for IPv6 capable hosts ::1 ff00::0 ff02::1 ff02::2 localhost ip6-localhost ip6-loopback ip6-mcastprefix ip6-allnodes ip6-allrouters

    fe00::0 ip6-localnet

    ff02::3

    ip6-allhosts

    After that restart apache.


    /etc/init.d/apache2 restart

    ANSWER TO QUESTION 4
    First we need to define the format of the custom access log . The elements of the log format are:

    (%t)-The time that the server finished processing the request


    (%>s)-This is the status code that the server sends back to the client (%b)-The size of the object returned to the client, not including the response
    headers.

    Now add the following log format in the apache2.conf file. LogFormat %t %s %b simpleformat

    Customized log format

    Log format name

    After defining the LogFormat, add that customized log format to all of the Virtual Hosts.
    CustomLog /var/log/access/ucsc/access.log simpleformat

    Finally restart apache2.


    /etc/init.d/apache2 restart

    ACCESS.LOG FILE SCREENSHOT

    ANSWER TO QUESTION 5
    To make the server ready for SSL support, first we need to enable SSL module to apache. The command is: a2enmod ssl

    The following changes have to be included In the server port configuration file at /etc/apache2
    <IfModule mod_ssl.c> Listen 443

    </IfModule>
    The default SSL port is 443.

    The SSL options also need to be included into Virtual hosts. For that the following data is added to apache2.conf file at /etc/apache2.
    NameVirtualHost 192.168.1.100:443 <VirtualHost 192.168.1.100:443> DocumentRoot "/var/www/htdocs/ucsc" SSLEngine on SSLOptions +StrictRequire <Directory /> SSLRequireSSL </Directory> SSLProtocol -all +TLSv1 +SSLv3 SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM

    SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key


    SSLVerifyClient none SSLProxyEngine off <IfModule mime.c> AddType application/x-x509-ca-cert AddType application/x-pkcs7-crl </IfModule> </VirtualHost> .crt .crl

    EXPLANATION OF CONFIGURATION FILE


    SSLEngine on will enable the server to SSL mode. DocumentRoot This is the root directory for the virtual host. SSLRequireSSL Means that an SSL connection must be used and that an http connection cannot be used to connect. SSLProtocol will disable all other protocols other than TLS v1.0 and SSL v3.0 SSLCipherSuit we can set this to use HIGH and MEDIUM Security ciphers as we wish. SSLCertificateFile This will tell where the our certificate file can be found.

    THANK YOU!

    You might also like