Definition: HTTP - the Hypertext Transfer Protocol - provides a standard for Web browsers and servers to communicate. The definition of HTTP is a technical specification of a network protocol that software must implement. HTTP is an application layer network protocol built on top of TCP . HTTP clients (such as Web browsers) and servers communicate via HTTP request and response messages. The three main HTTP message types are GET, POST, and HEAD. HTTP utilizes TCP port 80 by default, though other ports such as 8080 can alternatively be used.
: APACHE <ul><li>Apache is generally recognized as the world's most popular Web server (HTTP server).Originally designed for Unix servers, the Apache Web server has been ported to Windows and other network operating systems (NOS) .
The name "Apache" derives from the word "patchy" that the Apache developers used to describe early versions of their software.
Apache also supports plug-in modules for extensibility.
Apache is reliable, free, and relatively easy to configure.
Apache is free software distributed by the Apache Software Foundation.
The Apache Software Foundation promotes various free and open source advanced Web technologies. </li></ul>
HTTP <ul><li>Definition: HTTP - the Hypertext Transfer Protocol - provides a standard for Web browsers and servers to communicate.
The definition of HTTP is a technical specification of a network protocol that software must implement.
HTTP is an application layer network protocol built on top of TCP .
HTTP clients (such as Web browsers) and servers communicate via HTTP request and response messages.
The three main HTTP message types are </li></ul>* GET * POST * HEAD <ul><li>HTTP utilizes TCP port 80 by default, though other ports such as 8080 can alternatively be used. </li></ul>
<ul>IIS Internet Information Server <li>Definition: IIS is Microsoft's business-class Web server.
Although Apache boasts more total worldwide installations than IIS, many corporations choose IIS as their Web server because it is supported by a commercial organization.
Some have criticized IIS in the past, though, for its alleged security weaknesses.
IIS has improved over the years, supports many Web standards including SSL, and integrates well with other Microsoft Web technologies such as FrontPage.
An admininstrator can manage IIS through a graphical console, the Internet Services Manager. </li></ul>
SSL - Secure Sockets Layer <ul><li>Definition: SSL security technology helps to improve the safety of Internet communications. SSL is a standard for encrypted client/server communication between network devices.
A network protocol, SSL runs on top of TCP/IP. SSL utilizes several standard network security techniques including public keys, symmetric keys, and certificates.
Web sites commonly use SSL to guard private information such as credit card numbers. </li></ul>
HOW TO CONFIGURE APACHE <ul><li>One aspect of Apache that some site administrators find confusing especially those unfamiliar with UNIX-style software is its configuration scheme.
Instead of using a point-and-click graphic user interface (GUI) or Windows Registry keys as most other modern software packages, Apache generally relies on simple text files for its configuration settings. </li></ul>
Configuration Files <ul><li>Apache uses a system of three text files for managing its configuration data.
All three of these files (almost always) appear in Apache's ./conf directory and are designed to be edited by system administrators: </li></ul>httpd.conf for general settings srm.conf for resource settings access.conf for security settings <ul><li>When Apache first starts, these files are processed in the order shown above.
Originally, the initial installation of Apache included default entries within each of the three files. </li></ul>
Inside Httpd.conf <ul><li>httpd.conf is treated as the "master" configuration file and it contains all of the settings. Both srm.conf and access.conf still exist in the installation, </li></ul>but they contain no settings and are empty except for some comments. <ul><li>Traditionaly httpd.conf contained general settings such as the ServerName and Port number. These entries appear as follows in the file:
<ul><li>T he term "httpd" stands for HTTP Daemon. Recall that in a UNIX environment, the term daemon refers to a type of process designed to launch at system boot and continue running for very long periods of time.
The name doesn't make much sense on a Windows platform, but the concept of a UNIX daemon can be compared to the concept of Windows services.
The Windows port of Apache allows for installation as a Windows service but does not require it.
This file contains a number of other entries (technically called directives ), but for most of these, modifications are optional. Probably the most useful of these entries is ServerAdmin it allows the administrator to set the email address that will be displayed on error pages (such a "404 pages") in the client's browser, giving users a way to contact someone if a site problem occurs:
Access and Security Settings I <ul><li>It is recommended practice now for Apache administrators to manage their resource and security settings from httpd.conf.
Administrators of older versions of Apache can simply cut their entries from srm.conf and access.conf and paste them into the master file.
If an administrator wants to go one step further and delete the two empty files, they should also place the following entries in httpd.conf to prevent Apache from attempting to access them: </li></ul>AccessConfig /dev/null ResourceConfig /dev/null
Conclusion <ul><li>The family of .conf files supports most but not all of Apache's configuration options.
Other important mechanisms for managing an Apache Web server include the .htaccess file, the mime.types file, and the family of log files.
Look for discussion of these in a future article. </li></ul>