Lect 06 - Web Server (Apache) - LWL

Technical Support Fundamentals (ITP 4107)
WEB SERVER – APACHE
Web Server – Apache

Topic 04,p.1
©VTC 2012
LESSON INTENDED LEARNING OUTCOMES

On completion of the lesson, students are expecte
d to
 setup, configure, monitor and control appropriat
e TCP/IP network services for satisfying given r
equirements.

Topic 04,p.2
©VTC 2012
OVERVIEW
 How Web Server Works
 Apache Web Server
 Virtual Hosting
 User Authentication

Topic 04,p.3
©VTC 2012
HOW WEB SERVER WORKS

 The Web is based on the client/server paradigm
. Typical Transaction on the Web
URL DNS Lookup
DNS Server
Web Client
TCP connection
HTTP request
Web Client
HTTP response
Web Server
Web Client

Topic 04,p.4
©VTC 2012
 The Web client (i.e. a browser) first performs

a DNS lookup on the server name specified in th
e URL, obtains the IP address of the server, an
d then connects to port 80 at that IP address
(or another port if the server is not using the
default HTTP port).
 When the connection is established, the client
sends an HTTP GET request for the document in t
he URL, which could be a specific HTML document
, an image or a script.
 After the server receives the request, it trans
lates the document URL into a filename on the l
ocal system.
Topic 04,p.5
©VTC 2012
 Next, web server (in our case, it is apache) e

valuates whether the requested document is sub
ject to some sort of access control.
 If no access control is required, the web serv
er satisfies the request as described in next
step. If access control is in effect, the web
server requests a username and password from t
he client or rejects the request outright, dep
ending on the type of access control in place.
 If the requested URL specifies a directory rat
her than a specific document, the web server l
ooks for the directory index page, index.htm
l by default, and returns that documents to t
he
Web Server
©VTC 2012
client.
– Apache
Topic 04,p.6
 Next, web server (in our case, it is apache) e

valuates whether the requested document is sub
ject to some sort of access control.
 If no access control is required, the web serv
er satisfies the request as described in next
step. If access control is in effect, the web
server requests a username and password from t
he client or rejects the request outright, dep
ending on the type of access control in place.
 If the requested URL specifies a directory rat
her than a specific document, the web server l
ooks for the directory index page, index.htm
l by default, and returns that documents to t
he
Web Server
©VTC 2012
client.
– Apache
Topic 04,p.7
 If the directory index page does not exist, the

web server might send a directory listing in HT
ML format back to the client or send an error m
essage, depending on how the server is configur
ed.
 The document can also be a specifically written
script. In this case, the web server executes t
he script (if permitted) and sends the result b
ack to the client (this is dynamic web pages).

Topic 04,p.8
©VTC 2012
WHAT IS APACHE HTTPD SERVER

 Is a powerful, flexible, HTTP/1.1 complia
nt Web server.
 Implements the latest protocols, includin
g HTTP/1.1 (RFC2616).
 Highly configurable and extensible with t
hird-party modules.
 Can be customized by writing 'modules', u
sing the Apache module API.
 Provides full source code and comes with
an unrestrictive license.

Topic 04,p.9
©VTC 2012
 Runs on Windows 7/Vista/XP/NT/9x, Netwar

e 5.x and above, OS/2, and most versions
of Unix and Linux, as well as several ot
her operating systems.
 Actively being developed.
 Encourages user feedback through new ide

as, bug reports and patches.
 Implements many frequently requested fea
tures.

Topic 04,p.10
©VTC 2012
WHAT IS AN APACHE MODULE

 Apache is a modular server.
 Only the most basic functionality is inc
luded in the core server.
 Extended features are available through
add-on modules.
 If the server is compiled to use dynamic
ally loaded modules, then modules can be
compiled separately and added at any tim
e using the LoadModule directive.

Topic 04,p.11
©VTC 2012
APACHE MODULES
 Modular architecture makes it possible f
or anyone to add new functions to the We
b server.
 There are a large number of modules now
available for Apache.
 It is easy to add a module to Apache.
 Modules can be statically or dynamically

loaded.

Topic 04,p.12
©VTC 2012
CONFIGURING APACHE
 Choosing functionality
 Apache functionality is available through modules
which are either built in or loaded into the serv
er.
 Apache is configured by placing directives in pla
in text configuration files.
 Main configuration file is usually called httpd.c
onf
 The location of this file is set at compile-time,
but may be overridden with the -f command line fl
ag.
 Normal location of httpd.conf in Linux:
/etc/httpd/conf/httpd.conf
Topic 04,p.13
©VTC 2012
SYNTAX OF THE CONFIGURATION FILES

 Directives are case-insensitive.
 Arguments to directives are often case sensitiv
e.
 One directive per line:
 The back-slash "\" may be used as the last charac
ter on a line to indicate that the directive cont
inues onto the next line.
 There must be no other characters or white space
between the back-slash and the end of the line.
 Extra white space is ignored.
 Comment lines begin with #
Topic 04,p.14
©VTC 2012
SCOPE OF DIRECTIVES
 Directives placed in the main configuration fi
le, httpd.conf, apply to the entire server.
 To change the configuration for only a part of
the server, scope the directives by placing th
em in <Directory>, <DirectoryMatch>, <Files>,
<FilesMatch>, <Location>, and <LocationMatch>
sections or containers.

Topic 04,p.15
©VTC 2012
MAIN SECTIONS IN CONFIGURATION FILE

There are several main sections in /etc/
httpd/conf/httpd.conf
 Global
 Main Server Configuration
 VirtualHost

Topic 04,p.16
©VTC 2012
BASIC CONFIGURATION
ServerRoot: The top of the directory tree under which
 ServerRoot “/etc/httpd” the server's configuration, error, and log files are kept.
 Listen 80
Load config files from the config directory
 Include conf.d/*.conf "/etc/httpd/conf.d"
 User apache The name (or #number) of the user/group to run httpd
 Group apache as.
The directory out of which you will
 DocumentRoot "/var/www/html" serve your documents
The name of the directory that is appended onto a
 UserDir public_html
user's home directory if a ~user request is
 DirectoryIndex index.html received.
Sets the file that Apache will serve if a directory
is requested.
 ErrorLog logs/error_log
Sets the location of the error log file. In this
case, /etc/httpd/logs/error_log

Topic 04,p.17
©VTC 2012
APACHE: ADMINISTRATION
 Use the chkconfig command to configure Apache to
start at boot:
chkconfig httpd on
 Use the httpd init script in the /etc/init.d dir

ectory to start, stop, and restart Apache after
booting:
service httpd start
service httpd stop
service httpd restart
 Test whether the Apache process is running with

pgrep httpd
service httpd status
Topic 04,p.18
©VTC 2012
APACHE LOGS
 Two types of logs
 True log – the server writes information t
o a designated file, adding sequent records
each time the information appears.
 Status report – contains up-to-date status
reports on the server.
 Requires the mod_info module.
 Both are configured via the httpd.conf
file.

Topic 04,p.19
©VTC 2012
 Access_log
 Contains a record for each browser request,
which is a good way to see who have visited
your Web site.
 Error_log
 Records messages from the server about anyt
hing that goes wrong.

Topic 04,p.20
©VTC 2012
VIRTUAL HOSTING
 Apache has the capability to serve many
different Web sites simultaneously.
 This is called Virtual Hosting.
 Directives can also be scoped by placin

g them inside <VirtualHost> sections.

Topic 04,p.21
©VTC 2012

Topic 04,p.22
©VTC 2012
VIRTUAL HOSTS
 Although the Web browser seems to be connecting to a
Web site that is an isolated entity, the website may
actually be hosted alongside many others on the same
machine.
 ISPs do this a lot
 Allowing additional Web presence without extra har
dware or software investment.
 Each of the virtual server may have totally differen
t contents, configurations, and separate log files.
 Alternative is to run another server on a different
port.
 Part of the basic server configuration (httpd.conf).

Topic 04,p.23
©VTC 2012
TYPES OF VIRTUAL HOSTS

 Name-based
 The server relies on the client to report the
hostname as part of the HTTP header.
 IP-based
 Use the IP address of the connection to deter
mine the correct virtual host to serve. There
fore, you need to have a separate IP address
for each host.
 This can be achieved by the machine having seve
ral physical network connections, or by use of
virtual interfaces which are supported by most
modern operating systems.

Topic 04,p.24
©VTC 2012
VIRTUAL HOSTS : EXAMPLE

<VirtualHost *:80>
ServerAdmin webadmin@vtc.edu.hk
DocumentRoot /home/peter/public_html
ServerName www.peter.com
ErrorLog logs/peter.com-error_log
CustomLog logs/peter.com-access_log common
</VirtualHost>

Topic 04,p.25
©VTC 2012
USER AUTHENTICATION
 We can password-protect content in both the ma
in and subdirectories of the DocumentRoot.
 Apache allows for decentralized management of
the configuration via special files placed ins
ide the Web tree.
 The special files are usually called .htaccess
, but any name can be specified in the AccessF
ileName directive (in httpd.conf)
 Directives placed in .htaccess files apply to
the directory where the file is placed, and al
l the sub-directories.

Topic 04,p.26
©VTC 2012
USER AUTHENTICATION EXAMPLE

Topic 04,p.27
©VTC 2012
USER AUTHENTICATION (2)

 The .htaccess files follow the same syntax as t
he main configuration files.
 Since .htaccess files are read on every request
, changes made in these files take effect immed
iately.
 The server administrator further controls what
directives may be placed in .htaccess files by
configuring the AllowOverride directive in the
main configuration files.

Topic 04,p.28
©VTC 2012
STEPS FOR USER AUTHENTICATION

1. Use Apache's htpasswd password utility progra
m to create username/password combinations in
dependent of the system login password for We
b page access.
2. Make the .htpasswd file readable by all user
s.
3. Create a .htaccess file in the directory t
o which we want password control with these e
ntries.

Topic 04,p.29
©VTC 2012
.htpasswd File
To create the file, use the htpasswd utility program that came with
Apache. This is located in the bin directory of wherever you
installed Apache. To create the file, type:
htpasswd -c /etc/httpd/conf/.htpasswd rbowen
htpasswd will ask you for the password, and then ask you to type it
again to confirm:
# htpasswd -c /etc/httpd/conf/.htpasswd rbowen
New password: mypassword
Re-type new password: mypassword
Adding password for user rbowen

Topic 04,p.30
©VTC 2012
.htaccess File
The path to the password file
AuthUserFile /etc/httpd/conf/.htpasswd
Sets the name of a text file containing the
AuthGroupFile /dev/null list of user groups for authentication
AuthName "Restricted Files" Sets the realm name to be used
AuthType Basic Selects that method that is used to authenticate the user
require valid-user Setting the users allowed to access; will allow anyone
that is listed in the password file
You have now created a realm called "Restricted Files".

This is presented to the client when he/she is asked to log in.
Also, for any other regions of your web site which use a .htaccess file with
the same realm name, users will NOT be prompted again for login.

Topic 04,p.31
©VTC 2012
STEPS FOR USER AUTHENTICATION (2)

4. Set the correct file permissions (world reada
ble) on the new .htaccess file in the appropr
iate directory.
5. Make sure the /etc/httpd/conf/http.conf file
has an AllowOverride statement in a <Director
y> directive for any directory in the tree ab
ove the target directory, e.g. /home/*/public
_html
<Directory /home/*/public_html >
AllowOverride AuthConfig
</Directory>
Topic 04,p.32
©VTC 2012
USER AUTHENTICATION (3)

 Enter the following commands for those users y
ou want to add to the .htpasswd file:
htpasswd -c /etc/httpd/conf/.htpasswd peter
htpasswd /etc/httpd/conf/.htpasswd paul
htpasswd /etc/httpd/conf/.htpasswd mary
 For each user entered, you will be prompted fo
r the password.
 The htpasswd program helps generate encrypted
passwords using Unix encryption algorithm.
 Change the access mode of .htpasswd to 644.

Topic 04,p.33
©VTC 2012
In-place .htpaccess
 The content of the .htaccess file can al
so be placed directly in the httpd.conf
file for the target directory as follows
:
 DocumentRoot /var/chaiwanive/html
 …..
 <location />
 AuthUserFile /etc/httpd/conf/.htpasswd
 AuthName "Restricted Files"
 AuthType Basic
 require valid-user
 </location>
Topic 04,p.34
©VTC 2012
SUMMARY
 Web server
 Configuring Apache
 Virtual Hosting
 User Authentication

Topic 04,p.35
©VTC 2012

Lect 06 - Web Server (Apache) - LWL

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lect 06 - Web Server (Apache) - LWL

Uploaded by

Copyright:

Available Formats

Technical Support Fundamentals (ITP 4107)

WEB SERVER – APACHE

Web Server – Apache

LESSON INTENDED LEARNING OUTCOMES

Web Server – Apache

Web Server – Apache

HOW WEB SERVER WORKS

URL DNS Lookup

Web Server – Apache

 The Web client (i.e. a browser) first performs

 Next, web server (in our case, it is apache) e

 Next, web server (in our case, it is apache) e

 If the directory index page does not exist, the

Web Server – Apache

WHAT IS APACHE HTTPD SERVER

Web Server – Apache

 Runs on Windows 7/Vista/XP/NT/9x, Netwar

 Encourages user feedback through new ide

Web Server – Apache

WHAT IS AN APACHE MODULE

Web Server – Apache

 Modules can be statically or dynamically

Web Server – Apache

SYNTAX OF THE CONFIGURATION FILES

Web Server – Apache

MAIN SECTIONS IN CONFIGURATION FILE

 Main Server Configuration

Web Server – Apache

Web Server – Apache

 Use the httpd init script in the /etc/init.d dir

 Test whether the Apache process is running with

Web Server – Apache

Web Server – Apache

 Directives can also be scoped by placin

Web Server – Apache

Web Server – Apache

Web Server – Apache

TYPES OF VIRTUAL HOSTS

Web Server – Apache

VIRTUAL HOSTS : EXAMPLE

Web Server – Apache

Web Server – Apache

USER AUTHENTICATION EXAMPLE

Web Server – Apache

USER AUTHENTICATION (2)

Web Server – Apache

STEPS FOR USER AUTHENTICATION

Web Server – Apache

Web Server – Apache

You have now created a realm called "Restricted Files".

Web Server – Apache

STEPS FOR USER AUTHENTICATION (2)

USER AUTHENTICATION (3)

Web Server – Apache

Web Server – Apache

You might also like