Академический Документы
Профессиональный Документы
Культура Документы
HEERAH D, PESU
Apache
Although we call Apache a web server, it is not a physical server, but rather a
software that runs on a server.
HEERAH D, PESU
When a visitor wants to load a page on your website, for instance, the
homepage or your “About Us” page, their browser sends a request to your
server and Apache returns a response with all the requested files (text,
images, etc.).
The server and the client communicate through the HTTP protocol and
Apache is responsible for the smooth and secure communication between the
two machines.
HEERAH D, PESU
Apache has modules for security, caching, URL rewriting, password
authentication, and more.
You can also set up your own server configurations through a file
called .htaccess, which is an Apache configuration file supported with
all Hostinger plans.
HEERAH D, PESU
An Apache web server can be an excellent choice to run your website
on a stable and versatile platform. However, it also comes with some
disadvantages you need to pay attention to.
Pros:
Open-source and free, even for commercial use.
Reliable, stable software.
Frequently updated, regular security patches.
Flexible due to its module-based structure.
Easy to configure, beginner-friendly.
Cross-platform (works on both Unix and Windows servers).
Works out of the box with WordPress sites.
Huge community and easily available support in case of any problem.
HEERAH D, PESU
Cons:
HEERAH D, PESU
httpd
HTTP Daemon is a software program that runs in the background of a web
server and waits for the incoming server requests. The daemon answers the
request automatically and serves the hypertext and multimedia documents
over the Internet using HTTP.
HEERAH D, PESU
ServerRoot
ServerRoot is the path to the server’s configuration, error and log files.
It is possible to change this path, provided all the necessary files are copied to
the new location accordingly.
HEERAH D, PESU
HEERAH D, PESU
PidFile
PidFile is the process identification number for the httpd.
HEERAH D, PESU
ServerName
ServerName gives the name and port that the server uses to
identify itself.
This option is to set to your DNS hostname, or IP address (to find out your IP
address, run command "ipconfig"), or your computer name, or "localhost"
(localhost is meant for local loop-back testing only, you can also use the
localhost's IP address 127.0.0.1)
HEERAH D, PESU
HEERAH D, PESU
/etc/hosts file
The hosts file allows easy matching of names to IP addresses.
In general, using the hosts file is a good way of testing your IP-to-name (or
vice versa) configurations before committing these changes into a production
environment.
HEERAH D, PESU
DocumentRoot
DocumentRoot tells you where your web documents (html files, images etc)
should be located.
HEERAH D, PESU
HEERAH D, PESU
ErrorLog
ErrorLog tells you where the log containing all server errors is located.
This file is critical for debugging and solving server misconfiguration problems
and for propertrafficshaping.
Bydefault, all messages with the value of warning(warn) and higher will be
logged. This is described in the LogLevel directive just below.
Please note that this is relative to the ServerRoot. Therefore, our log file is
/etc/httpd/logs/error_log.
HEERAH D, PESU
Listen
TheListencommandtellstheWebserverwhatportstouseforincomingconnections.
The accepted conventions calls for using port 80 for non-secure web
communications (without any encryption of traffic).
HEERAH D, PESU
HEERAH D, PESU
Access Control
HEERAH D, PESU
Access Control in Apache HTTP Server
Access control could also be based on other criteria, such as the network
address, the time of day, the browser which the client is using, the types of
request methods, and etc.
HEERAH D, PESU
Directory Access Control
This section deals with access control to directories. The following sections
will deal with access control to files and locations.
Syntax:
HEERAH D, PESU
The <directory> block directive encloses a set of access-control directives,
which will be applied to the matched directory(ies) and its sub-directories.
The directories specifies the directories applicable to this block.
Options: controls what kinds of actions are permitted for the set of resources
under control.
+ (or -) adds (or removes) that particular option, relative to the current setting.
All the other options remain the same.
HEERAH D, PESU
The available options are:
•Indexes: If the client requests for a directory and there is no indexing file (e.g.,
"Index.html") in the directory, then the server will return a listing of the directory. If
"Indexes" option is disabled, the server returns error "403 Forbidden".
•IncludesNOEXEC: Allow SSI, but disable #exec command and #exec CGI.
•None: Nothing.
HEERAH D, PESU
Since the <Directory> matching applies to sub-directories, "/www" has
options Indexes and ExexCGI, "/www/sales" has option Indexes only
(the setting in the parent directory is ignored), and "/www/support" has
option ExecCGI (inherited from its parent directory).
HEERAH D, PESU
For example, "Option +Indexes -ExecGGI" directive adds the "Indexes"
option and removes the "ExecCGI" option from the current setting. The other
options remain unaffected.
In the above example, since –Indexes is the option, this sub-directory has
option ExecCGI and Indexes option is removed.
HEERAH D, PESU
Order: specifies the order in
which Allow and Deny directives are evaluated.
•Deny,Allow:
•Access is allowed by default, and the Deny directives are evaluated before
the Allow directives. Any client which does not match a Deny directive "or"
does match an Allow directive will be allowed access to the server. (The client is
allowed access if it is in both Deny and Allow list, as Allow is evaluated last.)
•Allow,Deny:
•Access is denied by default, and the Allow directives are evaluated before
the Deny directives. Any client which does not match an Allow directive "or"
does match a Deny directive will be denied access to the server. (A client in
both Allow and Deny will be denied access, as Deny is evaluated last.)
HEERAH D, PESU
HEERAH D, PESU
HEERAH D, PESU
.htaccess
HEERAH D, PESU
What is .htaccess?
.htaccess is a configuration file for use on web servers running the Apache Web Server
software.
When a .htaccess file is placed in a directory which is in turn 'loaded via the Apache
Web Server', then the .htaccess file is detected and executed by the Apache Web Server
software.
These .htaccess files can be used to alter the configuration of the Apache Web Server
software to enable/disable additional functionality and features that the Apache Web
Server software has to offer.
These facilities include basic redirect functionality, for instance if a 404 file not found
error occurs, or for more advanced functions such as content password protection or
image hot link prevention.
HEERAH D, PESU
'.htaccess' is the filename in full, it is not a file extension.
For instance, you would not create a file called, 'file.htaccess', it is simply
called, '.htaccess’.
This file will take effect when placed in any directory which is then in turn
loaded via the Apache Web Server software.
The file will take effect over the entire directory it is placed in and all files
and subdirectories within the specified directory.
HEERAH D, PESU
Password Protection
Very easily, we can password protect a directory (or multiple) of a web site
which require a username and password to access.
Passwords are also encrypted using one of the best encryption methods
available which ensures login credentials are kept secure.
HEERAH D, PESU
Adding MIME Types
MIME types set what a file is, or rather what file extensions refer to what file
types.
For example, a '.html' file extension refers to a HTML document, a '.zip' file
extension refers to a ZIP archive file.
The server needs to know this so it knows how to deal with the file. This is
often used to create custom file extension for common file types.
HEERAH D, PESU
To setup a MIME type, create a .htaccess file following the main instructions
and guidance which includes the following text:
'AddType' specifies that you are adding a MIME type. The second part is the
MIME type, in this case text or HTML, and the final part is the file extension,
in this example 'htm0'.
HEERAH D, PESU