Home Page Icon
Home Page
Table of Contents for
V. Modules
Close
V. Modules
by Allan Liska, Daniel Lõpez Ridruejo, Rich Bowen
Apache Administrator's Handbook
Copyright
Dedication
About the Lead Author
About the Contributing Authors
Acknowledgments
Tell Us What You Think!
Introduction
What Is Apache?
Why Use Apache?
Who Else Is Using Apache?
Who Is This Book For?
What's with the Quotes?
Conventions Used in This Book
Errata, Updates, and More Information
I. Installing and Configuring Your Apache Server
1. Getting Started
Choosing a Web Server
Compatibility Requirements
Existing Knowledge
Executive Edict
The Customer
Hardware and Software Requirements
Connectivity
Should I Host Somewhere Else, or Do It Myself?
Connectivity
Reliable Connection
How Much Access Do You Need?
Questions To Ask Your ISP
Shared Space, Dedicated Server, Colloc?
What Happens When Something Goes Wrong?
Backups?
Installing Software
FTP, Telnet, SCP, SSH: Getting Content To Your Site
Telnet and SSH—Connecting To the Server
Advantages of Using Telnet
Disadvantages of Using Telnet
SSH—Exactly the Same, Only Different
FTP and SCP—Getting Content To Your Server
Using FTP
Disadvantages of FTP
The Solution—SCP
Summary
2. Acquiring and Installing Your Apache Server
Overview for the Impatient
Where Do I Get It?
Unpacking the Source
The Source Tree
cgi-bin
conf
htdocs
icons
logs
src
Installing Binary Distributions
Installing on Windows
Binary Versus Source Installation
configure
Configuration Options
Directory and Filenames
Host Type
Features and Packages
A Default Installation
make && make install
Summary
3. Starting, Stopping, and Restarting
apachectl
httpd
Starting and Stopping with httpd
Command-Line Flags
Starting on System Startup
Microsoft Windows
Starting from the Command Line
Installing as a Service
Starting and Stopping Your Apache Service
apache -n "service name"
NT NET Command
Services Control Panel
Console Application
Summary
4. Configuration Directives
Configuration Files
Configuration File Syntax
Directives
Sections
Directory and DirectoryMatch
Files and FilesMatch
IfDefine
IfModule
Limit and LimitExcept
Location and LocationMatch
VirtualHost
Comments
Specifying a Different Configuration File
Testing Your Configuration
Including Directories
Options: Turning on Features
General Syntax
ExecCGI
FollowSymLinks
SymLinksIfOwnerMatch
Includes
IncludesNOEXEC
Indexes
MultiViews
All
None
Configuration Security Considerations
Summary
5. Configuration Utilities
GUIs and Configuration Files
Webmin
Existing Webmin Installation
Installation
Installing Webmin from Source
Starting Webmin
Using Webmin
Top Area
Global Configuration
Virtual Servers
Configuring a Virtual Host
Delegated Administration
Related Links
Comanche
Installation
Unix
Windows
Using Comanche
Node Structure
Virtual Hosts
Containers
Summary
6. .htaccess files—Per-Directory Configuration
AccessFileName
AllowOverride
AuthConfig (Authentication)
FileInfo
Indexes
Limit
Options
All
None
Caveats and Limitations
Performance
Security
Insufficient Directory Security
CGI and SSI
Symlinks
Summary
7. Virtual Hosts
IP-Based Virtual Hosts
Setting Up Multiple IP Addresses
Configuring the Virtual Host
Name-Based Virtual Hosts
Port-Based Virtual Hosts
Bulk Virtual Hosting
Per-vhost Configuration Files
mod_vhost_alias
Running Multiple Daemons
Summary
II. Advanced Configuration Techniques
8. MIME and File Types
MIME and HTTP
MIME Types Configuration Directives
MIME Types Configuration
TypesConfig
AddType
RemoveType
DefaultType
ForceType
Encoding
AddEncoding
RemoveEncoding
Character Sets and Languages
AddCharset
RemoveCharset
AddLanguage
RemoveLanguage
DefaultLanguage
Files with Multiple Extensions
Handlers
Summary
9. URL Mapping
Location
Alias
ScriptAlias
AliasMatch and ScriptAliasMatch
Redirect
RedirectMatch
RedirectTemp and RedirectPermanent
DocumentRoot
Error Documents
URL Rewriting
Summary
10. Content Negotiation
Client Preference
Accept Headers
Quality Factor
Negotiation Methods
Type Map File
MultiViews
Noncompliant Browsers
Caching
Summary
11. Directory Indexing
DirectoryIndex
Options +Indexes
IndexOptions—”Fancy” Indexing
IndexOptions Syntax
FancyIndexing
DescriptionWidth
AddIcon
AddIconByType
AddIconByEncoding
DefaultIcon
FoldersFirst
HTMLTable
Icon Dimensions
IconsAreLinks
IgnoreClient
NameWidth
ScanHTMLTitles
SuppressColumnSorting
SuppressDescription
SuppressHTMLPreamble
SuppressIcon
SuppressLastModified
SuppressRules
SuppressSize
TrackModified
VersionSort
AddDescription
Headers and Footers
Ignoring Files
Searching and Sorting
Sorting in Version 1.3
Sorting in Version 2.0
IndexOrderDefault
Examples
Example 1
Example 2
Indexing Security Concerns
Summary
12. Apache on Microsoft Windows
Requirements
Downloading
Installation
Installing as a Service
Starting and Stopping Your Server
Starting and Stopping in Win9x
Running as a Console Application
Running as a Service
Modules
Differences Between Apache on Windows and Unix
Threading Versus Prefork
MaxRequestsPerChild
CGI Scripts
.htaccess Files
File Paths
Summary
13. Performance Tuning
Optimize the Right Thing
ApacheBench
Profiling
Hardware Requirements
Memory
Disk
CPU
Apache Configuration
HostnameLookups
Symlinks
AllowOverride and .htaccess Files
Content Negotiation
Process Creation
Caching and Proxying
mod_proxy
Squid
Summary
III. Dynamic Content
14. Handlers and Filters
Handlers
Configuration
AddHandler
SetHandler
RemoveHandler
Action
default-handler
send-as-is
cgi-script
imap-file
Client-Side Image Maps
Server-Side Image Maps
server-info
server-status
server-parsed
type-map
Custom Handlers
Filters
Configuration for Filters
AddInputFilter
SetInputFilter
AddOutputFilter
SetOutputFilter
INCLUDES Filter
Summary
15. CGI Programs
Apache Configuration
Options ExecCGI
AddHandler cgi-script
SetHandler cgi-script
ScriptAlias
The Anatomy of a CGI Program
Input
Environment Variables
Standard Environment Variables
Other Environment Variables
Form Input
Form Tag
Text Input
Password Fields
Radio Buttons
Checkbox
Select List
Textarea
Hidden Form Fields
Submit Buttons
Reset Buttons
GET Requests
POST Requests
Decoding Form Data
Output
Example Programs
Simple CGI program—Perl
The Source
An Explanation
Getting It Working
CGI Programs on Microsoft Windows
Troubleshooting Common Problems
Permissions
Syntax Errors
Invalid Headers
Asking a Newsgroup for Help
Limitations of CGI
Summary
16. Server-Side Includes
Configuration for SSI
Enabling SSI by File Extension
Changing Filenames
Don't Expose the Mechanism
Using the XBitHack Directive
Using SSI Directives
config
errmsg
sizefmt
timefmt
echo
exec
fsize
flastmod
include
printenv
Variables and Flow Control with SSI
Security Considerations
Summary
17. mod_perl
What Is mod_perl?
How Does It Work?
Installation
The “Simple” Form
The Gory Details
Start It Up!
Configuration
PerlRequire
CGI Under mod_perl
Apache::Registry
Configuration
Caveats
Apache::PerlRun
Configuration
What It Does
Comparing Performance
Apache Handlers with mod_perl
Writing a mod_perl Handler
Example mod_perl Handlers
Installing the Example mod_perl Handler
Configuring the mod_perl Handler
An Example That Is a Little More Useful
Common Problems
Don't Exit!
Restart the Server
Where Did You Get That Value?
mod_perl on Windows
Where To Get More Information
Summary
18. PHP
What Is PHP?
PHP History
PHP Architecture
PHP Advantages and Disadvantages
Advantages
Drawbacks of PHP
Language Comparison
Java
Perl
ASP
Downloading and Installing PHP
Installing Binary Packages
Installing PHP from Source Code
Getting PHP
Compiling PHP
PHP Extensions
General Options
Graphics Support
Flash Animation
PDF Generation
Database Support
XML Support
Session Support
PHP Configuration
PHP Language
Error Manipulation
Output Manipulation
Security
Dynamic Extension Support
Resources
PHP
Support
PHP Books
Web Sites
PHP GTK
Commercial Vendors
Summary
IV. Security and Auditing
19. Apache Security
Developing a Security Strategy
Understanding *nix File Permissions
Users and Groups
The Apache User
User Permissions
Limit Modules
Do You Really Need FrontPage Extensions?
Cautious Server-Side Includes Usage
Cautious .htaccess Usage
Password Protection
Using a Staging Server
Special Issues for Virtual Hosts
Special Issues for Windows and Apache
Summary
20. Security in Dynamic Content
Understanding Security Risks in Dynamic Content
Compiled Versus Parsed Dynamic Content
Writing Safer Dynamic Content
To cgi-bin or Not
Common Mistakes
Perl
PHP
C and C++
Wrappers
CGIWrap
URL Rewriting Engine
Mod_rewrite and CGIWrap
suEXEC
Checking Code in Existing Scripts
Special Issues with Windows CGI
Summary
21. Authentication, Authorization, and Access Control
Basic Authentication
How Basic Authentication Works
Configuration: Protecting Content with Basic Authentication
Create a Password File
Set the Configuration to Use This Password File
Optionally, Create a Group File
Frequently Asked Questions About Basic Authentication
How Do I Log Out?
How Can I Change What the Password Box Looks Like?
How Do I Make It Not Ask Me for My Password the Next Time?
Why Does It Sometimes Ask Me for My Password Twice?
Security Caveat
Digest Authentication
How Digest Authentication Works
Configuration: Protecting Content with Digest Authentication
Creating a Password File (Digest Authentication)
Set the Configuration to Use This Password File (Digest Authentication)
Optionally, Create a Group File (Digest Authentication)
Caveats
Database Authentication Modules
mod_auth_db and mod_auth_dbm
Berkeley DB Files
Installing mod_auth_db
Protecting a Directory with mod_auth_db
Create the User File
Creating Your User File with Perl
Configuration Apache to Use This Password File
Optionally, Create a Group File
Access Control
Allow and Deny
Satisfy
Summary
22. SSL
Cryptography
Confidentiality
Symmetric Cryptography
Public Key Cryptography
Integrity
Message Authentication Codes
Authentication
Certificates
Introduction to SSL
SSL Overview
Installing SSL
OpenSSL
Windows
Unix
Installing from Source
mod_ssl
Windows
Unix
Installing from Source
Certificates
Creating a Key Pair
Creating a Certificate Signing Request
Creating a Self-Signed Certificate
SSL Configuration
Algorithms
Client Certificates
Performance
Logging
SSL Options
Name-Based Virtual Hosts
Further Reading
Summary
23. Web Spiders
What Are Spiders?
Spiders: The Good and the Bad
Server Overloading
Black Holes
Recognizing Spiders in Your Log Files
Excluding Spiders from Your Server
Robot Exclusion with robots.txt
The ROBOTS Meta Tag
Contacting the Operator
Blocking a Spider by Address
Blocking a Spider by Deny from Env
Writing Your Own Spider
Summary
24. Logging
access_log
Location and Format of the access_log File
LogFormat
CustomLog
Error Logs
Location of the Error Log
What's in It?
Document Errors
CGI Errors
Watching the Error Log
Log File Analysis
What Your Log Files Can Tell You
What Your Log Files Don't Tell You
Getting Useful Statistics From Your Logs
Parsing the Log Files Yourself
Logging to a Process
Rotating Your Log Files
Logfile::Rotate
logrotate
Logging for Multiple Virtual Hosts
Summary
V. Modules
25. Introduction to Apache Modules
The Apache API
Installing Modules
Building the Module into httpd
Advantages and Disadvantages
How to Install a Module
Dynamic Shared Objects
Advantages and Disadvantages
Installing Modules As Shared Objects
Summary
26. Modules Included with Apache
The Modules
mod_access
mod_actions
mod_alias
mod_asis
mod_auth
mod_auth_anon
mod_auth_db
mod_auth_dbm
mod_auth_digest
mod_autoindex
mod_cern_meta
mod_cgi
mod_digest
mod_dir
mod_env
mod_example
mod_expires
mod_headers
mod_imap
mod_include
mod_info
mod_log_agent
mod_log_config
mod_log_referer
mod_mime
mod_mime_magic
mod_mmap_static
mod_negotiation
mod_proxy
mod_rewrite
mod_setenvif
mod_so
mod_speling
mod_status
mod_unique_id
mod_usertrack
mod_vhost_alias
Installing or Omitting a Standard Module
Apache 2.0
Summary
27. Special-Purpose Apache Modules
Finding Apache Modules
modules.apache.org
CPAN
Search for Them
Announce Mailing List
Examples of Modules
User Authentication with LDAP
Photo Album
Summary
VI. Appendixes
A. The Apache Software License
B. Configure Command-Line Options
C. Regular Expressions
D. mod_perl Example Code
mod_perl Form Handler Code
E. Apache History
Before the Beginning
In the Beginning
Who's Responsible?
What's Happened Recently
Why It Works So Well
Summary
F. Where to Get More Information
Web Resources
ApacheAdmin.com
The Apache Server Web Site
Apache Week
Apache Server Web Ring
Usenet
comp.infosystems.www.servers.*
comp.infosystems.www.authoring.cgi
Mailing Lists
hwg-servers
hwg-languages
Apache Week Mailing Lists
Print
Summary
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
24. Logging
Next
Next Chapter
25. Introduction to Apache Modules
Part V. Modules
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset