Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Download
Standard view
Full view
of .
Look up keyword or section
Like this
3Activity

Table Of Contents

1 Introduction
2 Basic Setup
2.1 Verify installation
2.2 Package files
Table 1: Apache Web server files
2.3 Main configuration file(s)
2.3.1 Backup
2.4 Edit the httpd.conf configuration file
Figure 1: Editing httpd.conf main configuration file
2.4.1 ServerRoot
2.4.2 PidFile
2.4.3 ServerName
2.4.4 Add site to /etc/hosts file
2.4.5 DocumentRoot
2.4.6 ErrorLog
2.4.7 Listen
2.5 Create your HTML documents
Figure 11: Contents of /var/www/html directory
2.6 Start the Web Server
2.7 Access the web site
2.7.1 Local access
2.7.2 Internal & external access
Figure 18: Internal access from a Windows machine
2.8 Summary of basic setup
3 Advanced setup
3.1 Directory tags
3.1.1 Order (allow, deny)
Figure 21: Accessing Web server from denied host
Figure 22: Accessing Web server from allowed host
3.1.2 Indexes
3.2 Files tags
3.3 Location tags
Figure 28: Apache Server Status Location tags example
3.4 Directory, Files and Location
3.5 Redirect
3.6 Virtual Hosts
3.6.1 Single IP, two websites
Figure 32: Hosts file change matching Virtual Hosts
Figure 33: Wrong use of Hosts file entries
3.6.2 Two IPs, two websites
3.6.3 Other scenarios
3.7 Modules
3.7.1 Module types
3.7.2 View installed modules
Figure 40: Listing static and shared modules
3.7.3 LoadModule
Figure 42: Contents of /usr/lib/httpd/modules
4 .htaccess
4.1 Create .htaccess file
4.2 Create .htpasswd file
4.3 Copy .htaccess to restricted directory
4.4 Configure httpd.conf to allow authentication via .htac- cess
4.5 Test setup
Figure 47: Testing .htaccess, no file in place
Figure 48: Testing .htaccess, file in place
4.6 Other configurations
4.6.1 Inheritance & performance loss
4.6.2 Disable web access to .htaccess
5 Secure Web server
5.1 Encrypted session
5.2 Requirements
5.3 Limitations
5.4 Main configuration file(s)
5.5 Edit the ssl.conf configuration file - part 1
5.5.1 LoadModule
5.5.2 Listen
5.5.3 VirtualHost
Figure 55: VirtualHost block for secure site
5.6 Create SSL certificate
5.6.1 Create Certificate Authority (CA)
Figure 56: Creating Certificate Authority key
Figure 58: Creating new certificate, continued
5.6.2 Create server key
5.6.3 Create Certificate Signing Request (CSR)
Figure 60: Creating Certificate Signing Request
Figure 61: Creating Certificate Signing Request, continued
5.6.5 Verify certificates
Figure 68: Certificate Authority location
5.8 Test setup
Figure 70: Unknown certificate website warning
5.9 Mini-summary
5.9.1 Names
5.9.4 Verification
5.9.5 File names and locations
Table 5: Secure Web server file names and locations
5.10 Extras
5.10.1 Do not use password-protected server keys
5.10.2 Create server key without password
Figure 74: Allow secure site restart without password
Figure 75: Restarting Web server without password prompt
5.11 Submission of CSR to CA
5.11.1 Create CSR
5.11.2 Send CSR to CA
5.11.3 Verify certificate
5.12 General considerations
5.12.1 Use secure server only
5.12.2 Use only IP-based virtual hosts
5.12.3 Use server.key as file name for the server key
6 Other configurations
6.1 Firewall rules
6.1.1 Advanced firewall rules
6.1.2 Port forwarding
6.1.3 Destination NAT
6.1.4 Static NAT
6.2 Enable Web server on startup
7 Security
7.1 Updates
7.2 Hide your server version
7.3 Logs
7.4 Permissions
Table 6: Apache Web server recommended file permissions
7.4.1 Access to root (/)
7.5 AllowOverride
7.6 Disable public access to .ht files
7.7 Dynamic content
7.7.1 Disable CGI
7.8 Disable Server Side Includes (SSI)
7.9 Disable unnecessary modules
7.10 Use ModSecurity (mod_security) module
7.11 Chroot Jail
7.12 Secure web server only
7.12.1 Different DocumentRoot
7.12.2 Permissions
7.12.3 Duration of certificates
7.13 Word of caution!
8 References
8.1 Additional references
0 of .
Results for:
No results containing your search query
P. 1
www.dedoimedo.com-apache-web-server-lm

www.dedoimedo.com-apache-web-server-lm

Ratings: (0)|Views: 259|Likes:
Published by torquemada

More info:

Published by: torquemada on Mar 21, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

01/29/2013

pdf

text

original

You're Reading a Free Preview
Pages 4 to 43 are not shown in this preview.
You're Reading a Free Preview
Pages 47 to 98 are not shown in this preview.
You're Reading a Free Preview
Pages 102 to 106 are not shown in this preview.
You're Reading a Free Preview
Pages 110 to 129 are not shown in this preview.

Activity (3)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
connecttomeher liked this

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->