NetworkNewz - August 15, 2001 The eZine for Networking Professionals ===================================================================== ===================================================================== IN THIS ISSUE: 1.)... Editor's Note by Jay Fougere 2.)... Installing Apache on Linux ===================================================================== 1.) EDITOR'S NOTE I am going to go out on a limb here; you have heard of the CodeRed worm and its offspring, right? It is just one more thorn in Microsoft's already well punctured side. Did you know that there have been over 20 security vulnerabilities (officially acknowledged by Microsoft) in their IIS 5.0 webserver product in the last year? That equates to a patch approximately every other week. Now let's look at Microsoft's latest licensing schemes; or rather let's not. Let's just say that a complete, commmercial quality, alternative solution exists that does not cost a dime. Linux and Apache. OK, it is not quite as "pretty" as IIS's interface but it is equally powerful and just as easy to configure, with a little practice. I would like to thank the guys at http://www.e-gineer.com for this nice tutorial that can help you with that promotion you have been looking for! As of August, 2001, the most current stable version of Apache is 1.3.20 and the most current beta version (which should not be used in a mission critical environment) is 2.0.16 . Best Wishes, Jay ===================================================================== ===================================================================== Act now and get a FREE MP3 player! Download and listen to a great book on your free MP3 player. Choose the latest by Stephen King, John Grisham, John Irving and more ­ we have over20,000 selections. Sign up for one year of our BasicListener™ plan and enjoy great entertainment and great savings. Enjoy your selections anywhereat anytime. Act now and get a free cassette adapter ­ perfect for the car on long commutes. http://ientry.com/rd/audible1.html ===================================================================== ===================================================================== 2.) Installing Apache on Linux Installing Apache 1.x.x on Linux by Nathan Wallace (Oct 25, 1999) and John Brett (Dec 4, 2000) Introduction This document describes how to install Apache on Linux. These instructions were written specifically using Red Hat Linux 7.0 and Apache 1.3.14. People familiar with my previous instruction sets will notice that I have changed the layout of the files. I believe this new format to be slightly better. Installing Apache Login as root. You can do this for the current command terminal using su: su root We are going to install Apache in /usr/local/etc. Go there now. cd /usr/local/etc Download the latest stable Apache from apache.org (or preferably one of its mirrors) into this directory. At the time of writing this was apache_1.3.14 I keep all my downloads in a directory in case I need them again: /usr/local/downloads If you like this idea and don't already do it you might need to create the directory: mkdir /usr/local/downloads Here are the ftp commands to get the file: cd /usr/local/downloads ftp ftp.apache.org cd dist bin get apache_1.3.14.tar.gz bye Untar the file with: (note the capital C) tar xzf apache_1.3.14.tar.gz -C ../etc This will have created a directory apache_1.3.14. Let's make this nicer by providing a link: cd /usr/local/etc ln -s apache_1.3.14 httpd I've decided to start using httpd for the link since that's what everyone else seems to do. The Apache Layout Now is a good time to explain the eventual layout of our Apache installation. All of the version specific (1.3.14) binaries and files are stored in: /usr/local/etc/apache_1.3.14 We currently have: /usr/local/etc/httpd linked to this directory specifying it as the current version. In theory when we upgrade Apache in the future we can just install it side by side and then switch over the httpd link to the newly installed version. We will be placing all of our non-version specific files such as configuration files, log files and the web pages in: /www We will have a few directories here to maintain this structure: /www /www/conf -- configuration files /www/logs -- web server logs /www/logs/mysite.com -- log files for mysite.com /www/logs/mycharity.org -- log files for mycharity.com /www/servers -- sites /www/servers/mysite.com -- web pages for mysite.com /www/servers/mycharity.org -- web pages for mycharity.com Configuring and Compiling Apache First we need to create the directory structure above: cd / mkdir www If you have space issues or a super fast disk you would like to use then you might like to create /www as a link to the preferred location. For example: cd /u01 mkdir www cd / ln -s /u01/www www Now create directories for the configuration files, log files and servers: cd /www mkdir conf logs servers Before compiling we must configure the Apache makefiles. cd /usr/local/etc/httpd ./configure --prefix=/usr/local/etc/httpd --sysconfdir=/www/conf --enable-module=rewrite --enable-module=status This sets up the installation with the apache binaries in /usr/local/etc/httpd and puts the configuration files in /www/conf. It also sets up status reporting and the rewrite module (http://httpd.apache.org/docs/misc/rewriteguide.html) allows url redirection and rewriting. If you want to go really nuts with your apache installation, adding extra modules and so on then check out the options by using: ./configure --help Now we can make our Apache executable. This may take a while on older machines: make And install all the Apache files with: make install One nice thing here is that if you are installing a new apache, it will not override the existing configuration files. Of course, this can also be a gotcha if you want to wipe the old installation completely... Setting Up Your Apache Server Often Apache is already installed with Linux. You can check if it is running on your system by using the command top top gives a list of all processes that are currently running on the machine. Make sure that you size the xterm window so that you can see all of the processes (lines) that are listed. Apache is running if you can see a number of lines that look something like: 475 nobody 0 0 1388 1388 1232 S 0 0.0 1.0 0:00 httpd If you want to see what Apache is doing on your machine the simplest way is to point your browser (on the same machine) at it: http://localhost The server configuration file for our installation is at: /www/conf/httpd.conf Go there now with: cd /www/conf If you do have Apache installed and you already use it for looking at web pages then you will probably want to keep your configuration file. Often this file is located at: /etc/httpd/conf/httpd.conf If you are upgrading and you want to keep your old configuration file (and it is from a compatible Apache version) then just copy it over the new one: cp /etc/httpd/conf/httpd.conf . You may also need to use your existing access and srm config files: cp /etc/httpd/conf/access.conf . cp /etc/httpd/conf/srm.conf . If you are setting up Apache for the first time then you need to edit the default http.conf file. The line numbers below work for Apache 1.3.14 but will probably be different for other versions. If you want to run Apache on a different port to the default (80) then change the number on line 238. Ports less than 1024 will require Apache to be started as root. Port 80 is probably the easiest to use since all other ports have to be specified explicitly in the web browser, eg: http://localhost:81. Port 80 You may want to change the server admin email address on line 260: ServerAdmin nathan@synop.com You should specify your machine name on line 278, you may just have to remove the # comment marker. If you configure virtual hosts as outlined below then Apache will use the virtual server you name here as the default documents for the site. ServerName synop.com You should set the document root on line 285: DocumentRoot "/www/servers" And on line 310: If you want to be able to change the Apache configuration on a per directory basis then the use of .htaccess files needs to be allowed. To enable this set AllowOverride to All on line 326: AllowOverride All The default file to serve in directories is index.html. You can change this or add new file names (in order or importance) on line 365: DirectoryIndex index.html index.htm If you don't get a large number of hits and you want to know where your visitors are from then turn host name look ups on at line 450. Turning this on does place extra load on your server as it has to look up the host name corresponding to the IP address of all your visitors. HostnameLookups On Setting Up Virtual Hosts You can only have one web server program running on your machine and listening on the default HTTP port, 80. To enable the single Apache server to serve different web pages for different domains we need to set up virtual hosts in Apache. Using virtual hosts we can configure how Apache should handle requests to each domain. One of the things that a browser sends to the web server when requesting a web page is the host name of the server that it is connecting to. Apache catches all the HTTP requests that come to this machine (on the ports it was told to listen to). It then examines the host name included in the request and uses that to determine the virtual host configuration it should utilize. When Apache receives a request it gets the: IP address (eg: 216.167.19.49) Port (eg: 80) Host: (eg: e-gineer.com) In the Apache configuration file we must specify each IP address and port combination for which we will be specifying virtual host domains. So, for the example above we would add this to the end of the httpd.conf file: NameVirtualHost 216.167.19.49:80 It is important to note that you cannot use an IP address unless your machine has been configured to use it. If you are setting up a single development machine then you should probably just use the address 127.0.0.1 which always refers to the local machine. If your machine has a number of IP addresses or you want virtual hosts running on other ports you can repeat the previous step for each one. For example, my machine also runs synop.com: NameVirtualHost 216.167.19.48:80 Next we must configure the actual Virtual Hosts. Each virtual host will have its own directory for the web pages to be stored. This can be anywhere that the Apache web server has permission to read. Personally I prefer to keep all my web pages in one structure as described earlier: cd /www/servers Now you must create a directory for each virtual host. I use the actual domain name of the virtual host. mkdir synop.com mkdir e-gineer.com So, for example, the e-gineer home page is located at: /www/servers/e-gineer.com/index.phtml The instructions you are reading right now live at: /www/servers/e-gineer.com/instructions/install-apache1xx-on-linux.phtml We also need to create directories for the log files: cd /www/logs mkdir synop.com mkdir e-gineer.com Remember that you cannot create a virtual host unless the machine running the web server is the destination for those domain names. For example, synop.com is hosted somewhere in the US on the machine with IP address 216.167.19.48. I do all my development at home in Australia. I don't have a permanent IP address for my development machine. So I have set up my development machine with dev. versions of the domain names that I maintain. You can do this by adding entries to your /etc/hosts file. Here is what mine looks like (note that the gaps are tabs): 127.0.0.1 ws01.synop.com localhost dev.synop.com dev.e-gineer.com aolserver.doc apache.doc php.doc solid.doc mysql.doc You can see that I have also created dummy domains for the documentation of various products. By creating virtual hosts to handle these domains I can just fire up Netscape and type in apache.doc for easy off-line access to the manual. Now if you ping any of these domains on your development machine they should respond immediately. ping dev.synop.com PING ws01.synop.com (127.0.0.1): 56 data bytes 64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.2 ms 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.1 ms 64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.1 ms 64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.1 ms --- ws01.synop.com ping statistics --- 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max = 0.1/0.1/0.2 ms ping apache.doc PING ws01.synop.com (127.0.0.1): 56 data bytes 64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.2 ms 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.1 ms 64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.1 ms 64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.1 ms --- ws01.synop.com ping statistics --- 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max = 0.1/0.1/0.2 ms We can now create the virtual host entries in the Apache configuration file: /www/conf/httpd.conf The example in the default configuration file is fairly self explanatory. We just add the virtual host entries to the end of the httpd.conf file. Here are the entries on my development machine: NameVirtualHost 127.0.0.1:80 # # VirtualHost example: # Almost any Apache directive may go into a VirtualHost container. # # # ServerAdmin webmaster@host.some_domain.com # DocumentRoot /www/docs/host.some_domain.com # ServerName host.some_domain.com # ErrorLog logs/host.some_domain.com-error_log # CustomLog logs/host.some_domain.com-access_log combined # # # ServerAdmin webmaster@synop.com DocumentRoot /www/servers/synop.com ServerName dev.synop.com ErrorLog /www/logs/synop.com/error-log CustomLog /www/logs/synop.com/access-log combined ServerAdmin webmaster@synop.com DocumentRoot /www/servers/e-gineer.com ServerName dev.e-gineer.com ErrorLog /www/logs/e-gineer.com/error-log CustomLog /www/logs/e-gineer.com/access-log combined ServerAdmin webmaster@synop.com DocumentRoot /www/servers/apache.doc ServerName apache.doc ErrorLog /www/logs/apache.doc/error-log CustomLog /www/logs/apache.doc/access-log combined ServerAdmin webmaster@synop.com DocumentRoot /www/servers/php.doc ServerName php.doc ErrorLog /www/logs/php.doc/error-log CustomLog /www/logs/php.doc/access-log combined ServerAdmin webmaster@synop.com DocumentRoot /www/servers/mysql.doc ServerName mysql.doc ErrorLog /www/logs/mysql.doc/error-log CustomLog /www/logs/mysql.doc/access-log combined ServerAdmin webmaster@synop.com DocumentRoot /www/servers/aolserver.doc ServerName aolserver.doc ErrorLog /www/logs/aolserver.doc/error-log CustomLog /www/logs/aolserver.doc/access-log combined ServerAdmin webmaster@synop.com DocumentRoot /www/servers/solid.doc ServerName solid.doc ErrorLog /www/logs/solid.doc/error-log CustomLog /www/logs/solid.doc/access-log combined Now we are ready to run the server! Running Apache If another version of Apache is running on your machine then you will need to stop it before going any further. Neat ways are described here: (http://httpd.apache.org/docs/stopping.html), the quick and dirty way is: killall httpd Starting your new server is simple. cd /usr/local/etc/httpd/bin ./apachectl start apachectl is the easiest way to start and stop your server manually. Just use it's help if you get stuck: ./apachectl help Starting and Stopping Apache Automatically If you use Red Hat or one of it's variants you can use these instructions (http://www.e-gineer.com/instructions/starting-and-stopping-apache-a tomatically-on-redhat.phtml) to make Apache start and stop automatically with your machine. Installing Apache 1.x.x on Linux by Nathan Wallace (Oct 25, 1999) and John Brett (Dec 4, 2000) Check out more good stuff from these guys here: http://www.e-gineer.com/ ===================================================================== ===================================================================== Act now and get a FREE MP3 player! Download and listen to a great book on your free MP3 player. Choose the latest by Stephen King, John Grisham, John Irving and more ­ we have over20,000 selections. Sign up for one year of our BasicListener™ plan and enjoy great entertainment and great savings. Enjoy your selections anywhereat anytime. Act now and get a free cassette adapter ­ perfect for the car on long commutes. http://ientry.com/rd/audible1.html ===================================================================== ===================================================================== Advertise to thousands of network executives and more! For ad details & prices, click... mailto:Susan@NetworkNewz.com ===================================================================== We at the Editorial Team would like to thank all our readers for reading NetworkNewz. We hope you find this information useful. Also, questions, suggestions and comments are always welcome. Sincerely, Jay Fougere, MCSE NetworkNewz Editor mailto:Jay@NetworkNewz.com ===================================================================== Invite your friends to subscribe to NetworkNewz or any of the other newsletters provided by eZined.com, part of the iEntry Network: http://www.iEntry.com ===================================================================== --- NetworkNewz is an eZined.com publication --- http://www.iEntry.com http://www.NetworkNewz.com/ =====================================================================