3. Apache Configuration Files
Places for doing the configurations
• httpd.conf
• access.conf ( linux )
• .htaccess
• .htpasswd
4. Core Apache Configuration Directives
ServerRoot :: Apache Installation Directory Path.
ServerRoot “/etc/apache2”
Listen :: IP addresses and ports that the server listens.
Listen 80
Listen 10.0.2.132:9111
ServerAdmin :: Email Address that will be displayed in
the error message when error occurs
ServerAdmin gokul.muralidharan@aspiresys.com
ServerName :: Current Server Name & Port
ServerName localhost:80
ServerAlias :: Alternate Names for accessing virtual hosts.
ServerAlias alias-1 alias-2
5. Core Apache Configuration Directives
DocumentRoot :: Main Document Directory as displayed on
the Web Site.
DocumentRoot “/var/www”
NameVirtualHost :: Designates an IP address for name-virtual host
NameVirtualHost *:2125
NameVirtualHost 10.0.2.132:9111
LoadModule :: Load Specific Apache Module.
LoadModule test_module modules/mod_test.so
Include:: Includes other configuration files in the server
configuration file.
Include “test.conf”
Include “/usr/aliases/*.conf”
7. Core Apache Configuration Directives
Directory :: Allows group of directives applied to directory
<Directory “/var/www">
List of directives………………….………………..
</Directory>
Access Control Directives
Determines who is allowed to access the website and who
is kept out.
Access can be granted based on following criteria ::
• IP Address / Domain Name
• Date & Time
• Other User Defined Criteria
8. Core Apache Configuration Directives
Order :: Defines ordering for allow & deny
Order Allow,Deny
Order Deny,Allow
Allow :: Allows access from given IP Address or Domain Name
Allow From all
Allow From 192.168
Deny :: Deny access from given IP Address or Domain Name
Deny From 192.168
Order :: Defines ordering for allow & deny
Order Allow,Deny
Order Deny,Allow
Allow :: Allows access from given IP Address or Domain Name
Allow From all
Allow From 192.168
Deny :: Deny access from given IP Address or Domain Name
Deny From 192.168
9. Core Apache Configuration Directives
In Apache Config file
<Directory “/var/www/sandbox”>
Order allow,deny
Allow from all
Deny from 192.168.
</Directory>
In .Htaccess
Order allow,deny
Allow from all
Deny from 192.168.
Which will get applied to the directory where the .htaccess is placed.
10. Core Apache Configuration Directives
FileMatch :: Allows to define Access Rights for specific files.
<FilesMatch "^.ht">
Order allow,deny
Deny from all
</FilesMatch>
<FilesMatch ".pdf$">
Order allow,deny
Deny from all
</FilesMatch>
11. Core Apache Configuration Directives
ErrorLog :: Error log File Location
ErrorLog err-log-file location
TransferLog :: Access Log File Location
TransferLog access-log-file location
CustomLog :: Custom Log File with custom Log Format
CustomLog custom-log-file location Log-Format
AuthType :: Type Of User Authentication
AuthType Basic | Digest
AuthUserFile :: File name which contains username and password
AuthUserFile <Directory>/FileName
The default location to look for logs are /var/log/http or /var/log/apache
Look out for both access log and error log here.
Tail –f /var/log/apache2/access.log will keep you update of the log display.
12. Core Apache Configuration Directives
AuthType :: Type Of User Authentication
AuthType Basic | Digest
AuthUserFile :: File name which contains username and password
AuthUserFile <Directory>/FileName
AuthName :: Authorization Title used in HTTP Authentication
AuthName Authentication Title
Require :: Defines Type of Users/groups that can access
Contents. Access Types can be :: group | user | valid-user.
Require [Access Type] [ Access Name ]
Require group admin
13. Virtual hosts
Allows more than one websites to run on the same physical
server & Apache Server.
Two Types Of Virtual Hosts can be created
• IP-based Virtual Hosts
• Name-based Virtual Hosts
Virtual Host Related Directives
<VirtualHost [IP ADDRESS:PORT] >
ServerAdmin
DocumentRoot
ServerName
ServerAlias
ErrorLog
</ VirtualHost >
18. Important Apache Modules
mod_access
Provides access control based on client hostname, IP address, or other
characteristics of the client request.
mod_alias
Provides for mapping different parts of the host filesystem in the document
tree and for URL redirection
mod_dav
Distributed Authoring and Versioning (WebDAV) functionality
mod_dav_fs
filesystem provider for mod_dav
mod_deflate
Compress content before it is delivered to the client
mod_expires
Generation of Expires and Cache-Control HTTP headers according to user-
specified criteria
mod_headers
Customization of HTTP request and response headers
19. Important Apache Modules
mod_ldap
LDAP connection pooling and result caching services for use by other LDAP
modules
mod_log_config
Logging of the requests made to the server
mod_mime
Associates the requested filename's extensions with the file's behavior
(handlers and filters) and content (mime-type, language, character set and
encoding)
mod_mime_magic
Determines the MIME type of a file by looking at a few bytes of its
contents.
mod_proxy
HTTP/1.1 proxy/gateway server,HTTP support module for mod_proxy
mod_rewrite
Provides a rule-based rewriting engine to rewrite requested URLs on the fly
20. Important Apache Modules
Mod_evasive
mod_evasive is an evasive maneuvers module for Apache to provide evasive
action in the event of an HTTP DoS or DDoS attack or brute force attack.
It is also designed to be a detection and network management tool, and can
be easily configured to talk to ipchains, firewalls, routers, and etcetera.
mod_evasive presently reports abuses via email and syslog facilities.
mod_so
Loading of executable code and modules into the server at start-up
or restart time
mod_userdir
User-specific directories