Features
The Apache web server, more popular
as simply Apache, represents an open-source web server platform lying in the basis
of most of the websites we see today on the World Wide Web. Looking back at the
time when it was introduced in mid 90's and gradually adopted as a preferred
server platform on the web, we could state that Apache acted as the main
driving force behind today's web expansion. As a web server 'pioneer', Apache
has turned into a standard for the development of other successful web server
platforms.
Apache is based on an
open source web service platform originally developed for Linux/Unix servers,
but was later configured to work on Windows and other operating systems
Apache, otherwise known as Apache
HTTP Server, is an established standard in the online distribution of website
services, which gave the initial boost for the expansion of the World Wide Web.
It is an open-source web server platform, which guarantees the online
availability of the majority of the websites active today. The server is aimed
at serving a great deal of widely popular modern web platforms/operating
systems such as Unix, Windows, Linux, Solaris, Novell NetWare, FreeBSD, Mac OS
X, Microsoft Windows, OS/2, etc.
The Apache server has been developed
by an open source community - Apache Software Foundation, whose members are
constantly adding new useful functionalities, with the sole purpose of
providing a secure and extensible server platform that ensures HTTP service
delivery in accordance with the current HTTP standards.
Apache was initially
referred to as 'patchy' as the first version of Apache became available as a
series of patches. In April 1995, version 0.6.2 of Apache was publicly
released. After some months, in December 1995, Apache 1.0 was released and
became a hit on the Web, making it the most-used web server. In 1999, the
Apache Software Foundation was formed to obtain financial, organizational, and
legal support for the server.
Apache web server is
free as it is developed by an open source community. You can download the
program from its website and install it on your own. Installing the server on
Linux may require a working knowledge of programming. But on Windows, you can
run it via a user-friendly graphical user interface (GUI). The latest version
of the Apache server is currently on version 2.2, which came out in 2006.
Capabilities
The Apache web server is
equipped with a lot of capabilities, enabling it to support various scripts and
modules for the web. The server supports the Common Gateway Interface (CGI) and
Server Side Includes (SSI). CGI is used as a common means of communication
between the external software and the web server, while SSI is a user-friendly
scripting language for server. Apache users can also install other modules such
as user home directories, URL redirection, user authentication, and anonymous
user access among others.
The Apache web server,
although it is free, is comparably faster than the more expensive web servers
on the market that cost thousands of dollars. Apache servers can handle more
than a million visits per day and display no difficulties when it comes
handling this traffic.
Basically for
communication where there is a client-server flavor, the server process creates
a socket and the client socket accesses the server through client socket
techniques.
A socket is fundamentally
nothing but an end point of communication. It can be of two types: Physical
socket and Logical socket. In Logical socket operating system has its system
calls, which creates them. Now for client-server access the socket needs three
things to provide service or ask for service.
1.
Service name (example:
telnet)
2.
Protocol (TCP-stream)
3.
Port no (23)
The service uses
protocol and protocol uses port number to provide service at server end and to
get service at client end. Ultimately we find that the port number is mainly
responsible for a client server communication.
Web communication deals
with a browser type of client process and Web server type of server process. What
actually happens when a user writes http://www.yahoo.com? Well, the browser
transfers the URL to current machine's operating system with a destination
address' operating system, which is responsible for extracting protocol i.e.
"http" from the client socket (browsers) and then it packets data
using layer software and over the packet it attaches the header http. This
enables the remote machine to hand over the request to Web server of remote
machine. Why so? Because there can be many a server running on the same machine
so the particular services are distinguished by their protocol.
But how should we
explain when telnet and ftp both are using same protocol but have different
server Processes? The answer is that they are distinguished by their port numbers.
Services may have same protocol but not the same port number. After this the
operating system throws the data to network interface card through the ram and
then network interface card gives it to nearest gateway, which sends the data
to the server machine at server end.
The network card gives a
signal back to operating system that a data enclosed with http header using
TCP/IP header has arrived. One's operating system checks that data has http
wrapper and searches for Web server on that machine. When it finds, it hands
over the data and pays attention to other processes.
Before the Web server
processes the data, it goes through a filtration by the gateway process
implemented on the Web server, which actually filters the raw data. This
concept implemented is called as common gateway interface that has the Web
server environment variables, which stores the data in different variable. When
the user asks for some unnecessary data, headers also get attached with data
and so the need for filtration.
Apache as Web server
The Web server is meant
for keeping Websites. There are three ways a Website can be stored. They are:
1.
default directory
hosting
2.
virtual directory
hosting
3.
virtual domain hosting
Run an Apache Server
The Apache HTTP (Web) Server
will run as a service on Windows and Linux, as well as other operating systems.
The service will allow the Apache server application to run in the background
without user intervention. Apache is always run as a service on Linux, but
Windows users have the ability to choose "Run as a Service" in the
installation script.
1.
Open the Windows
"Control Panel" under "All Programs."
2.
Open the
"Administrative Tools."
3.
Click on the
"Services" option.
4.
Select
"Apache" in the services menu.
5.
Click "Start"
to start the service.
6.
Test the configuration
by opening a web browser and typing "http://localhost" in the address
bar.
1.
Open a Terminal Window.
The terminal window will be found in the operating system's main
"Application" menu, under either "System Tools" or
"Utilities." You will see a command prompt; type the following
commands.
2.
Type the command
"su" to switch to the root user.
3.
Type the command "
/etc/init.d/apache2 start" to start the Apache service.
4.
Type the command
"exit" to exit the root session.
5.
Test the configuration
by opening a web browser and typing "http://localhost" in the address
bar.
If you want the web server
to parse Server Side Includes (SSI directives), search for the text
"server-side includes" in the file. Add the following lines just
after the block of text containing those words: AddType text/html .shtml
AddType text/html .shtml
AddOutputFilter INCLUDES
.shtml
Alternatively, you can
uncomment the example text given in the configuration file by removing the hash
prefix ("#") before each line.
Apache will now handle
the SSI directives that occur in files with names ending in ".shtml".
If you want "index.shtml"
to be your default start page for your directories, ie, if you want Apache to
load "index.shtml" when you type "localhost" or
"localhost/directory/", you will need to search for a line in your
"httpd.conf" that begins with "DirectoryIndex" and add
index.shtml to the list of files there. For example, modify it as follows:
DirectoryIndex
index.shtml index.html
Adding it before
index.html means that Apache will give preference to index.shtml if both are
present.
When you are satisfied
with your changes, save the file - just use the "Save" item from the
"File" menu or type Ctrl+S. After you make a configuration change,
you need to restart Apache. To do this, go to the Start Menu and click the
"Restart" item in the "Control Apache" folder, that is,
select Start -> Programs -> Apache HTTP Server -> Control Apache
Server -> Restart.
If you look at the pages
on any website, you'll probably notice that there are a lot of text on each
page common with the other pages (such as the logo, the navigation bar, the
quick menu, etc). Maintaining so many pages with common code or text can be
quite a pain when you want to change it. This is where having Server Side
Includes (or SSI) on your web server comes in useful.
Server Side Includes
(SSI) are especially useful and most commonly used when:
1.
you have a lot of common
text or code on each of your pages (such as your navigation menu) that you
would like to remove and place in a separate file for ease of maintenance.
2.
you want to embed the
output HTML code of a CGI script (such as a banner rotation CGI script) in your
web pages.
Apache is controlled by
a series of configuration files: httpd.conf, access.conf. and srm.conf (there's
actually also a mime.types file, but you have to deal with that only when
you're adding or removing MIME types from your server, which shouldn't be too
often). The files contain instructions, called directives, that tell Apache how
to run. Several companies offer GUI-based Apache front-ends, but it's easier to
edit the configuration files by hand.
Remember to make back-up
copies of all your Apache configuration files, in case one of the changes you
make while experimenting renders the Web server inoperable.
Also, remember that configuration
changes you make don't take effect until you restart Apache. If you've
configured Apache to run as an inetd server, then you don't need to worry about
restarting, since inetd will do that for you. Use one configuration file
The typical Apache user
has to maintain three different configuration files--httpd.conf, access.conf,
and srm.conf. These files contain the directives to control Apache's behavior.
The tips in this story
keep the configuration files separate, since it's a handy way to compartmentalize
the different directives. But Apache itself doesn't care--if you have a simple
enough configuration or you just want the convenience of editing a single file,
then you can place all the configuration directives in one file. That one file
should be httpd.conf, since it is the first configuration file that Apache
interprets. You'll have to include the following directives in httpd.conf:
AccessConfig /dev/null
ResourceConfig /dev/null
That way, Apache won't
cough up an error message about the missing access.conf and srm.conf files. Of
course, you'll also need to copy the directives from srm.conf and access.conf
into your new httpd.conf file.
Say you have document
directories or files on your Web server that should be visible only to a select
group of computers. One way to protect those pages is by using host-based
authentication. In your access.conf file, you would add something like this:
<Directory
/usr/local/apache/share/htdocs/protected>
order deny,allow
deny from all
allow from 10.10.64
</Directory>
The <Directory>
directive is what's called a sectional directive. It encloses a group of
directives that apply to the specified directory. The Apache Quick Reference
Card includes a listing of sectional directives.
The above case allows
only computers with an IP address starting with 10.10.64 to access the pages in
the given directory. You can use the complete IP address, an IP range as shown
here, or even use the DNS names. For example, to allow only CNET computers
access to a specific file, you might do this in your access.conf file:
<Location
/usr/local/apache/share/htdocs/company/employees.html>
order deny,allow
deny from all
allow from .cnet.com
</Location>
It's important to have
that preceding period on the domain name, otherwise Apache allows only the
computer that exactly matches cnet.com. If that's what you want, you can
restrict to individual IP addresses and fully qualified domain names.
An interesting
side-effect of host-based authentication is that if you're using a browser on
the Web server machine itself and attempt to access the page through localhost,
you'll be denied permission. That's because the localhost IP, 127.0.0.1, will
not be in the .cnet.com range. You can easily add localhost to the permission
list by putting the appropriate IP on the allow directive:
allow from .cnet.com
127.0.0.1
The majority of security
measures you will need to take when running a publicly accessible Web site will
be set at the operating system level. You will want to make sure write access
is restricted in the directories where your Web pages are stored to keep
visitors from defacing your site.
According the March,
2009 Netcraft Web Server Survey (Reference 2), Apache is the most widely used web
server in the world. It is used on over 104 million sites. Apache is Open
Source software that can be installed on Windows, Linux and Unix operating
systems. It is the "A" in the LAMP (Linux Apache MySQL
PHP/Perl/Python) acronym. It is possible to install on Linux via source code,
.rpm packages and .deb packages. Once installed, there are a few configuration
files that must be edited in order to access your website.
Create a user and group
for the administration of the Apache Web Server. It is not a good idea to run
it as root.
sudo groupadd www-apache
sudo useradd -c "Apache" -g www-apache -p Password1 www-apache
Download and install the
Apache2 packages. You can download them directly from the Apache website or
through your distribution's package manager.
Stop the Apache service.
sudo /etc/init.d/apache2
stop
Edit the
/etc/apache2/envvars file.
gedit
/etc/apache2/envvars
Change the following two
lines to reflect your Apache user:
export
APACHE_RUN_USER=www-apache
export APACHE_RUN_GROUP=www-apache
Make a directory where
you want to keep your websites.
mkdir /public_html
Create a configuration
file for your website in /etc/apache2/sites-available by copying the default
configuration file. For this example, the website will be called navaja.
cp
/etc/apache2/sites-available/default /etc/apache2/sites-available/navaja
Edit the navaja
configuration file.
gedit
/etc/apache2/sites-availabe navaja
Change the following
lines to reflect your configuration:
Under "<VirtualHost
*:80>":
ServerAdmin
user@lyouremail.com
DocumentRoot
/public_html
<Directory
/public_html/navaja>
The above line is the
second "<Directory>" section.
Disable the default
site.
sudo a2dissite default
Enable the new site.
sudo a2ensite navaja
Restart Apache.
sudo /etc/init.d/apache2
restart
Create an index.html
file in the /public_html/ directory.
Test the configuration
by opening a web browser and typing
http://localhost in the
address bar.
The Apache HTTP (Web)
Server is available for the Windows Operating System as well as many other
operating systems. It can be downloaded as an Microsoft Installer package and
is installed like any other piece of software on Windows. The default documentation
on the Apache website is designed for Unix-based systems. The basic
configuration setup is the same for every platform, however the default
locations are different on the Windows OS.
Open the "httpd.conf"
file in any text editors, such as Windows Notepad. The default location is
C:\Program Files\Apache
Group\Apache2\conf\httpd.conf."
Change the variables to
reflect your server configuration. For example, you will specify any virtual
hosts here as well as change any variables such as "DocumentRoot,"
which specifies the location where the webpages are held, and "Port,"
which specifies which port to listen on.
Save and close the file.
Restart the
"Apache" service under the "Services" section of the
Control Panel.
Open a blank text file
in any text editor such as Windows Notepad.
Add any
directory-related configuration directives (See Resources) to the text file.
For example, if you want to require a password to access a site, place the
following lines in the file:
AuthType Basic
AuthName "Password
Required"
AuthUserFile
c:/apache/bin/passwd.txt
AuthGroupFilec:apache/bin/group.file
Require Group admins
Replace the variables
with the correct information for your system.
Click "Save
As", then change the file type to "*.*" and name the file
".htaccess."
Restart the
"Apache" service under the "Services" section of the
Control Panel.
Test the configuration by
typing "http://localhost" into a web browser address bar.
server accept
connections on both port number
1.
80
2.
8000
No comments:
Post a Comment