Lab: Apache server installation and configuration.

We can either use prebuilt apache package or download the source code and build the server with all the modules we need. The difference between the two approaches is the version of the Apache we end up using (the latest available version of the Apache is not necessarily available from Fedora repository) and the directives the package will be installed. In this lab we will use the source code installation but I also recommend you to use the other approach to feel the difference.

Installation

Please down load the source code of the latest version of the Apache server. At the time of writing the latest is version 2.2.8 and it's available from the Apache web site. Traditionally, the source code is downloaded and compiled in /usr/local/src directory. Run the following command to get the source code and unpack it:

# mkdir /usr/local/src
# cd /usr/local/src
# wget http://apache.mirrors.timporter.net/httpd/httpd-2.2.8.tar.gz
# tar xvfz httpd-2.2.8.tar.gz
# cd httpd-2.2.8

If all commands executed successfully, you find yourself in the directory where the source code for Apache. It is not a bad idea to start building your own Apache server from reading README and INSTALL text files. If you have read those or decided to ignore the hint, you are ready to compile.

Usually, compilation process consists of two steps: configuration and actual compilation. The purpose of configuration is to build the Makefile that will contain all the instruction for correct compilation your own version of Apache. Thus, the configuration is actually more important step. The configuration is done by running the configure script located here in the directory you are currently in. Running the script with no arguments mean that you leave all the default setting intact. If you want to change something, you need to use some options. Please run

# ./configure --help | less

# ./configure --prefix=/usr/local/apache-2.2.8 --htmldir=/data/www --enable-userdir --enable-info
# make

# make install 

Starting the server

Apache installation contains special script to start and stop apache service. Please run

# cp /usr/local/apache-2.2.8/bin/apachectl /etc/init.d/

# ./apachectl start

# service apachectl start

# chkconfig: 2345 92 18
# description: Apache web server v 2.2.8

# chkconfig --add apachectl 
# chkconfig --list apachectl 

Configuration

All Apache configuration instructions are located in the httpd.conf file. The exact location of the file depends on the way you installed the package and the options you used to build it. In the described scenario, the file will be located in /usr/local/apache-2.2.8/conf directory. Note: that this file is read only at the moment when the server starts. So, if you edit some settings, you need to restart the server for the settings to take affect.

Editing the settings in the file please do the following:

1. change ServerAdmin setting
2. create a dedicated user for apache and run it under this user privilege. Use directives

   User apache
   Group apache
   

3. Change the server root directory from the default one to /var/www/html by editing DocumentRoot value and corresponding <Directory> directive.

   Special server features for the Options directive

   Feature	Description
   ExecCGI	The execution of CGI scripts is permitted.
   FollowSymLinks	The server will traverse symbolic links.
   Includes	Server-side includes are permitted.
   IncludeNOEXEC	Server-side includes are permitted, except #exec element.
   Indexes	If none of the files specified in the DirectoryIndex directive exists, a directory index will be generated by mod_autoindex.
   MultiViews	The server allows content negotiation based on preferences from the user's browser, such as preferred language, character set, and media type.
   SymLinksIfOwnerMatch	The server will traverse symbolic links only if the owner of the target is the same as the owner of the link.
   None	None of the features above are enabled.
   All	All of the features above are enabled, with the exception of MultiViews. This must be explicitly enabled.

   AllowOverride directive instructs the server which features can be overridden in .htaccess file.

   Special access features for the AllowOverride directive

   Feature	Description
   AuthConfig	Enables authentication-related directives (AuthName, AuthType, AuthUserFile, AuthGroupFile, Require, and so on).
   FileInfo	Enables MIME-related directives (AddType, AddEncoding, AddLanguage, LanguagePriority, and so on).
   Indexes	Enables directives related to directory indexing (FancyIndexing, DirectoryIndex, IndexOptions, IndexIgnore, HeaderName, ReadmeName, AddIcon, Add).
   Limit	Enables directives controlling host access (Allow, Deny, and Order).
   Options	Enables the Options directive.
   None	None of the access features above can be overridden.
   All	All the access features above can be overridden.

   <Directory "/var/www">
       Options Indexes FollowSymLinks
       AllowOverride AuthConfig Limit
       Order allow,deny
       Allow from all
   </Directory>
   

4. In the web site root directory create a file named missing.html that contains a simple error message reporting the user that requested file not found, and uncomment the line

   #ErrorDocument 404 /missing.html

   in the Apache configuration file.
5. Let's set personal user web directories. To do this, uncomment the line

   #Include extra/httpd-userdir.conf

   and then in the extra/httpd-userdir.conf change the public_html directory to www directory. Note: do not forget to edit the <Directory> directive as well.
   Now, in your home directory create folder www and create file index.html in it. Try to access, http://localhost/~yourusername/. Does it work? If not, why?
   Make sure that the access permissions for the directory itself as well as all parent directories set to executable for everybody. Without it it won't work because the system cannot access the contents of the folder.
6. Checking the server status online. In the Apache configuration file add the following lines:

   <Location /server-status>
       SetHandler server-status
       Order deny,allow
       Deny from all
       Allow from 127.0.0.1
   </Location>
   

   Restart the server and access http://localhost/server-status/. . Now, add the line

   ExtendedStatus On

   and compare the results.
7. Checking server information online. Add the following lines to the configuration file:

   <Location /server-info>
       SetHandler server-info  
       Order deny,allow
       Deny from all
       Allow from 127.0.0.1
   </Location>
   

   and access http://localhost/server-info/
8. Creating CGI files.
   1. Create an executable file called whoami.cgi in your personal web directory:

      #! /bin/bash
      echo -e "Content-type: text/html\n\n"
      myname=`whoami`
      echo "<h3>Hello! User $myname welcomes you on his web page</h3>"
      

      Do not forget to make this file executable.
   2. Access the file through the web server as http://localhost/~yourusername/whoami.cgi. What do you see?
   3. In the extra/httpd-userdir.conf add ExecCGI as a value to Options directive.
   4. In the httpd.conf file uncomment the line

      AddHandler cgi-script .cgi

   5. Now, access the file and compare the difference.
9. Find out the IP of the linux machine (use the ifconfig command). In Windows machine, open file c:\Windows\system32\drivers\etc\hosts ana add the line: IP mylinux to the end of the file. Still in Windows, open a web browser and try to go to the web site you just installed by going to http://mylinux.
   Was the attempt successfull? If not, what do you need to do to fix the problem?
10. Please find out the difference between the situations when the Options directive has the value Indexes set and when it doesn't

Additional tools

Please install and play with the following tools:

• system-config-httpd
• webalizer