410 likes | 441 Views
Apache. Expanding and Using. Key Points. Typically, you compile Apache from the source code. You choose modules to add functionality. You configure Apache via 3 text files, the main one of which is httpd.conf. You typically have to stop and restart the server to make changes.
E N D
Apache Expanding and Using
Key Points • Typically, you compile Apache from the source code. • You choose modules to add functionality. • You configure Apache via 3 text files, the main one of which is httpd.conf. • You typically have to stop and restart the server to make changes. • Apache is free. Get it from www.Apache.org or off a CD in a server book. Get it with most Linux packages. • It comes in Windows form as well. That may be easier for a beginner, but that form has less than excellent functioning. • Multiple Threads are acting “at once”.
The 3 basic files • Httpd.confThe basics of the server operation • Srm.confHow the server treats local resources • Access.confControls many aspects of access • Typically these are all rolled into the httpd.conf
A 4th file • Mime.typesAssociates file extensions with programs.
HTTPD.CONF • HyperText Transfer Protocol Daemon • Daemon = process • Enables modules • Provides directives • Comments (#) welcome • Some functionality from srm.conf and access.conf
Handling Requests Once started, Apache’s job is to listen for requests on any address and port to which it has been configured. Webmaster in a Nutshell – O’Reilly Books
Handling Requests When handling a request to a specific client, Apache spawns a separate process to handle the connection. This spawned process, however, doesn’t run as the superuser; for security reasons, it instead runs as a restricted user that serves files to the client. Webmaster in a Nutshell – O’Reilly Books
Handling Requests Apache normally has five such processes waiting for connections; hence, after startup, you will see one process (httpd) running as root and five processes owned by the Apache user ID, which stand to service requests. Webmaster in a Nutshell – O’Reilly Books
Handling Requests You can reconfigure that number [service requests] , as well as the minimum and maximum number of service processes allowed with the StartServers, MinSpareServers, and MaxSpareServers directives. Webmaster in a Nutshell – O’Reilly Books
Handling Requests Each process handles specific HTTP requests for the client, such as GET or POST, which affect content on the server. Webmaster in a Nutshell – O’Reilly Books
Directives • Setting directives is very much like making settings on property sheets in IIS – Except it is all done textually.Example:Port 80Simply sets the Port setting to 80
Container Directives • Container directives look like opening and closing HTML tags. They allow you to set up specifications for certain aspects of the site without applying to the whole site.<Directory /Products>AuthUserFile /www/auth/.htpasswdAuthGroupFile /www/auth/.htgroup</Directory>
Handling Requests • All resources (.html, .gif, etc.) resided under a base directory on the local disk. • This is the root directory • <DocumentRoot /usr/myweb/>
Access Control Files • Apache searches for access control files in the directory structure indicated. The default names is .htaccess. Note the period before ht. You can change the access file names using the AccessFileName Directive. These files contain info derived from the access.conf file.
.htaccess • Name of the password file • Name of the file listing groups of users • Sets access limits on the specified directory • Specifies allowable advanced features
You can restrict directories by… • Username/password • IP addresses • Or restrict all and allow by the above
Breaking down an access.conf file – Slide 1 <Directory / projects> Options All AuthType Basic AuthUserFile /usr/local/etc/httpd.conf/.htpasswd AuthGroupFile /usr/local/etc/httpd.conf/.htgroup <Limit GET> order allow,deny allow from all </Limit> </Directory> #by the way, don’t put space in allow,deny
Breaking down an access.conf file – Slide 2 <Directory / projects/golf> <Limit GET> order deny,allow allow from all </Limit> </Directory> Deny from www.kevinharville.com Allow from www.kevinharville.com Order deny,allow checks deny first Order allow,deny checks allow first Order mutual-failure requires there be no deny for that user or IP.
Apache Modules
Where do modules come from • Some modules are fairly essential. They come from the Apache group. About 40 come with a typical installation. • There are 100s of them coming from various open-source and commercial sources.
About Modules • Each module is a basic piece of functionality added to the core Apache server. • They are sort of like (large) subroutines, or subprograms to handle particular tasks. • Much of the functionality is essential.
When are Modules Started? • No ModulesA vendor sells a pre-configured Apache • Compile-Time ModulesIntegrated when you compile Apache • Dynamic ModulesAdd features each time you run Apache • Runtime ModulesStart and stop them while apache runs
PHP Module – an example • http://www.php.net/distributions/bigmanual.html
Modules • Security Modules • mod_accessAllow, Deny, Order directives • mod_authUser names and passwords • Mod_auth_anonAnonymous ftp management
Modules • Database/Passwords • Mod_auth_db • Mod_auth_dbmAllow for authentication info to be set up in databases
Modules – Standard Modules • mod_exampleExactly that – for programmers • Mod_autoindexAllows on-the-fly directory indexing • Mod_cgiAllows use of cgi, shell, C, Perl, etc.Creates server variables • Others like mod cgi • Mod_perlA better perl module • Mod_php
Modules – Standard Modules - 2 mod_includeServer side includes Mod_aliasAllows virtual directories Mod_dirAllows you to set up the order of files chosen:index.htm, index.html, default.htm …. Mod_mimeAllows the server to associate contact types with programs
Modules – Standard Modules - 3 mod_negotiationChooses files by preferred language, etc. Mod_rewriteComplicated – Allows requests to be changed, as in redirects. Mod_userdir Allows user directories: /~harville
Modules – Standard Modules - 4 mod_cern_metaAllows certain features of the CERN web server Mod_expiresAllows expiration dates to be set on files Mod_headersAllows header modification Mod_proxyProxy server actions, caching, etc.
Modules – Standard Modules - 5 mod_didAllows Dynamic Loading and unloading of modules at RUN-TIME. Mod_envAllows setting and unsetting of runtime variables Mod_infoA self-report of features
Modules – Standard Modules - 5 mod_log_configLogging (not server) configuration Mod_statusAllows you to use a web browser to check server status Mod_usertrackAllows cookies
Improving Server Functionality Webmaster in a Nutshell – O’Reilly
Turn off Reverse DNS Lookups • Reverse DNS Lookups are useful to • Map IP addresses to machine names • Let CGI programs know machine names HostnameLookups off
Use the most recent version of your server • Latest generation of servers are 10 times faster than early ones • Spawning, Forking, Preforking,Threading • KeepAlive connections
Keep content and logs apart You can read/write to both disks simultaneously Content Logs
Consider using multiple servers – Divide workload • Downloads • HTML Content • FTP • Images • Etc • For large/busy sites only
Developer Hints • Keep Content Small • Use short pathnames • Use explicit filenames /index.htmOr end directory names with / • Use images once - reuse
Preprocess • Common requests and database-generated pages can be premade or created automatically on a regular basis and cached.
CGI vs Servelets • API – Compiled programs • Java Servelets • Both faster, less demanding, than CGI(With CGI, a new program is formed for each user) • CGIs are simple, stable, and available
Hardware • Common Computer Weaknesses apply • Get a faster computer/processor • Refuse excessive traffic to ensure adequate performance for those using • Get more Ram • Allocate enough ram for 5 minutes of content • Allocate more memory for the OS