Apache
From Alessandro's Wiki
- Potente server web multipiattaforma
Configuration
Set a ServerName!
PHP options (in .htaccess file)
expose_php = On error_reporting = E_ALL|E_STRICT html_errors = Off display_errors = On display_startup_errors = On log_errors = On log_errors_max_len = 19024 report_memleaks = On error_log = /home/users/web/bEXAMPLE/pow.USERNAME/php_error.log register_globals = Off register_long_arrays = Off register_argc_argv = Off
Bandwidth
tar zxvf mod_bw-0.7.tgz cd mod_bw apxs2 -i -a -c mod_bw.c
Named virtual host template
- check before the upper configuration defining which type of virtual host you wanna use:
- this will go into /etc/apache2/vhosts.d/00_default_vhost.conf in Gentoo
Listen *:80 NameVirtualHost *:80
<VirtualHost *:80> ServerAdmin staff@server.com ServerName server.com DocumentRoot /var/www/server.com/public_html <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/server.com/public_html > Options FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> </VirtualHost>
Virtual host redirect
* if you want to have the http://yoursite redirected to the www.yoursite, you can use this VH template:
<VirtualHost *:80> ServerName alessandrodelgallo.org ServerAlias blog.alessandrodelgallo.org Redirect permanent / http://www.alessandrodelgallo.org/ </VirtualHost>
- or if you don't want to (or you can't) change the Apache settings, use this html code"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <meta HTTP-EQUIV="REFRESH" content="0; url=http://webiste.to.redirect.to"> </html>
logs
- modify the log amaunt and files:
- log levels: debug,info,notice,warn,error,crit,alert,emerg
LogLevel warn CustomLog /var/www/SERVER_NAME/logs/access.log combined ErrorLog /var/www/SERVER_NAME/logs/error.log RewriteLog /var/www/SERVER_NAME/logs/rewrite.log
autentication
- standard "one-file-all-users" configuration
AuthType Basic AuthName "Private Area" AuthUserFile /etc/apache2/passwords Require valid-user
- protect only some files using regular expressions (with character ~)
<Location ~ "/html/(friends|messages).html" > AuthType Basic AuthName "My private files" AuthUserFile /usr/local/apache/passwd/passwords Require valid-user </Location>
- use group support (in my case for subversion):
AuthGroupFile /usr/local/apache/passwd/.htgroup AuthUserFile /usr/local/apache/passwd/svnusers <LimitExcept GET PROPFIND OPTIONS REPORT> Require group subversion </LimitExcept>
force far expire
ExpiresActive On ExpiresDefault "access plus 1 year"
gzip compression
# add gzip compression / alessandro # Insert filter SetOutputFilter DEFLATE # Netscape 4.x has some problems... BrowserMatch ^Mozilla/4 gzip-only-text/html # Netscape 4.06-4.08 have some more problems BrowserMatch ^Mozilla/4\.0[678] no-gzip # MSIE masquerades as Netscape, but it is fine BrowserMatch \bMSIE !no-gzip !gzip-only-text/html # Don't compress images SetEnvIfNoCase Request_URI \ \.(?:gif|jpe?g|png)$ no-gzip dont-vary # Make sure proxies don't deliver the wrong content # Header append Vary User-Agent env=!dont-vary
Cgi
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory>
charset
AddDefaultCharset UTF-8
URL Rewrite
- RewriteEngine on
- RewriteRule ^old\.html$ new.html
- RewriteRule ^old\.html$ new.html [R]
- RewriteRule ^clip/([0-9][0-9])/$ /clip.php?id=$1
- RewriteRule ^css(/)?$ /stylesheets/ [R]
- RewriteCond %{HTTPS} !on
- RewriteRule ^/(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R]
- the following were used to patch a Plone freezed website
RewriteEngine On #RewriteLogLevel 5
# search rewrites RewriteCond %{QUERY_STRING} ^SearchableText=([^&]+)$ [NC] RewriteRule .* http://www.google.com/search?q=site:www.the-third-eye.org\ %1 [L,QSA]
# contgent rewirtes RewriteRule ^concepts/ /concepts/view%3fset_language=en RewriteRule ^(.+).jpg/$ /$1.jpg/view RewriteRule ^(.+).png/$ /$1.png/view RewriteRule ^(.+).JPG/$ /$1/view RewriteRule ^(.+).jpg.1$ /$1.jpg/view
ForceType text/html
Direcoty Indexes
Per ingrandire la colonna del nome del file:
IndexOptions NameWidth=*
Aggiungere un alias per esportare una directory non nella root www:
Alias /_bin "/ciao/_linux_bin/" <Directory "/ciao/_linux_bin/"> Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all </Directory>
IP filters
- Allow
Allow from 192.
- Deny
Deny from host.domain.com Deny from 192.168.0.44
- check behavior
Order deny,allow Deny from all
SVN (mod_dav_svn)
<Location /svn/repos> DAV svn SVNPath /var/svn/repos AuthType Basic AuthName "Subversion repository" AuthUserFile /var/svn/conf/svnusers Require valid-user </Location>
usermod -a -G svnusers apache
APACHE2_OPTS="${APACHE2_OPTS} -D SVN -D SVN_AUTHZ -D DAV -D DAV_FS"
htpasswd2 -c /usr/local/apache/passwd/svnusers user1 htpasswd2 /usr/local/apache/passwd/svnusers user2
SSL VirtualHost
- using Gentoo distribution.
- enable ssl use flag for apache package
- edit default virtual host for a listening interface and port:
"Listen [::]:443" or "Listen 0.0.0.0:443" or Listen 192.168.82.82:443
- we want name based virtual hosts
NameVirtualHost *:443
Generating certificate
- replace the "server" name with your domain name of your website.
SRVname=server cd /etc/ssl/apache2 openssl genrsa 2048 > $SRVname.key openssl req -new -x509 -nodes -sha1 -days 365 -key $SRVname.key > $SRVname.crt
- Repeat the last step as many virtual hosts you have to serve under an ssl connection, remember to change the SRVname variable in the code:
Virtual host configuration
- example of a basic ssl virtual host:
<VirtualHost *:80> ServerName mysslvirtualhost.example.com ServerAlias mysslvirtualhost Redirect permanent / https://mysslvirtualhost.example.com/ </VirtualHost> <VirtualHost *:443> DirectoryIndex index.php # SSL SSLEngine on SSLCertificateFile /etc/ssl/apache2/server.crt SSLCertificateKeyFile /etc/ssl/apache2/server.key ServerName mysslvirtualhost.example.com ServerAlias mysslvirtualhost SSLOptions StrictRequire SSLProtocol all -SSLv2 # DocumentRoot "/var/www/mysslvirtualhost/htdocs" <Directory "/var/www/mysslvirtualhost/htdocs"> SSLRequireSSL AllowOverride All Order Deny,Allow Allow from All </Directory> CustomLog /var/log/apache2/mysslvirtualhost.log combined ErrorLog /var/log/apache2/mysslvirtualhost_error.log LogLevel warn </VirtualHost>
Proxy
- directives to have into httpd.conf or a virtual host configuration file
- permissions
<Proxy *> Order deny,allow Deny from all Allow from all </Proxy>
Reverse Proxy
ProxyPass /foo http://foo.example.com/bar ProxyPassReverse /foo http://foo.example.com/bar
Forward Proxy
ProxyRequests On ProxyVia On
Linux distribution specifics
Gentoo
- vado diretto alla versione 2:
- file di configurazione;
/etc/apache2/httpd.conf
- Directory del web default:
/var/www/localhost/htdocs
- Installarlo:
emerge -pvtD apache
controllare le USE flags che ci servono e poi
emerge apache
Fedora
- file di configurazione;
/etc/httpd/conf/httpd.conf
- Directori del web default:
/var/www/html/
- Installarlo
yum install httpd