Apache Server 2 Bible

Mohammed J. Kabir, Wiley

ISBN:0764548212, Edition: 2, 2002-03-18

Price: $49.99

Table of Contents

Preface ~ ix

Acknowledgments ~ xiii

Part I: Getting Started 1

Chapter 1: Apache: The Number One Web Server ~ 3
Apache Rocks On ~ 4
Apache: The Beginning ~ 5
The Apache Feature List ~ 5
Understanding Apache 2.0 Architecture ~ 7
Multiprocessing modules ~ 7
Filtering I/O ~ 9
New CGI daemon ~ 9
Apache Portable Run-Time ~ 10
Understanding the Apache License ~ 10

Chapter 2: Obtaining and Installing Apache ~ 13
The Official Source for Apache ~ 13
System Requirements ~ 14
Requirements for building Apache from source distribution ~ 14
Requirements for running an Apache Web server ~ 16
Downloading the Software ~ 18
Installing Apache from Source Code ~ 19
Configuring Apache source ~ 19
high-load Web sites ~ 24
Compiling and installing Apache ~ 26
Installing Apache from RPM Binary Packages ~ 30
Keeping Up with Apache Development ~ 30

Chapter 3: Getting Apache Up and Running ~ 31
Configuring Apache ~ 31
Configuring the global environment for Apache ~ 36
Configuring the main server ~ 40
Starting and Stopping Apache ~ 50
Starting Apache ~ 50
Restarting Apache ~ 52
Stopping Apache ~ 52
Testing Apache ~ 53

Chapter 4: Configuring Apache with Winnt MPM Directives ~ 55
Apache Directive Contexts ~ 56
Server config context ~ 56
Container context ~ 57
Per-directory context ~ 58
General Configuration Directives ~ 59
AccessFileName ~ 59
AddDefaultCharset ~ 60
ContentDigest ~ 60
DefaultType ~ 61
DocumentRoot ~ 61
ErrorDocument ~ 62
< IfDefine> ~ 63
< IfModule> ~ 64
Include ~ 65
Options ~ 65
Port ~ 67
ServerAdmin ~ 68
ServerName ~ 68
ServerRoot ~ 69
ServerSignature ~ 69
ServerTokens ~ 69
SetInputFilter ~ 70
SetOutputFilter ~ 70
Performance and Resource Configuration Directives ~ 70
Controlling Apache processes ~ 71
Making persistent connections ~ 72
Controlling system resources ~ 74
Using dynamic modules ~ 75
Standard Container Directives ~ 76
< Directory> ~ 77
< DirectoryMatch> ~ 78
< Files> ~ 78
< FilesMatch> ~ 79
< Location> ~ 79
< LocationMatch> ~ 80
Virtual Host-Specific Directives ~ 80
NameVirtualHost ~ 80
ServerAlias ~ 82
ServerPath ~ 82
< VirtualHost> ~ 82
Logging Directives ~ 83
LogLevel ~ 84
PidFile ~ 85
ScoreBoardFile ~ 85
Authentication and Security Directives ~ 86
AllowOverride ~ 86
AuthName ~ 87
AuthType ~ 87
HostNameLookups ~ 87
IdentityCheck ~ 88
< Limit> ~ 88
< LimitExcept> ~ 89
LimitRequestBody ~ 89
LimitRequestFields ~ 89
LimitRequestFieldsize ~ 90
LimitRequestLine ~ 90
Require ~ 90
Satisfy ~ 91
ScriptInterpreterSource ~ 92
MPM threaded-Specific Directives ~ 92
CoreDumpDirectory ~ 92
Group ~ 93
Listen ~ 93
ListenBacklog ~ 94
LockFile ~ 94
MaxClients ~ 94
MaxRequestsPerChild ~ 95
MaxSpareThreads ~ 95
MinSpareThreads ~ 95
SendBufferSize ~ 96
StartServers ~ 96
ThreadsPerChild ~ 97
User ~ 97
MPM perchild-Specific Directives ~ 98
AssignUserID ~ 98
ChildPerUserID ~ 98
ConnectionStatus ~ 99
CoreDumpDirectory ~ 99
Group ~ 99
Listen ~ 99
ListenBacklog ~ 100
LockFile ~ 100
MaxRequestsPerChild ~ 100
MaxSpareThreads ~ 100
MaxThreadsPerChild ~ 100
MinSpareThreads ~ 100
NumServers ~ 100
PidFile ~ 101
ScoreBoardFile ~ 101
SendBufferSize ~ 101
StartThreads ~ 101
User ~ 101
MPM winnt-Specific Directives ~ 101
CoreDumpDirectory ~ 102
Listen ~ 102
ListenBacklog ~ 102
MaxRequestsPerChild ~ 102
PidFile ~ 102
SendBufferSize ~ 102
ThreadsPerChild ~ 102
MPM prefork Specific Directives ~ 102
CoreDumpDirectory ~ 103
Group ~ 103
Listen ~ 103
ListenBacklog ~ 103
LockFile ~ 103
MaxClients ~ 103
MaxRequestsPerChild ~ 103
MaxSpareServers ~ 103
MinSpareServers ~ 104
PidFile ~ 104
ScoreBoardFile ~ 104
SendBufferSize ~ 104
StartServers ~ 104
User ~ 104

Chapter 5: Apache Modules ~ 105
An Overview of the Modules ~ 105
Environment-Related Modules ~ 106
mod_env ~ 106
mod_setenvif ~ 107
mod_unique_id ~ 109
Authentication and Access Control Modules ~ 109
mod_auth_anon ~ 110
mod_auth_dbm ~ 112
mod_auth_db ~ 116
Dynamic Contents Generation Modules ~ 117
mod_actions ~ 118
mod_ext_filter ~ 122
Content-Type Configuration Modules ~ 124
mod_mime ~ 124
mod_mime_magic ~ 128
mod_negotiation ~ 128
Directory Listing Modules ~ 130
mod_dir ~ 130
mod_autoindex ~ 131
Response Header Modules ~ 137
mod_asis ~ 138
mod_headers ~ 138
mod_expires ~ 139
mod_cern_meta ~ 141
Server Information and Logging Modules ~ 143
mod_log_config ~ 143
mod_status ~ 143
mod_info ~ 143
mod_usertrack ~ 143
URL Mapping Modules ~ 144
mod_userdir ~ 144
mod_alias ~ 145
mod_speling ~ 148
mod_vhost_alias ~ 149
Miscellaneous Modules ~ 151
mod_so ~ 151
mod_imap ~ 152
mod_file_cache ~ 155
mod_dav ~ 155

Part II: Web Site Administration 157

Chapter 6: Hosting Virtual Web Sites ~ 159
Understanding Apache's Virtual Hosting Capabilities ~ 159
Setting Up a Virtual Host ~ 161
Name-based virtual hosts ~ 161
IP-based virtual hosts ~ 162
Multiple main servers as virtual hosts ~ 163
Configuring DNS for a Virtual Host ~ 166
Setting User and Group per Virtual Host ~ 169
Managing a Large Number of Virtual Hosts ~ 170
Automating Virtual Host Configuration using mod_perl ~ 171
Generating Virtual Host Configuration By Using the makesite Script ~ 175
Managing Virtual Hosts By Using MySQL with mod_v2h Module ~ 178

Chapter 7: Authenticating and Authorizing Web Site Visitors ~ 181
Authentication vs. Authorization ~ 181
Understanding How Authentication Works ~ 182
Authenticating Users Via the mod_auth Module ~ 184
Understanding the mod_auth directives ~ 184
Creating a members-only section in your Web site ~ 186
Creating a members-only section using a .htaccess file ~ 187
Grouping users for restricted access to different Web sections ~ 188
Authorizing Access via Host Name or IP Addresses ~ 190
allow directive ~ 190
deny directive ~ 192
order directive ~ 192
Combining Authentication and Authorization ~ 195
Authenticating with a Relational Database ~ 195
Using MySQL database server for authentication ~ 196
Using other databases for user authentication ~ 202
Managing Users and Groups in Any RDBM ~ 204
Secure Authenticated Sessions Using Cookies ~ 208

Chapter 8: Monitoring Access to Apache ~ 213
Monitoring Apache ~ 213
Accessing configuration information with mod_info ~ 214
Enabling status pages with mod_status ~ 216
Creating Log Files ~ 221
TransferLog directive ~ 222
LogFormat directive ~ 223
CustomLog directive ~ 223
CookieLog directive ~ 224
Customizing Your Log Files ~ 224
Creating Multiple Log Files ~ 227
Logging Cookies ~ 228
Using Error Logs ~ 230
Analyzing Your Log Files ~ 232
Log Maintenance ~ 234
Using rotatelog ~ 234
Using logrotate ~ 234
Using logresolve ~ 236

Chapter 9: Rewriting Your URLs ~ 239
The URL-Rewriting Engine for Apache ~ 239
RewriteEngine ~ 242
RewriteOptions ~ 243
RewriteRule ~ 243
RewriteCond ~ 245
RewriteMap ~ 248
RewriteBase ~ 249
RewriteLog ~ 249
RewriteLogLevel ~ 250
RewriteLock ~ 250
URL Layout ~ 251
Expanding a requested URL to a canonical URL ~ 251
Redirecting a user home directory to a new Web server ~ 252
Searching for a page in multiple directories ~ 253
Setting an environment variable based on a URL ~ 256
Creating www.username.domain.com sites ~ 257
Redirecting a failing URL to another Web server ~ 259
Creating an access multiplexer ~ 259
Creating time-sensitive URLs ~ 261
Content Handling ~ 262
Adding backward compatibility in URLs ~ 262
Creating browser-matched content URLs ~ 262
Creating an HTML to CGI gateway ~ 263
Access Restriction ~ 263
Blocking robots ~ 263
Creating an HTTP referer-based URL deflector ~ 264

Chapter 10: Setting up a Proxy Server ~ 265
Who Should Use a Proxy Server? ~ 265
Understanding Types of Proxy Servers ~ 266
Forward proxy ~ 266
Reverse proxy ~ 267
mod_proxy Directives ~ 268
ProxyRequests ~ 269
ProxyRemote ~ 269
ProxyPass ~ 270
ProxyBlock ~ 270
NoProxy ~ 271
ProxyDomain ~ 271
CacheRoot ~ 272
CacheSize ~ 272
CacheGcInterval ~ 273
CacheMaxExpire ~ 273
CacheLastModifiedFactor ~ 273
CacheDirLength ~ 274
CacheDirLevels ~ 274
CacheDefaultExpire ~ 274
NoCache ~ 275
Configuring an Apache Proxy Server ~ 275
Scenario 1: Connecting a private IP network to the Internet ~ 276
Scenario 2: Caching remote Web sites ~ 276
Scenario 3: Mirroring a Web site ~ 278
Setting Up Web Browsers to use a Proxy ~ 278
Manual proxy configuration ~ 278
Automatic proxy configuration ~ 281
Setting return values for FindProxyForURL ~ 282
Using pre-defined functions in FindProxyForURL ~ 283

Chapter 11: Running Perfect Web Sites ~ 293
What is a Web Development Cycle? ~ 294
Putting the Web Cycle into Action ~ 296
Setting up for the Web cycle ~ 297
Implementing the Web cycle ~ 301
Building a Web Site by Using Templates and makepage ~ 304
Using HTTP PUT for Intranet Web Publishing ~ 305
Understanding the directives in mod_put module ~ 306
Compiling and installing mod_put ~ 307
Setting up a PUT-enabled Web directory ~ 307
Setting up a virtual host to use mod_put module ~ 309
Maintaining Your Web Site ~ 310
Online backup ~ 310
Offline backup ~ 311
Standardizing Standards ~ 312
HTML document development policy ~ 312
Dynamic application development policy ~ 314
Giving Your Web Site a User-Friendly Interface ~ 315
Make your site easy to navigate ~ 316
Create an appealing design ~ 316
Remove cryptic error messages ~ 317
Test your Web GUI ~ 317
Promoting Your Web Site ~ 318

Part III: Running Web Applications 319

Chapter 12: Running CGI Scripts ~ 321
What Is CGI? ~ 321
CGI Input and Output ~ 323
GET requests ~ 323
POST requests ~ 326
Comparing GET and POST ~ 327
Decoding input data ~ 328
Apache CGI Variables ~ 328
Server variables ~ 329
Client request variables ~ 330
Configuring Apache for CGI ~ 335
Aliasing your CGI program directory ~ 335
Choosing specific CGI file extensions ~ 336
Enabling cgi-bin access for your users ~ 338
Creating new CGI extensions by using AddType ~ 341
Running CGI Programs ~ 342
Writing CGI Scripts in Perl ~ 342
Enabling CGI Debugging Support in Apache ~ 370
ScriptLog ~ 370
ScriptLogLength ~ 371
ScriptLogBuffer ~ 371
Debugging Your Perl-Based CGI Scripts ~ 371
Debugging from the command line ~ 371
Debugging by using logging and debug printing ~ 373
Debugging with CGI::Debug ~ 374

Chapter 13: Server Side Includes (SSI) ~ 377
What Is a Server Side Include? ~ 377
Configuring Apache for SSI ~ 378
Enabling SSI for an entire directory ~ 379
Enabling SSI for a specific file type ~ 380
Using XBitHack for .htm or .html files ~ 381
Using SSI Commands ~ 382
config ~ 382
echo ~ 385
exec ~ 385
fsize ~ 391
flastmod ~ 391
include ~ 392
printenv ~ 392
set ~ 393
SSI Variables ~ 393
Flow Control Commands ~ 394

Chapter 14: Configuring Apache for FastCGI ~ 399
What is FastCGI? ~ 399
Achieving high performance by using caching ~ 401
Scalability through distributed applications ~ 402
Understanding How FastCGI Works ~ 404
Basic architecture of a FastCGI application ~ 406
Different types of FastCGI applications ~ 407
Migrating from CGI to FastCGI ~ 408
Things to keep in mind about migrating ~ 409
Migrating a sample script ~ 410
Setting Up FastCGI for Apache ~ 413
FastCGI directives for Apache ~ 414
Configuring httpd.conf for FastCGI ~ 416

Chapter 15: PHP and Apache ~ 421
Understanding How PHP Works ~ 421
Bringing PHP to Your Company ~ 422
Prerequisites for PHP ~ 423
Compiling and Installing PHP ~ 424
Building PHP as a CGI solution ~ 424
Building PHP as an Apache module ~ 425
Configuring Apache for PHP ~ 426
Configuring PHP by Using php.ini ~ 427
PHP directives in httpd.conf ~ 427
PHP Directives directives in php.ini ~ 428
Working with PHP ~ 435
Creating a simple command-line PHP script ~ 435
Creating simple PHP Web pages ~ 436
Using a PHP script as a Server-Side Include ~ 437
Using a PHP page for a directory index ~ 438
Using include files ~ 439
Enhancing error handling with PHP ~ 441
Processing Web forms with PHP ~ 441
Creating sessions with PHP ~ 444
Using MySQL with PHP ~ 448
Creating a simple PHP page to access a MySQL database ~ 448
Securing PHP include files ~ 451
Authenticating users with PHP and MySQL ~ 451

Chapter 16: Using Perl with Apache ~ 455
Compiling and Installing mod_perl ~ 455
Running CGI Scripts by Using mod_perl ~ 456
Don't Reinvent the Wheel ~ 457
Creating mod_perl Module By Using the Perl API for Apache ~ 458
Using CGI.pm to Write mod_perl Modules ~ 462
Preloading Perl Modules to Save Memory ~ 464
Keeping Track of mod_perl Modules in Memory ~ 465
Implementing ASP by Using the Apache::ASP Module ~ 466

Chapter 17: Running Java Servlets and JSP Pages with Tomcat ~ 469
Why Use Servlets? ~ 470
Installing Tomcat ~ 471
Installing the latest JDK for Tomcat ~ 471
Installing Tomcat and the mod_jk module ~ 472
Configuring Tomcat ~ 473
Configuring Tomcat for Apache ~ 473
Configuring Tomcat to use the Java Security Manager ~ 477
Configuring Apache for Servlets and JSP ~ 479
Working with Tomcat ~ 483
Disabling Tomcat's default HTTP service ~ 483
Starting and stopping Tomcat ~ 484
Starting Tomcat with a shell wrapper script ~ 484
Running Java servlets ~ 485

Part IV: Securing Your Web Site 493

Chapter 18: Web Security ~ 495
Understanding Web Security ~ 495
The Security Checkpoints ~ 496
Checkpoint 1: Your network ~ 497
Checkpoint 2: The operating system ~ 499
Checkpoint 3: Web server software ~ 499
Choosing a Security Configuration ~ 500
Security policy considerations ~ 500
A sensible security configuration for Apache ~ 502
The Sacrificial Lamb Configuration ~ 509
The Paranoid Configuration ~ 510
Protecting Your Web Contents ~ 511
Content-publishing guidelines ~ 511
Protecting your contents from robots and spiders ~ 512
Logging and Security ~ 515
CustomLog and ErrorLog ~ 515
What to do if you see unusual access in your log files ~ 515
Securing Your CGI Implementation ~ 517
Fending off CGI Risks with smart programming ~ 517
Keeping user input secure ~ 527
Wrapping CGI Scripts ~ 531
Hiding clues about your CGI scripts ~ 536
Using CGI Scanners ~ 537
Reducing SSI Risks ~ 540

Chapter 19: Securing Apache with SSL ~ 543
Introducing SSL ~ 543
How SSL Works ~ 544
Understanding encryption ~ 545
Understanding certificates ~ 547
Setting up SSL for Apache ~ 551
SSL choices ~ 551
Setting up OpenSSL ~ 552
Choosing the mod_ssl module for SSL support ~ 554
Choosing Apache-SSL instead of mod_ssl for SSL support ~ 558
Getting a Certificate ~ 562
Getting a server certificate from a commercial CA ~ 562
Generating a private key ~ 562
Generating a certificate signing request ~ 563
Creating a private certificate authority ~ 564
Accessing SSL pages ~ 565

Part V: Running Apache on Windows 567

Chapter 20: Installing and Running Apache for Windows ~ 569
System Requirements ~ 569
Downloading Apache for Windows ~ 570
Installing Apache Binaries ~ 570
Running Apache ~ 574
Running Apache automatically as a Windows service ~ 574
Managing Apache from the Start menu ~ 577
Managing Apache from the command-line ~ 577
Running multiple Apache services ~ 578

Chapter 21: Configuring Apache for Windows ~ 579
Windows httpd.conf Syntax ~ 579
Tuning Apache for Performance ~ 580
Testing Apache Configuration ~ 580
Managing Apache with Comanche ~ 581
Configuring Apache for Dynamic Contents ~ 584
Running Perl-based CGI scripts ~ 584
Running mod_perl scripts ~ 585
Running PHP scripts ~ 586
Running ISAPI extensions with mod_isapi ~ 587
UserDir in Windows ~ 588

Part VI: Tuning for Performance and Scalability 591

Chapter 22: Speeding Up Apache ~ 593
Using High-Performance Hardware ~ 593
CPU ~ 593
RAM ~ 594
Hard drive ~ 595
Ethernet card ~ 602
Tuning Linux's ext2 File system ~ 602
Changing the block size of the ext2 filesystem ~ 603
Tuning the ext2 file system with e2fsprogs ~ 603
Tuning Your Operating System ~ 606
Compiling and installing a custom kernel ~ 607
Tuning your system for demanding Web applications ~ 607
Making your Apache Server software lean and mean ~ 608
Tuning Your Network ~ 610
Using fast Ethernet ~ 610
Understanding and controlling network traffic flow ~ 611
Balancing load using the DNS server ~ 613
Using load-balancing hardware ~ 614
Tuning the Apache Configuration ~ 614
Minimizing DNS lookups ~ 614
Speeding up static file serving ~ 615
Tuning your configuration using ApacheBench ~ 618
Caching for Speed ~ 620
Caching frequently used files in memory with mod_fcache ~ 620
Getting Slick with the Squid proxy-caching server ~ 621
Using mod_backhand for a Web server farm ~ 626
Tuning Web Applications ~ 627
Speeding up mod_perl scripts ~ 627
Going with FastCGI instead of mod_perl ~ 633

Chapter 23: Creating a High-Availability Network ~ 637
Features of a High-end Web Network ~ 637
Enhancing DNS Reliability ~ 638
Load Balancing Your Web Network ~ 639
Distributing HTTP requests with Round-Robin DNS ~ 639
Distributing HTTP requests with hardware load balancers ~ 640
Managing Web Storage ~ 642
RAID, SAN, or Storage Appliances ~ 642
Tuning your hard drives ~ 643
Tuning ext2 Filesystem ~ 647
Increasing reliability with journaling file systems for Linux ~ 651
Sharing drive space with NFS server ~ 656
Replicating contents among Web servers ~ 664
Using rdist to distribute files ~ 664
Creating a RAM-based file system ~ 668
Creating a Reliable Back-end Network ~ 671
Fortifying Your Web Network ~ 673
Using Tripwire to protect your Web contents ~ 674
Securing Apache using the Linux Intrusion Detection System (LIDS) ~ 687

Appendix A: HTTP 1.1 Status Codes ~ 705
Appendix B: Understanding Regular Expressions ~ 709
Appendix C: Online Apache Resources ~ 713
Appendix D: What's on the CD-ROM? ~ 719

Index ~ 723

End-User License Agreement ~ 755