0

 Apache HTTP Server Comfigure:
www.linuxhomenetworking.com


Managing the Apache Server

Managing Apache's httpd daemon is easy to do, but the procedure differs between Linux distributions. Here are some things to keep in mind.
  1. Firstly, different Linux distributions use different daemon management systems. Each system has its own set of commands to do similar operations. The most commonly used daemon management systems are SysV and Systemd.
  2. Secondly, the daemon name needs to be known. In this case the name of the daemon is httpd.
Armed with this information you can know how to:
  1. Start your daemons automatically on booting
  2. Stop, start and restart them later on during troubleshooting or when a configuration file change needs to be applied.
For more details on this, please take a look at the "Managing Daemons" section of Chapter 6 "Installing Linux Software" Note: Remember to configure your daemon to start automatically upon your next reboot.

Configuring DNS For Apache

Remember that you will never receive the correct traffic unless you configure DNS for your domain to make your new Linux box Web server the target of the DNS domain's www entry. To do this, refer to Chapter 18, "Configuring DNS", or Chapter 19, "Dynamic DNS".

DHCP and Apache

As you remember, if your Internet connection uses DHCP to get its IP address, then you need to use dynamic DNS to get the correct Internet DNS entry for your Web server. If your Web server and firewall are different machines, then you probably also need to set up port forwarding for your Web traffic to reach the Web server correctly. (Chapter 19, "Dynamic DNS", explains port forwarding, as well.).
DHCP on your protected home network is different. In the book's sample topology, the web server lives on the 192.168.1.0 home network protected by a firewall. The firewall uses NAT and port forwarding to pass Internet traffic on to the web server. Remember that the IP address of your web server can change if it gets its IP address using DHCP. This could cause your firewall port forwarding, not Dynamic DNS, to break.
In this case I recommend that your web server on the 192.168.1.0 network uses a fixed, or static IP address that is outside of the range of the DHCP server to prevent you from having this problem.

General Configuration Steps

The configuration file used by Apache is /etc/httpd/conf/httpd.conf in Redhat / Fedora distributions and /etc/apache*/httpd.conf in Debian / Ubuntu distributions. As for most Linux applications, you must restart Apache before changes to this configuration file take effect.

Where To Put Your Web Pages

All the statements that define the features of each web site are grouped together inside their own <VirtualHost> section, or container, in the httpd.conf file. The most commonly used statements, or directives, inside a <VirtualHost> container are:
  • servername: Defines the name of the website managed by the <VirtualHost> container. This is needed in named virtual hosting only, as I'll explain soon.
  • DocumentRoot: Defines the directory in which the web pages for the site can be found.
By default, Apache searches the DocumentRoot directory for an index, or home, page named index.html. So for example, if you have a servername of www.my-site.com with a DocumentRoot directory of /home/www/site1/, Apache displays the contents of the file /home/www/site1/index.html when you enter in your browser.
Some editors, such as Microsoft FrontPage, create files with an .htm extension, not .html. This isn't usually a problem if all your HTML files have hyperlinks pointing to files ending in .htm as FrontPage does. The problem occurs with Apache not recognizing the topmost index.htm page. The easiest solution is to create a symbolic link (known as a shortcut to Windows users) called index.html pointing to the file index.htm. This then enables you to edit or copy the file index.htm with index.html being updated automatically. You'll almost never have to worry about index.html and Apache again!
This example creates a symbolic link to index.html in the /home/www/site1 directory.
[root@bigboy tmp]# cd /home/www/site1
[root@bigboy site1]# ln -s index.htm index.html
[root@bigboy site1]# ll index.*
-rw-rw-r-- 1 root root 48590 Jun 18 23:43 index.htm
lrwxrwxrwx 1 root root 9 Jun 21 18:05 index.html -> index.htm
[root@bigboy site1]#
The l at the very beginning of the index.html entry signifies a link and the -> the link target.

The Default File Location

By default, Apache expects to find all its web page files in the /var/www/html/ directory with a generic DocumentRoot statement at the beginning of httpd.conf. The examples in this chapter use the /home/www directory to illustrate how you can place them in other locations successfully.

File Permissions And Apache

Apache will display Web page files as long as they are world readable. You have to make sure you make all the files and subdirectories in your DocumentRoot have the correct permissions.
It is a good idea to have the files owned by a nonprivileged user so that Web developers can update the files using FTP or SCP without requiring the root password.
To do this:
  1. Create a user with a home directory of /home/www.
  2. Recursively change the file ownership permissions of the /home/www directory and all its subdirectories.
  3. Change the permissions on the /home/www directory to 755, which allows all users, including the Apache's httpd daemon, to read the files inside.
[root@bigboy tmp]# useradd -g users www
[root@bigboy tmp]# chown -R www:users /home/www
[root@bigboy tmp]# chmod 755 /home/www
Now we test for the new ownership with the ll command.
[root@bigboy tmp]# ll /home/www/site1/index.*
-rw-rw-r-- 1 www users 48590 Jun 25 23:43 index.htm
lrwxrwxrwx 1 www users 9 Jun 25 18:05 index.html -> index.htm
[root@bigboy tmp]#
Note: Be sure to FTP or SCP new files to your web server as this new user. This will make all the transferred files automatically have the correct ownership.
If you browse your Web site after configuring Apache and get a "403 Forbidden" permissions-related error on your screen, then your files or directories under your DocumentRoot most likely have incorrect permissions. Appendix II, "Codes, Scripts, and Configurations," has a short script that you can use to recursively set the file permissions in a directory to match those expected by Apache. You may also have to use the Directory directive to make Apache serve the pages once the file permissions have been correctly set. If you have your files in the default /home/www directory then this second step becomes unnecessary.

Security Contexts For Web Pages

Fedora Core 3 introduced the concept of security contexts as part of the Security Enhanced Linux (SELinux) definition. (See Appendix I, "Miscellaneous Linux Topics," for details.) A Web page may have the right permissions, but the Apache httpd daemon won't be able to read it unless you assign it the correct security context or daemon access permissions. Context-related configuration errors will give "403 Forbidden" browser messages, and in some cases, you will get the default Fedora Apache page where your expected Web page should be.
When a file is created, it inherits the security context of its parent directory. If you decide to place your Web pages in the default /var/www/ directory, then they will inherit the context of that directory and you should have very few problems.
The context of a file depends on the SELinux label it is given. The most important types of security label are listed in Table 20-1.

Or Other System For Server

Chapter 26. Apache HTTP Server Configuration

Red Hat Enterprise Linux provides version 2.0 of the Apache HTTP Server. If you want to migrate an existing configuration file by hand, refer to the migration guide at /usr/share/doc/httpd-<ver>/migration.html or the Red Hat Enterprise Linux Reference Guide for details.
If you configured the Apache HTTP Server with the HTTP Configuration Tool in previous versions of Red Hat Enterprise Linux and then performed an upgrade, you can use the HTTP Configuration Tool to migrate the configuration file to the new format for version 2.0. Start the HTTP Configuration Tool, make any changes to the configuration, and save it. The configuration file saved will be compatible with version 2.0.
The HTTP Configuration Tool allows you to configure the /etc/httpd/conf/httpd.conf configuration file for the Apache HTTP Server. It does not use the old srm.conf or access.conf configuration files; leave them empty. Through the graphical interface, you can configure directives such as virtual hosts, logging attributes, and maximum number of connections.
Only modules provided with Red Hat Enterprise Linux can be configured with HTTP Configuration Tool. If additional modules are installed, they can not be configured using this tool.
The httpd and redhat-config-httpd RPM packages need to be installed to use the HTTP Configuration Tool. It also requires the X Window System and root access. To start the application, go to the Main Menu Button => System Settings => Server Settings => HTTP or type the command redhat-config-httpd at a shell prompt (for example, in an XTerm or GNOME Terminal).
CautionCaution
  Do not edit the /etc/httpd/conf/httpd.conf configuration file by hand if you wish to use this tool. The HTTP Configuration Tool generates this file after you save your changes and exit the program. If you want to add additional modules or configuration options that are not available in HTTP Configuration Tool, you cannot use this tool.
The general steps for configuring the Apache HTTP Server using the HTTP Configuration Tool are as following:
  1. Configure the basic settings under the Main tab.
  2. Click on the Virtual Hosts tab and configure the default settings.
  3. Under the Virtual Hosts tab, configure the Default Virtual Host.
  4. If you want to serve more than one URL or virtual host, add the additional virtual hosts.
  5. Configure the server settings under the Server tab.
  6. Configure the connections settings under the Performance Tuning tab.
  7. Copy all necessary files to the DocumentRoot and cgi-bin directories.
  8. Exit the application and select to save your settings.

26.1. Basic Settings

Use the Main tab to configure the basic server settings.
Figure 26-1. Basic Settings
Enter a fully qualified domain name that you have the right to use in the Server Name text area. This option corresponds to the ServerName directive in httpd.conf. The ServerName directive sets the hostname of the Web server. It is used when creating redirection URLs. If you do not define a server name, the Web server attempts to resolve it from the IP address of the system. The server name does not have to be the domain name resolved from the IP address of the server. For example, you might want to set the server name to www.example.com when your server's real DNS name is actually foo.example.com.
Enter the email address of the person who maintains the Web server in the Webmaster email address text area. This option corresponds to the ServerAdmin directive in httpd.conf. If you configure the server's error pages to contain an email address, this email address will be used so that users can report a problem by sending email to the server's administrator. The default value is root@localhost.
Use the Available Addresses area to define the ports on which the server will accept incoming requests. This option corresponds to the Listen directive in httpd.conf. By default, Red Hat configures the Apache HTTP Server to listen to port 80 for non-secure Web communications.
Click the Add button to define additional ports on which to accept requests. A window as shown in Figure 26-2 will appear. Either choose the Listen to all addresses option to listen to all IP addresses on the defined port or specify a particular IP address over which the server will accept connections in the Address field. Only specify one IP address per port number. If you want to specify more than one IP address with the same port number, create an entry for each IP address. If at all possible, use an IP address instead of a domain name to prevent a DNS lookup failure. Refer to http://httpd.apache.org/docs-2.0/dns-caveats.html for more information about Issues Regarding DNS and Apache.
Entering an asterisk (*) in the Address field is the same as choosing Listen to all addresses. Clicking the Edit button in the Available Addresses frame shows the same window as the Add button except with the fields populated for the selected entry. To delete an entry, select it and click the Delete button.
TipTip
  If you set the server to listen to a port under 1024, you must be root to start it. For port 1024 and above, httpd can be started as a regular user.




Post a Comment

 
Top