Slides Apache 2x2

Web Server: Principles and
Berner Fachhochschule-Technik und Informatik

Configuration
Introduction
Presentation of Apache
Web Programming Principles of a Web Server
8) Web Server: Principles and Apache
Configuration Installation
Apache Configuration
Network and Connexions
Dr. E. Benoist File Handling
Log Files
Fall Semester 2010/2011 Control Instructions
Authorizations and Access Control
Virtual Hosts
Web Programming 8) Web Server: Principles and Configuration Web Programming 8) Web Server: Principles and Configuration
1 2
State of the art What is APACHE ?

I HTTP Deamon
I APACHE = a Patchy Server
What are the servers of the internet?
Developer August 2007 Percent Sept. 2007 Percent Change I Great compatibility with HTTP/1.1
Apache 65,153,417 50.96% 68,228,561 50.48% -0.49 I Very fast to execute
Microsoft 43,861,854 34.31% 47,232,300 34.94% 0.63
I Real Modularity of the configuration
Google 5,702,456 4.46% 6,616,713 4.90% 0.43
I Possibility to have virtual servers
Sun 2,195,495 1.72% 2,212,821 1.64% -0.08
lighttpd 1,500,126 1.17% 1,515,963 1.12% -0.05 I Almost 70% of the servers in the world
(Source : www.netcraft.com, the servers name of 135,166,473 sites) I Possibility of a SSL server
I Multiplateforms : Unix, Windows, Mac-OS, OS/2,
Amiga, . . .
Introduction: Presentation of Apache 3 Introduction: Presentation of Apache 4
How does a web server run ? World Wide Web - Client
Server Architecture
I A “Server” application (deamon) listen to a
communication port Files
URL = Request
I standard port: 80 (< 1024 hence only root can access)
I “Master” server: run with root id; listen to port 80 Browser Server
I “Slave” servers: are lunched by the master and run with

an other ID (default is nobody) HTML File = Response
I Treatment of a communication Client Server machine Resources
1. The master receves a connection on port 80,

2. it lunches the slave and transfer the communication canal
3. the slave treates the request(s) and send the response back PHP
Servlets
JSP
Scripts
....
Introduction: Principles of a Web Server 5 Introduction: Principles of a Web Server 6
Web Server vs File System How to install Apache Server

On my localhost (XAMPP) server
I A request for the directory : “/” I Download sources on the www.apache.org server
goes to : “/opt/lampp/htdocs/”
I Uncompress files in a temporary directory
I A request for the directory : “/∼bie1/”
I Read the documentation
goes to : “/home/bie1/public html”
I Run configure and Set up the configuration of your server
I Request for “/∼bie1/../../etc/passwd”
I Compile
Bad Request
I Configure your server (its httpd.conf file)
Your browser sent a request that this server
could not understand. I Run the server and see the page : “It Worked”
Invalid URI in request GET /~bie1/../../etc/passwd HTTP/1.0 Or more simply: download and install XAMPP
Apache/1.3.9 Server at localhost Port 80
Introduction: Principles of a Web Server 7 Apache: Installation 8
Configure the server httpd.conf : network
I ServerType : inetd or standalone;
I ServerName : name returned to the client (must be in the
DNS);
I Configuration of the HTTP Deamon : httpd.conf I Port : port used by the master (80 for the standard
I Port, user ID, root of the server, timeouts, virtual servers, configuration);
number of clients, etc. I BindAddress : Used to limit IP addresses (if more than one);
I Virtual Hosts can be inculded or imported from separate files I Listen : replaces Port and BindAddress if more than one IP
address;
I HostnameLookups : on or off, reserch of the name of the
client;
I User and Group : user ID and group ID for slave processus;
I ServerAdmin : email of the administrator.
Apache Configuration 9 Apache Configuration: Network and Connexions 10
http.conf : connections http.conf : connections (Cont.)

Timeout : maximum delay of a seponse (cgi, php, network access, nfs);
Keepalive : on or off;
I MaxKeepAliveRequests : number of requests for a connection;
I KeepAliveTimeout : maximum delay between two request in a <IfModule prefork.c>
connection; StartServers 5
Server-Pool Size Regulation (MPM specific) MinSpareServers 5
MaxSpareServers 10
I StartServers: number of server processes to start
MaxClients 150
I MinSpareServers: minimum number of server processes which are MaxRequestsPerChild 0
kept spare </IfModule>
I MaxSpareServers: max nb of server processes which are kept
spare
I MaxClients: max nb of server processes allowed to start
I MaxRequestsPerChild: max nb of requests a server process serves
Apache Configuration: Network and Connexions 11 Apache Configuration: Network and Connexions 12
httpd.conf : files httpd.conf : Log files
I ServerRoot : root directory of the server Log files
I ErrorLog : name of the file containing the log of errors ;
ServerRoot "/home/bie/"
ErrorLog logs/error_log
I DocumentRoot : root directory of the files I LogLevel : Level of the message for the error log (debug,
DocumentRoot "htdocs" info, notice, warn, error, crit, alert, emerg)
or
LogLevel warn
DocumentRoot "/home/bie//htdocs"
I LogFormat Defines a new format for log files
I UserDir : root of user home (corresponds to
http://<server>/~<user>) LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"
%{User-Agent}i\"" combined
UserDir www
or
LogFormat "%h %l %u %t \"%r\" %>s %b" common
UserDir public_html LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
I PidFile : where does httpd put its pid when started.
I CustomLog : name and format of access files
<IfModule !mpm_netware.c> PidFile logs/httpd.pid CustomLog logs/access_log common
</IfModule>
Apache Configuration: File Handling 13 Apache Configuration: Log Files 14
Log files : access log Log files : error log

File : /var/apache/logs/www.hes-be.ch transfer.log
File : /var/apache/logs/www.hes-be.ch error.log
128.173.188.78 - - [13/Apr/2000:13:39:12 +0200]
"GET /portrait/facts.html HTTP/1.0" 200 17898
"http://www.hes-be.ch/portrait.html"
[Thu Apr 13 07:22:59 2000] [error] [client 204.123.13.65]
"Mozilla/4.61 [en] (WinNT; U)" File does not exist:
/usr/local/www/apache/vhosts/www.hes-be.ch/data/f.html
128.173.188.78 - - [13/Apr/2000:13:39:13 +0200]
"GET /portrait/navportrat/fachhochschulenn.gif HTTP/1.0" 200 180
"http://www.hes-be.ch/portrait/facts.html"
"Mozilla/4.61 [en] (WinNT; U)" File does not exist:
/usr/local/www/apache/vhosts/www.hes-be.ch/data/e.html
216.35.116.65 - - [13/Apr/2000:14:25:35 +0200]
"GET /page32/f.html HTTP/1.0" 404 276
"-" "Slurp.so/1.0 (slurp@inktomi.com;
http://www.inktomi.com/slurp.html)" File does not exist:
/usr/local/www/apache/vhosts/www.hes-be.ch/data/page32/f.html
147.87.65.34 - - [13/Apr/2000:14:37:41 +0200]
"GET /~bie HTTP/1.0" 404 267
"-" "Mozilla/4.7 [en] (X11; I; SunOS 5.7 sun4u)"
Apache Configuration: Log Files 15 Apache Configuration: Log Files 16
File system Default
I DirectoryIndex : default index file (for instance index.html)
I FancyIndexing how to display a directory
IndexOptions FancyIndexing VersionSort
I AddIconByType : Add icon to show for different mime type
Alias : enables to use a directory that is not under the document of file
root AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
Alias /icons/ ‘‘/home/bie/webserver/icons/’’ I Addicon : Tells wich icon to use for a filename extension
AddIcon /icons/tar.gif .tar
I DefaultIcon : When no type is found
DefaultIcon /icons/unknown.gif
I IndexIgnore : files that will not be displayed (e.g. .toto
toto∼)
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
Document types Treatments

Redirect : to redirect a directory to a server : /toto/ will be redirected
I AddType : allows to tweak mime.type without editing it to http://serv.toto.ch/
(useful for php)
Redirect old-URI new-URL
# since LAMPP 1.0RC1
AddType application/x-httpd-php .php .php3 .php4 AddHandler : allows to map file extensions to “handlers”
I DefaultType : default type of an unknown file AddHandler cgi-script .cgi

AddHandler imap-file map
DefaultType text/plain
Action : define media types that will execute a script whenever a
I AddEncoding : allows you to have browsers uncompress on matching file is called.
the fly
AddEncoding x-compress Z Format: Action media/type /cgi-script/location
Format: Action handler-name /cgi-script/location
AddEncoding x-gzip gz tgz
I AddLanguage : to specifie the language of a document ErrorDocument : Customizable error response
AddLanguage fr .fr ErrorDocument 404 /missing.html
AddLanguage he .he ErrorDocument 404 /cgi-bin/missing_handler.pl
AddLanguage hr .hr ErrorDocument 402 http://some.other_server.com/subscibe_info.html
Control on the operations Control on the operations
I Some orders are only valid for a specific directory (Cont.)
<Directory dir name> orders </Directory>
<Directory "/opt/lampp/htdocs">
Options Indexes FollowSymLinks ExecCGI Includes
AllowOverride All I Or for files matching a specific regular expression
Order allow,deny <FilesMatch regExp> orders </FilesMatch>
Allow from all
</Directory> <FilesMatch "^\.ht">
Order allow,deny
Deny from all
I Or if a module was loaded (they are only valid for this module)
</FilesMatch>
<IfModule module name> orders </IfModule>
<IfModule dir_module>
DirectoryIndex index.html index.html.var index.php index.php3 index.php4
</IfModule>
Apache Configuration: Control Instructions 21 Apache Configuration: Control Instructions 22
Authorizations Access Control

Order : what to test first
Deny: Machines that are not allowed
Allow: Machine that are allowed
<Directory /home/*/public_html>
I Options : what can we do – This may be ”None”, ”All”, or AllowOverride FileInfo AuthConfig Limit Indexes
any combination of ”Indexes”, ”Includes”, ”FollowSymLinks”, Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
<Limit GET POST OPTIONS PROPFIND>
”ExecCGI”, or ”MultiViews”. Order allow,deny
Options Indexes FollowSymLinks MultiViews Allow from all
</Limit>
I AllowOverride : what .htaccess files can override. <LimitExcept GET POST OPTIONS PROPFIND>
Order deny,allow
AllowOverride None Deny from all
</LimitExcept>
</Directory>
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
Apache Configuration: Authorizations and Access Control 23 Apache Configuration: Authorizations and Access Control 24
Protection with password Protection with password
I In the httpd.conf (Cont.)
AccessFileName : name of the file for access control (in
each directory) I File .htgroup
AccessFileName .htaccess group1 toto1 toto2 toto3
group2 titi1 titi2
I File .htaccess
I File .htpasswd : generated by the program bin/htpasswd
AuthName Any_Name
AuthType Basic toto1:GZomFT8JmJGsc
AuthUserFile <absolute path>/.htpasswd toto2:FQ3UzRLn52/sw
AuthGroupFile <absolute path>/.htgroup toto3:<coded password>
<Limit GET POST> titi1:<coded password>
require group group1 group2 titi2:<coded password>
require user emmanuel jean emmanuel:<coded password>
</Limit> jean:<coded password>
Apache Configuration: Authorizations and Access Control 25 Apache Configuration: Authorizations and Access Control 26
Vitrual Hosts Virtual Hosts : in biel

Two domains for one server
httpd.conf
<VirtualHost www.smallco.com>
ServerAdmin webmaster@mail.smallco.com ### Section 3: Virtual Hosts
DocumentRoot /groups/smallco/www #
ServerName www.smallco.com NameVirtualHost 147.87.65.7
ErrorLog /groups/smallco/logs/error_log Include vhosts/enigma.hta-bi.bfh.ch/vhost.conf
CustomLog logs/smallco.com-access_log common Include vhosts/www.bfh.ch/vhost.conf
</VirtualHost> Include vhosts/www.hes-be.ch/vhost.conf
<VirtualHost www.baygroup.org> Include vhosts/www.abegg.bfh.ch/vhost.conf
ServerAdmin webmaster@mail.baygroup.org Include vhosts/www.hgkk.bfh.ch/vhost.conf
DocumentRoot /groups/baygroup/www Include vhosts/www.hta-bi.bfh.ch/vhost.conf
ServerName www.baygroup.org Include vhosts/sims.hta-bi.bfh.ch/vhost.conf
ErrorLog /groups/baygroup/logs/error_log Include vhosts/webaccess.hta-bi.bfh.ch/vhost.conf
CustomLog logs/baygroup.org-access_log common Include vhosts/sun-file.hta-bi.bfh.ch/vhost.conf
</VirtualHost>
Virtual Hosts 27 Virtual Hosts 28
Virtual Hosts : in biel school of Conclusion
engineering (Cont.)
File : vhosts/enigma.hta-bi.bfh.ch/vhost.conf I Web Server Configuration
<VirtualHost 147.87.65.7> • Similar for Tomcat or other servers
ServerName
ServerAdmin
enigma.hta-bi.bfh.ch
sungroup@hta-bi.bfh.ch
• Matching of Request with Resource?
RewriteEngine On • Which Response must be given for a given file?
RewriteLogLevel 9
ErrorLog /var/apache/logs/enigma.hta-bi.bfh.ch_error.log I Lots of possible configuration
CustomLog /var/apache/logs/enigma.hta-bi.bfh.ch_transfer.log combined
RewriteLog
DirectoryIndex
/var/apache/logs/enigma.hta-bi.bfh.ch_rewrite.log
index.html e.html
• Virtual servers
AccessFileName .htaccess • HTTPS servers (with double direction recognition)
RewriteRule ^/icons/(.*) /usr/local/www/apache/icons/$1 [L]
RewriteRule ^/(.*) /usr/local/www/apache/vhosts/enigma.hta-bi.bfh.ch/data/$1 [L] • Integration of numerous modules
<Directory /usr/local/www/apache/vhosts/enigma.hta-bi.bfh.ch/data>
Options Indexes FollowSymLinks
• mod access, mod actions , mod alias, mod asis,
AllowOverride None mod auth, mod auth anon, mod auth db, mod auth dbm, . . .
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Virtual Hosts 29 Virtual Hosts 30

Slides Apache 2x2

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Slides Apache 2x2

Uploaded by

Copyright:

Available Formats

Web Server: Principles and

Berner Fachhochschule-Technik und Informatik

State of the art What is APACHE ?

I “Slave” servers: are lunched by the master and run with

I Treatment of a communication Client Server machine Resources

1. The master receves a connection on port 80,

Web Server vs File System How to install Apache Server

Apache/1.3.9 Server at localhost Port 80

http.conf : connections http.conf : connections (Cont.)

Log files : access log Log files : error log

Document types Treatments

I DefaultType : default type of an unknown file AddHandler cgi-script .cgi

Authorizations Access Control

Vitrual Hosts Virtual Hosts : in biel

You might also like