Apache Configuration Files Places for doing the configurations • httpd.conf • access.conf ( linux ) • .htaccess • .htpasswd
Core Apache Configuration DirectivesServerRoot :: Apache Installation Directory Path.ServerRoot “/etc/apache2”Listen :: IP addresses and ports that the server listens.Listen 80Listen 10.0.2.132:9111ServerAdmin :: Email Address that will be displayed inthe error message when error occursServerAdmin email@example.comServerName :: Current Server Name & PortServerName localhost:80ServerAlias :: Alternate Names for accessing virtual hosts.ServerAlias alias-1 alias-2
Core Apache Configuration Directives DocumentRoot :: Main Document Directory as displayed on the Web Site. DocumentRoot “/var/www” NameVirtualHost :: Designates an IP address for name-virtual host NameVirtualHost *:2125 NameVirtualHost 10.0.2.132:9111 LoadModule :: Load Specific Apache Module. LoadModule test_module modules/mod_test.so Include:: Includes other configuration files in the server configuration file. Include “test.conf” Include “/usr/aliases/*.conf”
Core Apache Configuration Directives Directory :: Allows group of directives applied to directory <Directory “/var/www"> List of directives………………….……………….. </Directory> Access Control Directives Determines who is allowed to access the website and who is kept out. Access can be granted based on following criteria :: • IP Address / Domain Name • Date & Time • Other User Defined Criteria
Core Apache Configuration Directives Order :: Defines ordering for allow & deny Order Allow,Deny Order Deny,Allow Allow :: Allows access from given IP Address or Domain Name Allow From all Allow From 192.168 Deny :: Deny access from given IP Address or Domain Name Deny From 192.168 Order :: Defines ordering for allow & deny Order Allow,Deny Order Deny,Allow Allow :: Allows access from given IP Address or Domain Name Allow From all Allow From 192.168 Deny :: Deny access from given IP Address or Domain Name Deny From 192.168
Core Apache Configuration Directives In Apache Config file <Directory “/var/www/sandbox”> Order allow,deny Allow from all Deny from 192.168. </Directory> In .Htaccess Order allow,deny Allow from all Deny from 192.168. Which will get applied to the directory where the .htaccess is placed.
Core Apache Configuration Directives FileMatch :: Allows to define Access Rights for specific files. <FilesMatch "^.ht"> Order allow,deny Deny from all </FilesMatch> <FilesMatch ".pdf$"> Order allow,deny Deny from all </FilesMatch>
Core Apache Configuration Directives ErrorLog :: Error log File Location ErrorLog err-log-file location TransferLog :: Access Log File Location TransferLog access-log-file location CustomLog :: Custom Log File with custom Log Format CustomLog custom-log-file location Log-Format AuthType :: Type Of User Authentication AuthType Basic | Digest AuthUserFile :: File name which contains username and password AuthUserFile <Directory>/FileName The default location to look for logs are /var/log/http or /var/log/apache Look out for both access log and error log here. Tail –f /var/log/apache2/access.log will keep you update of the log display.
Core Apache Configuration Directives AuthType :: Type Of User Authentication AuthType Basic | Digest AuthUserFile :: File name which contains username and password AuthUserFile <Directory>/FileName AuthName :: Authorization Title used in HTTP Authentication AuthName Authentication Title Require :: Defines Type of Users/groups that can access Contents. Access Types can be :: group | user | valid-user. Require [Access Type] [ Access Name ] Require group admin
Virtual hosts Allows more than one websites to run on the same physical server & Apache Server. Two Types Of Virtual Hosts can be created • IP-based Virtual Hosts • Name-based Virtual Hosts Virtual Host Related Directives <VirtualHost [IP ADDRESS:PORT] > ServerAdmin DocumentRoot ServerName ServerAlias ErrorLog </ VirtualHost >
Important Apache Modulesmod_accessProvides access control based on client hostname, IP address, or othercharacteristics of the client request.mod_aliasProvides for mapping different parts of the host filesystem in the documenttree and for URL redirectionmod_davDistributed Authoring and Versioning (WebDAV) functionalitymod_dav_fsfilesystem provider for mod_davmod_deflateCompress content before it is delivered to the clientmod_expiresGeneration of Expires and Cache-Control HTTP headers according to user-specified criteriamod_headersCustomization of HTTP request and response headers
Important Apache Modulesmod_ldapLDAP connection pooling and result caching services for use by other LDAPmodulesmod_log_configLogging of the requests made to the servermod_mimeAssociates the requested filenames extensions with the files behavior(handlers and filters) and content (mime-type, language, character set andencoding)mod_mime_magicDetermines the MIME type of a file by looking at a few bytes of itscontents.mod_proxyHTTP/1.1 proxy/gateway server,HTTP support module for mod_proxymod_rewriteProvides a rule-based rewriting engine to rewrite requested URLs on the fly
Important Apache ModulesMod_evasivemod_evasive is an evasive maneuvers module for Apache to provide evasiveaction in the event of an HTTP DoS or DDoS attack or brute force attack.It is also designed to be a detection and network management tool, and canbe easily configured to talk to ipchains, firewalls, routers, and etcetera.mod_evasive presently reports abuses via email and syslog facilities.mod_soLoading of executable code and modules into the server at start-upor restart timemod_userdirUser-specific directories