Apache2 is the second and actual version. Many advanced applications as web applications require an web server, so apache2 can be used for it.http://httpd.apache.org/docs/2.0/ http://httpd.apache.org/docs/2.0/howto/
For gentoo linux the installation is easy. Set use flag apache2. When doing a emerge -pv apache, the variable APACHE2_MODULES shows additional modules, when the default is not ok the file /etc/portage/make.conf
can get the APACHE2_MODULES with the corrections. Then emerge apache. Per
default the web server
uses and initializes the directory /var/www/localhost
.
If this is not empty, the emerge apache command refuses to write to it, since there is a
potential danger to
overwrite something (as www-misc/htdig a search robot that might be there). If it is not empty, you will be asks
to take care or do something as emerge --config =apache-<x>
.<y>
.<zz>
to initialize and eventually
overwrite some files
when desired.
Using OpenRC apache can be started as follows:
/etc/init.d/apache2 start
or to do it automatically next boot add it to the run scripts
rc-update add apache2 default
If you get the error:
apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
add
ServerName <name of my computer>
to /etc/apache2/httpd.conf
Type in your computers IP address in a web browser of an other computer (as 192.168.1.33), or on the
same computer where the apache server is running (127.0.0.1). Or http://<computername>
.
The file /var/www/localhost/htdocs/index.html
should now be seen.
There is also the possible to have more than virtual host installed on one PC or even more than one web server. http://httpd.apache.org/docs/2.4/vhosts/
Different programs as web applications must be aware when making use of virtual hosts. Gentoo Linux uses the vhost use flag for this purpose.
The virtual hosts are defined in /etc/apache2/vhosts.d
where. Every file that ends with .conf
will be read in an alphabetical
order. Every file with .conf
is a virtual host. Additionally the .conf
files include other files.
So a Gentoo virtual host definition has two files per virtual host a .conf
file and a .include
file.
The domain names have to be unique on the Internet, so when using something as com
then a potential conflict might occur. But for some tests an arbitrary domain name is desired to be taken. The domain name local is commonly used for that. As local
says it is meant for a local net and should not be used on the globally Internet.
Here an example of a /etc/apache2/vhosts.d/example.local.conf
<VirtualHost *:80> ServerName example.local Include /etc/apache2/vhosts.d/example.local.include </VirtualHost>
and the corresponding .include
/etc/apache2/vhosts.d/example.local.include
ServerAdmin root@localhost ServerName example.local ServerAlias www.example.local DirectoryIndex index.html DocumentRoot "/var/www/example/htdocs" <Directory "/var/www/example/htdocs"> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory>
The data of those hosts can be put in directories as
/var/www/example/htdocs
.
The security settings might restrict apache to show any file outside of
/var/www/example
Options FollowSymLinks does it but can obviously not change the directories permissions. So make sure all directories including parent directories are readable by apache.
To make the browsers find your virtual hosts add their addresses in all computers accessing this virtual host to their
/etc/hosts
( an alternative would be setting up an local DNS server)
and restart apache /etc/init.d/apache2 restart
A more advanced way is to install a dns server on the server machine.
In this example the server has just one IP address and therefore all virtual host have the same IP address, but apache can pick the right virtual host.
However this does not work when coming from the Internet. The HTTP GET ends on the router and then does port forwarding to the PC running the web server. The information what virtual host arrives is lost and the default host is taken
curl -H 'Host:www.linurs_octo.local' 178.196.3.233 curl allows to pass a modified header with the virtual host name. Some browser extensions allow the same thing.
To avoid installing, maintaining and updating web applications (www-apps) for each virtual host and therefore multiple times, gentoo supports to install the webapplications just once and then hard links them to the virtual hosts. Just the config files and the files to be written exist multiple times. To deal with this emerge webapp-config. The program webapp-config can also be considered as package manager (as emerge) for web applications.
Web applications are installed under
/usr/share/webapps
.
There is the vhosts useflag, when this flag is on, emerge will not run webapp-config automatically and the web application needs to be installed manually using webapp-config.
To install a web application to the virtual host test1.example.com:
webapp-config -I -h <host as in /var/www>
-d <web application name> <and version>
To remove a web application
webapp-config -C -h <host as in /var/www>
-d <web application name> <and version>
Check man webapp-config to see how to install phpmyadmin to a virtual host.
To see what web apps and where are installed:
webapp-config --list-installs --verbose
To see whats there but not used
webapp-config --list-unused-installs --verbose
To see what web servers other than apache have been installed, type:
webapp-config --list-servers
The main configuration file is
/etc/apache2/httpd.conf
.
There is also /etc/conf.d/apache2
.
Many additional modules can be installed, they have their configuration files under
/etc/apache2/modules.d
. Everything that is
there will also be started when apache is started. Such modules are:
DAV (Distributed Authoring and Versioning) to access files on the server in a similar manner as accessing files on a harddisc
SSL (Secure socket layer) to have secure communications
To have cgi scripts running you need to give permission
<Directory /var/www/<myhost>
/cgi-bin>
Options +ExecCGI
</Directory>
To have SSI (Server Side Includes) working, the directories need to get
Options +Includes XBitHack on
The first lines enables SSI for the server. However this in not enough the files with SSI need to marked. The XBitHack way is setting executable permission on those html files.
The other way is to rename the web page from html to shtml. And tell apache to handle such files:
AddType text/html .shtml AddOutputFilter INCLUDES .shtml
To see the configuration: /etc/init.d/apache2 configdump or /etc/init.d/apache2 modules
To restrict access to certain users, you must create a password file as: htpasswd -c .htpasswd <username>
the password file (.htpasswd) needs to be saved somewhere on the pc where the web server has no access. For the access restriction there are different ways. In the config file as /etc/apache2/http.conf
or in the config file of the virtual host, the following can be added:
<Directory "/var/www/<path to protected dir>
"> AuthType Basic AuthName "Restricted Files" AuthUserFile /var/www/.htpasswd Require user<username>
</Directory>
For more sensitive Authentication use
AuthType Digest
since Basic sends the password not encrypted. Additionally or alternatively place the directory in the https (not http) section, so when the password is transmitted the connection is crypted.
Important is that either
AllowOverride All
or
AllowOverride AuthConfig
is set.
If you have setup you apache server then you have access to those files, if not, then there is a way using .htaccess files that can be put there where access needs to be restricted. However the absolute path to the password file needs to be known. The contents of such .htaccess files uses the same syntax as the configfiles but do not require the <Directory> element:
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /var/www/.htpasswd
Require user <username>
See http://httpd.apache.org/docs/2.0/howto/htaccess.html and http://httpd.apache.org/docs/2.0/howto/auth.html
XML files can be converted to html on demand. Modern browsers can do that do on the client side. To do it on the server side additional packages as Cocoon or AxKit are required. To work the xml file has a reference to a xsl stylesheet included in a processing instruction:
<?xml-stylesheet type="text/xsl" href="<my stylesheet>
.xsl"?>
Lighttp (also called Lighty) is a light and fast web server well suited for small embedded devices where apache might be an overkill. See http://redmine.lighttpd.net/projects/lighttpdhttp://www.lighttpd.net/http://wiki.ubuntuusers.de/lighttpd
The configuration is done via /etc/lighttpd/lighttpd.conf
where
server.port = 81
moves it away from port 80 and therefore avoids collision with an other server as apache. The root of the documents can be set with
server.document-root = "/var/www/localhost/htdocs"
It might be that this looks as
server.document-root = var.basedir + "/htdocs"
so the modification also takes place in
var.basedir ="/var/www/localhost"
After starting /etc/init.d/lighttpd start it can be called as http://localhost:81/ If something comes as: socket failed: Address family not supported by protocol
then ligthttp wants to use IPv6 but your Linux does not support it so disable IPv6 support in /etc/lighttpd/lighttpd.conf
In case of any other trouble check /var/log/lighttpd
CGI does not come out of the box /etc/lighttpd/lighttpd.conf
there has to be
include "mod_cgi.conf"
and the path to /cgi-bin/
is per default server.document.root+ /gci-bin/
resulting in /var/www/localhost/htdocs/cgi-bin
but it can be adjusted setting an alias in /etc/lighttpd/mod_gci.conf
to get also /var/www/localhost/gci-bin/
to work. However for that the module mod_alias must be loaded.
When using python as script then it should be added to
$HTTP["url"] =~ "^/cgi-bin/" { # only allow cgi's in this directory cgi.assign = ( ".pl"=>"/usr/bin/perl", ".cgi"=>"/usr/bin/perl", ".py"=>"/usr/bin/python3" ) }
and if python is used it should be marked as non static so add it to /etc/lighttpd/lighttpd.conf
static-file.exclude-extensions = (".php", ".pl", ".cgi", ".fcgi", ".py")
To have FCGI support its module needs to be enabled in /etc/lighttpd/lighttpd.conf
include "mod_fastcgi.conf"
and in /etc/lighttpd/mod_fastgci.conf
to a fastcgi server must be configured that could look as follows
fastcgi.server += ("/fcgi-bin/" => ( ( "socket" => "/tmp/fastcgi.socket", "bin-path" => "/var/www/test.py", "check-local" => "disable", "max-procs" => 1, ) ) ) # to get some debug messages fastcgi.debug = 1
The file above holds all information to start the fastcgi server that is found under "bin-path" and communicates with lighttpd via the named socked.
The option "check-local"="disable" is very important, since otherwise the web server would look for a file to return and would not find it and respond with a page not found message. If this feature is disabled then the server passes pages not found to the fastcgi server. The above fastcgi server is setup that it accepts everything with a prefix /fcgi-bin/
In this example /fcgi-bin/
looks like a directory but is not a directory. In fact if there would be a directory with this name then the setup would fail.
As example a request to http://
will not point to a file or a directory. The result is that <hostname>
/fcgi-bin/hello.py/fcgi-bin/hello.py
will be passed to the fastcgi server and then the fastcgi server must decide what to do. It could ignore that and just respond always with the same web page.
Nginx is a light weight web server that can be installed as emerge nginx
and then started /etc/init.d/nginx start
The configuration is in /etc/nginx.conf
.
It has to be said on what IP address it has to listen
listen 127.0.0.1;
or to listen everywhere
listen 0.0.0.0;
If virtual hosts are installed on the web server then every host can offer to show the statistics. In case of virtual hosts webapp-config is used to install it just once and use it on many individual virtual hosts. For Gentoo Linux there is the vhost useflag to enable support for virtual hosts.
webapp-config -h localhost -d webalizer -I webalizer 2.23.08 or webapp-config -h <host as in /var/www>
-d webalizer -I webalizer 2.23.08 is the command to add it to a virtual host webapp-config --list-installs --verbose should then confirm it.
/etc/webalizer.conf
holds the configuration
webalizer can read log files as /var/log/apache2
/var/log/apache
instead of /var/log/apache2
might be set in /etc/webalizer.conf
Since the log exists just once, it contains all logs of all virtual hosts. It might therefore make sense to install it just on localhost
webalizer to generate the reports and could be called by a cron job
http://localhost/webalizer
is the url on localhost calling the /var/www/localhost/webalizer/index.html
page
/usr/share/doc/webalizer-2.23.08/apache.webalizer
example