Académique Documents
Professionnel Documents
Culture Documents
Apache httpd
The most commonly used web server in the world today is Apacheand with good reason. Built with
security in mind, Apache is a solid and stable web server that has been around for years. The module design
allows for scalability and ease of use.
Apache can also be used to host multiple websites at a single time through the use of its virtual hosts feature.
There is also an option to use the SSL protocol, making websites safe and secure. This secure base provides a
platform for developers to use when writing secure code for banks, retail sites, and so on.
/etc/httpd/conf/httpd.conf
/var/log/httpd
/usr/lib64/httpd/modules
The main config file for Apache is completely usable right out of the box, which is great if youd like to just
get up and running. You should spend some time looking through the main config file because it provides
many options and good documentation in the comments. The top of the config file is grouped into three
sections.
Below are the comments sectionfrom the /etc/httpd/conf/httpd.conf file:
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the global environment).
# 2. Directives that define the parameters of the main or default server,
# which responds to requests that arent handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
Below are some important directives that we might be interested to configure to setup as basic webserver:
Lets start by defining the location of a website on the file system. By default, it is located in the
/var/www/html directory, although this can be changed if youd like.
In the main config file, you see a section denoted by the Directory option.
Section of /etc/httpd/conf/httpd.conf:
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
The options defined within this section apply specifically to the website and directory structure, as defined
by the Directory option. For the preceding example, this means the site located in the /var/www/html
directory. If you want to change the directory where your site is located, you need to change the
DocumentRoot option as well as the Directory option. The default option is
DocumentRoot /var/www/html
There is also a way to have multiple sites using virtual hosts, as you see later. When your config file is
completely set up the way you want it, you can use the httpd service options to test your config file. Using the
configtest argument, the service parses the main config file for any errors and reports back if something is
found. It is always a good idea to check your config file before trying to use it because it will prevent the
server from starting if it contains any errors.
Test the config file:
# service httpd configtest
Syntax OK
There is also another cool option that the httpd service has (many services have it, but it is more useful here).
Normally, for a service to use a new config file, it requires that the service is restarted. This restart process
actually stops the service from running before starting it over again.
Normally, this isnt a big deal, but when hundreds of people are hitting your site, can you afford to have even
a two-second outage? To circumvent this issue, you can use the reload argument, which allows the main
config file to be reread without the actual service being brought down.
This is why it is important to test your config files first.
To restart the httpd service, use the following command:
# service
iptables:
iptables:
iptables:
iptables:
iptables restart
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading modules: [ OK ]
Applying firewall rules: [ OK ]
Additionally, you need to look at SELinux protection for the web server.