Cover image for Apache Administrator's Handbook

Apache Administrator's Handbook

Author Allan Liska , Daniel Lõpez Ridruejo , Rich Bowen
Release Date: 2002/03/01
ISBN: 0672322749
Topic:
0%
45
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Book Description

The Apache Web server runs more than 55 percent of the sites on the Internet, making it the number one Web server, and more widely used than all other Web server combined. Apache 2.0 is the first majore release of Apache since its inception, and represents a complete change in Apache architecture--one requiring that administrators and developers learn new procedures and techniques for configuring and maintaining the Apache server.

Apache Administrator's Handbook is a practical hands-on guide to the installation, configuration, and administration of the Apache Web server. It will show you how to build and configure Apache with the features and modules you need, how to seucre the server, how to interpret log files, and how to tune the server's performance. While aimed primarily at Apache server administrators, the book also contains information for developers interested in building dynamic Web sites on top of the Apache server using either CGI or mod_perl.

Table of Contents

  1. Copyright
    1. Dedication
  2. About the Lead Author
  3. About the Contributing Authors
  4. Acknowledgments
  5. Tell Us What You Think!
  6. Introduction
    1. What Is Apache?
    2. Why Use Apache?
    3. Who Else Is Using Apache?
    4. Who Is This Book For?
    5. What's with the Quotes?
    6. Conventions Used in This Book
    7. Errata, Updates, and More Information
  7. I. Installing and Configuring Your Apache Server
    1. 1. Getting Started
      1. Choosing a Web Server
        1. Compatibility Requirements
        2. Existing Knowledge
        3. Executive Edict
        4. The Customer
      2. Hardware and Software Requirements
      3. Connectivity
      4. Should I Host Somewhere Else, or Do It Myself?
        1. Connectivity
        2. Reliable Connection
        3. How Much Access Do You Need?
      5. Questions To Ask Your ISP
        1. Shared Space, Dedicated Server, Colloc?
        2. What Happens When Something Goes Wrong?
        3. Backups?
        4. Installing Software
      6. FTP, Telnet, SCP, SSH: Getting Content To Your Site
        1. Telnet and SSH—Connecting To the Server
          1. Advantages of Using Telnet
          2. Disadvantages of Using Telnet
          3. SSH—Exactly the Same, Only Different
        2. FTP and SCP—Getting Content To Your Server
          1. Using FTP
          2. Disadvantages of FTP
          3. The Solution—SCP
      7. Summary
    2. 2. Acquiring and Installing Your Apache Server
      1. Overview for the Impatient
      2. Where Do I Get It?
      3. Unpacking the Source
      4. The Source Tree
        1. cgi-bin
        2. conf
        3. htdocs
        4. icons
        5. logs
        6. src
      5. Installing Binary Distributions
        1. Installing on Windows
        2. Binary Versus Source Installation
      6. configure
        1. Configuration Options
        2. Directory and Filenames
        3. Host Type
        4. Features and Packages
        5. A Default Installation
      7. make && make install
      8. Summary
    3. 3. Starting, Stopping, and Restarting
      1. apachectl
      2. httpd
        1. Starting and Stopping with httpd
        2. Command-Line Flags
      3. Starting on System Startup
      4. Microsoft Windows
        1. Starting from the Command Line
        2. Installing as a Service
        3. Starting and Stopping Your Apache Service
          1. apache -n "service name"
          2. NT NET Command
          3. Services Control Panel
        4. Console Application
      5. Summary
    4. 4. Configuration Directives
      1. Configuration Files
      2. Configuration File Syntax
        1. Directives
        2. Sections
          1. Directory and DirectoryMatch
          2. Files and FilesMatch
          3. IfDefine
          4. IfModule
          5. Limit and LimitExcept
          6. Location and LocationMatch
          7. VirtualHost
        3. Comments
      3. Specifying a Different Configuration File
      4. Testing Your Configuration
        1. Including Directories
      5. Options: Turning on Features
        1. General Syntax
        2. ExecCGI
        3. FollowSymLinks
        4. SymLinksIfOwnerMatch
        5. Includes
        6. IncludesNOEXEC
        7. Indexes
        8. MultiViews
        9. All
        10. None
        11. Configuration Security Considerations
      6. Summary
    5. 5. Configuration Utilities
      1. GUIs and Configuration Files
      2. Webmin
        1. Existing Webmin Installation
        2. Installation
          1. Installing Webmin from Source
        3. Starting Webmin
        4. Using Webmin
          1. Top Area
          2. Global Configuration
          3. Virtual Servers
          4. Configuring a Virtual Host
          5. Delegated Administration
          6. Related Links
      3. Comanche
        1. Installation
          1. Unix
          2. Windows
        2. Using Comanche
          1. Node Structure
          2. Virtual Hosts
          3. Containers
      4. Summary
    6. 6. .htaccess files—Per-Directory Configuration
      1. AccessFileName
      2. AllowOverride
        1. AuthConfig (Authentication)
        2. FileInfo
        3. Indexes
        4. Limit
        5. Options
        6. All
        7. None
      3. Caveats and Limitations
        1. Performance
        2. Security
          1. Insufficient Directory Security
          2. CGI and SSI
          3. Symlinks
      4. Summary
    7. 7. Virtual Hosts
      1. IP-Based Virtual Hosts
        1. Setting Up Multiple IP Addresses
        2. Configuring the Virtual Host
      2. Name-Based Virtual Hosts
      3. Port-Based Virtual Hosts
      4. Bulk Virtual Hosting
        1. Per-vhost Configuration Files
        2. mod_vhost_alias
      5. Running Multiple Daemons
      6. Summary
  8. II. Advanced Configuration Techniques
    1. 8. MIME and File Types
      1. MIME and HTTP
      2. MIME Types Configuration Directives
        1. MIME Types Configuration
          1. TypesConfig
          2. AddType
          3. RemoveType
          4. DefaultType
          5. ForceType
      3. Encoding
        1. AddEncoding
        2. RemoveEncoding
      4. Character Sets and Languages
        1. AddCharset
        2. RemoveCharset
        3. AddLanguage
        4. RemoveLanguage
        5. DefaultLanguage
      5. Files with Multiple Extensions
      6. Handlers
      7. Summary
    2. 9. URL Mapping
      1. Location
      2. Alias
      3. ScriptAlias
      4. AliasMatch and ScriptAliasMatch
      5. Redirect
        1. RedirectMatch
        2. RedirectTemp and RedirectPermanent
      6. DocumentRoot
      7. Error Documents
      8. URL Rewriting
      9. Summary
    3. 10. Content Negotiation
      1. Client Preference
        1. Accept Headers
        2. Quality Factor
      2. Negotiation Methods
        1. Type Map File
        2. MultiViews
      3. Noncompliant Browsers
      4. Caching
      5. Summary
    4. 11. Directory Indexing
      1. DirectoryIndex
      2. Options +Indexes
      3. IndexOptions—”Fancy” Indexing
        1. IndexOptions Syntax
        2. FancyIndexing
        3. DescriptionWidth
        4. AddIcon
          1. AddIconByType
          2. AddIconByEncoding
          3. DefaultIcon
        5. FoldersFirst
        6. HTMLTable
        7. Icon Dimensions
        8. IconsAreLinks
        9. IgnoreClient
        10. NameWidth
        11. ScanHTMLTitles
        12. SuppressColumnSorting
        13. SuppressDescription
        14. SuppressHTMLPreamble
        15. SuppressIcon
        16. SuppressLastModified
        17. SuppressRules
        18. SuppressSize
        19. TrackModified
        20. VersionSort
      4. AddDescription
      5. Headers and Footers
      6. Ignoring Files
      7. Searching and Sorting
        1. Sorting in Version 1.3
        2. Sorting in Version 2.0
        3. IndexOrderDefault
      8. Examples
        1. Example 1
        2. Example 2
      9. Indexing Security Concerns
      10. Summary
    5. 12. Apache on Microsoft Windows
      1. Requirements
      2. Downloading
      3. Installation
        1. Installing as a Service
        2. Starting and Stopping Your Server
        3. Starting and Stopping in Win9x
          1. Running as a Console Application
          2. Running as a Service
      4. Modules
      5. Differences Between Apache on Windows and Unix
        1. Threading Versus Prefork
        2. MaxRequestsPerChild
        3. CGI Scripts
        4. .htaccess Files
        5. File Paths
      6. Summary
    6. 13. Performance Tuning
      1. Optimize the Right Thing
        1. ApacheBench
        2. Profiling
      2. Hardware Requirements
        1. Memory
        2. Disk
        3. CPU
      3. Apache Configuration
        1. HostnameLookups
        2. Symlinks
        3. AllowOverride and .htaccess Files
        4. Content Negotiation
        5. Process Creation
      4. Caching and Proxying
        1. mod_proxy
        2. Squid
      5. Summary
  9. III. Dynamic Content
    1. 14. Handlers and Filters
      1. Handlers
        1. Configuration
          1. AddHandler
          2. SetHandler
          3. RemoveHandler
          4. Action
        2. default-handler
        3. send-as-is
        4. cgi-script
        5. imap-file
          1. Client-Side Image Maps
          2. Server-Side Image Maps
        6. server-info
        7. server-status
        8. server-parsed
        9. type-map
      2. Custom Handlers
      3. Filters
        1. Configuration for Filters
          1. AddInputFilter
          2. SetInputFilter
          3. AddOutputFilter
          4. SetOutputFilter
        2. INCLUDES Filter
      4. Summary
    2. 15. CGI Programs
      1. Apache Configuration
        1. Options ExecCGI
        2. AddHandler cgi-script
        3. SetHandler cgi-script
        4. ScriptAlias
      2. The Anatomy of a CGI Program
      3. Input
        1. Environment Variables
          1. Standard Environment Variables
        2. Other Environment Variables
        3. Form Input
          1. Form Tag
          2. Text Input
          3. Password Fields
          4. Radio Buttons
          5. Checkbox
          6. Select List
          7. Textarea
          8. Hidden Form Fields
          9. Submit Buttons
          10. Reset Buttons
        4. GET Requests
        5. POST Requests
        6. Decoding Form Data
      4. Output
      5. Example Programs
        1. Simple CGI program—Perl
          1. The Source
          2. An Explanation
          3. Getting It Working
        2. CGI Programs on Microsoft Windows
      6. Troubleshooting Common Problems
        1. Permissions
        2. Syntax Errors
        3. Invalid Headers
        4. Asking a Newsgroup for Help
      7. Limitations of CGI
      8. Summary
    3. 16. Server-Side Includes
      1. Configuration for SSI
        1. Enabling SSI by File Extension
          1. Changing Filenames
          2. Don't Expose the Mechanism
        2. Using the XBitHack Directive
      2. Using SSI Directives
        1. config
          1. errmsg
          2. sizefmt
          3. timefmt
        2. echo
        3. exec
        4. fsize
        5. flastmod
        6. include
        7. printenv
      3. Variables and Flow Control with SSI
      4. Security Considerations
      5. Summary
    4. 17. mod_perl
      1. What Is mod_perl?
        1. How Does It Work?
      2. Installation
        1. The “Simple” Form
        2. The Gory Details
        3. Start It Up!
      3. Configuration
        1. PerlRequire
      4. CGI Under mod_perl
        1. Apache::Registry
          1. Configuration
          2. Caveats
        2. Apache::PerlRun
          1. Configuration
          2. What It Does
        3. Comparing Performance
      5. Apache Handlers with mod_perl
        1. Writing a mod_perl Handler
        2. Example mod_perl Handlers
        3. Installing the Example mod_perl Handler
        4. Configuring the mod_perl Handler
        5. An Example That Is a Little More Useful
      6. Common Problems
        1. Don't Exit!
        2. Restart the Server
        3. Where Did You Get That Value?
      7. mod_perl on Windows
      8. Where To Get More Information
      9. Summary
    5. 18. PHP
      1. What Is PHP?
        1. PHP History
        2. PHP Architecture
      2. PHP Advantages and Disadvantages
        1. Advantages
        2. Drawbacks of PHP
        3. Language Comparison
          1. Java
          2. Perl
          3. ASP
      3. Downloading and Installing PHP
        1. Installing Binary Packages
        2. Installing PHP from Source Code
          1. Getting PHP
          2. Compiling PHP
      4. PHP Extensions
        1. General Options
        2. Graphics Support
        3. Flash Animation
        4. PDF Generation
        5. Database Support
        6. XML Support
        7. Session Support
      5. PHP Configuration
        1. PHP Language
        2. Error Manipulation
        3. Output Manipulation
        4. Security
        5. Dynamic Extension Support
      6. Resources
        1. PHP
        2. Support
        3. PHP Books
        4. Web Sites
        5. PHP GTK
        6. Commercial Vendors
      7. Summary
  10. IV. Security and Auditing
    1. 19. Apache Security
      1. Developing a Security Strategy
      2. Understanding *nix File Permissions
        1. Users and Groups
        2. The Apache User
        3. User Permissions
      3. Limit Modules
        1. Do You Really Need FrontPage Extensions?
      4. Cautious Server-Side Includes Usage
      5. Cautious .htaccess Usage
        1. Password Protection
      6. Using a Staging Server
      7. Special Issues for Virtual Hosts
      8. Special Issues for Windows and Apache
      9. Summary
    2. 20. Security in Dynamic Content
      1. Understanding Security Risks in Dynamic Content
      2. Compiled Versus Parsed Dynamic Content
      3. Writing Safer Dynamic Content
        1. To cgi-bin or Not
        2. Common Mistakes
        3. Perl
        4. PHP
        5. C and C++
      4. Wrappers
        1. CGIWrap
          1. URL Rewriting Engine
          2. Mod_rewrite and CGIWrap
        2. suEXEC
      5. Checking Code in Existing Scripts
      6. Special Issues with Windows CGI
      7. Summary
    3. 21. Authentication, Authorization, and Access Control
      1. Basic Authentication
        1. How Basic Authentication Works
        2. Configuration: Protecting Content with Basic Authentication
          1. Create a Password File
          2. Set the Configuration to Use This Password File
          3. Optionally, Create a Group File
        3. Frequently Asked Questions About Basic Authentication
          1. How Do I Log Out?
          2. How Can I Change What the Password Box Looks Like?
          3. How Do I Make It Not Ask Me for My Password the Next Time?
          4. Why Does It Sometimes Ask Me for My Password Twice?
        4. Security Caveat
      2. Digest Authentication
        1. How Digest Authentication Works
        2. Configuration: Protecting Content with Digest Authentication
          1. Creating a Password File (Digest Authentication)
          2. Set the Configuration to Use This Password File (Digest Authentication)
          3. Optionally, Create a Group File (Digest Authentication)
        3. Caveats
      3. Database Authentication Modules
        1. mod_auth_db and mod_auth_dbm
        2. Berkeley DB Files
        3. Installing mod_auth_db
        4. Protecting a Directory with mod_auth_db
          1. Create the User File
          2. Creating Your User File with Perl
          3. Configuration Apache to Use This Password File
          4. Optionally, Create a Group File
      4. Access Control
        1. Allow and Deny
        2. Satisfy
      5. Summary
    4. 22. SSL
      1. Cryptography
        1. Confidentiality
          1. Symmetric Cryptography
          2. Public Key Cryptography
        2. Integrity
          1. Message Authentication Codes
        3. Authentication
          1. Certificates
      2. Introduction to SSL
        1. SSL Overview
      3. Installing SSL
        1. OpenSSL
          1. Windows
          2. Unix
            1. Installing from Source
        2. mod_ssl
          1. Windows
          2. Unix
            1. Installing from Source
      4. Certificates
        1. Creating a Key Pair
        2. Creating a Certificate Signing Request
        3. Creating a Self-Signed Certificate
      5. SSL Configuration
        1. Algorithms
        2. Client Certificates
        3. Performance
        4. Logging
        5. SSL Options
        6. Name-Based Virtual Hosts
      6. Further Reading
      7. Summary
    5. 23. Web Spiders
      1. What Are Spiders?
      2. Spiders: The Good and the Bad
        1. Server Overloading
        2. Black Holes
      3. Recognizing Spiders in Your Log Files
      4. Excluding Spiders from Your Server
      5. Robot Exclusion with robots.txt
        1. The ROBOTS Meta Tag
        2. Contacting the Operator
        3. Blocking a Spider by Address
        4. Blocking a Spider by Deny from Env
      6. Writing Your Own Spider
      7. Summary
    6. 24. Logging
      1. access_log
        1. Location and Format of the access_log File
          1. LogFormat
          2. CustomLog
      2. Error Logs
        1. Location of the Error Log
        2. What's in It?
        3. Document Errors
        4. CGI Errors
        5. Watching the Error Log
      3. Log File Analysis
        1. What Your Log Files Can Tell You
        2. What Your Log Files Don't Tell You
        3. Getting Useful Statistics From Your Logs
        4. Parsing the Log Files Yourself
      4. Logging to a Process
      5. Rotating Your Log Files
        1. Logfile::Rotate
        2. logrotate
      6. Logging for Multiple Virtual Hosts
      7. Summary
  11. V. Modules
    1. 25. Introduction to Apache Modules
      1. The Apache API
      2. Installing Modules
        1. Building the Module into httpd
          1. Advantages and Disadvantages
          2. How to Install a Module
        2. Dynamic Shared Objects
          1. Advantages and Disadvantages
          2. Installing Modules As Shared Objects
      3. Summary
    2. 26. Modules Included with Apache
      1. The Modules
        1. mod_access
        2. mod_actions
        3. mod_alias
        4. mod_asis
        5. mod_auth
        6. mod_auth_anon
        7. mod_auth_db
        8. mod_auth_dbm
        9. mod_auth_digest
        10. mod_autoindex
        11. mod_cern_meta
        12. mod_cgi
        13. mod_digest
        14. mod_dir
        15. mod_env
        16. mod_example
        17. mod_expires
        18. mod_headers
        19. mod_imap
        20. mod_include
        21. mod_info
        22. mod_log_agent
        23. mod_log_config
        24. mod_log_referer
        25. mod_mime
        26. mod_mime_magic
        27. mod_mmap_static
        28. mod_negotiation
        29. mod_proxy
        30. mod_rewrite
        31. mod_setenvif
        32. mod_so
        33. mod_speling
        34. mod_status
        35. mod_unique_id
        36. mod_usertrack
        37. mod_vhost_alias
      2. Installing or Omitting a Standard Module
      3. Apache 2.0
      4. Summary
    3. 27. Special-Purpose Apache Modules
      1. Finding Apache Modules
        1. modules.apache.org
        2. CPAN
        3. Search for Them
        4. Announce Mailing List
      2. Examples of Modules
        1. User Authentication with LDAP
        2. Photo Album
      3. Summary
  12. VI. Appendixes
    1. A. The Apache Software License
    2. B. Configure Command-Line Options
    3. C. Regular Expressions
    4. D. mod_perl Example Code
      1. mod_perl Form Handler Code
    5. E. Apache History
      1. Before the Beginning
      2. In the Beginning
      3. Who's Responsible?
      4. What's Happened Recently
      5. Why It Works So Well
      6. Summary
    6. F. Where to Get More Information
      1. Web Resources
        1. ApacheAdmin.com
        2. The Apache Server Web Site
        3. Apache Week
        4. Apache Server Web Ring
      2. Usenet
        1. comp.infosystems.www.servers.*
        2. comp.infosystems.www.authoring.cgi
      3. Mailing Lists
        1. hwg-servers
        2. hwg-languages
        3. Apache Week Mailing Lists
      4. Print
      5. Summary