#1
  1. (retired)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2003
    Location
    The Laboratory
    Posts
    10,101
    Rep Power
    0

    Exclamation Installing, Configuring and Securing Apache


    Latest Versions:

    There are two release/stable branches of the Apache webserver: Apache 1.3 and Apache 2.0. There is a new branch 2.2, which is not used by many hosting companies etc yet, and it's not established how stable it is (although we're all expecting good things ). I'd recommend that one for developers only.

    The current versions are:
    Apache 1.3.36
    Apache 2.0.58 (Get this one)
    Apache 2.2.2

    (as of 16 July 2006)

    Get them here.
    Last edited by SimonGreenhill; July 15th, 2006 at 06:12 PM. Reason: updating latest versions.
  2. #2
  3. (retired)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2003
    Location
    The Laboratory
    Posts
    10,101
    Rep Power
    0
    Installing Apache on Windows:

    Step 1: Download the .msi latest version

    Step 2: Double Click the downloaded file

    You will be asked a few questions:
    Originally Posted by Apache Manual
    1. Network Domain. Enter the DNS domain in which your server is or will be registered in. For example, if your server's full DNS name is server.mydomain.net, you would type mydomain.net here.

    2. Server Name. Your server's full DNS name. From the example above, you would type server.mydomain.net here.

    3. Administrator's Email Address. Enter the server administrator's or webmaster's email address here. This address will be displayed along with error messages to the client by default.

    4. For whom to install Apache Select for All Users, on Port 80, as a Service - Recommended if you'd like your new Apache to listen at port 80 for incoming traffic. It will run as a service (that is, Apache will run even if no one is logged in on the server at the moment) Select only for the Current User, on Port 8080, when started Manually if you'd like to install Apache for your personal experimenting or if you already have another WWW server running on port 80.

    5. The installation type. Select Typical for everything except the source code and libraries for module development. With Custom you can specify what to install. A full install will require about 13 megabytes of free disk space. This does not include the size of your web site(s).

    6. Where to install. The default path is C:\Program Files\Apache Group under which a directory called Apache2 will be created by default.
    If this seems like too much work, or too complicated, then you may want to look at using an Package install (see below).

    More Info:
    Apache2 Manual Page: Windows.
    Excellent step-by-step guide (with pictures!) to installing Apache 2 on Windows.

    Package Installers

    There are also "easy-to-use" all-in-one installers such as XAMPP (Windows 2000&XP, Linux, OSX), WAMPServer (Windows 2000 & XP only), and Devside (Windows 2000&XP) which will install and set-up Apache, PHP and MySQL for you, but these can make it very hard to troubleshoot any errors. We'll try to help with these installations, but the best people to ask are the compilers themselves.
    Last edited by SimonGreenhill; July 8th, 2005 at 07:30 PM.
  4. #3
  5. (retired)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2003
    Location
    The Laboratory
    Posts
    10,101
    Rep Power
    0
    Installing Apache on Linux/BSD:

    There are two ways of installing Apache on Linuxes / BSD. You can compile it, or your distribution may have it packaged for you.

    Compiling Apache

    This is generally a matter of downloading the source code, and doing this:
    Code:
    tar zxvf httpd-2.0.54.tar.gz
    ./configure --prefix=PREFIX
    make
    make install
    PREFIX/bin/apachectl start
    Where PREFIX is where you want apache installed, and is usually something like "/usr/local"

    More Information:
    Compiling and installing Apache 1.3.
    Compiling and installing Apache 2.0.

    Redhat / Fedora Core
    Code:
    yum install httpd httpd-devel httpd-manual
    
    (or) 
    
    yum install httpd2 httpd2-devel httpd2-manual
    ** This is a guess on my part at the exact command - can anyone confirm or correct this?

    If that doesn't work, read this thread (Redhat 9) and follow this guide.

    Debian / Ubuntu

    Either install apache 1 or apache 2, using ONE of these commands:
    Code:
    apt-get install apache
    apt-get install apache2
    Gentoo (Thanks Codergeek42)

    You need to select (only) one of Apache's MPMs (Multi-Processing Modules) by adding one or more of "mpm-leader," "mpm-peruser," "mpm-prefork," "mpm-threadpool," or "mpm-worker" to your USE flags (you can read more about how the various MPMs work at Apache's documentation. If you want SSL support you need to also set the "ssl" USE flag. These can be modified in your /etc/make.conf file. Then it's simple to install through Portage:
    Code:
    # emerge net-www/apache
    You need to uncomment and change the APACHE2_OPTS line in your /etc/conf.d/apache2 file so that it contains "-D SSL" if you're using SSL; if you're using mod_php, you also need to add "-D PHP4" or "-D PHP5" depending on which version of mod_php you are using.

    Solaris

    There's a good walkthrough of the procedure here. You can also find packages for your version of Solaris at sunfreeware.com

    (Any others - PM me & let me know).
    Last edited by SimonGreenhill; July 8th, 2005 at 07:25 PM.
  6. #4
  7. (retired)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2003
    Location
    The Laboratory
    Posts
    10,101
    Rep Power
    0
    Installing Apache on Apple OS X

    Congratulations! you already have Apache. It's shipped with OSX. To turn it on, all you have to do is to click System Preferences, then Sharing, then click start beside the Web Sharing lable.

    More information.

    Note: This is an old version of Apache (1.3.27), and it's a good idea to upgrade to a later version. To do this, we need to compile it, just the same as for linux above. There's a nice walkthrough of this process here.

    Package Installers

    There is an "easy-to-use" all-in-one installer: XAMPP which will install and set-up Apache, PHP and MySQL for you, but this can make it very hard to troubleshoot any errors. We'll try to help with these installations, but the best people to ask are the compilers themselves.
    Last edited by SimonGreenhill; July 8th, 2005 at 07:26 PM.
  8. #5
  9. (retired)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2003
    Location
    The Laboratory
    Posts
    10,101
    Rep Power
    0
  10. #6
  11. (retired)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2003
    Location
    The Laboratory
    Posts
    10,101
    Rep Power
    0
    Configuring Apache

    Apache is configured through plain text files. There is a main configuration file called httpd.conf, which is generally found in the conf/ subdirectory of the main apache installation directory, or in /etc/ on linux. Some distributions may place it inside /etc/apache2/ or something similar.

    There are also per-directory configuration files called .htaccess files, which take the same parameters as the httpd.conf file, and allow you fine-grain control of different sub-directories of your website. To use these per-directory configuration files, you will need to enable them in your httpd.conf file by enabling the AllowOverride directive.

    Which one should I use?
    The Apache Soft. Foundation recommends the use of the main httpd.conf file instead of .htaccess, mainly because .htaccess is much slower.

    Originally Posted by Apache Manual
    In general, you should never use .htaccess files unless you don't have access to the main server configuration file. There is, for example, a prevailing misconception that user authentication should always be done in .htaccess files. This is simply not the case. You can put user authentication configurations in the main server configuration, and this is, in fact, the preferred way to do things.

    .htaccess files should be used in a case where the content providers need to make configuration changes to the server on a per-directory basis, but do not have root access on the server system. In the event that the server administrator is not willing to make frequent configuration changes, it might be desirable to permit individual users to make these changes in .htaccess files for themselves. This is particularly true, for example, in cases where ISPs are hosting multiple user sites on a single machine, and want their users to be able to alter their configuration.

    However, in general, use of .htaccess files should be avoided when possible. Any configuration that you would consider putting in a .htaccess file, can just as effectively be made in a <Directory> section in your main server configuration file.
    How is it slower? For example, say you've got AllowOverride turned on (and can therefore use .htaccess), and a user requests the file www.example.com/path/file.htm. If this resolves to /apache/www/path/file.htm:

    Apache then has to check for:
    /.htaccess (yes, that IS the root dir)
    /apache/.htaccess
    /apache/www/.htaccess
    /apache/www/path/.htaccess

    So - 4 extra filesystem hits == slow. Even if you're not using them and just have AllowOverride turned on. Putting the config in the httpd.conf means one read of the config, each time the server starts.

    So, when should I use an .htaccess file?

    First, when you don't have access to httpd.conf. This is probably true if you're on shared hosting.

    Second, when you have lots and lots of per-folder configurations.

    A third reason for using an .htaccess is that it can be modified without restarting the apache webserver. If you change the httpd.conf file, then you need to reload the webserver. With sudo apachectl restart this could take all of 2 seconds, but your mileage may vary.
    Last edited by SimonGreenhill; July 8th, 2005 at 08:21 PM.
  12. #7
  13. (retired)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2003
    Location
    The Laboratory
    Posts
    10,101
    Rep Power
    0
    Common Configuration Questions:

    I highly recommend you read your httpd.conf file, as it's heavily commented and will tell you most things you need to know. Here we will just cover common questions:

    1. How do I change where my website files are stored?

      Change the DocumentRoot directive, for example, this will serve files from /home/simon/www:
      Code:
      DocumentRoot "/home/simon/www"
    2. I want to use another file extension instead of .html (eg: index.php) for directory requests (eg: http://www.example.com/mydir/)

      Change the DirectoryIndex directive. Apache will then search for the files in order from left to right. For example, here apache will look for index.php, if that's not found, it'll search for index.html, f that's not found, it'll look for index.foo :
      Code:
      DirectoryIndex index.php index.html index.foo
    3. My .htaccess isn't working!

      Make sure you've got the directive AllowOverride turned on in your httpd.conf file.
      More info.

    4. PHP isn't working!

      You need to tell apache to send php files to the php handler.
      Code:
      AddType application/x-httpd-php .php
    5. I want other files (eg: *.html) to be parsed by PHP too

      You need to tell apache to send these files to the php handler:
      Code:
      AddType application/x-httpd-php .php .html
    6. I want to block access to a certain sub-directory

      I want to block access to /path1/subdir? How do I do it?

      httpd.conf:
      Code:
      <Directory /path1/subdir>
       Order Deny,Allow
       Deny from all
      </Directory>
      .htaccess:
      Code:
      Order Deny,Allow
      Deny from all
      More info on the Order directive here.

    7. I want to deny access to a certain directory for everyone EXCEPT example.com

      httpd.conf:
      Code:
      <Directory /path1/subdir>
       Order Deny,Allow
       Deny from all
       Allow from example.com
      </Directory>
      .htaccess:
      Code:
      Order Deny,Allow
      Deny from all
      Allow from example.com
      More info on the Order directive here.

    8. I want to turn off directory listings

      httpd.conf
      Code:
      <Directory /path1/subdir>
       Options -Indexes
      </Directory>
      .htaccess
      Code:
      Options -Indexes
      More info on the Options directive here

    9. What file and directory permissions should I use for my document root?

      1) You do NOT want apache to own your files. If apache owns them, then it can change them.

      2) You do NOT want them executable, especially not world-executable.

      3) You probably don't want them writeable either.

      Most files should be set to 640 or 644.
      Anything Apache needs to write to, should be 666.
      Any directories probably need to be 755.

      More information here.
    Last edited by SimonGreenhill; July 17th, 2005 at 07:22 PM.
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed God 1st Plane (5500 - 5999 posts)

    Join Date
    Oct 2000
    Location
    Back in the real world.
    Posts
    5,966
    Rep Power
    190

    About "UseCanonicalName"


    - if your server redirects you to a different server URL when leaving out the trailing slash for directories
    - if your server shows the wrong host name or scripts don't use the right host
    - if your server asks for authentication information twice

    This is commonly caused by a wrong UseCanonicalName setting.
    UseCanonicalName must be off unless you know exactly what it does and you have very good reasons to switch it on.

    Many distros have it on by default. This is a bad mistake IMO because there is only very few occasions where you actually need it.

    M.
  16. #9
  17. (retired)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2003
    Location
    The Laboratory
    Posts
    10,101
    Rep Power
    0
  18. #10
  19. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2006
    Posts
    4
    Rep Power
    0
    It is important to look into the error.log file and access.log for the status on the WebServer.

    You can tail these files to see the latest on what is happening with the server.

    The tail tool :

    http://www.makelogic.com/tail/TailHome.htm

    Apache logs the start up errors and other important messages into these files. They are the first place to start diagnosis if the things dont work as expected.

    - Madanu

IMN logo majestic logo threadwatch logo seochat tools logo