Apache is a whole family of various projects, the first of which was a Web server. The Web server is represented by the HTTPD daemon, so the Apache design of the Web server is called httpd.
The HTTPD Web Server Configuration Files in GNU / Linux in different distillation is located in different directories: / etc / httpd / conf /, or / etc / apache2, or other. The main configuration file is called httpd.conf, and the individual configuration files are often allocated for any settings for any settings connected to httpd.conf using the Include directive.
In general, the HTTPD settings can be divided into three main categories:
r Global Settings Section;
r settings for the main server;
r settings for virtual nodes.
In addition to these sections, you can select the settings for processing specified files, MIME expansion and processing specifications of national languages.
The global server settings include those that affect the APACHE server in general. Next, the main global settings are given:
r ServerRoot is the base directory of the installation, relative to which the Apache configuration files are placed in the GNU file system, as well as some files required in its operation;
r PIDFILE - File in which the Apache server is started with PID
main server process;
r LoadModule - command Download Apache extension module compiled in the form of a shared library;
r Timeout - the number of seconds before sending the connection loss signal;
r keepalive - permission or prohibition of support for long-lived compounds available under the HTTP / 1.1 protocol, allowing you to leave the unimpressible state after sending the required information by the server;
r keepaliveTimeout - the number of seconds of waiting for the next query, after which the long-lived connection will be broken;
r maxkeepaliverequests - the maximum possible number of requests permitted for long-lived compounds;
r StartServers is the number of HTTPD subsidiaries that start when you start the Apache server;
r MinspareServers is the minimum amount of HTTPD processes of the subsidies (when connections appear, so much httpd is launched so that the number of pending subsidiaries is no less than this value);
r MaxSpareServers is the maximum number of HTTPD processing connections (extra processes);
r MaxClients is a limit on the maximum number of HTTPD subsidiaries, which determines the possible number of compounds;
r maxRequestSperchild is the maximum number of queries that is solved by one-person HTTPD process, when it is reached, it is guaranteed to eliminate possible memory leaks.
ServerRoot "/ etc / httpd" PIDFILE RUN / httpd.pid timeout 120
Keepalive Off MaxkeepaliveRequests 100
KeepaliveTimeout 15.
| StartServers | |
| MinspareServers | |
| MaxspareServers. | |
| ServerLimit. | |
| Maxclients |
MaxRequestSperchild 4000.
LISTEN 80.
LoadModule auth_basic_module modules / mod_auth_basic.so LoadModule auth_digest_module modules / mod_auth_digest.so LoadModule authn_file_module modules / mod_authn_file.so LoadModule authn_alias_module modules / mod_authn_alias.so LoadModule authn_anon_module modules / mod_authn_anon.so
User Apache Group Apache
It should be noted that modules can not only be connected using the LoadModule directive, but also installed directly into the Apache code at the compilation and assembly stage. To determine which modules were installed in the code at the compilation stage, execute the HTTPD -L command (follow-up 28.2).
$ / usr / sbin / httpd -l compiled in modules:
cORE.C PREFORK.C HTTP_CORE.C MOD_SO.C
Pay attention to the preform.c module is one of several different MODULES modules (MULTI-PROCESSING MODULES) available for Apache V2. These modules are focused on different operating systems or at different models of multitasking processing. For example, the preform.c module is oriented to the traditional Unix model for the generation of child processes, and worker.c - to work with flows.
Among the settings of the main server are the most important:
r Listen - causes Apache to listen only to the specified port;
r user is a user, on behalf of which httpd processes will be run;
r Group - a group on behalf of which subsidiaries will be launched
r Documentroot is a directory of the placement of the web site files;
r userdir - the name of the catalog to accommodate personal web pages of users;
r DirectoryIndex - a list of file names that will be viewed while trying to access the directory root document;
r AccessFileName - the name of the file containing the directive control of the device to the catalog;
r TypeSconfig - locates the MIME configuration file location;
r DefaultType - Specifies the MIME-type default document;
r MimemagicFile - locates the magic number file to determine the MIME type of the document;
r HostNameLookups - Specifies the type of information on requests for clients or by the IP address or by name of the node;
r errorlog - log file in which any errors will be recorded
(Messages) who encountered in the process of Apache;
r Loglevel is the level of journaling information;
r LogFormat is a directive that defines the format of information output to the journal;
r CustomLog - indicates the location of the log file;
r Serversignature - allows you to display in the pages generated by the Apache server, version information, virtual node, etc.;
r Alias \u200b\u200b- sets aliases to access the sewing directories (the length of the pseudonym string is less than the length of the access path line);
r scriptalias - does the same as Alias, but for catalogs with CGI-
scenarios;
r indexoptions - determines the type of indexing directories;
r Addicon - Specifies the icon file to display in specific situations, for example, when displaying a page with a directory content of different types of files, different icons are compared;
r AddiconByencoding - Specifies icons for specific MIME encodings;
r AddiconBYTYPE - Specifies icons for certain MIME types of documents;
r Defaulticon - default icon;
r AddDescription - adds a comment string to specific types of documents (for example, .gz - Gzipped Document);
r ReadMename - Specifies the name of the readme file added to the end of the file list in the directory (Directory Index);
r HeaderName - Specifies the name of the HEADER file being added to the beginning of the file list in the directory (Directory Index);
r indexignore - file names that will be ignored when indexing;
r Addencoding - allows browsers to handle information on the fly (for example, display the contents of compressed gzip files);
r AddLanguage - Displays the specified file name extensions to a specific document language (for example, AddLanguage RU .RU);
r AddCharset - sets the display of a specific file name extension to a specific encoding;
r LanguagePriority is the order of languages;
r AddType - Specifies the display of file name extensions to MIME type;
r AddHandler - Sets the type of processing to expand file names;
r ErrorDocument - allows you to configure error messages;
r Browsermatch - Specifies the features of information output for browsers.
In the configuration file httpd.conf, conventional species are often found.
Alias \u200b\u200b/ Doc / USR / Share / Doc
In this example, the DOC alias is installed for the / usr / share / doc directory. However, such a pseudonym will be installed only in the case of the MOD_ALIAS.C module. Having such an alias (if there is appropriate permit), it will be possible to handle the web browser to the contents of the / usr / Share / Doc content, using the URL http: // localhost / doc.
Another type of conditional directive is
Often Apache comes with very extensive documentation in HTML format. For example, in Fedora distributions, the Apache Documentation is traditionally available after the APACHE is started on the URL http: // localhost / manual.
Hosting sites
You can implement four ways:
Default in the / Var / www / html folder. Access is http: // LocalHost /
Settings of the main hosting. For example, http: // Localhost / phpmyAdmin
In any folder using the virtual host module. For example, http: // mysite /
In the Public_HTML user folder (Userdir module). For example, http: // Localhost / ~ username
Installation
To install Apache, run in the terminal:
Sudo Apt-Get Install Apache2Setting
To apply changes in the settings you need to restart the APACHE: Sudo Service Apache2 Restart
In Ubuntu, the end file setting (Apache2.conf) is arranged for several files located in different subdirectory. Details written in file comments apache2.conf..
/ ETC / Apache2 / | - Apache2.conf | `- ports.conf | - mods-enabled | | - * .load | `- * .conf | - Conf-enabled | `- * .conf` - Sites-Enabled `- * .conf
Module settings are located in the directory. / ETC / Apache2 / Mods-Available. To connect or disable modules (module settings), use the corresponding A2EnMod or A2Dismod commands. Connection example of a module:
Sudo a2enmod< mod-name>Your settings should be saved to files located in the directory / ETC / Apache2 / Conf-Available. To connect or disconnect your settings, use the corresponding A2enconf or A2DISCONF commands. An example of connecting a file with your settings:
Sudo a2enconf.< config-name>Virtual host settings should be saved to files located in the directory / etc / apache2 / sites-available. To connect virtual hosts, use the corresponding A2ensite or A2Dissite commands. Virtual host connection example:
Sudo a2ensite.< site-name>Default encoding
To specify the default encoding, use the adddefaultcharset directive in the file /etc/apache2/conf-available/charset.conf. (or Rassate the appropriate line):
AdddefaultCharset UTF-8
Virtual hosts
Virtual host settings files are stored in /etc/apache2/sites-available/*.conf.. By default, one virtual host is already configured in Apache. Its settings are in the file 000-DEFAULT.conf.. You can use this virtual host as an example.
Virtual host setting example:
Name the file settings by the name of your host1.server1.conf and save.
After creating the settings file, add your host name to / etc / hosts:
127.0.0.1 HOST1.Server1
To enable the created virtual host, the A2ensite utility is used:
Sudo A2ensite Host1.server1Turns off the host similarly to the A2Dissite utility:
Sudo A2Dissite Host1.server1.Modules
mod_userdir.
Module MOD_USERDIR allows you to use directory in home user directors for web storage. By default, Apache is looking for the requested pages in the directory. ~ / public_html.
mkdir ~ / public_htmlTo enable mod_userdir, follow:
Sudo a2enmod userdirand add the necessary user to the WWW-DATA group:
Sudo AddUser $ User WWW-DATAafter that restart Apache:
Pages will be available at http: // Localhost / ~ username, where UserName is the username.
CGI
If you want to run on the CGI scripts on the server, connect the CGI command module
Sudo A2enmod CGIBy default, CGI scripts are placed in the directory USR / LIB / CGI-BINbut you can place them anywhere by specifying it in the settings of your virtual host, or globally for all hosts in the file /etc/apache2/conf-enabled/serve-cgi-bin.conf..
If your server works on the external network, then for safety reasons, it is strongly recommended to place CGI scripts outside the root directory of the virtual host
Setting up HTTPS in Apache
APACHE web server fully supports HTTPS. To activate HTTPS support on the already installed Apache, you must follow the following.
Creating a key and SSL certificate
The use of self-signed certificates, though protects against passive listening, however it does not guarantee customers that the server is exactly the server that they need. The advantage of self-signed certificates is their free. Certificate Signed by the Certificate Authority costs money.
To create a key and certificate, enter the command:
OpenSSL Req -New -X509 -Days 30 -Keyout Server.Key -OUut Server.pem
To the question "ENTER PEM PASS PASS PASS:" I answer the password, confirm and remember.
All subsequent questions are answered arbitrarily, you can simply click on ENTER, agreeing with the proposed options, only to the question "Common Name (EG, Your Name):" Answer the site name for which you create a certificate, such as www.example.com.
After the answer to all the questions in the directory there should be two new files - Server.pem (key) and Server.crt (Certificate).
To use the generated key, you need to know the password introduced by us, and Apache will ask it with us when loading, and why do we need any questions from demons? :) Therefore, we remove the password from the key:
CP Server.Key (, .orig) OpenSSL RSA -IN Server.Key.orig -OUT Server.Key Rm Server.key.origCopy them in / etc / ssl and assign a key file to the read right only to the administrator:
Sudo CP Server.pem / etc / SSL / CERTS / Sudo Cp Server.key / etc / ssl / private / sudo chmod 0600 / etc / ssl / private / server.keyAdjust Apache
To begin with, you need to activate MOD_SSL:
Sudo a2enmod sslAnd then enable the default site HTTPS settings:
Sudo A2ensite Default-SSLNow you need to edit the file with the default HTTPS settings by specifying the path to your certificates. The file itself is called / etc / apache2 / sites-enabled / default-ssl (or /etc/apache2/sites-enabled/default-ssl.conf).
SSLENGINE ON.add line
SSLPROTOCOL ALL -SLV2.to prohibit the use of the outdated SSLV2 protocol.
# Public Server Certificate Sslcertificatefile /etc/ssl/certs/server.pem. # Private server key SslcertificateKeyFile /etc/ssl/private/Server.Key.Now just restart Apache:
Sudo Service Apache2 RestartAnd if all the parameters are specified correctly, your sites will be available via HTTPS.
The HTTPS protocol operates in 443 port, so if the server is behind the gateway, then it is necessary to break this port on it.
Redirect HTTP queries on https
If you want to prohibit the use of HTTP, then the most reasonable will redirect all HTTP requests to the pages on their HTTPS address. Make it using mod_alias. If it is not turned on - turn on:
Sudo A2enmod Alias \u200b\u200bSudo Service Apache2 RestartThen change the file / etc / apache2 / sitees-enabled / 000-default, which is responsible for the default virtual host for HTTP requests. Add directive to this file
Redirect / https://example.com/At the same time, all the settings of the directory can be deleted, because by HTTP to your sites will still not be accessed.
Everything, now restart Apache again and make sure that when you enter HTTP you are automatically redirected to the HTTP page.
For Apache configuration there are 4 main approaches:
- Compilation / installation: Assembly from sources allows you to select the necessary modules, install the desired flags, pathways, etc.
- Command line parameters: allow you to configure Apache at startup.
- Global configuration files: The main file is default called httpd.conf.
- Local configuration files: Use.htaccess.
Configuration directives in the httpd.conf file can be divided into 3 categories:
- Directives that control the overall work process.
- Virtual host directives.
- Virtual host settings.
The directives of the first group include
They are used in binding to a specific file structure or to the URL. In the first case it
Local configuration is implemented based on.htaccess. The name of this file can be changed in the AccessFileName section. Changes in the file.htaccess come into force immediately, without restarting, its action applies to the directory in which it lies with all nested subdirectories. Excessive use .HTaccess can affect server performance.
The contents of the main config of httpd.conf can be divided into 5 sections:
- Global directives.
- Applicable to wipe servers. , - Applicable catalogs. , - Applicable files. , - Apply to the URL.
The directive may have several parameters, the type of parameters may vary.
Each directive is processed by a specific module.
For example, Directive
The next directive will be processed by the MOD_ENV module, the environment variable will be installed:
The contents of the local file.htaccess can also be divided into 5 sections:
- Authconfig - Authorization control.
- Limits - Access Control.
- Options are specific catalog settings.
- FileInfo - Installing Attributes for Documents.
- Indexes - indexing directories.
In Ubuntu Apache, it is located at / etc / apache2 and, in addition to configuration files, contains the "SITES-AVAILABLE" and "SITES-ENABED" directory. The first directory contains a list of sites that are available on the server, and in the second - those serviced by the server. This makes it possible to quickly add and delete sites that will be served by the server, without having to physically delete them from Documentroot. In addition to this, other settings files can be added using Include instructions, and grouping characters can be used to enable multiple settings files. Any instruction can be added to any of these settings files. The server also reads files containing MIME documents; The file name is set by the TypeSconfig instructions, usually through /etc/apache2/mods-available/mime.conf, which can also include additions and overrides, and the default is /etc/mime.Types.
httpd.conf - Apache Server Configuration
Apache is configured by placing directives into normal configuration text files. The main configuration file of the Apache server - httpd.conf..
With the help of the Include Directive, other configuration files can be added. Any directive can be installed in any of these configuration files.
Apache 2.4 is configured by files in the subdirectory (default) - Conf. (C: \\ Program Files \\ Apache2.4 \\ conf \\ Apache2.4 \\ CONF \\). These are the same files as for configuring on OS UNIX, but there are several directives specially designed for Windows.
The main configuration file of the APACHE server HTTP 2.4 is usually called - httpd.conf..
It contains directives and parameters that control the work of the Web server, virtual servers, as well as all APACHE 2.4 software modules. . Apache is a modular server. This means that only the most basic functionality is included in the main server. Expansion of functions available using dynamically downloadable modules. Configuration files contain one directive in the string. The inclined feature of the left "\\" can be used as the last character in the string, to indicate that the directive continues to the next string. There should be no other characters or spaces between the inclined line to the left and the end of the line. Directives in configuration files are insensitive to the register, but the arguments of directives are often sensitive. Rows that start with the "#" symbol are considered comments, and ignored. Comments cannot be included in the row after the configuration directive. Empty lines and spaces, before the directive are ignored.
Directive - The configuration command that controls one or more aspects of the APACHE server behavior.
Directives posted in the basic configuration files include the entire server.
.
To check the configuration files on syntax errors, the command is used. httpd.exe -t..
When installing Apache 2.4, it was introduced:
In Network Domain (network domain) - server-Apache2.ru.
in Server Name - www.server-apache24.ru.
In Administrator "S Email ADRESS (admin postal address) - [Email Protected]
Hence, server-Apache2.ru. - It will be the name of the main site of the Apache server.
APACHE Server Main Website is configured in the file - httpd.conf..
Amendments to the Apache Server Configuration File - httpd.conf
To appeal to the main site of the Apache server on the domain name - server-Apache2.ru., create a catalog on disk - C: \\ Server-Apache24.ru
Server-Apache2.ru.
- C: \\ Server-Apache24.ru
- logs.
- access.log.
- error.log.
- www
- index.html
- logs.
Catalog Server-Apache24.ru.
At the root of the disk C: You need to create a catalog server-Apache2.ru.
In him Before There must be folders:
logs. With "empty" files access.log. and error.log.
and
www with file. index.html
See in the httpd.conf file strings -
209 Serveradmin. [Email Protected]
218 ServerName www.server-apache2.ru:80
243 Documentroot "C: /Server-apache24.ru/www"
245
httpd.conf. - Configuring the APACHE 2.4 server
httpd.conf..
Action of the Main Configuration File Directives applies to the entire server.
All entries, with the exception of red-selected, must be commented. Rows starting with symbol "#" - These are comments.
# # This Is The Main Apache Http Server Configuration File. It contains the # configuration directives that give the server its instructions. # See for detailed information. # IN PARTICULAR, SEE # # For a Discussion of Each Configuration Directive. # # Do NOT simply read the instructions in here without understanding # what they do. They "Re Here Only As Hints Or Reminders. If You Are Unsure # Consult The Online Docs. You have Been Warned. # # Configuration and Logfile Names: If the Filenames You Specify for Many # Of the Server" S CONTROL FILES BEGIN WITH " / "(or" drive: / "for Win32), the # server will use that explicit path. If The Filenames Do * Not * Begin # With "/", The Value of Serverroot Is Prepended - SO "Logs / Access_log" # With Serverroot Set to "/ usr / local / apache2" Will Be Interpreted by the # Server AS " / usr / local / apache2 / logs / access_log ", whereas" / logs / access_log "# Will Be Interpreted AS" / LOGS / access_log ". # # Note: Where Filenames Are Slaffied, You Must Use Forward Slashes # Instead of Backslashes (E.G., "C: / Apache" Instead of "C: \\ Apache"). # If a Drive Letter Is Omitted, The Drive On Which Httpd.exe Is Located # Will Be Used by Default. It is Recommended That You Always Supply # an Explicit Drive Letter in Absolute Paths to Avoid Confusion. # # Serverroot: The Top of the Directory Tree Under Which The Server "S # Configuration, Error and Log Files Are Kept. # # Do Not Add a Slash at the End of the Directory Path. If You Point # Serverroot at a non -Local Disk, Be Sure to Specify A Local Disk On The # Mutex Directive, If File-Based Mutexes Are Used. If You Wish to Share The # Same Serverroot for Multiple Httpd Daemons, You Will Need to Change at # Least Pidfile. # ServerRoot "C: / Program Files / Apache2.4" # # Mutex Mechanism and Mutex File Directory # For Individual Mutexes File Directory # For Global Defaults # # Uncomment and Change The Directory If Mutexes Are File-based And The Default # Mutex File Directory IS Not On a Local Disk or Is Not Appropriate for some # # Other Reason. # # Mutex Default: Logs # # Listen: Allows You to Bind Apache to Specific IP Addresses and / or # Ports, Instead of the Default. See Also The # Directive. # # Change This To Listen On Specific IP Addres ses as shown below to # prevent Apache from glomming onto all bound IP addresses. # #Listen 12.34.56.78:80 Listen 80 # # Dynamic Shared Object (DSO) Support # # To Be Able to Use The Functionality of a Module Which Was Built As A DSO You # Have to Place CRESPONDING `Loadmodule" Lines at this location so the # directives contained in it are actually available _before_ they are used. # Statically compiled modules (those listed by `httpd -l") do not need # to be loaded here # # Example:. # LoadModule foo_module modules / mod_foo.so # LoadModule access_compat_module modules / mod_access_compat.so LoadModule actions_module modules / mod_actions.so LoadModule alias_module modules / mod_alias.so LoadModule allowmethods_module modules / mod_allowmethods.so LoadModule asis_module modules / mod_asis.so LoadModule auth_basic_module modules / mod_auth_basic.so #LoadModule auth_digest_module modules / mod_auth_digest.so #LoadModule authn_anon_module modules / mod_authn_anon.so LoadModule authn_core_module modules / mod_authn_core. so #LoadModule authn_dbd_module modules / mod_authn_dbd.so #LoadModule authn_dbm_module modules / mod_authn_dbm.so LoadModule authn_file_module modules / mod_authn_file.so #LoadModule authn_socache_module modules / mod_authn_socache.so #LoadModule authnz_ldap_module modules / mod_authnz_ldap.so LoadModule authz_core_module modules / mod_authz_core.so #LoadModule authz_dbd_module Mo. dules / mod_authz_dbd.so #LoadModule authz_dbm_module modules / mod_authz_dbm.so LoadModule authz_groupfile_module modules / mod_authz_groupfile.so LoadModule authz_host_module modules / mod_authz_host.so #LoadModule authz_owner_module modules / mod_authz_owner.so LoadModule authz_user_module modules / mod_authz_user.so LoadModule autoindex_module modules / mod_autoindex.so # LoadModule buffer_module modules / mod_buffer.so #LoadModule cache_module modules / mod_cache.so #LoadModule cache_disk_module modules / mod_cache_disk.so #LoadModule cern_meta_module modules / mod_cern_meta.so LoadModule cgi_module modules / mod_cgi.so #LoadModule charset_lite_module modules / mod_charset_lite.so #LoadModule data_module modules /mod_data.so #LoadModule dav_module modules / mod_dav.so #LoadModule dav_fs_module modules / mod_dav_fs.so #LoadModule dav_lock_module modules / mod_dav_lock.so #LoadModule dbd_module modules / mod_dbd.so #LoadModule deflate_module modules / mod_deflate.so LoadModule dir_module modules / mod_dir. So #LoadModule D. umpio_module modules / mod_dumpio.so LoadModule env_module modules / mod_env.so #LoadModule expires_module modules / mod_expires.so #LoadModule ext_filter_module modules / mod_ext_filter.so #LoadModule file_cache_module modules / mod_file_cache.so #LoadModule filter_module modules / mod_filter.so #LoadModule headers_module modules / mod_headers.so #LoadModule heartbeat_module modules / mod_heartbeat.so #LoadModule heartmonitor_module modules / mod_heartmonitor.so #LoadModule ident_module modules / mod_ident.so LoadModule imagemap_module modules / mod_imagemap.so LoadModule include_module modules / mod_include.so #LoadModule info_module modules / mod_info.so LoadModule isapi_module modules / mod_isapi.so #LoadModule lbmethod_bybusyness_module modules / mod_lbmethod_bybusyness.so #LoadModule lbmethod_byrequests_module modules / mod_lbmethod_byrequests.so #LoadModule lbmethod_bytraffic_module modules / mod_lbmethod_bytraffic.so #LoadModule lbmethod_heartbeat_module modules / mod_lbmethod_heartbeat.so #LoadModule ldap_module modules / mod_ldap.so #LoadModule logio_module modules / mod_logio.so LoadModule log_config_module modules / mod_log_config.so #LoadModule log_debug_module modules / mod_log_debug.so #LoadModule log_forensic_module modules / mod_log_forensic.so #LoadModule lua_module modules / mod_lua.so LoadModule mime_module modules / mod_mime. so #LoadModule mime_magic_module modules / mod_mime_magic.so LoadModule negotiation_module modules / mod_negotiation.so #LoadModule proxy_module modules / mod_proxy.so #LoadModule proxy_ajp_module modules / mod_proxy_ajp.so #LoadModule proxy_balancer_module modules / mod_proxy_balancer.so #LoadModule proxy_connect_module modules / mod_proxy_connect.so #LoadModule proxy_express_module modules / mod_proxy_express.so #LoadModule proxy_fcgi_module modules / mod_proxy_fcgi.so #LoadModule proxy_ftp_module modules / mod_proxy_ftp.so #LoadModule proxy_html_module modules / mod_proxy_html.so #LoadModule proxy_http_module modules / mod_proxy_http.so #LoadModule proxy_scgi_module modules / mod_proxy_scgi.so #LoadModule ratelimit_module modules / mod_ratelimit.so #LoadModule reflector_module modules / mod_reflector.so #LoadModule remoteip_module modules / mod_remoteip.so #LoadModule request_module modules / mod_request.so #LoadModule reqtimeout_module modules / mod_reqtimeout.so #LoadModule rewrite_module modules / mod_rewrite.so #LoadModule sed_module modules / mod_sed.so #LoadModule session_module modules / mod_session.so #LoadModule session_cookie_module modules / mod_session_cookie.so #LoadModule session_crypto_module modules / mod_session_crypto.so #LoadModule session_dbd_module modules / mod_session_dbd.so LoadModule setenvif_module modules / mod_setenvif.so #LoadModule slotmem_plain_module modules / mod_slotmem_plain.so #LoadModule slotmem_shm_module modules / mod_slotmem_shm.so #LoadModule socache_dbm_module modules / mod_socache_dbm.so #LoadModule socache_memcache_module modules / mod_socache_memcache.so #LoadModule socache_shmcb_module modules / mod_socache_shmcb.so #LoadModule speling_module [Email Protected] # Serveradmin. [Email Protected] # # ServerName gives the name and port that the server uses to identify itself. # THIS CAN OFTEN BE DETERMINED AUTOMATICALLY, But We Recommend You Specify # it Explicitly to Prevent Problems During Startup. # # If Your Host Doesn "T Have A Registered DNS Name, ENTERNAME WWW.SERVER-APACHE24UN :80 # # Deny Access to the Entirety of Your Server" s Filesystem. You must # explicitly permit access to web content directories in other # blocks below. # ALLOWERRIDE NOTE REQUIE AL DENIED # PARTICULAR FEATURES TO BE ENABLED - SO IF SOMETHING "S NOT WORKING AS # You Might Expect, make sure that you have specifically enabled it # below. # # # Documentroot: The Directory Out of Which You Will Serve Your # Documents. By Default, All Requests Are Taken From This Directory, But # Symbolic Links and Aliases May Be Used to Point to Other locations. # # Documentroot "C: / Program Files / Apache2.4 / Htdocs "was Documentroot" C: /Server-apache24./www "# # # Possible Values \u200b\u200bfor the Options Directive Are" None "," All ", # Or Any Combination : # Indexes Includes FallowSymLinks Symlinksifownermatch ExecCGI MultiViews # # Note That "MultiViews" Must Be Named * Explicitly * --- "Options All" # DOESN "T GIVE IT TO You. # # The Options Directive IS Both Complicated and Important. Please see # //httpd.apache.org/docs/2.4/mod/core.html#options # for more information. # # Options Indexes FollowSymLinks Was Options Indexes Includes Followermlinks Symlinksifownermatch Execcgi MultiViews # # # ALLOWOVERRIDE CONTROLS WHAT DIRECTS MAY BE PLACED IN.HTAccess Files. # IT CAN BE "ALL", "NONE", OR ANY COMBINATION OF THE KEYWORDS: # ALLOWOINRIDE FILEINFO AUTHCONFIG LIMIT # # ALLOWOVERRIDE NONE was ALLOWOVERRIDE ALL # # CONTROLS WHO CAN GET STUFF FROM This Server. # Require All Granted Addhandler Server-Parsd .shtml .shtm .html .htm # # DirectoryIndex: Sets The File That Apache Will Serve If A Directory # is Requested. # DirectoryIndex Index.html # # The Following Lines Prevent .htaccess and .htpasswd Files from Being # Viewed by Web Clients. # Require All Denied # # Errorlog: The Location of the Error Log File. # If You Do Not Specify An Errorlog Directive Within A # CONTAINER, ERROR MESSAZ RELATING TO THAT VIRTUAL HOST WILL BE # LOGGED HERE. If you * Do * Define An Error Logfile for a # CONTAINER, THAT HOST "S Errors Will Be Logged There and Not Here. # # ErrorLog "Logs / error.log" was errorlog c: /server-apache24.ru/logs/error.log # # Loglevel: Control The Number of Messages Logged to the Error_log. # Possible values \u200b\u200binclude: debug, info, notice, warn, error, crit, # alert, emerg. # Loglevel Warn # # The Following Directives Define Some Format Nicknames for Use with # A CUSTOMLOG DIRECTIVE (See Below). # LogFormat "% h% l% u% t \\"% r \\ "%\u003e S% B \\"% (Referer) i \\ "\\"% (User-Agent) i \\ "" Combined LogFormat "% h% l % u% t \\ "% r \\"%\u003e s% b "Common # You need to enable mod_logio.c to use% i and% o logformat"% h% l% u% t \\ "% r \\"%\u003e S% B \\ "% (Referer) i \\" \\ "% (User-Agent) I \\"% i% o "Combinedio # # The Location and Format of the Access Logfile (Common Logfile Format). # If You Do Not Define Any Access Logfiles Within A # CONTAINER, THEY WILL BE LOGGED HERE. ContrariWise, If You * Do * # Define Per- Access Logfiles, Transactions Will Be # Logged Therein and * Not * In This File. # # CustomLog "logs / access.log" Common was customlog c: /server-apache24.ru/logs/Access.log Common # # if you prefer a logfile with access, agent, and referer information # (Combined Logfile Format) You CAN USE THE FOLLOWING DIRECTIVE. # #CustomLog "Logs / access.log" Combined # # Redirect: Allows You to Tell Clients About Documents That Used to # Exist in Your Server "s Namespace, But Do not Anymore. The Client # Will Make a New Request for the Document AT Its New Location. # examples: # Redirect Permanent / Foo //www.server-apache24.ru/bar # # Alias: Maps Web Paths Into Filesystem Paths and IS Used to # Access Content It Does Not Live Under the Documentroot. # EXAMPLE: # Alias \u200b\u200b/ Path # #Full / FileSystem / Path # # If You include the server Will # Require It to be present in the url. You Will Also Likely # Need to Provide a Section to Allow Access to # the filesystem path # # ScriptAlias:. This controls which directories contain server scripts # ScriptAliases are essentially the same as Aliases, except that # documents in the target directory are treated as applications and # run by the server when requested rather than as. Documents Sent to the # Client. The Same Rules About Trailing "/" Apply to Scriptalias # DirectiveS As to Alias. # # Scriptalias / CGI-BIN / "C: / Program Files / Apache2.4 / CGI-BIN /" was scriptalias / cgi-bin / "c: /server-apache24.ru/cgi-bin/" # # Scriptsock: On Threaded Servers, Designate The Path to the UNIX # Socket Used to Communicate with the CGI Daemon of MOD_CGID. # #Scriptsock CGISOCK # # "C: / Program Files / Apache Software Foundation / Apache2.4 / CGI-BIN" SHOLD BE CHAGED TO WHATER YOUR Scriptalized # CGI Directory Exists, If You Have That Configured. # # ALLOWOVERRIDE NONE OPTIONS NONE REQUIRE ALL GRANTED # # TYPESCONFIG POINTS TO THE FILE CONTAINING THE LIST OF MAPPINGS FROM # FILENAME EXTENSION TO MIME-TYPE. # Typesconfig conf / mime.types # # AddType Allows You to Add to Or Override The Mime Configuration # file specified in TypeSconfig for Specific File Types. # #Adgz # # Addencoding Allows You to Have Certain Browsers Uncompress # Information on the Fly. Note: Not All Browsers Support This. # #Addencoding X-Compress .z #Addencoding X-Gzip .gz .tgz # # If the Addencoding Directives Above Are Commented-Out, Then You # Probably Schald Define Those Extensions to Indicate Media Types: # AddType Application / X-Compress. Z AddType Application / X-Gzip .gz .tgz AddType Application / X-Httpd-PHP .php # # Addhandler Allows You to Map Certain File Extensions to "Handlers": # Actions Unrelated to FileType. These Can Be Either Built Into The Server # # # # to use CGI Scripts Outside of Scriptaliased Directories: # (You Will Also Need To Add "ExecCGI" to the "options" directive.) # #ADDHANDLER CGI-Script .cgi Addhandler CGI-Script .cgi .pl # for Type Maps (Negotiated Resources): #Addhandler Type-Map Var # # Filters Allow You to Process Content Before IT IS Sent to the Client. # # To Parse .shtml Files for Server-Side Includes (SSI): # (You Will Also Need To Add "Includes" to the "Options" directive.) # AddType text / html .shtml addoutputfilter includes .shtml # # The Mod_mime_magic Module Allows The Server to Use Various Hints From The # Contents of the File Itself to Determine Its Type. The MimemagicFile # Directive Tells The Module Where the Hint Definitions Are Located. # #MimemagicFile Conf / Magic # # Customizable Error Responses Come in Three Flavors: # 1) Plain Text 2) Local Redirects 3) External Redirects # # Some Examples: #errordocument 500 "The Server Made A Boo Boo." #ErrorDocument 404 /Missing.html #errorDocument 404 "/cgi-bin/missing_Handler.pl" #ErrOrdocument 402 //www.server-apache24.ru/subscription_info.html ErrorDocument 404 C: /Server-apache24.ru/www/404error .html errordocument 500 c: /server-apache24.ru/www/500error.html # # Maxranges: Maximum Number of Ranges in a Request Before # Returning the Entire Resource, Or One of the Special # Values \u200b\u200b"Default", "None" OR "unlimited." # Default Setting Is To Accept 200 Ranges. #MaxRanges Unlimited # # Enablemmap and EnablesendFile: On Systems That Support It, # Memory-Mapping Or The Sendfile Syscall May Be Used to Deliver # Files. This Usually Improves Server Performance, But Must # Be Turned Off When Service From Networked-Mounted # Filesystems Or If Support for these Functions Is Otherwise # Broken on Your System. # Defaults: enablemmap on, enablesendfile off # #enablemmap off #enablesendfile on # supplemental configuration # # The Configuration Files in The Conf / Extra / Directory Can Be # Included to add Extra Features Or to Modify The Default Configuration of # The Default Configuration Of # The Server, OR You may Simply Copy Their Contents Here and Change AS # Necessary #INClude Conf / Extra / httpd-mpm.conf # Multi-Language Error Messages Include conf / extra / httpd-multilang-errodoc.conf # Fancy Directory Listings include conf / extra / httpd-autoindex .conf # Language Settings include Conf / Extra / httpd-languages.conf # user home directories include conf / extra / httpd-userdir.conf # real-time info on requests and configuration #include conf / extra / httpd-info.conf # Virtual Hosts Include Conf / Extra / httpd-vhosts.conf # Local Access to the Apache Http Server Manual #include conf / extra / httpd-manual.conf # Distributed Authoring and Versioning (WebDAV) #include conf / extra / httpd-dav. conf # Various default settings Include conf / extra / httpd-default.conf # Configure mod_proxy_html to understand HTML4 / XHTML1 Include conf / extra / proxy-html.conf # Secure (SSL / TLS) connections #Include conf / extra / httpd-ssl .conf # # Note: The Following Must Must Be Present to Support # Starting Without SSL on Platforms with No / Dev / Random Equivalent # But A Statically compiled-in mod_ssl. # SSLRANDOMSEED STARTUP BUILTIN SSLRANDOMSEED CONNECT BUILTIN # # Uncomment Out The Below to Deal with User Agents That Deliberately # Violand Open Standards by Misusing DNT (DNT * Must * Be a Specific # End-User Choice) # # #BrowSermatch "MSIE 10.0;" Bad_DNT # # #requestheader Unset DNT ENV \u003d Bad_DNT #
Change .
Team - httpd.exe -k Restart.Allows you to complete any operation executed by the Apache server and forces Apache to re-read the configuration file.
Search and solve errors when installing Apache server
Apache comes with a utility called Apache Service Monitor. With it, you can see and manage the status of all installed Apache services on any computer on the network.
Restarting Apache 2.4.
As change In the main configuration files take effect only when you start or restart Apache server,
You need to restart the server.
Apachemonitor.
ApacheMonitor icon can be seen by clicking on the button - display hidden icons
Double-click the left mouse button on the icon. Apache Service Monitor.
You can click on the Apache server by clicking on the button. Restart.
In the Apache Service Monitor program window.
Or - Stop. and then - Start..
If you have made changes only to the httpd.conf file,
that introducing browser to the address string - Localhost. or - 127.0.0.1
,
You will see a page - Error 403 (Error 403).
Access Forbidden!
You don "T Have Permission to Access The Requested Directory. There Is Ener No Index Document or the Directory IS Read-Protected.If You Think This Is A Server Error, Please Contact The Webmaster.
Error 403.
127.0.0.1Apache / 2.4.4 (Win64)
Access is denied!
You do not have permission to access the requested directory. There is no index document or directory is protected from reading.If you think this is a server error, refer to the webmaster.
Error 403.
Enter the administrator rights to the command line - Administrator - Command String
and enter:
"C: \\ Program Files \\ Apache2.4 \\ Bin \\ Apache2.4 \\ Bin \\ httpd.exe" 2\u003e C: \\ ERRAPACHE.TXT
Microsoft Windows (C) Microsoft Corporation, 2016. All rights reserved. C: \\ Windows \\ System32\u003e "C: \\ Program Files \\ Apache2.4 \\ Bin \\ Apache2.4 \\ Bin \\ httpd.exe" 2\u003e C: \\ ERRAPACHE.TXT C: \\ Windows \\ System32\u003e
On disk C: / File will be created eRRAPACHE.TXT.
AH00112: WARNING: Documentroot Does Not Exist AH00112: Warning: Documentroot Does Not Exist (OS 10048) is usually allowed only to use the socket address (protocol / network address / port). : AH00072: Make_Sock: COULD NOT BIND TODRESS [::]: 80 (OS 10048) is usually allowed only to use the socket address (protocol / network address / port). : AH00072: Make_Sock: COULD NOT BIND TO Address 0.0.0.0:80 AH00451: No Listening Sockets Available, Shutting Down AH00015: Unable to Open Logs
AH00112: Warning (Warning):
C: / Program Files / Apache2.4 / docs / dummy-host.server-apache2.ru
C: / Program Files / Apache2.4 / docs / dummy-host2.server-apache2.server-apache2.ru
They do not exist (does not exist).
But the main thing is OS 10048 errors:
could not bind to address [::]: 80 (could not bind to address [::]: 80)
could not bind to address 0.0.0.0:80 (could not bind to address 0.0.0.0:80)
Enter the command line and enter:
netstat -aon.
Administrator: Command Line
Microsoft Windows (C) Microsoft Corporation, 2016. All rights reserved. C: \\ Windows \\ System32\u003e netstat -aon. Active Connections Name Local Address External Address PID TCP 0.0.0.0.0.0.0.0.0.0.0.0 :: Listening 1612 TCP [:::]: 80 [::]: 0 listening 1612 TCP 127.0.0.1:49693 127.0.0.1:49694 Established 5612 TCP 127.0.0.1:49694 127.0.0.1:49693 Established 5612 TCP 127.0.0.1:51341 0.0.0.0: Listening 3920 TCP 127.0.0.1:52006 0.0.0.0: Listening 3708 TCP 192.168.0.100:139 0.0.0.0 Listening 4 tcp 192.168.0.100:51330 34.226.135.28:443 Established 1232 TCP 192.168.0.100:51345 52.196.85.70:443 Established 1232 TCP 192.168.0.100:52796 88.212.253.127:21 Established 1128 TCP 192.168.0.100:53160 151.101.112.134 : 443 Close_Wait 3712 TCP 192.168.0.100:53161 151.101.112.134:4432.12.12.12.134:443 0.12.10.0.100:53162 151.101.128.134:44:443 0.12.101.12.134:443.168.0.100:53176 151.101.112.134:44:443 0.1101.112.134:44333.0.100:53179 151.101 .128.233: 443 Close_Wait 3712 TCP 192.168.0.100:53192 151.101.112.64:443 Close_wait 3712 TCP 192.168.0.100:53223 23.61.217.175:443 Close_Wait 3712 TCP 192.168.0.100:53230 185.29.133.52:443 Close_wait 3712 TCP 192.168.0.100:53246 2.18.74.149:443 Close_Wait 3712 TCP 192.168.0.100:53271 52.205.235.141:443 Established 5236 C: \\ Windows \\ System32\u003e
The process identifier, more known as the PID identifier is a unique number. Each process running in the system has a unique identifier.
TCP 0.0.0.0:80 0.0.0.0: Listening 1612
TCP [:::]: 80 [::]: 0 listening 1612
Open Task Manager
Only APACHE2.4 has a PID identifier - 1612
In catalog C: / Program Files / Apache2.4 / Conf / Extra / Software Foundation / Apache2.4 / Conf / Extra /
Open the file in the notepad - httpd-vhosts.conf.
Before you make any changes, back up the file - httpd-vhosts.conf..
Replace in the VirtualHost sections
httpd-vhosts.conf. - Contents Apache 2.4 Server Configuration File
# Virtual hosts # # Required Modules: mod_log_config # if you want to maintain multiple domains / hostnames on your # Machine You Can Setup Virtualhost Containers for them. Most Configurations # Use Only Name-based Virtual Hosts So The Server Doesn "T Need To Worry About # ip Addresses. This Is Indicated by The Asterisks in the Directives Below. # # Please See The Documentation AT #
In catalog C: \\ Windows \\ System32 \\ Drivers \\ ETC \\
Open the file in the notepad - hosts.
And add a string to it:
127.0.0.1 Localhost www.server-apache24.ru Server-apache24.ru
Singing the Apache server by pressing the button Restart.
In Apache Service Monitor.
Enter browser to the address bar - server-Apache2.ru.
and see you created by you, index page of the main site of the APACHE2.4 server
The site index page must be in the WWW subdirectory (C: \\ Server-apache24.ru \\ www \\)
After installing Apache 2.4 server, log in to the command line and enter commands:
httpd.exe -t.
Two warnings will be received.
Administrator: Command Line
Microsoft Windows (C) Microsoft Corporation, 2016. All rights reserved. C: \\ Windows \\ System32\u003e cd C: \\ Program Files \\ Apache Software Foundation \\ Apache2.4 \\ bin \\ C: \\ PROGRAM FILES \\ Apache2.4 \\ Bin\u003e httpd.exe -t. AH00112: Warning: Documentroot Does Not Exist AH00112: Warning: Documentroot Does Not Exist Syntax OK C: \\ Program Files \\ Apache2.4 \\ Bin\u003e
Previously, in our series on the basics of Linux, we considered the basics of working with the Apache web server. It is the most widely used web-server web server on the Internet (as of July 2015, Apache's share was 38%, IIS - ranked 26%, and Nginx - 15%). Therefore, the more you know about him and understand how it works, the greater success you will achieve when hacking it.
Today we look at the basics of Apache Server Settings. As we wrote earlier, configuration and tuning of almost all applications in a Linux or Unix is \u200b\u200bdone through configuration files, which are plain text. Apache here is no exception. Therefore, in this article we will focus on the Apache2.conf configuration file, which is located in the / etc / apache2 directory.
Step 1. Start Apache2
Let's start with the fact that we will start Apache2. Let's do it through the Kali environment graphic shell by clicking on Applications -\u003e Kali Linux -\u003e System Services -\u003e HTTP -\u003e Apache2 Start, as shown in the screenshot below.
Or run it through the command line by typing the next command in the terminal
Kali\u003e Service Apache2 Start
It launches the Apache2 daemon, and from this moment on the web server must process our content on the Internet.
Step 2. Check the server performance
To test whether our Apache server running, let's just point your browser at localhost or 127.0.0.1. If you see a page like a screenshot below, it means that the server works fine!
Step 3. Open the configuration file
To configure Apache, we need to go to the / etc / apache2 directory.
KALI\u003e CD / ETC / Apache2
Withdraw the list of all files in this directory:
Kali\u003e LS -L
As you can see, there are several files and subdirectory in this directory. Now we are only interested in the Apache2.conf file, but note that we have a ports.conf file and the SITES_AVAILABLE folder that we need a little later, there are several other configuration files and folders.
We can open apache2.conf in any text editor, but here we will use Leafpad. The file can be opened, just typing in the console:
Kali\u003e leafpad /etc/apache2/apache2.conf
As you can see, this command opens a text file with all the information about the configuration of our Apache web server. To configure the server, we will now try to familiarize you with all the key points of this file.
Step 4. Serverroot
Let's scroll down, skipping all comments, and find the line # 70 where the global settings section begins. Here we see the SERVERROOT settings. This is the top of the directory tree in which the Apache server stores all files related to the server. Row # 84 Specifies ServerRoot. We can simply revive this string if we want to install / etc / apache2 as a serverroot. We recommend that you do it.
Step 5. Timeout.
In the next section, we have variables that determine the parameter values: timeout, keepalive, maxkeepaliverequests and keepaliveTimeout.
- Timeout.: This is the time during which the server must execute the user. Its default is 300, which means that the server must process each query for 300 seconds or 5 minutes. This is definitely too long and this value can be set in 30 seconds.
- Keepalive.: This means that the server remains alive (keeps the connection) for several requests from the same client. By default, the "ON" value is set. This means that customers do not need to create a new connection for each request to our server. This approach saves server resources.
- MaxkeepaliveRequests.: This value determines the maximum number of seconds allowed between requests received from the established connection with one client. If we set this value to 0, then the amount of time is not limited.
- KeepaliveTimeout.: This is the amount of time between requests, to determine that the connection is still alive (installed).
We suggest you leave all the default values \u200b\u200bexcept the "TimeOut" parameter. Each situation is different and you may need to change these defaults to adapt the server performance in a particular environment.
Step 6. User and Apache2 groups
Let us once again to scroll down a few lines in apache2.conf file, until we reach the line # 177. Here we can install the user and Apache2 groups. Note Comment to Row # 177. It indicates that we can set these variables in the Envvars file (environment variables). Let us leave this question for future articles, but for now, just keep in mind that both User (user) and group (group) are variables, the values \u200b\u200bof which are taken from the / etc / apache2 / envvars file.
And finally, the last section is of great importance for APACHE safety, starts with a string # 193. This section provides warranty that web clients will not be able to access files.htaccess and.htpasswd.
Step 7. Logging
The following section describes how Apache manages logs (logs).
In the first subsection, we appeal to the HostNameLookups parameter. This directive reports Apache2 whether it should execute the DNS search when it records the installed connection in the log. With the default "OFF" value, Apache2 works much better.
Step 8. Available sites
Now let's look at the site_available directory and, most importantly, the file that is in the default in it. It is often called virtual hosts file (Virtual Hosts) by default. Open this file by typing in the console:
Kali\u003e Leafpad / etc / apache2 / site_available / default
As you can see, there are three critical areas in this file. The first string determines which port is listening to the web server. It defines here that it listens to any interface on the 80th port (*: 80). The second line defines the email address to which you want to send notifications in case of problems with the server. By default, there is an address if you are a system administrator, here you can specify your email address. The third element may be the most important - Documentroot. It determines where the content will be located for this virtual host, the default value is the / VAR / WWW directory. We suggest you leave everything in the form in which it was determined by the developers.
Step 9. Ports
Finally, we can go to the file apache2.conf even lower to line # 248 - «include port.conf». This directive simply reports Apache about the need to go to the port.conf file to find those ports that it must listen.
