Your SlideShare is downloading. ×
0
Basics of the  HTTP Protocol and Apache Web Server Brandon Checketts
At first there was HTTP 0.9 <ul><li>This is as simple as it can get </li></ul><ul><li>GET http://www.somedomain.com/hello....
HTTP 1.0 <ul><li>The first really practical revision of the HTTP protocol </li></ul><ul><li>HTTP Request Headers and Respo...
HTTP 1.1 (in use today) <ul><li>Includes everything from HTTP 1.0 </li></ul><ul><li>Host header is required </li></ul><ul>...
Sample HTTP Request / Response <ul><li>GET / HTTP/1.1 </li></ul><ul><li>Host: www.google.com </li></ul><ul><li>User-Agent:...
Headers of Interest <ul><li>Referer </li></ul><ul><ul><li>Says which page referred you to the current URL </li></ul></ul><...
HTTP Cookies <ul><li>Cookies are generally good!  They provide some incredibly useful functionality. </li></ul><ul><ul><li...
Using Cookies to create sessions <ul><li>Without cookies, all HTTP requests are completely independent </li></ul><ul><li>C...
Apache
Apache Web Server <ul><li>Apache is the most popular web server  </li></ul><ul><li>Wikipedia says it powers 55% of all web...
Sample Apache VirtualHost Config <ul><li>NameVirtualHost 76.74.250.21:80 </li></ul><ul><li><VirtualHost 76.74.250.21:80> <...
Apache Modules <ul><li>Authentication  (mod_auth_*) </li></ul><ul><ul><li>Via MySQL (multiple applications single password...
Apache Proxying <ul><li>Load Balancing </li></ul><ul><li><Proxy balancer://mycluster>   BalancerMember http://192.168.1.50...
mod_rewrite <ul><li>Used to create ‘pretty’ url’s </li></ul><ul><li>RewriteRule (.*).html /realpage.php?name=$1 </li></ul>...
Useful Apache Tricks <ul><li>/server-status/ </li></ul><ul><ul><ul><li>http://sb1.roundsphere.com/server-status/ </li></ul...
Apache Alternatives <ul><li>Nginx (Engine X) </li></ul><ul><ul><li>Supposed to be very good at proxying </li></ul></ul><ul...
Upcoming SlideShare
Loading in...5
×

Presentation (PPT)

995

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
995
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
31
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Presentation (PPT)"

  1. 1. Basics of the HTTP Protocol and Apache Web Server Brandon Checketts
  2. 2. At first there was HTTP 0.9 <ul><li>This is as simple as it can get </li></ul><ul><li>GET http://www.somedomain.com/hello.txt </li></ul><ul><li>Hello </li></ul><ul><li>Created by Tim Berners-Lee in 1989(?) </li></ul><ul><li>The 0.9 version number was actually created after the 1.0 spec </li></ul>
  3. 3. HTTP 1.0 <ul><li>The first really practical revision of the HTTP protocol </li></ul><ul><li>HTTP Request Headers and Response Headers </li></ul><ul><li>Simple caching </li></ul><ul><li>Authentication </li></ul><ul><li>Content-Type </li></ul><ul><li>Sending data via POST </li></ul><ul><li>HTTP Status codes (200, 404, etc) </li></ul>
  4. 4. HTTP 1.1 (in use today) <ul><li>Includes everything from HTTP 1.0 </li></ul><ul><li>Host header is required </li></ul><ul><li>Defines more status codes, more request methods </li></ul><ul><li>Much more flexible caching available </li></ul><ul><li>Digest Authentication </li></ul>
  5. 5. Sample HTTP Request / Response <ul><li>GET / HTTP/1.1 </li></ul><ul><li>Host: www.google.com </li></ul><ul><li>User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 </li></ul><ul><li>Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 </li></ul><ul><li>Accept-Language: en-us,en;q=0.5 </li></ul><ul><li>Accept-Encoding: gzip,deflate </li></ul><ul><li>Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 </li></ul><ul><li>Keep-Alive: 300 </li></ul><ul><li>Connection: keep-alive </li></ul><ul><li>HTTP/1.x 200 OK </li></ul><ul><li>X-TR: 1 </li></ul><ul><li>Date: Thu, 15 Oct 2009 17:50:12 GMT </li></ul><ul><li>Expires: -1 </li></ul><ul><li>Cache-Control: private, max-age=0 </li></ul><ul><li>Content-Type: text/html; charset=UTF-8 </li></ul><ul><li>Set-Cookie: __utmv=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/; domain=www.google.com </li></ul><ul><li>Set-Cookie: __utmv=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/; domain=.google.com </li></ul><ul><li>Server: gws </li></ul><ul><li>X-XSS-Protection: 0 </li></ul><ul><li>Content-Length: 9256 </li></ul>
  6. 6. Headers of Interest <ul><li>Referer </li></ul><ul><ul><li>Says which page referred you to the current URL </li></ul></ul><ul><ul><li>Note the misspelling </li></ul></ul><ul><ul><li>Used in Analytics to provide a lot of useful metrics </li></ul></ul><ul><li>User Agent </li></ul><ul><ul><li>Specifies OS and Browser (often faked) </li></ul></ul><ul><li>Cookie / Set-Cookie (more on this later) </li></ul>
  7. 7. HTTP Cookies <ul><li>Cookies are generally good! They provide some incredibly useful functionality. </li></ul><ul><ul><li>Server sends a Set-Cookie </li></ul></ul><ul><ul><li>Client sends back a Cookie </li></ul></ul><ul><li>Demonstrate a cookie </li></ul><ul><ul><li>http://web01.roundsphere.com/cookie_test.php </li></ul></ul><ul><ul><li>http://web01.roundsphere.com/cookie_test.php?set= 123 </li></ul></ul><ul><li>Be careful what you put in a cookie! </li></ul><ul><ul><li>Don’t store user ID’s, authentication credentials, etc </li></ul></ul>
  8. 8. Using Cookies to create sessions <ul><li>Without cookies, all HTTP requests are completely independent </li></ul><ul><li>Cookies allow the server to add some persistence to multiple requests and create a session </li></ul><ul><li>Most programming languages have some built-in support for sessions. (PHPSESSID, JSESSIONID, etc) </li></ul><ul><li>Session information can be stored in file system, database, memcache, etc. </li></ul><ul><li>Don’t pass Session ID through GET requests </li></ul><ul><li>Demo some simple session examples: </li></ul><ul><ul><li>http://web01.roundsphere.com/session_test.php </li></ul></ul><ul><ul><li>http://web01.roundsphere.com/session_test.php?add </li></ul></ul><ul><ul><li>http://web01.roundsphere.com/session_test.php?reset </li></ul></ul>
  9. 9. Apache
  10. 10. Apache Web Server <ul><li>Apache is the most popular web server </li></ul><ul><li>Wikipedia says it powers 55% of all websites and 66% of the biggest websites </li></ul><ul><li>Derived from patches to NCSA httpd … ‘A Patchy’ Server </li></ul><ul><li>Modules provide a lot of extra functionality </li></ul><ul><ul><li>Some people complain that the modules add a lot of bloat </li></ul></ul><ul><li>High Performance, very configurable, easily available. </li></ul><ul><li>Virtual Hosts allow granular control of almost everything </li></ul><ul><ul><li>Hundreds and thousands of virtual hosts per physical host </li></ul></ul><ul><li>Worker (multi-threaded) versus Prefork (separate processes) </li></ul><ul><li>Version 2.2 is in wide use today </li></ul>
  11. 11. Sample Apache VirtualHost Config <ul><li>NameVirtualHost 76.74.250.21:80 </li></ul><ul><li><VirtualHost 76.74.250.21:80> </li></ul><ul><li>ServerName mydomain.com </li></ul><ul><li>ServerAlias www.mydomain.com *.mydomain.com </li></ul><ul><li>DocumentRoot /home/mydomain.com/www </li></ul><ul><li>CustomLog /home/mydomain.com/logs/access_log combined </li></ul><ul><li>CustomLog /home/mydomain.com/logs/deflate_log deflate </li></ul><ul><li>ErrorLog /home/mydomain.com/logs/error_log </li></ul><ul><li>ScriptAlias /cgi-bin/ /home/mydomain.com/cgi-bin/ </li></ul><ul><li>php_admin_flag engine on </li></ul><ul><li>php_admin_value open_basedir &quot;/home/mydomain.com/&quot; </li></ul><ul><li>RewriteEngine On </li></ul><ul><li></VirtualHost> </li></ul>
  12. 12. Apache Modules <ul><li>Authentication (mod_auth_*) </li></ul><ul><ul><li>Via MySQL (multiple applications single password database) </li></ul></ul><ul><ul><li>http://www.brandonchecketts.com/webpasswd.demo/ </li></ul></ul><ul><li>Proxying (HTTP, AJP, load balancing) </li></ul><ul><li>Programs (mod_php, mod_python, mod_perl, passenger) </li></ul><ul><li>SSL </li></ul><ul><li>URL rewriting (mod_rewrite) </li></ul><ul><li>CGI and Fast-CGI, SCGI </li></ul><ul><li>WebDav </li></ul><ul><li>SVN </li></ul><ul><li>Practically anything </li></ul><ul><li>… .mod_security… </li></ul>
  13. 13. Apache Proxying <ul><li>Load Balancing </li></ul><ul><li><Proxy balancer://mycluster> BalancerMember http://192.168.1.50:80 BalancerMember http://192.168.1.51:80 </li></ul><ul><li></Proxy> </li></ul><ul><li>ProxyPass /test balancer://mycluster/ </li></ul><ul><li>Proxying Tomcat </li></ul><ul><li>ProxyPass /myapp ajp://127.0.0.1:8009/myapp/ </li></ul><ul><li>ProxyPassReverse /myapp ajp://127.0.0.1:8009/myapp/ </li></ul>
  14. 14. mod_rewrite <ul><li>Used to create ‘pretty’ url’s </li></ul><ul><li>RewriteRule (.*).html /realpage.php?name=$1 </li></ul><ul><li>Redirect any non-existant request to some page: </li></ul><ul><li>RewriteEngine On </li></ul><ul><li>RewriteBase / </li></ul><ul><li>RewriteCond %{REQUEST_FILENAME} !-f </li></ul><ul><li>RewriteCond %{REQUEST_FILENAME} !-d </li></ul><ul><li>RewriteRule . /index.php [L] </li></ul>
  15. 15. Useful Apache Tricks <ul><li>/server-status/ </li></ul><ul><ul><ul><li>http://sb1.roundsphere.com/server-status/ </li></ul></ul></ul><ul><li>apachectl –t –D DUMP_VHOSTS </li></ul><ul><ul><li>Shows all of the virtual hosts configured </li></ul></ul><ul><li>Debian style setup with a2ensite, a2enmod </li></ul><ul><ul><li>Symlinks to enable/disable sites and modules </li></ul></ul><ul><li>Documentation is very good </li></ul><ul><ul><li>http://httpd.apache.org/docs/2.2 </li></ul></ul>
  16. 16. Apache Alternatives <ul><li>Nginx (Engine X) </li></ul><ul><ul><li>Supposed to be very good at proxying </li></ul></ul><ul><li>Lighttpd (Lighty) </li></ul>
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×