This document discusses configuring and managing the Apache web server. It describes how to start, stop, and restart the Apache daemon. It explains the Apache configuration file format and common directives. It also covers access control, user home directories, virtual hosts, enabling HTTPS, and creating self-signed certificates.
3. Apache Web ServerApache Web Server
●
Service name (Redhat/CentOS):Service name (Redhat/CentOS):
– apacheapache
●
Daemon name (Redhat/CentOS):Daemon name (Redhat/CentOS):
– httpdhttpd
●
Daemon name (Ubuntu):Daemon name (Ubuntu):
– apache2apache2
5. Apache Configuration FileApache Configuration File
●
apache[2].confapache[2].conf
– Location may vary from distributionsLocation may vary from distributions
– More configuration files may be included by usingMore configuration files may be included by using
IIncludenclude statementstatement
– HTML like syntax with <TAG> </TAG> directivesHTML like syntax with <TAG> </TAG> directives
6. Common DirectivesCommon Directives
●
User / GroupUser / Group
– UID/GID of processes to access file systemUID/GID of processes to access file system
●
ListenListen
– Listening portListening port
●
ServerNameServerName
– FQDN to responseFQDN to response
●
DocumentRootDocumentRoot
– Top directory to access for resourcesTop directory to access for resources
●
ServerAdminServerAdmin
– Administrator's emailAdministrator's email
7. User Home DirectoryUser Home Directory
●
URL:URL: http://web.server/~userhttp://web.server/~user
<IfModule mod_userdir.c><IfModule mod_userdir.c>
#UserDir disable#UserDir disable
UserDir public_htmlUserDir public_html
</IfModule></IfModule>
●
Place document underPlace document under ~user/public_html~user/public_html
●
Must be accessible by apache daemonMust be accessible by apache daemon
9. Access ControlAccess Control
●
Order <X> <Y>Order <X> <Y>
– Only in X then XOnly in X then X
– Only in Y then YOnly in Y then Y
– Both in X & Y then YBoth in X & Y then Y
●
Allow|Deny <CLIENT>Allow|Deny <CLIENT>
– all all : all hosts: all hosts
– IP.IP.IP.IP IP.IP.IP.IP : specific IP: specific IP
– IP.IP. IP.IP. : partial IP: partial IP
– NET/MASK NET/MASK : a network: a network
13. Enabling HTTPSEnabling HTTPS
●
Listening on 443/TCPListening on 443/TCP
●
UseUse https://https:// instead ofinstead of http://http:// in URLin URL
●
All HTTP traffics are encryptedAll HTTP traffics are encrypted
●
Need a CA signed certificate while using in theNeed a CA signed certificate while using in the
public networkpublic network
●
Self-signed certificate can be used in privateSelf-signed certificate can be used in private
networks or for test purposenetworks or for test purpose