Gmina Gostyń2323232 321 PsVM.7620 321 321 321 13 321 15 25 321 3 321 321 PWM • 7620 ...
INFO 321 Server Technologies II
description
Transcript of INFO 321 Server Technologies II
![Page 1: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/1.jpg)
1
INFO 321 Weeks 5-6
1
INFO 321Server Technologies II
![Page 2: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/2.jpg)
2
INFO 321 Weeks 5-6
2
Apache
◊ Apache is synonymous with a web server app, but the Apache HTTP Server is just one project of the ten-year-old Apache Software Foundation (ASF)• There are dozens of Foundation projects • They state “We consider ourselves not simply
a group of projects sharing a server, but rather a community of developers and users.”
Material from http://httpd.apache.org/ and notes by Dr. Randy Kaplan
![Page 3: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/3.jpg)
3
Overview◊ This set of notes is divided into these sections
• Web Server functionality• Choosing a web server• Installing Apache• Running Apache• Virtual Hosting• Authentication• Indexing• Alias and Redirect• Proxying
![Page 4: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/4.jpg)
4
INFO 321 Weeks 5-6
4
Web Server functionality
![Page 5: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/5.jpg)
5
INFO 321 Weeks 5-6
5
Web Server protocols◊ The main purpose of a web server is to
handle HTTP and related protocols• DNS• FTP• HTTPS• Gopher, Telnet, etc. are also possible
◊ For more info on these protocols, see the chapter 2 notes for INFO 330
![Page 6: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/6.jpg)
6
INFO 321 Weeks 5-6
6
Web Server protocols◊ DNS uses UDP as its transport layer
protocol• Connectionless, unreliable
◊ The other protocols use TCP for transport• Connection oriented between host computers • Reliable
◊ All protocols work by passing text messages back and forth
![Page 7: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/7.jpg)
7
INFO 321 Weeks 5-6
7
Web Server Wish List◊ Run fast
◊ Handle lots of requests with minimal hardware
◊ Support multitasking• Deal with more than one request at a time• Need to maintain workload without shutting
the server down
◊ Authenticate requestors
![Page 8: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/8.jpg)
8
INFO 321 Weeks 5-6
8
Web Server Wish List
◊ Respond to errors in the messages it gets, and tell what is going on
◊ Negotiate a style and language of response with the requestor
◊ Support a variety of formats
◊ Run as a proxy server
◊ Be secure
![Page 9: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/9.jpg)
9
INFO 321 Weeks 5-6
9
What Does a Web Server Do?
◊ Translate a URL into a file name or a program name• If a file – return the file over the Internet• If a program – run the program, and send the
output back over the Internet
◊ URL = Uniform Resource Locator• Has three parts –
<scheme>://<host>/<path>
![Page 10: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/10.jpg)
10
INFO 321 Weeks 5-6
10
How Does Apache Work?
◊ Runs under a suitable multitasking operating system• Binary is called httpd under Unix• Binary is called apache.exe under Win32
◊ Each copy of httpd or apache.exe has its attention directed at a web site• For our purposes, the web site is a directory
![Page 11: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/11.jpg)
11
INFO 321 Weeks 5-6
11
Apache and TCP/IP
◊ A computer has a connection to the outside world, called an interface• Identify interface by a socket or port number
◊ The server decides how to handle different requests because the four byte (32 b) IPv4 address that leads the request to its interface is followed by a two byte (16 b) port number
![Page 12: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/12.jpg)
12
INFO 321 Weeks 5-6
12
Apache and TCP/IP
◊ Requests arrive on an interface for a number of different services offered by the server using different protocols• Network News Transfer Protocol (NNTP)• Simple Mail Transfer Protocol (SMTP)• Domain Name Service (DNS)• HTTP (WWW)
![Page 13: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/13.jpg)
13
INFO 321 Weeks 5-6
13
Apache and TCP/IP
◊ Different services attach to different ports• NNTP: port number 119• SMTP: port number 25• DNS: port number 53• HTTP: port number 80
![Page 14: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/14.jpg)
14
INFO 321 Weeks 5-6
14
Apache and TCP/IP◊ UNIX/Linux
• Port numbers below 1024 can only be used by the superuser (root)
• Prevents other users from running programs masquerading as standard services
◊ Win32• Under Win32 there is currently no security
directly related to port numbers and no superuser
![Page 15: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/15.jpg)
15
INFO 321 Weeks 5-6
15
How Does Apache Work?
◊ Idling state –• Listens to the IP addresses specified in its
config files (important foreshadowing…)
• When a request appears –Apache receives it and analyzes the headersApplies the rules in the config fileTakes the appropriate action
![Page 16: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/16.jpg)
16
INFO 321 Weeks 5-6
16
How HTTP Clients Work
◊ When a URL (beginning http://) is sent to a browser,• The browser reads ‘http:’ and determines it
should be using the HTTP protocol to communicate with web servers
• A name server (DNS) is contacted to translate the host name in a URL to an IP address
![Page 17: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/17.jpg)
17
INFO 321 Weeks 5-6
17
Apache and Domain Servers
◊ It is the role of the DNS (Domain Name Server) to translate a computer’s telephone number (IP address) into a human readable (and memorable) name
![Page 18: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/18.jpg)
18
INFO 321 Weeks 5-6
18
DNS Errors
◊ Suppose Apache is given a URL which does not have a trailing /• Apache will add a trailing / and try to access
the URL again (called redirection)• Then use DNS to resolve the IP address
![Page 19: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/19.jpg)
19
INFO 321 Weeks 5-6
19
Handling Multiple Web Sites
◊ The utility ifconfig binds IP addresses to physical interfaces (e.g. Ethernet ports)• ifconfig also allows binding multiple IP
addresses to a single interface
◊ A client can switch from one IP address to another while maintaining service• This is known as IP Aliasing
![Page 20: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/20.jpg)
20
Choosing a web server
INFO 321 Weeks 5-6
20
![Page 21: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/21.jpg)
21
INFO 321 Weeks 5-6
21
Why choose Apache?◊ Apache has been the dominant web
server app since 1996• Open source enables its source code to be
examined by thousands of eyes• Substantially more reliable• Apache is extensible• Apache is freeware
![Page 22: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/22.jpg)
22
INFO 321 Weeks 5-6
22
Other choices◊ Other web server apps include
• Microsoft IIS or PWS• Google GWS• Lighttpd• Zeus ZWS• nginx• Sun (includes Netscape and Netsite variants)
![Page 23: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/23.jpg)
23
INFO 321 Weeks 5-6
23
Apache market share
◊ Apache has been the leading web server since March 1996, but is losing ground
◊ According to Netcraft surveys• In November 2005, Apache supported 71
percent of domains, more than 50% ahead of Microsoft IIS (20.2 percent) (N=74.6 million)
• By June 2009, Apache had 47.12%, versus Windows (IIS and PWS) had 24.80% of the 238 million domains reporting
![Page 24: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/24.jpg)
24
INFO 321 Weeks 5-6
24
Apache as in Indian?
◊ “The name 'Apache' was chosen from respect for the Native American Indian tribe of Apache (Indé), well-known for their superior skills in warfare strategy and their inexhaustible endurance.” (Apache FAQ)
![Page 25: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/25.jpg)
25
INFO 321 Weeks 5-6
25
Apache version & platforms
◊ Apache is on version 2.2.17 (released Oct 19, 2010) and changes slowly• Most Linux distributions are a little behind the
current release• Old releases (2.0.x and 1.3.x) are maintained
◊ Apache runs on 32-bit Windows flavors, UNIX/Linux, and even NetWare (!)
![Page 26: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/26.jpg)
26
INFO 321 Weeks 5-6
26
Installing Apache
![Page 27: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/27.jpg)
27
INFO 321 Weeks 5-6
27
Apache prereqs
◊ To install Apache, you need:• An Internet connection helps• Disk space – 50 MB to install, about 10 MB to
run, depending on options• An ANSI-C compiler, such as the
GNU C compiler (GCC) from the Free Software Foundation (FSF)The Windows version can obtained in .exe form
![Page 28: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/28.jpg)
28
INFO 321 Weeks 5-6
28
Apache prereqs
• Accurate time keeping such as the ntpdate or xntpd programs Some parts of HTTP are based on time of day, so
some form of NTP support is needed
• Perl5 is needed for a few options• The utilities apr and apr-util need to be
version 1.2Upgrade them separately if needed, but they are
included with Apache source code
![Page 29: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/29.jpg)
29
INFO 321 Weeks 5-6
29
Overview – Apache install◊ Download
• $ lynx http://httpd.apache.org/download.cgi
◊ Extract• $ gzip -d httpd-NN.tar.gz• $ tar xvf httpd-NN.tar• $ cd httpd-NN
◊ Configure• $ ./configure --prefix=PREFIX
![Page 30: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/30.jpg)
30
INFO 321 Weeks 5-6
30
Overview – Apache install◊ Compile
• $ make
◊ Install• $ make install
◊ Customize• $ vi PREFIX/conf/httpd.conf
◊ Test• $ PREFIX/bin/apachectl -k start
![Page 31: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/31.jpg)
31
INFO 321 Weeks 5-6
31
Overview – Apache install
◊ NN must be replaced with the current version number (e.g. 2.2.17)
◊ PREFIX must be replaced with the file system path under which the server should be installed• If PREFIX is not specified, it defaults to /usr/local/apache2
![Page 32: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/32.jpg)
32
INFO 321 Weeks 5-6
32
Download
◊ Most UNIX/Linux users will want to download Apache and compile it locally
◊ After download, use PGP to verify the download’s integrity, e.g.• % pgp -ka KEYS• % pgp apache_1.3.24.tar.gz.asc
◊ This verifies against the MD5 or PGP message digest ASCII file
![Page 33: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/33.jpg)
33
INFO 321 Weeks 5-6
33
Extract
◊ This set of steps decompresses the tarball, extracts the tarball, and changes to the source code directory• $ gzip -d httpd-NN.tar.gz• $ tar xvf httpd-NN.tar• $ cd httpd-NN
◊ Notice this is using the tar command we saw in the Backup section
![Page 34: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/34.jpg)
34
INFO 321 Weeks 5-6
34
Configure
◊ Now things get messy!
◊ The basic configure script, if you’re using the default PREFIX, can be run using• $ ./configure
◊ The configure script allows you to select which features are active on your host• You can also change where specific files
are installed, for example
![Page 35: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/35.jpg)
35
INFO 321 Weeks 5-6
35
Apache architecture
◊ Apache is a modular server• This implies that only the most basic
functionality is included in the ‘core’ server Even core functionality can be disabled
• Extended features are available through modules which can be loaded into Apache
![Page 36: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/36.jpg)
36
INFO 321 Weeks 5-6
36
Apache architecture
◊ By default, a base set of modules is included in the server at compile-time• If the server is compiled to use
dynamically loaded modules, then modules can be compiled separately and added at any time using the LoadModule directive
• Otherwise, Apache must be recompiled to add or remove modules
![Page 37: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/37.jpg)
37
INFO 321 Weeks 5-6
37
Some types of module status◊ Base
• A module having "Base" status is compiled and loaded into the server by default
◊ Extension • A module with "Extension" status is not normally
compiled and loaded into the server; to enable the module and its functionality, you need to change the server build configuration files and re-compile Apache
◊ External • Modules which are not included with the base Apache
distribution ("third-party modules") may use the "External" status
![Page 38: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/38.jpg)
38
INFO 321 Weeks 5-6
38
Apache architecture
◊ Apache terminology note:• Features are implemented by modules, which
are installed or not with your copy of Apache• Once installed, they can be enabled or
disabled to allow them to run or not• Dozens of modules are enabled by default,
so you’d have to explicitly disable themThe most dangerous one is --disable-http
![Page 39: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/39.jpg)
39
INFO 321 Weeks 5-6
39
Apache architecture
• Likewise, many modules are disabled by default, so you have to enable them explicitlyFor example, --enable-ssl enables support for
SSL/TLS provided by mod_ssl
◊ Be very careful, misspelled features are ignored, without error message!• --enable-sssl will do nothing
![Page 40: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/40.jpg)
40
INFO 321 Weeks 5-6
40
Configure script vs. file
◊ KEY POINT: Apache has a configure script which enables modules• ./configure
◊ And a configuration file (or several) which contain directives• PREFIX/conf/httpd.conf
◊ Both are very important and powerful tools, but are completely separate!
![Page 41: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/41.jpg)
41
INFO 321 Weeks 5-6
41
Configure
◊ The general syntax for enabling and disabling is• --disable-FEATURE
Do not include FEATURE; This is the same as --enable-FEATURE=no
• --enable-FEATURE[=ARG] Include FEATURE; the default value for ARG is
yes
![Page 42: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/42.jpg)
42
INFO 321 Weeks 5-6
42
Configure
◊ Less often used enabling options include• --enable-MODULE=shared
The corresponding module will be build as a DSO (dynamically shared) module; will be enabled if you use the --enable-mods-shared option
• --enable-MODULE=static By default, enabled modules are linked statically;
you can force this explicitly
![Page 43: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/43.jpg)
43
INFO 321 Weeks 5-6
43
Packages
◊ The configure script can invoke packages, which are typically third party features• --with-PACKAGE[=ARG]
Use the package PACKAGE; the default value for ARG is yes
◊ Often these tell where to find specific libraries or databases
![Page 44: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/44.jpg)
44
INFO 321 Weeks 5-6
44
Environment variables
◊ The configure script can also set environment variables
◊ These mostly describe what C compiler or flags to use, or the location of compile libraries
![Page 45: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/45.jpg)
45
INFO 321 Weeks 5-6
45
./configure summary
◊ So the Apache configure script controls which modules are enabled or not
◊ When an ISP tells you they support SSL, Perl, etc., they are implying which modules they installed (if they’re using Apache)
![Page 46: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/46.jpg)
46
INFO 321 Weeks 5-6
46
Build and Install
◊ $ make
◊ $ make install
◊ These are the traditional Unix commands to build and install an app
◊ They’ll take a while, especially make, since it includes compiling all the source code
![Page 47: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/47.jpg)
47
INFO 321 Weeks 5-6
47
Customize
◊ The file PREFIX/conf/httpd.conf is a customization focal point for Apache
◊ Apache is configured by placing directives in plain text configuration files • Apache configuration files contain one
directive per line httpd.conf is the main file, but other config files
can be linked from it via an Include directive
![Page 48: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/48.jpg)
48
INFO 321 Weeks 5-6
48
Apache configuration
◊ Webmaster’s main control over Apache is through the config file
◊ The webmaster has 412 directives at their disposal• We’ll get to this soon… • No, not all of them
![Page 49: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/49.jpg)
49
INFO 321 Weeks 5-6
49
Apache directory structure
◊ First steps• In Apache, what exactly is a “web site”• A web site is a directory somewhere on the
server• Every Apache web site directory contains at
least three (and maybe a fourth) subdirectories
![Page 50: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/50.jpg)
50
INFO 321 Weeks 5-6
50
Apache directory structure◊ Regardless of OS, a site directory has
• confContains the important configuration file httpd.conf
• htdocsContains the HTML documents, images, data and
other files to be served up to the site’s clientsThese directories and subdirectories, the web
space, are accessible to anyone on the Web
![Page 51: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/51.jpg)
51
INFO 321 Weeks 5-6
51
Apache directory structure
• logsContains the log files – history of accesses and
errors
• cgi-binContains CGI scripts that are neededIf you don’t use scripts (CGI) you don’t need this
directory
![Page 52: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/52.jpg)
52
INFO 321 Weeks 5-6
52
Running Apache
![Page 53: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/53.jpg)
53
Running Apache from the Command Line
◊ If the conf subdirectory is not the default location (it usually is not), you need to tell Apache where it is
httpd –d /usr/wwww/APACHE3/example.site
![Page 54: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/54.jpg)
54
When Apache is started
◊ It sits and waits in the background, waiting for a client’s request to arrive• After all, it’s a server app!
◊ When a request arrives, Apache attempts to respond to it or generates an error and places this in the log file
![Page 55: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/55.jpg)
55
Configuration File
◊ Apache has a default configuration file• This file covers almost every option that
Apache supports• It is quite complicated
◊ It is better, at least in the beginning, to create your own, simpler configuration file
![Page 56: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/56.jpg)
56
Firing up the server
◊ Suppose we have a web site contained in a folder named 321
◊ The command to run Apache hosting this web site would be –
httpd –d /usr/local/apache2/htdocs/321
◊ If you will use this command a lot it is good idea to create a script file that contains it
![Page 57: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/57.jpg)
57
INFO 321 Weeks 5-6
57
If all goes well …
◊ Look in /usr/local/apache2* for the new executables• * Or wherever your PREFIX is
◊ Use ls –l to see the timestamps
![Page 58: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/58.jpg)
58
Killing Apache◊ To kill Apache, you must kill the main
process and all of its children
◊ One way to accomplish this is to get all processes with the name httpd
ps awlx | grep httpd◊ And then kill all of the poor innocent
helpless processes –
killall httpd
![Page 59: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/59.jpg)
59
Killing the server …
![Page 60: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/60.jpg)
60
Killing the server … gracefully
◊ A utility (program) is supplied with Apache called apachectl (= Apache control?)
◊ It can be used to start and stop Apache and perform other utility operations
![Page 61: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/61.jpg)
61
apachectl
◊ Syntax is◊ /usr/local/apache2/bin apachectl (start|stop|restart|fullstatus|status| graceful|configtest|help)
◊ start start httpd
◊ stop stop httpd
◊ restart restart httpd if running
![Page 62: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/62.jpg)
62
apachectl ◊ /usr/local/apache2/bin apachectl (start|stop|restart|fullstatus|status| graceful|configtest|help)
◊ fullstatus dumps a full status screen◊ status dumps a short status screen◊ graceful do a graceful restart or start if
not running◊ configtest do a configuration syntax test◊ help display command listing
![Page 63: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/63.jpg)
63
Default Problems◊ If you get the message –fopen: No such file or directory
httpd: could not open error log file …
◊ Then to httpd.conf add the line –
Errorlog logs/error_log
![Page 64: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/64.jpg)
64
Default Problems
◊ If Apache still fails to start, and you get a message in /logs/error_log:
… No such file or directory.: could not open mime types …
◊ In the httpd.conf file add the line –
TypesConfig conf/mime.types
![Page 65: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/65.jpg)
65
Default Problems◊ If Apache still fails to start, and you get this
message in the /log/error_log file –fopen: no such file or directory
httpd: could not log pid to file …
◊ In httpd.conf you need to add the line –
PIDFile logs/httpd.pid
![Page 66: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/66.jpg)
66
A Small But Complete httpd.conf
user webroot
Group webgroup
ServerName myServerName
DocumentRoot /usr/local/apache2/htdocs/
# to fix common problems, uncomment these
#ServerRoot /usr/local/apache2/htdocs
#ErrorLog logs/error_log
#PIDFile logs/httpd.pid
#TypesConfig conf/mime.types
![Page 67: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/67.jpg)
67
A Complete Minimal File
![Page 68: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/68.jpg)
68
Testing to See the Server
◊ In a command line, type
telnet myServerName 80
◊ Response should be –
Trying to connect to 192.168.2.223
Connected to myServerName.my.domain
Escape character is ‘^]’
![Page 69: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/69.jpg)
69
Testing to See the Server◊ Type –GET / HTTP/1.0 <CR><CR>
◊ You should see –HTTP/1.0 200 OKSat, 28 Jan 2006 23:49 GMTServer: Apache/1.3Connection: closeContent-Type: text/html
![Page 70: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/70.jpg)
70
httpd.conf Directives
◊ ServerName• Gives the hostname of the server to use when
creating redirection URLs
◊ DocumentRoot• Directory from which Apache will serve files• Default: /usr/local/apache2/htdocs
![Page 71: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/71.jpg)
71
httpd.conf Directives
◊ ServerRoot• Where conf and logs can be found• Default: /usr/local/etc/httpd
◊ ErrorLog• The name of the file to which the server will
log any errors it encounters• Default: Errorlog logs/error_log
![Page 72: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/72.jpg)
72
httpd.conf Directives
◊ PIDFile• Allows the location of the file containing the
PID to be changed• Default: logs/httpd.pid
◊ TypesConfig• Path and filename to find the mime.types file if
it is not in the default location• Default: conf/mime.types
![Page 73: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/73.jpg)
73
httpd.conf Directives
◊ LoadModule• Links in the specified object file or library• Adds the module structure to the list of active
modules
◊ AddModule• Enables a module that has been compiled
into Apache but is not in use
![Page 74: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/74.jpg)
74
INFO 321 Weeks 5-6
74
Virtual Hosting
![Page 75: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/75.jpg)
75
Virtual Hosts
◊ Let’s make the following assumptions –• We run a business that has been running a
web site• We are ready to expand and have a need for
more than one web site• As our business has grown we need to set up
an Intranet for employees• The existing web server (Extranet) is for
customers
![Page 76: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/76.jpg)
76
Virtual Hosts
◊ Two approaches• Approach 1
Run a single copy of ApacheMaintain two web sites as virtual sites
• Approach 2Run two copies of ApacheEach copy maintains a single siteAllows optimization of Apache to a web site
![Page 77: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/77.jpg)
77
Name-based Virtual Hosts
◊ Preferred method of managing virtual hosts
◊ Takes advantage of the ability of HTTP 1.1 compliant browsers
◊ Browser supports host header – specifies the name of the site they want to access
![Page 78: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/78.jpg)
78
Sample Config FileUser webuserGroup webgroup
NameVirtualHost 192.168.123.2
<VirtualHost www.MyCompany.com>ServerName www.MyCompany.comServerAdmin [email protected] /usr/local/apache2/site1.virtual/htdocs/extranetErrorLog /usr/local/apache2/site1.virtual/htdocs/logs/error_logTransferLog /usr/local/apache2/site1.virtual/htdocs/logs/access_log</VirtualHost>
<VirtualHost intranet.MyCompany.com>ServerName intranet.MyCompany.comServerAdmin [email protected] /usr/local/apache2/site2.virtual/htdocs/intranetErrorLog /usr/local/apache2/site2.virtual/htdocs/logs/error_logTransferLog /usr/local/apache2/site2.virtual/htdocs/logs/access_log</VirtualHost>
Key directive
Tells Apache that requests to the IP will be subdivided by name
![Page 79: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/79.jpg)
79
NameVirtual Host◊ Key directive tells Apache that requests to
that IP number will be subdivided by name
◊ The ServerName directive provides a name for Apache to return to the client
◊ NameVirtualHost allows you to specify –• IP addresses of your name-based virtual host• A port number can be added if necessary
![Page 80: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/80.jpg)
80
NameVirtualHost
◊ If an IP address is added it needs to match the IP address at the top of a <VirtualHost> block
◊ A ServerName directive must be included
◊ The ServerName directive must be followed by a registered name
![Page 81: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/81.jpg)
81
Resolving a Virtual Host
◊ When Apache receives a request to a named host –• The <VirtualHost> blocks are scanned for a
match of the IP address declared with a NamedVirtualHost directive to find one that includes the requested servername
![Page 82: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/82.jpg)
82
IP-Based Virtual Hosts
◊ Because the web is primarily IP addressed based, it makes sense to be able to do IP-based virtual hosting
◊ The next config file accomplishes this style of virtual hosting
![Page 83: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/83.jpg)
83
IP-Based Virtual HostingUser webuserGroup webgroup
<VirtualHost www.MyCompany.com>ServerName www.MyCompany.comServerAdmin [email protected] /usr/local/apache2/site1.virtual/htdocs/extranetErrorLog /usr/local/apache2/site1.virtual/htdocs/logs/error_logTransferLog /usr/local/apache2/site1.virtual/htdocs/logs/access_log</VirtualHost>
<VirtualHost intranet.MyCompany.com>ServerName intranet.MyCompany.comServerAdmin [email protected] /usr/local/apache2/site2.virtual/htdocs/intranetErrorLog /usr/local/apache2/site2.virtual/htdocs/logs/error_logTransferLog /usr/local/apache2/site2.virtual/htdocs/logs/access_log</VirtualHost>
![Page 84: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/84.jpg)
84
IP-Based Virtual Hosting
◊ What’s Different?• No NameVirtualHost directive• Need ServerName directive
![Page 85: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/85.jpg)
85
Mixed Name/IP-Based Virtual Hosts
◊ In this case some of our virtual web sites will be accessed via name and others will be access via IP addresses
◊ A useful approach when wanting to set up a web site for testing and limited exposure• The typical user will have no need to access a
web site by IP address
![Page 86: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/86.jpg)
86
Mixed Name/IP-Based Virtual HostsUser webuser
Group webgroup
NameVirtualHost 192.168.123.2
<VirtualHost www.MyCompany.com>ServerAdmin [email protected] /usr/local/apache2/site1.virtual/htdocs/extranetErrorLog /usr/local/apache2/site1.virtual/htdocs/logs/error_logTransferLog /usr/local/apache2/site1.virtual/htdocs/logs/access_log</VirtualHost>
<VirtualHost intranet.MyCompany.com>ServerAdmin [email protected] /usr/local/apache2/site2.virtual/htdocs/intranetErrorLog /usr/local/apache2/site2.virtual/htdocs/logs/error_logTransferLog /usr/local/apache2/site2.virtual/htdocs/logs/access_log</VirtualHost>
<VirtualHost 192.168.123.3>ServerName test-new.MyCompany.comServerAdmin [email protected] /usr/local/apache2/site3.virtual/htdocs/new-testErrorLog /usr/local/apache2/site3.virtual/htdocs/logs/error_logTransferLog /usr/local/apache2/site3.virtual/htdocs/logs/access_log</VirtualHost>
![Page 87: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/87.jpg)
87
Authentication
![Page 88: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/88.jpg)
88
Authentication
◊ Client sends username and password to Apache• Apache determines if the user is a valid one
for access to the web site
◊ Access to a site or database can be controlled precisely by the web master
![Page 89: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/89.jpg)
89
Authentication
◊ Can also be given to groups• Groups can be given or denied access as a
whole
◊ Let’s make the following assumption –• Bill and Ben are the group directors in our
business• Betsy and Mike are in the group staff• Password will be “password” for all
![Page 90: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/90.jpg)
90
AuthenticationUser webuserGroup webgroup
NameVirtualHost 192.168.123.2
<VirtualHost www.MyCompany.com>ServerAdmin [email protected] /usr/local/apache2/site1.virtual/htdocs/extranetErrorLog /usr/local/apache2/site1.virtual/htdocs/logs/error_logTransferLog /usr/local/apache2/site1.virtual/htdocs/logs/access_log</VirtualHost>
<VirtualHost intranet.MyCompany.com>ServerAdmin [email protected] /usr/local/apache2/site2.virtual/htdocs/intranetErrorLog /usr/local/apache2/site2.virtual/htdocs/logs/error_logTransferLog /usr/local/apache2/site2.virtual/htdocs/logs/access_log
<Directory DocumentRoot /usr/local/apache2/site2.virtual/htdocs/intranet>AuthType BasicAuthName darknessAuthUserFile /usr/local/apache2/validUsers/intranetUsersAuthGroupFile /usr/local/apache2/validGroups/intranetGroupsRequire valid-user</Directory>
</VirtualHost>
![Page 91: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/91.jpg)
91
Authentication◊ Let’s examine the new part in detail:
<Directory DocumentRoot /usr/local/apache2/site2.virtual/htdocs/intranet>AuthType BasicAuthName darknessAuthUserFile /usr/local/apache2/validUsers/intranetUsersAuthGroupFile /usr/local/apache2/validGroups/intranetGroupsRequire valid-user</Directory>
![Page 92: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/92.jpg)
92
Authentication◊ AuthType Basic –
• Turns on authentication (a key directive), and specifies the type thereof (Basic, not MD5)
• Requires AuthName, AuthUserFile, and AuthGroupFile to be specified as well
◊ AuthName directive• Gives the name of the realm in which users’
names and passwords are valid• If more than one, enclose in quotes (“”)
![Page 93: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/93.jpg)
93
Authentication
◊ AuthUserFile directive• Contains usernames and encrypted
passwords
◊ AuthGroupFile directive• Contains the correspondence between users
and groups
![Page 94: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/94.jpg)
94
Authentication – Passwords
◊ Passwords are managed by the Apache utility htpasswd
◊ Find the source for this utility in the support subdirectory of the Apache directory tree
◊ Compiled with –• make htpasswd
![Page 95: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/95.jpg)
95
htpasswd
◊ Once compiled we can ask it for some help
htpasswd -?
◊ This will return (as usual) the use of the command and the options supported in the command line
![Page 96: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/96.jpg)
96
htpasswd
Usage:htpasswd [-cmdps] passwordfile usernamehtpasswd –b[cmdps] passwordfile username password
-c Create a new file-m Force MD5 encryption of the password-d Force CRYPT encryption of the password (default)-p Do not encrypt the password – plaintext-s Force SHA encryption of the password-b Use the password from the command line rather than prompting for
it
![Page 97: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/97.jpg)
97
htpasswd◊ Example –htpasswd –m –c /usr/local/apache2/validUsers/intranetUsers bill
◊ Once this command is entered you will be prompted for the password twice• You might have a look in the password file to see
what was entered there
◊ If you use the –c option on an existing password file, a new one will be created without warning, so be careful when using this option
![Page 98: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/98.jpg)
98
Other approaches to control access
◊ Apache provides directives to control access precisely
◊ These include –• Allow• Deny• Order
![Page 99: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/99.jpg)
99
Allow from directive◊ allow from host host … directory, .htaccess◊ Controls access to a directory◊ Host can be one of the following –
• all – all hosts are allowed access• A partial domain name
Hosts whose names match or end in this string are allowed access
• A full IP addressUsed to restrict to subnets1 – 3 bytes of the IP are used
• Network/netmask pair• Network CIDR specification (some number of bits)
![Page 100: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/100.jpg)
100
Allow from env directive◊ Controls access by the existence of a
named environment variable, for exampleBrowserMatch ^KnockKnock/2.0 let_me_in
<Directory /docroot>
order deny, allow
deny from all
allow from env=let_me_in
</Directory>
![Page 101: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/101.jpg)
101
Allow from env directive
BrowserMatch ^KnockKnock/2.0 let_me_in
◊ This is a directive that sets an environment variable, let_me_in
◊ The pattern to be matched to set the environment variable is ^KnockKnock/2.0
![Page 102: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/102.jpg)
102
Deny from directive◊ Controls access by host, such as:deny from host hostWhere host can be one of the following –all
all hosts are denied accessA partial domain name
all hosts whose name match or end in this string are denied accessA full IP address
the first one to three bytes are denied access, for subnet restrictionA network/netmask pair
network a.b.c.d and netmask w.x.y.z are denied access
![Page 103: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/103.jpg)
103
Deny from env directive
◊ Controls access by the existence of a named environment variable, for example
BrowserMatch ^BadRobot/0.9 go_away
<Directory /docroot>
order allow, deny
allow from all
deny from env=go_away
</Directory>
![Page 104: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/104.jpg)
104
Order directive
◊ Usage
order ordering
◊ The ordering argument is one word• Controls the order in which the foregoing
allow or deny directives are applied• If two order directives apply to the same
host, the last one to be evaluated prevails
![Page 105: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/105.jpg)
105
Order directive
◊ Ordering
deny,allow• Deny directives are evaluated for allow
directives (default)
allow,deny• The allow directives are evaluated before the
denys. The user will still be rejected if a deny is encountered
![Page 106: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/106.jpg)
106
Order directive
◊ Ordering
mutual-failure• Hosts that appear on the allow list and do not
appear on any deny list are allowed to access
![Page 107: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/107.jpg)
107
Order directive examplesallow from all
• Lets everyone in
allow from 123.156
deny from all• Denys everyone except those whose IP
addresses happen to begin with 123.156• Allow is applied last
![Page 108: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/108.jpg)
108
Order directive examples
order allow,deny
allow from 123.156
deny from all
◊ The whole site is closed
◊ Deny is applied last
![Page 109: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/109.jpg)
109
Indexing
![Page 110: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/110.jpg)
110
Indexing
◊ An index provides a listing of the files that are in a web site
◊ If no file like index.html is prepared then Apache will prepare its own rudimentary index to access the web site
◊ It is also possible to use Apache to create better indices
![Page 111: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/111.jpg)
111
Indexing
◊ The directive (in the config file) IndexOption makes Apache create an index on the fly
◊ The index will be displayed when there is no file index.html
![Page 112: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/112.jpg)
112
Indexing - Example
◊ Config File
Turn on indexing
![Page 113: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/113.jpg)
113
Indexing (Page Created)
![Page 114: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/114.jpg)
114
Indexing
◊ The directive for indexing is quite complex (lots of options) but it deserves to be examined as it provides valuable functionality
◊ Assume the latest version of Apache
IndexOptions [+|-]option [[+|-]option] …
![Page 115: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/115.jpg)
115
Indexing◊ Options
• DescriptionWidth• FancyIndexing• FoldersFirst• IconHeight• IconWidth• NameWidth• ScanHTMLTitles• SuppressColumnSorting• SuppressDescription• SuppressHTMLPreamble• SuppressLastModified• SuppressSize• TrackModified
• IndexOrderDefault• ReadmeName• FancyIndexing• IndexIgnore• AddIcon• AddAlt• AddDescription• DefaultIcon• AddIconByType• AddAltByType• AddIconBy Encoding• AddAltbyEncoding• HeaderName
![Page 116: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/116.jpg)
116
Indexing
◊ With so many options, which ones are important or more useful?
![Page 117: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/117.jpg)
117
IndexingThe effect of most of these options is apparent from its name
• DescriptionWidth• FancyIndexing• FoldersFirst• IconHeight• IconWidth• NameWidth• ScanHTMLTitles• SuppressColumnSorting• SuppressDescription• SuppressHTMLPreamble• SuppressLastModified• SuppressSize• TrackModified
![Page 118: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/118.jpg)
118
Indexing• IndexOrderDefault
This option is used to specify the ordering of the entries in the index. You can specify ascending, descending, by name, date, size, and description
• ReadmeNameThe ReadmeName is the name of the file that will
be appended to the end of the index listing
• HeaderNameInserts a header, read from a file, at the top of the
page
![Page 119: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/119.jpg)
119
Indexing◊ These options deal with specifying the icons that
are displayed with index entries and the alternate text that is used• AddIcon• AddAlt• AddDescription• DefaultIcon• AddIconByType• AddAltByType• AddIconBy Encoding• AddAltbyEncoding
![Page 120: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/120.jpg)
120
Alias and Redirect
![Page 121: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/121.jpg)
121
Redirection◊ Two directives allow requests to be
shunted around your file system
◊ Directives• Alias• Redirect
◊ These directives allow HTML files to be moved around a file server
![Page 122: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/122.jpg)
122
Alias Directive◊ Alias
• A legitimate purpose of the ALIAS directive is to be able to logically place files around the server
• File could also be placed on other servers• In this way, files can be maintained by their
owners
![Page 123: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/123.jpg)
123
Alias Directive◊ Alias
• Useful directive• Store documents elsewhere
◊ Demonstration• Create a new directory• /usr/local/apache2/htdocs/somewhere_else• Put a file named lost.txt in this directory with the
contents I am somewhere else
• Add the following line to the conf fileAlias /somewhere_else /usr/local/apache2/htdocs/somewhere_else
![Page 124: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/124.jpg)
124
Alias Directive
◊ If you now access this directory via the browser (as a named directory off of the root) you will see the following –
Index of /somewhere_else
. Parent Directory
. lost.txt
![Page 125: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/125.jpg)
125
Alias Directive
◊ Use –Alias url_path directory_or_filename
◊ Map a user’s resource URL to its physical location in the file system
![Page 126: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/126.jpg)
126
AliasMatch
◊ Use –
AliasMatch regex directory_or_filename
◊ Like ScriptAliasMatch
◊ Takes a regular expression as the first argument otherwise it works like Alias
![Page 127: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/127.jpg)
127
Redirect Directive◊ Use –Redirect [status] url-path url◊ Maps an old URL to a new one; the new URL is
returned to the client◊ The client attempts to access the information
again using the new URL, for example –Redirect /service http://foo2.bar.com/service
If the user requests http://myserver/service/foo.txt it will be told to access http://foo2.bar.com/service/foo.txt
![Page 128: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/128.jpg)
128
Redirect Directive◊ If no status argument is given, the status is temporary◊ The status argument can be used to return HTTP status
codes◊ Status –
• permanent Returns a redirect status of 301 indicating the resource has moved
permanently• temp
Returns a redirect status of 302 indicating the resource has move temporarily
• seeother Returns a status 303 indicating the resource has been replaced
• gone Returns a status 410 indicating the resource has been permanently
removed
![Page 129: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/129.jpg)
129
RedirectMatch Directive
◊ Use –
RedirectMatch regex url
◊ Uses a regular expression to specify the resource to be redirected
![Page 130: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/130.jpg)
130
Proxying
![Page 131: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/131.jpg)
131
Proxying◊ Don’t connect a busy web site straight to the
web – Why?◊ Better performance
• Cache popular web pages• Distribute requests among a number of servers
◊ Give the bad guys more defended ground to get past
◊ Give local users protected by a firewall access to the Internet
![Page 132: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/132.jpg)
132
Proxying
◊ Security• Keep the the bad guys out of the network• To do this, keep the network hidden behind a
firewall• Doing this shuts off access to the Internet• A proxy server is used to create access to the
Internet
![Page 133: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/133.jpg)
133
Proxying
◊ As with other functionality with Apache, directives in the .conf file specify proxy functionality
◊ In this capacity, Apache is acting as an agent to send user’s requests out to the Internet
![Page 134: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/134.jpg)
134
Proxy Directives
◊ A new site will be created named proxy
◊ This site has three subdirectories –• cache• proxy• real
![Page 135: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/135.jpg)
135
Sample ConfigUser webuser
Group webgroup
ServerName www.myCompany.com
Port 8000
ProxyRequests on
CacheRoot /usr/local/apache2/proxy/cache
CacheSize 1000
![Page 136: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/136.jpg)
136
Sample ConfigProxyRequests on
• Turns proxy serving on
CacheRoot /usr/local/apache2/proxy/cache
• Sets the directory to contain cache files
• Must be writable by Apache
CacheSize 1000
• Specifies the size of the cache area in KB
![Page 137: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/137.jpg)
137
Setup◊ Cache directory
• Needs to be set up carefully• Owner = webuser• Group = webgroup
◊ The browser must be told you are going to access the web via a proxy• To do this you specify the IP address of the
proxy server and the port 8000
![Page 138: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/138.jpg)
138
Setup
◊ Proxy setting panel from Firefox (see Tools > Options > Advanced > Network tab,
Settings)
![Page 139: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/139.jpg)
139
Proxy Simulation
◊ Four elements needed to test the proxy server functionality• A browser configured to access the web via
proxy• A firewall (real or imaginary)• Copy of Apache running the proxy• Copy of Apache running the website
![Page 140: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/140.jpg)
140
Proxy Simulation◊ One copy of Apache will run with the Proxy configuration
fileUser webuserGroup webgroupServerName www.myCompany.comPort 8000ProxyRequests onCacheRoot /usr/local/apache2/proxy/cacheCacheSize 1000◊ Since we are simulating this on a single computer, we
will use port 8000 as the port to receive proxy requests
![Page 141: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/141.jpg)
141
Proxy Simulation◊ The web server will use the following
configuration (we are simulating a site out on the web by running Apache as a web server)
◊ Config for the web site
User webuser
Group webgroup
ServerName www.myCompany.com
Listen www.myCompany.com:80DocumentRoot /usr/local/apache2/real/htdocs
![Page 142: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/142.jpg)
142
Proxy Simulation◊ In /etc/hosts we place the following entry –192.168.124.1 www.myCompany.com
◊ This simulates DNS registration for www.myCompany.com
◊ Notice this domain will be on a different subnet than the one we have been using
![Page 143: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/143.jpg)
143
Proxy Simulation
◊ Next we need to configure the Ethernet interface for the simulation
◊ We will use the following commands –
ifconfig eth0 192.168.123.2
ifconfig eth0 192.168.123.3 alias netmask 0xFFFFFFFF
ifconfig eth0 192.168.124.1 alias
![Page 144: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/144.jpg)
144
Proxy Simulation◊ Start a copy of Apache for each of the
config files and sites◊ At this point you can fire up your
configured browser and enter the URLhttp://192.168.124.1◊ You should see the site’s web page
displayed◊ But how do you know the site is being
proxy served?
![Page 145: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/145.jpg)
145
Proxy Simulation
◊ Go to the browser and reconfigure to NOT use a proxy
◊ Now, enter the URL again
http://192.168.124.1
◊ You should get a network error
![Page 146: INFO 321 Server Technologies II](https://reader035.fdocuments.net/reader035/viewer/2022070416/56815114550346895dbf328e/html5/thumbnails/146.jpg)
146
INFO 321 Weeks 5-6
146
References
◊ Apache Web Server• Apache FAQ• Web server 2.2 documentation• The configure script• apache.conf directives index
◊ Netcraft web server survey
◊ Apache Week (online periodical)