O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Apache Cookbook, 2nd Edition

Book Description

There's plenty of documentation on installing and configuring the Apache web server, but where do you find help for the day-to-day stuff, like adding common modules or fine-tuning your activity logging? That's easy. The new edition of the Apache Cookbook offers you updated solutions to the problems you're likely to encounter with the new versions of Apache.

Written by members of the Apache Software Foundation, and thoroughly revised for Apache versions 2.0 and 2.2, recipes in this book range from simple tasks, such installing the server on Red Hat Linux or Windows, to more complex tasks, such as setting up name-based virtual hosts or securing and managing your proxy server. Altogether, you get more than 200 timesaving recipes for solving a crisis or other deadline conundrums, with topics including:

  • Security
  • Aliases, Redirecting, and Rewriting
  • CGI Scripts, the suexec Wrapper, and other dynamic content techniques
  • Error Handling
  • SSL
  • Performance
This book tackles everything from beginner problems to those faced by experienced users. For every problem addressed in the book, you will find a worked-out solution that includes short, focused pieces of code you can use immediately. You also get explanations of how and why the code works, so you can adapt the problem-solving techniques to similar situations.

Instead of poking around mailing lists, online documentation, and other sources, rely on the Apache Cookbook for quick solutions when you need them. Then you can spend your time and energy where it matters most.

Table of Contents

  1. Preface
    1. What’s in This Book
    2. Platform Notes
    3. Other Books
    4. Other Sources
    5. How This Book Is Organized
    6. Conventions Used in This Book
    7. Using Code Examples
    8. We’d Like to Hear from You
    9. Safari® Enabled
    10. Acknowledgments
  2. 1. Installation
    1. 1.1. Installing from Red Hat Linux’s Packages
    2. Installing from Debian Packages
    3. 1.2. Installing Apache on Windows
    4. 1.3. Downloading the Apache Sources
    5. 1.4. Building Apache from the Sources
    6. 1.5. Installing with ApacheToolbox
    7. 1.6. Starting, Stopping, and Restarting Apache
    8. 1.7. Uninstalling Apache
    9. Which Version of Apache to Use
    10. 1.8. Upgrading Using config.nice
    11. 1.9. Starting Apache at Boot
    12. 1.10. Useful configure Options
    13. 1.11. Finding Apache’s Files
  3. 2. Adding Common Modules
    1. 2.1. Installing a Generic Third-Party Module
    2. 2.2. Installing mod_dav on a Unixish System
    3. 2.3. Installing mod_dav on Windows
    4. 2.4. Installing mod_perl on a Unixish System
    5. 2.5. Installing mod_php on a Unixish System
    6. 2.6. Installing mod_php on Windows
    7. 2.7. Installing mod_ssl
    8. 2.8. Finding Modules Using modules.apache.org
    9. 2.9. Installing mod_security
    10. 2.10. Why Won’t This Module Work?
  4. 3. Logging
    1. 3.1. Getting More Details in Your Log Entries
    2. 3.2. Getting More Detailed Errors
    3. 3.3. Logging POST Contents
    4. 3.4. Logging a Proxied Client’s IP Address
    5. 3.5. Logging Client MAC Addresses
    6. 3.6. Logging Cookies
    7. 3.7. Not Logging Image Requests from Local Pages
    8. 3.8. Rotating Logfiles at a Particular Time
    9. 3.9. Rotating Logs on the First of the Month
    10. 3.10. Logging Hostnames Instead of IP Addresses
    11. 3.11. Maintaining Separate Logs for Each Virtual Host
    12. 3.12. Logging Proxy Requests
    13. 3.13. Logging Errors for Virtual Hosts to Multiple Files
    14. 3.14. Logging Server IP Addresses
    15. 3.15. Logging the Referring Page
    16. 3.16. Logging the Name of the Browser Software
    17. 3.17. Logging Arbitrary Request Header Fields
    18. 3.18. Logging Arbitrary Response Header Fields
    19. Logging Activity to a MySQL Database
    20. Logging to syslog
    21. Logging User Directories
  5. 4. Virtual Hosts
    1. 4.1. Setting Up Name-Based Virtual Hosts
    2. 4.2. Designating One Name-Based Virtual Host as the Default
    3. 4.3. Setting Up Address-Based Virtual Hosts
    4. 4.4. Creating a Default Address-Based Virtual Host
    5. 4.5. Mixing Address-Based and Name-Based Virtual Hosts
    6. 4.6. Mass Virtual Hosting with mod_vhost_alias
    7. 4.7. Mass Virtual Hosting Using Rewrite Rules
    8. 4.8. Logging for Each Virtual Host
    9. 4.9. Splitting Up a Logfile
    10. 4.10. Port-Based Virtual Hosts
    11. 4.11. Displaying the Same Content on Several Addresses
    12. Defining Virtual Hosts in a Database
  6. 5. Aliases, Redirecting, and Rewriting
    1. 5.1. Mapping a URL to a Directory
    2. 5.2. Creating a New URL for Existing Content
    3. 5.3. Giving Users Their Own URLs
    4. 5.4. Aliasing Several URLs with a Single Directive
    5. 5.5. Mapping Several URLs to the Same CGI Directory
    6. 5.6. Creating a CGI Directory for Each User
    7. 5.7. Redirecting to Another Location
    8. 5.8. Redirecting Several URLs to the Same Destination
    9. 5.9. Permitting Case-Insensitive URLs
    10. 5.10. Showing Highlighted PHP Source without Symlinking
    11. 5.11. Replacing Text in Requested URLs
    12. 5.12. Rewriting Path Information to CGI Arguments
    13. 5.13. Denying Access to Unreferred Requests
    14. 5.14. Redirecting Unreferred Requests to an Explanation Page
    15. 5.15. Rewriting Based on the Query String
    16. 5.16. Redirecting All—or Part—of Your Server to SSL
    17. 5.17. Turning Directories into Hostnames
    18. 5.18. Redirecting All Requests to a Single Host
    19. 5.19. Turning Document Names into Arguments
    20. 5.20. Rewriting Elements between Path and Query String
    21. 5.21. Rewriting a Hostname to a Directory
    22. 5.22. Turning URL Segments into Query Arguments
    23. 5.23. Using AliasMatch, ScriptAliasMatch, and RedirectMatch
  7. 6. Security
    1. 6.1. Using System Account Information for Web Authentication
    2. 6.2. Setting Up Single-Use Passwords
    3. 6.3. Expiring Passwords
    4. 6.4. Limiting Upload Size
    5. 6.5. Restricting Images from Being Used Off-Site
    6. 6.6. Requiring Both Weak and Strong Authentication
    7. 6.7. Managing .htpasswd Files
    8. 6.8. Making Password Files for Digest Authentication
    9. 6.9. Relaxing Security in a Subdirectory
    10. 6.10. Lifting Restrictions Selectively
    11. 6.11. Authorizing Using File Ownership
    12. 6.12. Storing User Credentials in a MySQL Database
    13. 6.13. Accessing the Authenticated Username
    14. 6.14. Obtaining the Password Used to Authenticate
    15. 6.15. Preventing Brute-Force Password Attacks
    16. 6.16. Using Digest Versus Basic Authentication
    17. 6.17. Accessing Credentials Embedded in URLs
    18. 6.18. Securing WebDAV
    19. 6.19. Enabling WebDAV Without Making Files Writable by the Web User
    20. 6.20. Restricting Proxy Access to Certain URLs
    21. 6.21. Protecting Files with a Wrapper
    22. 6.22. Protecting Server Files from Malicious Scripts
    23. 6.23. Setting Correct File Permissions
    24. 6.24. Running a Minimal Module Set
    25. 6.25. Restricting Access to Files Outside Your Web Root
    26. 6.26. Limiting Methods by User
    27. 6.27. Restricting Range Requests
    28. Rebutting DoS Attacks with mod_evasive
    29. Chrooting Apache with mod_security
    30. Migrating to 2.2 Authentication
    31. 6.28. Blocking Worms with mod_security
    32. 6.29. Mixing Read-Only and Write Access to a Subversion Repository
    33. 6.30. Using Permanent Redirects to Obscure Forbidden URLs
  8. 7. SSL
    1. 7.1. Installing SSL
    2. Installing SSL on Windows
    3. 7.2. Generating Self-Signed SSL Certificates
    4. 7.3. Generating a Trusted CA
    5. 7.4. Serving a Portion of Your Site via SSL
    6. 7.5. Authenticating with Client Certificates
    7. SSL Virtual Hosts
    8. Wildcard Certificates
  9. 8. Dynamic Content
    1. 8.1. Enabling a CGI Directory
    2. 8.2. Enabling CGI Scripts in Non-ScriptAliased Directories
    3. 8.3. Specifying a Default Document in a CGI Directory
    4. 8.4. Using Windows File Extensions to Launch CGI Programs
    5. 8.5. Using Extensions to Identify CGI Scripts
    6. 8.6. Testing that CGI Is Set Up Correctly
    7. 8.7. Reading Form Parameters
    8. 8.8. Invoking a CGI Program for Certain Content Types
    9. 8.9. Getting SSIs to Work
    10. 8.10. Displaying Last Modified Date
    11. 8.11. Including a Standard Header
    12. 8.12. Including the Output of a CGI Program
    13. 8.13. Running CGI Scripts as a Different User with suexec
    14. 8.14. Installing a mod_perl Handler from CPAN
    15. 8.15. Writing a mod_perl Handler
    16. 8.16. Enabling PHP Script Handling
    17. 8.17. Verifying PHP Installation
    18. 8.18. Parsing CGI Output for Server Side Includes
    19. 8.19. Parsing ScriptAlias Script Output for Server-Side Includes
    20. 8.20. Getting mod_perl to Handle All Perl Scripts
    21. 8.21. Enabling Python Script Handling
  10. 9. Error Handling
    1. 9.1. Handling a Missing Host Field
    2. 9.2. Changing the Response Status for CGI Scripts
    3. 9.3. Customized Error Messages
    4. 9.4. Providing Error Documents in Multiple Languages
    5. 9.5. Redirecting Invalid URLs to Some Other Page
    6. 9.6. Making Internet Explorer Display Your Error Page
    7. 9.7. Notification on Error Conditions
  11. 10. Proxies
    1. 10.1. Securing Your Proxy Server
    2. 10.2. Preventing Your Proxy Server from Being Used as an Open Mail Relay
    3. 10.3. Forwarding Requests to Another Server
    4. 10.4. Blocking Proxied Requests to Certain Places
    5. 10.5. Proxying mod_perl Content to Another Server
    6. 10.6. Configuring a Caching Proxy Server
    7. 10.7. Filtering Proxied Content
    8. 10.8. Requiring Authentication for a Proxied Server
    9. Load Balancing with mod_proxy_balancer
    10. Proxied Virtual Host
    11. Refusing to Proxy FTP
  12. 11. Performance
    1. 11.1. Determining How Much Memory You Need
    2. 11.2. Benchmarking Apache with ab
    3. 11.3. Tuning KeepAlive Settings
    4. 11.4. Getting a Snapshot of Your Site’s Activity
    5. 11.5. Avoiding DNS Lookups
    6. 11.6. Optimizing Symbolic Links
    7. 11.7. Minimizing the Performance Impact of .htaccess Files
    8. 11.8. Disabling Content Negotiation
    9. 11.9. Optimizing Process Creation
    10. 11.10. Tuning Thread Creation
    11. 11.11. Caching Frequently Viewed Files
    12. 11.12. Distributing Load Evenly Between Several Servers
    13. 11.13. Caching Directory Listings
    14. 11.14. Speeding Up Perl CGI Programs with mod_perl
    15. Caching Dynamic Content
  13. 12. Directory Listings
    1. 12.1. Generating Directory/Folder Listings
    2. Display a Standard Header and Footer on Directory Listings
    3. 12.2. Applying a Stylesheet
    4. 12.3. Hiding Things from the Listing
    5. 12.4. Searching for Certain Files in a Directory Listing
    6. 12.5. Sorting the List
    7. Allowing a Client-Specified Sort Order
    8. 12.6. Specifying How the List Will Be Formatted
    9. 12.7. Allowing the Client to Specify the Formatting
    10. 12.8. Adding Descriptions to Files
    11. 12.9. Autogenerated Document Titles
    12. 12.10. Changing the Listing Icons
    13. 12.11. Listing the Directories First
    14. 12.12. Ordering by Version Number
    15. 12.13. Allowing the End User to Specify Version Sorting
    16. Complete User Control of Output
    17. Don’t Allow the End User to Modify the Listing
    18. 12.14. Suppressing Certain Columns
    19. Showing Forbidden Files
    20. 12.15. Aliases in Directory Listings
  14. 13. Miscellaneous Topics
    1. 13.1. Placing Directives Properly
    2. 13.2. Renaming .htaccess Files
    3. 13.3. Generating Directory/Folder Listings
    4. 13.4. Solving the “Trailing Slash” Problem
    5. 13.5. Setting the Content-Type According to Browser Capability
    6. 13.6. Handling Missing Host: Header Fields
    7. 13.7. Alternate Default Document
    8. 13.8. Setting Up a Default “Favicon”
    9. 13.9. Directory Listings in ScriptAliased Directories
    10. 13.10. Enabling .htaccess Files
    11. 13.11. Converting IBM/Lotus Server-Side Includes to Apache
  15. A. Using Regular Expressions in Apache
    1. What Directives Use Regular Expressions?
  16. B. Troubleshooting
    1. Troubleshooting Methodology
    2. Debugging the Configuration
    3. Debugging Premature End of Script Headers
    4. Common Problems on Windows
    5. Fixing Build-Time Error Messages
    6. Getting Server-Side Includes to Work
    7. Debugging Rewrites That Result in “Not Found” Errors
    8. .htaccess Files Having No Effect
    9. Address Already in Use
  17. Index
  18. About the Authors
  19. Colophon
  20. Copyright