book

Apache Cookbook

by Ken Coar, Rich Bowen

November 2003

Intermediate to advanced

254 pages

5h 39m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Preface
What’s in This BookPlatform NotesOther BooksOther SourcesHow This Book Is OrganizedConventions Used in This BookWe’d Like to Hear from YouAcknowledgments
1. Installation
1.1. Installing from Red Hat Linux’s Packages1.2. Installing Apache on Windows1.3. Downloading the Apache Sources1.4. Building Apache from the Sources1.5. Installing with ApacheToolbox1.6. Starting, Stopping, and Restarting Apache1.7. Uninstalling Apache
2. Adding Common Modules
2.1. Installing a Generic Third-Party Module2.2. Installing mod_dav on a Unixish System2.3. Installing mod_dav on Windows2.4. Installing mod_perl on a Unixish System2.5. Installing mod_php on a Unixish System2.6. Installing mod_php on Windows2.7. Installing the mod_snake Python Module2.8. Installing mod_ssl
3. Logging
3.1. Getting More Details in Your Log Entries3.2. Getting More Detailed Errors3.3. Logging POST Contents3.4. Logging a Proxied Client’s IP Address3.5. Logging Client MAC Addresses3.6. Logging Cookies3.7. Not Logging Image Requests from Local Pages3.8. Logging Requests by Day or Hour3.9. Rotating Logs on the First of the Month3.10. Logging Hostnames Instead of IP Addresses3.11. Maintaining Separate Logs for Each Virtual Host3.12. Logging Proxy Requests3.13. Logging Errors for Virtual Hosts to Multiple Files3.14. Logging Server IP Addresses3.15. Logging the Referring Page3.16. Logging the Name of the Browser Software3.17. Logging Arbitrary Request Header Fields3.18. Logging Arbitrary Response Header Fields3.19. Logging Activity to a MySQL Database3.20. Logging to syslog3.21. Logging User Directories
4. Virtual Hosts
4.1. Setting Up Name-Based Virtual Hosts4.2. Designating One Name-Based Virtual Host as the Default4.3. Setting Up Address-Based Virtual Hosts4.4. Creating a Default Address-Based Virtual Host4.5. Mixing Address-Based and Name-Based Virtual Hosts4.6. Mass Virtual Hosting with mod_vhost_alias4.7. Mass Virtual Hosting Using Rewrite Rules4.8. SSL and Name-Based Virtual Hosts4.9. Logging for Each Virtual Host4.10. Splitting Up a LogFile4.11. Port-Based Virtual Hosts4.12. Displaying the Same Content on Several Addresses
5. Aliases, Redirecting, and Rewriting
5.1. Showing Highlighted PHP Source Without Symlinking5.2. Mapping a URL to a Directory5.3. Creating a New URL for Existing Content5.4. Giving Users Their Own URL5.5. Aliasing Several URLs with a Single Directive5.6. Mapping Several URLs to the Same CGI Directory5.7. Creating a CGI Directory for Each User5.8. Redirecting to Another Location5.9. Redirecting Several URLs to the Same Destination5.10. Permitting Case-Insensitive URLs5.11. Replacing Text in Requested URLs5.12. Rewriting Path Information to CGI Arguments5.13. Denying Access to Unreferred Requests5.14. Rewriting Based on the Query String5.15. Redirecting All—or Part—of Your Server to SSL5.16. Turning Directories into Hostnames5.17. Redirecting All Requests to a Single Host5.18. Turning Document Names into Arguments
6. Security
6.1. Using System Account Information for Web Authentication6.2. Setting Up Single-Use Passwords6.3. Expiring Passwords6.4. Limiting Upload Size6.5. Restricting Images from Being Used Off-Site6.6. Requiring Both Weak and Strong Authentication6.7. Managing .htpasswd Files6.8. Making Password Files for Digest Authentication6.9. Relaxing Security in a Subdirectory6.10. Lifting Restrictions Selectively6.11. Authorizing Using File Ownership6.12. Storing User Credentials in a MySQL Database6.13. Accessing the Authenticated Username6.14. Obtaining the Password Used to Authenticate6.15. Preventing Brute-Force Password Attacks6.16. Using Digest Versus Basic Authentication6.17. Accessing Credentials Embedded in URLs6.18. Securing WebDAV6.19. Enabling WebDAV Without Making Files Writable by the Web User6.20. Restricting Proxy Access to Certain URLs6.21. Protecting Files with a Wrapper6.22. Protecting All Files Except a Subset6.23. Protecting Server Files from Malicious Scripts6.24. Setting Correct File Permissions6.25. Running a Minimal Module Set6.26. Restricting Access to Files Outside Your Web Root6.27. Limiting Methods by User6.28. Restricting Range Requests
7. SSL
7.1. Installing SSL7.2. Generating SSL Certificates7.3. Generating a Trusted CA7.4. Serving a Portion of Your Site via SSL7.5. Authenticating with Client Certificates
8. Dynamic Content
8.1. Enabling a CGI Directory8.2. Enabling CGI Scripts in Non-ScriptAliased Directories8.3. Using Windows File Extensionsto Launch CGI Programs8.4. Using Extensions to Identify CGI Scripts8.5. Testing That CGI Is Set Up Correctly8.6. Reading Form Parameters8.7. Invoking a CGI Program for Certain Content Types8.8. Getting SSIs to Work8.9. Displaying Last Modified Date8.10. Including a Standard Header8.11. Including the Output of a CGI Program8.12. Running CGI Scripts as a Different User with suexec8.13. Installing a mod_perl Handler from CPAN8.14. Writing a mod_perl Handler8.15. Enabling PHP Script Handling8.16. Verifying PHP Installation
9. Error Handling
9.1. Handling a Missing Host Field9.2. Changing the Response Status for CGI Scripts9.3. Customized Error Messages9.4. Providing Error Documents in Multiple Languages9.5. Redirecting Invalid URLs to Some Other Page9.6. Making Internet Explorer Display Your Error Page9.7. Notification on Error Conditions

10. Proxies
10.1. Securing Your Proxy Server10.2. Preventing Your Proxy Server from Being Used as an Open Mail Relay10.3. Forwarding Requests to Another Server10.4. Blocking Proxied Requests to Certain Places10.5. Proxying mod_perl Content to Another Server10.6. Configuring a Caching Proxy Server10.7. Filtering Proxied Content10.8. Requiring Authentication for a Proxied Server
11. Performance
11.1. Determining How Much Memory You Need11.2. Benchmarking Apache with ab11.3. Tuning Keepalive Settings11.4. Getting a Snapshot of Your Site’s Activity11.5. Avoiding DNS Lookups11.6. Optimizing Symbolic Links11.7. Minimizing the Performance Impact of .htaccess Files11.8. Disabling Content Negotiation11.9. Optimizing Process Creation11.10. Tuning Thread Creation11.11. Caching Frequently Viewed Files11.12. Sharing Load Between Servers Using mod_proxy11.13. Distributing Load Evenly Between Several Servers11.14. Caching Directory Listings11.15. Speeding Up Perl CGI Programs with mod_perl
12. Miscellaneous Topics
12.1. Placing Directives Properly12.2. Renaming .htaccess Files12.3. Generating Directory/Folder Listings12.4. Solving the “Trailing Slash” Problem12.5. Setting the Content-Type According to Browser Capability12.6. Handling Missing Host: Header Fields12.7. Alternate Default Document12.8. Setting Up a Default “Favicon”
A. Using Regular Expressions in Apache
A.1. What Directives Use Regular Expressions?
B. Troubleshooting
B.1. Troubleshooting MethodologyB.2. Debugging the ConfigurationB.3. Debugging Premature End of Script HeadersB.4. Common Problems on WindowsB.5. Fixing Build-Time Error MessagesB.6. Getting Server-Side Includes to WorkB.7. Debugging Rewrites That Result in “Not Found” ErrorsB.8. .htaccess Files Having No EffectB.9. Address Already in Use
About the Authors
Colophon
Copyright

Overview

Apache is far and away the most widely used web server platform in the world. Both free and rock-solid, it runs more than half of the world's web sites, ranging from huge e-commerce operations to corporate intranets and smaller hobby sites, and it continues to maintain its popularity, drawing new users all the time. If you work with Apache on a regular basis, you have plenty of documentation on installing and configuring your server, but where do you go for help with the day-to-day stuff, like adding common modules or fine-tuning your activity logging?The Apache Cookbook is a collection of problems, solutions, and practical examples for webmasters, web administrators, programmers, and everyone else who works with Apache. For every problem addressed in the book, there's a worked-out solution or "recipe"--short, focused pieces of code that you can use immediately. But this book offers more than cut-and-paste code. You also get explanations of how and why the code works, so you can adapt the problem-solving techniques to similar situations.The recipes in the Apache Cookbook range from simple tasks, such installing the server on Red Hat Linux or Windows, to more complex tasks, such as setting up name-based virtual hosts or securing and managing your proxy server. The two hundred plus recipes in the book cover additional topics such as:

Security
Aliases, Redirecting, and Rewriting
CGI Scripts, the suexec Wrapper, and other dynamic content techniques
Error Handling
SSL
Performance

The impressive collection of useful code in this book is a guaranteed timesaver for all Apache users, from novices to advanced practitioners. Instead of poking around mailing lists, online documentation, and other sources, you can rely on the Apache Cookbook for quick solutions to common problems, and then you can spend your time and energy where it matters most.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 0596001916Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills