Apache for Windows. Installation and simple configuration.
This lecture opens a section devoted to server side scripts. However, before start talking about server scripting
we need to have a server. That's why we start the lecture with discussion about how to install and configure
a web server. In this course we'll talk about Apache web server. You can do the same thing with IIS© (Microsoft®
web server). Installation of IIS may be even easier and PHP has an installation option that automatically configures
it for IIS.
You can download Apache from
Apache web-site or from IST download page. We used file
apache_1.3.27-win32-x86.exe for the example installation. To install Apache you need to do the following
steps:
- Run the file
- Accept the llicense agreement
- Enter domain name, computer name, and your e-mail address
- Choose Complete installation
- Choose a folder to install to (default is C:\Program Files\Apache Group\)
- Click Install to begin the installation
- Once it is complete click Finish and you are done
To check if your own server works start a browser and type
http://localhost/ in the location bar. If you did everything right
you should see something like this:
Upon successful installation you'll get a new item named Apache HTTP Server in your Programs menu.
To stop the server you can use Start->Apache HTTP Server->Control Apache Server->Stop command to start it back
or restart it use Start Restart commands respectively.
By default Apache stores its documents (HTML pages) in the folder
C:\Program Files\Apache Group\Apache\htdocs (if you choose
folder C:\Program Files\Apache Group\ to install to). We would suggest
to do the following:
It is not a bad idea to keep the default staff because it also contains a lot
of documentation about the server.
PHP installation
Now when our server is up and running we can think about running server side scripts. There are several different
types of such scripts:
JavaServlets
ASP ©
PHP
Cold Fusion ©
Perl and CGI
In this course we will use PHP to create scripts.
PHP is downloadable from PHP web-site or from the
IST download page.
We used file php-4.2.3-installer.exe ourselves.
To install PHP do these steps:
- Run the downloaded file
- Accept the agreement
- Choose Standard installation
- Choose a folder to install to
- Specify your SMTP server (ask system administrator or your ISP provider) and your e-mail address:
If you don't know these settings it's OK. They add mail functionality to your web server and are not required.
- Select Apache as the type of http server
Unfortunately, automatic installation is not written for Apache server and we
have to manually complete the installation. To do that you need to add
these three lines
ScriptAlias /php/ "c:/php/"
AddType application/x-httpd-php .php
Action application/x-httpd-php "/php/php.exe"
to your Apache conf file httpd.conf located in
C:\Program Files\Apache Group\Apache\conf folder.
To do so you can run Start->Programs->Apache HTTP Server->Configure Apache Server->Edit the Apache Configuration File
or open your favorite text editor and open the file specified above. It's not a bad idea to save a copy of the
original configuration file, though 
.
By doing this we instruct our http server to use PHP interpreter for all
files with .php extention.
Plese note that on Win-Apache all backslashes in a path statement such as:
"c:\directory\file.ext", must be converted to forward slashes (to "c:/directory/file.ext").
When you did all the editing do not forget to restart the web server by clicking on
Start=>Programs->Apache HTTP Server->Control Apache Server->Restart
p>For more information please read install.txt file from the PHP folder.
All we need to do now is to see if PHP actually works on the computer. The
best way to do it is to create a small .php file like the on below:
<html>
<head>
<title>PHP testing </title>
</head>
<body>
<?php phpinfo();?>
</body>
</html>
This file contains just one PHP instruction that prints all information about
the installed PHP interpreter. (Of course, this file must be created in the
htdocs folder.) Make a link to this file in your index.html file.
Click on the link, if everything was installed fine you should see something
like this:
PHP Coder
There are several Windows programs that make life of PHP programmers easier. I can suggest two of them:
Both of these programs can do syntax highlighting, debugging, and have good help about PHP functions.
Some Interesting Apache Settings
How to change the web root directory
By default Apache keeps all web pages in htdocs directory and its subdirectories
in the folder where the server was installed to. If you need to use other directory as the web root
directory (it's not a bad idea to keep programs and data separately; preferable even on different
hard drives) you need to do the following:
create a new folder for the web documents (let's say C:\WWW)
open Apache configuration file httpd.conf located in conf subfolder of
Apache installation folder
find line defining DocumentRoot like this one:
DocumentRoot "C:/Program Files/Apache Group/Apache/htdocs"
and make it point to your new directory:
DocumentRoot "C:/WWW"
Don't forget to transform all back slashes to forward slashes.
then find line that starts description of the root directory. This line should start with
<Directory followed by the name of your old root directory. Like this:
<Directory "C:/Program Files/Apache Group/Apache/htdocs">
Guess what you need to do? ... Right, just switch the old name with the new name to make it look
like this:
<Directory "C:/WWW">
Once you are done with editing restart the server
How to restrict an access to a directory
Very often there is a need to prevent unauthorized access to your wab site. Apache web server
provides several tools to achieve this goal. The simplest way to do it is:
- First of all we need to do some modification on Apache configuration file:
- find a line
AccessFileName .htaccess
and change it to
AccessFileName access.ht
You can use any file name here. The only reason we
have to do it because Windows doesn't support file names with extention only, that's why we can't
use the default name
- Inside the description of properties of the root web directory, tha is between lines
<Directory "C:/WWW">
and </Directory>
find a line
AllowOverride None
and change it to
AllowOverride AuthConfig
by doing this we instruct the server to serach for file access.ht when going into a
new directory and read the authentication instructions from the file. If there is no such file
in the directory it behaves like usual one otherwise it obeys the instructions.
- The second step is to create a file containing names and passwords of all authorized users.
There is a special tool named htpasswd included in Apache distribution specially for
that purpose. If you call this program (located under bin directory in the Apache folder)
for the first time you should use option -c to specify that the file containing user names
and passwords should be created:
htpasswd -c "C:\Program Files\Apache Group\Apache\users" daniel
the second argument is the name of the file you want to create and the last argument is the name
of the user you want to add to the newly created file. You will be prompted for a password. Next
time you don't need to use -c option:
htpasswd -b "C:\Program Files\Apache Group\Apache\users" dementiev 123
-b option used above instructs the program not to prompt for password but use the fourth
argument instead. Please note that you don't have to keep all you users in one file. You can
create a number of files with names and passwords.
- The only thing which is left to us is to protect any directory using all our preparations.
In the directory you want to put restrictions on create a file named access.ht
(or whatever name you used in AccessFileName directive). Then add these lines to the
file
AuthName "high-top secrer directory"
AuthType basic
AuthUserFile "C:\Program Files\Apache Group\Apache\users"
require valid-user
The first line contains a message that will be shown when a user will be prompted for login name
and password. The second sets the type of authentication. The third line instructs the server to
use specified name-password file as a source for login names. And the last line tells the browser
that any valid user has an access to this directory.
If for some reson you don't want to grant an access to all users but only some of them you
can use line like this
require user daniel
instead. This line allows only user named daniel access the directory. You can also put
several user names in one line separating them by spaces.
- Don't forget to restart the server.
- You can find more information on
Apache Week site
Host address/name restrictions
Access files we described above can be used to prohibit the access to a specific directory
from specific IP addresses (or host names). To achieve this we can use two special instructions:
deny from and allow from.
Some examples:
deny from all
allow from 10.101.
allows access to the directory where the corresponding access.ht is located only from
IP addressed start with 10.101.
deny from 192.101.205.
deny from cybernetivs.com
deny from ke
doesn't allow guys from IP addresses starting with 192.101.205. and domain with names ending
with cybernetivs.com, and .ke access this directory.
An interesting thing can be reached by combining these two methods:
deny from all
allow from .marshall.edu
AuthType basic
AuthName "restricted area"
AuthUserFile "c:/test/usrfile"
require valid-user
satisfy any
this file allows access to the directory containing this access file anyone Marshall domain
any valid user (with login name and password) from outside.
You can find more information in
Apache Server Frequently Asked Questions.