Apache is the open source web server that almost everyone uses.
Contents |
Controlling it
Apache can be controlled in two ways. The first is to use the normal init script that brings the server up and down with the server. The command is usually:
/etc/init.d/httpd start or /etc/init.d/apache2 start
If you are on CentOS, then the command is simply "service httpd start". But this all just stops the server. You can run start, stop, or restart with this.
Now for a little more fun, you can use apachectl or apache2ctl. (Depending on which version you have.) You may have to run it directly, like if you are on a cpanel server. Try running "locate apachectl" to find out where it is. Here is an example:
/usr/local/apache/bin/apachectl stop
It can also start, stop, and restart. It also can do "status" and give you a cool status output. apache2ctl can also do a -S which will dump the vhosts that the server is hosting. Read on to learn more about vhosts.
Configuring it
All of apache's configuration files are in /etc/httpd or /etc/apache2. Often different parts of the config are broken up into different files. The main one will probably be called httpd.conf or apache2.conf.
There are all sorts of things todo in this file, but one of the most fun and productive things it to make it go faster if it is slowing down under heavy loads. Read on about that in the next section.
Apache Optimization
Optimizing apache comes down to tweaking a few settings in order to handle large loads. Stock apache will do fine if you have only a few dozen visitors at a time. However if your website is handling hundreds of hits a minute, and you are experiencing a slowdown, you will probably have to adjust it.
The the main howto: Optimizing Apache
What are Vhosts?
Vhosts are how apache knows which document root to put you in, depending on what hostname you typed in your browser. You see, you may have an Ip Address that hosts multiple websites. Vhosts are how apache knows how to distinguish between multiple websites on one ip.
Installing mod_limitIPcon
First of all log into your server as the user root, and change into a directory where you want to store the archive file.
cd /root/downloads
Now head over to http://dominia.org/djao/, and under the software section click on mod_limitipconn. If your running apache 1.3x then copy the link to the tar archive. If your running apache 2.x then click on the link to go to the apache 2.0 version.
For apache 1.3x: wget http://dominia.org/djao/limit/mod_limitipconn-0.04.tar.gz
For apache 2.x: wget http://dominia.org/djao/limit/mod_limitipconn-0.22.tar.gz
In this installation we are using apache 2, but we will explain how to do it in version 1.3x also.
Now we are done with getting the latest version.
Installing mod_limitipconn
=================
Ok, lets extract the downloaded file.
tar -zxvf mod_limitipconn-0.22.tar.gz
This will extract it, if your using apache 1.3 then replace the archive name with yours.
Change into the extracted directory.
cd mod_limitipconn-0.22/
Now we will need to edit the Makefile.
nano Makefile
change APXS=apxs
to
APXS=/usr/local/apache2/bin/apxs
Or where ever your apxs is located it. If you do not have apxs that means you will need to install the httpd-devel pacakge. Just use yum install httpd-devel, and that will do the job.
Now save with CTRL+O, exit with CTRL+X.
Now compile it.
make
Now lets install it.
make install
Ok, all we need to do now is restart httpd/apache.
service httpd restart
It should now be install.
Limiting IPs
=================
Now we will show you how to limit ips.
Lets edit our httpd.conf
nano /usr/local/apache2/conf/httpd.conf
CTRL+W and search for:
- ExtendedStatus
Change to: ExtendedStatus On
Now go to the end of the httpd.conf, We will now add the iplimit configuarations.
<IfModule mod_limitipconn.c> <Location /> MaxConnPerIP 3 NoIPLimit images/* </Location> </IfModule>
This will limit all ipaddress to a maximum of 3 connections, except for files in the images/ directory. The files in the images/ directory can have unlimited connections.
CTRL+O to save, then CTRL+X to exit.
Now restart httpd/apache and it will take effect.
service httpd restart
Were done!
Installing Apache-Protect
Apache Protect is a GUI utility that lets you configure and set up the built-in basic authentication and access control capabilites of your local Apache web server that comes pre-installed with all versions of Mac OS X. With this app you can easily set up user and group files, protect directories with a username and password and set access control.
Doing all of this manually can both be time-consuming and confusing to the regular end user, since it often involves fiddling in the terminal and using "those pesky unix commands". This tool is just simply meant to make the whole process easier with a sleak aqua interface.
• Installation!
Just drag Apache Protect to your Applications folder.
• How do I protect a directory?
When first loading Apache Protect you may be asked to configure the Apache Web Server so it recognizes the security settings you are setting with Apache Protect. (for the technically inclined, please be away that this will set all the "AllowOverride None" settings in your httpd.conf file to "AllowOverride AuthConfig Limit"). You will have to authenticate this process, as Apache Protect will change a few lines in your /private/etc/httpd/httpd.conf file. Please make a backup of your configuration files first if you are trying this on a production server!
After the initial setup process, you will have to create or use an existing user file where you are storing all the usernames and passwords.
Setup a userfile:
Select the "Configure user file" tab and then click the "New" button. Use whatever name you wish, but make sure the location will be outside the realm of the web server (directly in you home directory should be fine). Now start adding users by entering their usernames and passwords in the fields below. Click the "Add user" button, and the the user gets added in the table view above. Notice that for security reasons the password was encrypted with CRYPT encryption. The user file is also automatically saved every time you edit it, so you don't have to worry about that.
Protecting a directory:
When you have a userfile ready to use with the usernames you wish to protect your directory with, you can select the "Protect directory" tab. Clicking the "Select" button will give you a dialog for specifying the directory you want to protect. Remember that this has to be within one of Apache's directory setups. The default location for your webserver files is in "/Library/WebServer/Documents" and also within every home-directory in "~/Sites".
Then select the user file you just created, and you'll see that the usernames will appear in the table-view below. Just check all the users you wish to gain access to the directory. When that is done, remember to click the "Save protection" button. Voila! The directory you selected is now protected.
