700 likes | 720 Views
Learn how to install and configure the versatile Apache web server effectively. Discover its modular design, scalability, and security features, as well as tips for module management and customization. Get insights on Apache's performance, documentation, and active development community. Master Apache installation using Red Hat Package Manager, select packages for additional functionality, and manage configuration files seamlessly. Enhance your web server setup with essential packages like PHP and SSL support. Take full control of your Apache setup with detailed guidance.
E N D
Chapter 9 Building Networks
The Apache Web Server • Amongthe commercial web servers are offerings from Netscape, IPlanet, SunONE, Microsoft (the Internet Information Server, or IIS), and Zeus. • Among the open source web servers, we can list Apache, thttpd, andRedhat TUX. • Of all these, Apache is most widely used. • At the time of writing, 66% of all web sites are hosted on Apacheweb servers
Apache's popularity is due not only of its opensource pedigree, but also to its highly competitive levels of performance, functionality, stability, flexibility,and security. • Apache's flexibility comes from the fact that it is a modular web server. • That means that you canmeet your requirements by plugging any number of external modules into the core httpd daemon.
Being open source software, you also have access to Apache's source code, which you cancustomize to fit your needs. • Apache is also very scalable. • You can run Apache on high−end hardware, and it's possible to increasethe capacity of Apache web servers by sharing the load across any number of servers. • It's also veryportable, being available for a number of operating systems.
Apache's security is very good in comparison to other web servers. • Apache performs very well − it boasts a highly optimized daemon for serving static content whichdramatically outperforms its nearest rivals. • Moreover, it rarely crashes and achieves extremely longup−times
Apache comes with detailed documentation, which helps to make the setup and configuration easy. • And of course, because it's so popular there's a wide network of support for Apache, in the form of mailing lists, newsgroups, and commercial vendors like Red Hat. • Apache development is active. • The Apache Foundation is actively involved in development of newmodules; new versions of Apache to make it reliable stable and secure.
Installing Apache • Apache is a modular server − the core server provides the basic functionality, withextended features available in various modules. • This makes it very flexible and easy to configure, because youneed to configure only the modules you need. • So, it's worth looking at how to control the installation andremoval of these modules.
In fact, the different modules are contained in the different packages that we can install via the Red HatPackage Manager (RPM). • Recall that to start RPM's graphical interface, you can select Main Menu | System Settings | Add/Remove Applications, or type the following command at the command line: • $ redhat−config−packages • The Apache web server packages are listed in the Web Server package group, which is found under the Applications category in the RPM
Only one of these packages in the group is a Standard Package − that's the httpd package that contains the base Apache web server functionality. • The remaining 16 packages are all optional packages (the RPM callsthem Extra Packages). • The important packages are explained below:
PackageDescription • httpd− Contains the documentation manual for the Apache web server. After installation, you can access thisdocumentation from the command line by typing man httpd • Hwcrypto Provides support for hardware SSL acceleration cards. This package should be installed if youhave hardware SSL acceleration cards like Ncipher Nforce on your server
mod_ssl Provides an SSL interface to the HTTPS web server, and hence enables the Apache web serverto support SSL. This package should be installed if you want to provide secure connections toyour clients • Php Provides the PHP module for Apache, which enables the web server to serve PHP web pages • Webalizer Provides programs for web server log file analysis. This package enables you to generateHTML usage reports for your website.
You can choose whichever extra packages fit your requirements; it's definitely worth installing the httpd−manual package, and then you should choose whatever other packages fit your own requirements. • Remember that you can re−launch the RPM at any time, and add or remove packages, as you need them.
When you've selected the packages you need, click the Close button to dismiss the Web Server Package Details window • Then click the Update button on the main Package Management window to begin theinstallation. • During the installation, you'll be prompted to insert the distribution discs, as they're required. • TheRPM will also inform you of any conflict between package dependencies.
The Apache Configuration Files • Apache's configuration information is contained in a select bunch of configuration files: • The /etc/httpd/httpd.conf file is Apache's main configuration file. • The /etc/httpd/conf.d directory contains configuration files for any installed modules (such as PHP,SSL, and so on). • The /etc/httpd/logs directory is a symbolic link to /var/log/httpd directory, which contains all theApache log files.
The /etc/httpd/modules directory is a symbolic link to /usr/lib/httpd/modules directory, which contains all the Apache modules configured as dynamic shared objects. • The /etc/httpd/run directory is a symbolic link to /var/run, which contains the process ID file(httpd.pid) of the httpd process. • /etc/rc.d/init.d/httpd is a shell script, used for starting and stopping the Apache web server.
Starting Apache for the First Time • You can start Apache using the Red Hat Service Configuration GUI dialog, or via the command line. • 1. First, you need to fire up the GUI. To do this, click on Main Menu | System Settings | Server Settings |Services or type the following at the command line: • $ redhat−config−services
This dialog contains a list of all the services that are supported on your computer. • The checkboxesindicate which of these services are started automatically when the machine boots up. • There are also Start, Stop, and Restart buttons so that we can start and stop services manually. • 2. Scroll down the list on the left of the dialog, and select the entry for httpd.
The httpdservice is the Apache web server service. • Check the status of the httpd service, in the bottom−right ofthe dialog; • if it is stopped (as above), then click the Start button to start it. • If you want it to start automatically next time you reboot your machine, check the checkbox too. • Thenselect File | Save Changes to save the new settings. • To control the Apache web server from the command line, we can use the service command to fire the httpdscript.
If there are difficulties in starting the web server, then • For example, if you attempt to do this without root privileges, then you'll get a message telling you that permission is denied. • Andhere's another example: • # service httpd start • Starting httpd: httpd: Could not determine the server's fully qualifieddomain name, using 192.168.0.99 for ServerName
Here, the message explains that the server's fully qualified domain name (FQDN) couldn't be determined • that it's using the IP address (192.168.0.99) instead. • If you get this message, it's because you have neither setup a FQDN for your Linux server, nor configured the ServerName configuration directive in the httpd.conf configuration file.
Returning to the httpd script itself, there are similar switches for stopping or restarting the service: • # service httpd restart • Stopping httpd: [ OK ] • Starting httpd: [ OK ] • # service httpd stop • Stopping httpd: [ OK ]
There are a few other options you can use with the httpd script. • If you run the script without an option, the resulting usage message reveals all the available options: • # service httpd • Usage: httpd • {start|stop|restart|condrestart|reload|status|fullstatus|graceful| help|configtest}
The configtest option is a particularly useful one. • The configuration file is quite complex, and so it's useful to check it for errors after you make changes to it. • To do this, you use the configtest option: • # service httpd configtest • Syntax OK
Testing the Apache Web Server • Once you've started the Apache web server, you should test it to see if it's working properly. • To do that use a web browser to request a web page from our server! • There's a page provided by default for this purpose and you can request it via the URL • http://localhost. So, launch a web browser (Main Menu | Internet | Mozilla Web Browser), and type this URL into the address box.
Configuring your Web Server • It's a good idea to configure your web server. • Red Hat does provide a GUI tool, apacheconf, for configuring Apache. • but it does not format the configuration file very well. • Webmin is an alternative web−based software that can be used to manage most of the Linux services including the Apache web server.
Configuring Your Web Server • We're going to configure the web server by adjusting a couple of the settings to suit our needs. • Launch the gedit text editor (by selecting Main Menu | Accessories | Text Editor) • Use it to open the file/etc/httpd/conf/httpd.conf. • Select Search | Find and use the resulting dialog to find the word ServerAdmin in the file.
The firstoccurrence should be the ServerAdmin directive, which looks like this: • # ServerAdmin: Your server address, where problems with the server should be • # e−mailed. This address appears on some server−generated pages, such • # as error documents. e.g. admin@your−domain.com ServerAdminroot@localhost
As you can see, the configuration file describes this directive very well. • Change the email address to your ownemail address, or an address that you may have set up for web site administration.
4. Save the httpd.conf file, and close it. 5. Restart the httpd daemon to reflect the changes. To do this, use Red Hat Services Configuration GUI,or the httpd command line script as described earlier in this chapter: • # service httpd restart • Stopping httpd: [ OK ] • Starting httpd: [ OK ]
Setting up Your First Web Site • Launch an editor (you can use a dedicated web page editor such as Mozilla Composer if you have it installed) • Create a new file − call it index.html and save it in the directory /var/www/html 3. Type some HTML into the file. For example: <html>
<head> Setting up an FTP Server<title>Beginning Red Hat Linux − Apache Test Page</title> </head> <body> <center> <h1>Beginning Red Hat Linux − Apache Test Page</h1> This is the first page of your web site! </center> </body> </html>
Now open a browser and browse to the page using your server's FQDN address or IP address. • If you want to make your web site available on the Internet, then you'd need to connect your web server to theInternet and assign it a public IP address, so that external users send page requests to it. • You can also registera DNS so that your website as a memorable name (so users don't need to refer to your web site by its IP address!).
By default, your Apache web server hosts just one web site (whose root is at /var/www/html). • However, youcan configure your Apache web server to host as many web sites as you like, and specify the root directory of each site to be whatever folder you wish.
Setting up an FTP Server • If you want to enable other users to download files from a location on your server's hard disk, and/or to upload files to that location, then one solution is to install an FTP server. • You can think of an FTP server essentiallyas an area of disk space that is used for storing files, plus the software and configuration required to allow other users to upload and download files
When users want to upload or download from your FTP server, theyuse a program called an FTP client. • These communications between FTP server and FTP client take place using the File Transfer Protocol(FTP). • FTP is a TCP protocol that is designed specifically for the transfer of files over a network, and it's oneof the oldest Internet protocols still in widespread use.
The availability of so many different FTP clientprograms, and the fact that many operating systems come with FTP software pre−installed, are indications ofhow relevant FTP still is today. • FTP is not considered a secure protocol, because communication between the FTP client and server are unencrypted. • Secure FTP (SFTP) is also becoming popular
In fact, many FTP servers still allow anonymous FTP access, which means that the FTP server allows any user to access its disk space and download its files. • Anonymous FTP access is used mostly to enable users to access freely available documents and files via the Internet without access control.
FTP Servers in the Red Hat Linux Distribution • There are a number of FTP servers available for Red Hat Linux 9 For example: • vsftpdis a simplified FTP server implementation. It is designed to be a very secure FTP server, and can also be configured to allow anonymous access. • TUXHTTP server, which also has FTPis a kernel−based, threaded, extremely high performance capabilities. • TUX is perhaps the best in terms of performance, but offers less functionality than other FTP server software. • TUX is installed by default with Red Hat Linux 9.
wu−ftpdis a highly configurable and full−featured FTP daemon, which was popular in earlierversions of Red Hat Linux but has since given way to the more security−conscious vsftpd. • gssftpdis a FTP daemon, which means that it is suitable for use with the Kerberos authentication system • Kerberos is a computer network authentication protocol which works on the basis of "tickets" to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.
Installing the vsftpd FTP Server • The easiest way to install the vsftpd FTP Server package is via the RPM GUI tool. • Once you've started the tool (for example, by selecting Main Menu | System Settings | Add/Remove Applications), find the FTPServer package group, which is listed under the Servers category. • Check the checkbox for this package group.
Back in the Package Management window, click on Update to start the installation
Starting Your FTP Server • To start the FTP service (and hence enable users to upload and download files), we can use the Service Configuration tool. • To launch the tool, select Main Menu | System Settings | Server Settings | Services, • or typethe following command at the command line: • $ redhat−config−services
Again, if you want the FTP service to start automatically next time you reboot your machine, then check thecheckbox too. • Then click on File | Save Changes to save your new settings. • it's also possible to start and stop these FTP services from the command line, using the service command to start and stop the vsftpd script:
# service vsftpd start • Starting vsftpd: [ OK ] • # service vsftpd stop • Stopping vsftpd: [ OK ] • Again, if you run the script without an option, the resulting usage message reveals all the available options: • # service vsftpd • Usage: vsftpd {start|stop|restart|condrestart|status}
Testing Your FTP Server • From a command line, issue the ftp command to start an FTP session, naming yourFTP server as the server that you want to connect to: • $ ftp 192.168.0.99 Connected to 192.168.0.99 (192.168.0.99). 220 (vsFTPd 1.1.3) Name (192.168.0.99:none):
Using Your FTP Server • Configuring an Anonymous FTP Server for File Download • Anonymous users cannot read from just any directory on your Linux server. • By default, the vsftpd packagecreates a directory tree starting at /var/ftp, and enables 'anonymous read access' to this directory and the directory structure beneath it.