Formatting code for Apache
{{parent page="WebServer"}}
===Apache Web Server===
SubTopics
==[[ApacheSourceInstall Install from source]]==
==[[ApacheSSL SSL Configuration]]==
==[[ApacheTuning Tuning Apache]]==
==[[ApacheSuexec Apache2 and Suexec]]==
==[[ApacheAuth Authentication]]==
==[[ApacheGzipDeflate http compression]]==
==[[ApacheAWStat Awstat]]==
==[[ApacheRlimit RLimits]]==
==[[ApacheCache mod_cache]]==
==[[ApacheAccess mod_access]]==
==[[ApacheRewrite mod_rewrite]]==
==[[ApacheEvasive mod_evasive]]==
==[[ApacheBW mod_bw]]==
==[[ApacheQOS mod_qos]]==
==[[ApachePerl mod_perl]]==
==[[ApacheWebdav mod_dav]]==
==[[ApacheUpgrade Upgrade Apache]]==
==[[ApacheCoreDumps Core Dumps]]==
Recommended links
- http://www.howtoforge.com/configuring_apache_for_maximum_performance
=== Dumping virtual host info to a file===
%%
httpd -S 1>httpd-S 2>&1
cat httpd-S | awk '{print $4}' | cut -d\. -f2-3 | sort
%%
=== Trouble-shooting memory problem ===
If your apache is taking up too much memory and you want to identify which site/file is causing the problem. Do a top to find the PID, then do a
%%
lsof -p $PID
%%
to get the filename.
=== Domain name based VirtualHost ===
Check out http://httpd.apache.org/docs/2.0/mod/mod_vhost_alias.html. One can setup something like evhost in lighttpd. Works best with many vhost which only differs by docroot.
Example:
%%
# put host in log file
LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon
CustomLog logs/access_log vcommon
# let apache decides the docroot based on fqdn
VirtualDocumentRoot /var/www/vhosts/%0/docs
VirtualScriptAlias /var/www/vhosts/%0/cgi-bin
%%
Variables one can use
%%
0 the whole name (www.domain.tld)
1 the first part (www)
2 the second part (domain)
-1 the last part (tld)
-2 the penultimate part
2+ the second and all subsequent parts
-2+ the penultimate and all preceding parts
1+ and -1+ the same as 0
%%
====Traditional vhosts====
Setting up virtual host requires configration change on httpd.conf
%%(apache)
NameVirtualHost 1.2.3.4:80
<VirtualHost 1.2.3.1:80>
ServerAdmin cfu@waterlovinghead.com
DocumentRoot /somewhere/wiki2.waterlovinghead.com
ServerName wiki2.waterlovinghead.com
ErrorLog logs/wiki2.waterlovinghead.com-error_log
CustomLog logs/wiki2.waterlovinghead.com-access_log common
DirectoryIndex index.php
</VirtualHost>
%%
=== Cronolog ===
Let's not bore you with the details and see the sample configurations in httpd.conf:
%%(apache; httpd.conf)
CustomLog "|/usr/sbin/cronolog --symlink=/usr/local/apache2/logs/access.log /usr/local/apache2/logs/access.log-%Y-%m-%d" combined
ErrorLog "|/usr/sbin/cronolog --symlink=/usr/local/apache2/logs/error.log /usr/local/apache2/logs/error.log-%Y-%m-%d"
%%
=== Disable HTTP TRACE ===
Read: http://publib.boulder.ibm.com/httpserv/ihsdiag/http_trace.html
Use rewrite to block out TRACE requests. I'm not 100% sure but it seems you need to put this in the main section of httpd.conf AS WELL AS in every VirtualHost
%%
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
%%
You might want to disable TRACE on tomcat's connectors as well. All connectors supports this option, below is an example for the AJP13 connector:
%%(xml)
<Connector port="8009"
enableLookups="false" debug="0" protocol="AJP/1.3" allowTrace="false" />
%%
To test it, use telnet
%%
telnet server.domain.com 80
Trying 66.70.68.177...
Connected to foodfit.com (66.70.68.177).
Escape character is '^]'.
TRACE / HTTP/1.0
A: b
C: d
Host: foo
<enter>
<enter>
%%
If you are getting a 403 error, then you have succeeded.
From Apache 1.3.34, 2.0.55 and later, one can put this into httpd.conf:
%%
TraceEnable Off
%%
===Apache Web Server===
SubTopics
==[[ApacheSourceInstall Install from source]]==
==[[ApacheSSL SSL Configuration]]==
==[[ApacheTuning Tuning Apache]]==
==[[ApacheSuexec Apache2 and Suexec]]==
==[[ApacheAuth Authentication]]==
==[[ApacheGzipDeflate http compression]]==
==[[ApacheAWStat Awstat]]==
==[[ApacheRlimit RLimits]]==
==[[ApacheCache mod_cache]]==
==[[ApacheAccess mod_access]]==
==[[ApacheRewrite mod_rewrite]]==
==[[ApacheEvasive mod_evasive]]==
==[[ApacheBW mod_bw]]==
==[[ApacheQOS mod_qos]]==
==[[ApachePerl mod_perl]]==
==[[ApacheWebdav mod_dav]]==
==[[ApacheUpgrade Upgrade Apache]]==
==[[ApacheCoreDumps Core Dumps]]==
Recommended links
- http://www.howtoforge.com/configuring_apache_for_maximum_performance
=== Dumping virtual host info to a file===
%%
httpd -S 1>httpd-S 2>&1
cat httpd-S | awk '{print $4}' | cut -d\. -f2-3 | sort
%%
=== Trouble-shooting memory problem ===
If your apache is taking up too much memory and you want to identify which site/file is causing the problem. Do a top to find the PID, then do a
%%
lsof -p $PID
%%
to get the filename.
=== Domain name based VirtualHost ===
Check out http://httpd.apache.org/docs/2.0/mod/mod_vhost_alias.html. One can setup something like evhost in lighttpd. Works best with many vhost which only differs by docroot.
Example:
%%
# put host in log file
LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon
CustomLog logs/access_log vcommon
# let apache decides the docroot based on fqdn
VirtualDocumentRoot /var/www/vhosts/%0/docs
VirtualScriptAlias /var/www/vhosts/%0/cgi-bin
%%
Variables one can use
%%
0 the whole name (www.domain.tld)
1 the first part (www)
2 the second part (domain)
-1 the last part (tld)
-2 the penultimate part
2+ the second and all subsequent parts
-2+ the penultimate and all preceding parts
1+ and -1+ the same as 0
%%
====Traditional vhosts====
Setting up virtual host requires configration change on httpd.conf
%%(apache)
NameVirtualHost 1.2.3.4:80
<VirtualHost 1.2.3.1:80>
ServerAdmin cfu@waterlovinghead.com
DocumentRoot /somewhere/wiki2.waterlovinghead.com
ServerName wiki2.waterlovinghead.com
ErrorLog logs/wiki2.waterlovinghead.com-error_log
CustomLog logs/wiki2.waterlovinghead.com-access_log common
DirectoryIndex index.php
</VirtualHost>
%%
=== Cronolog ===
Let's not bore you with the details and see the sample configurations in httpd.conf:
%%(apache; httpd.conf)
CustomLog "|/usr/sbin/cronolog --symlink=/usr/local/apache2/logs/access.log /usr/local/apache2/logs/access.log-%Y-%m-%d" combined
ErrorLog "|/usr/sbin/cronolog --symlink=/usr/local/apache2/logs/error.log /usr/local/apache2/logs/error.log-%Y-%m-%d"
%%
=== Disable HTTP TRACE ===
Read: http://publib.boulder.ibm.com/httpserv/ihsdiag/http_trace.html
Use rewrite to block out TRACE requests. I'm not 100% sure but it seems you need to put this in the main section of httpd.conf AS WELL AS in every VirtualHost
%%
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
%%
You might want to disable TRACE on tomcat's connectors as well. All connectors supports this option, below is an example for the AJP13 connector:
%%(xml)
<Connector port="8009"
enableLookups="false" debug="0" protocol="AJP/1.3" allowTrace="false" />
%%
To test it, use telnet
%%
telnet server.domain.com 80
Trying 66.70.68.177...
Connected to foodfit.com (66.70.68.177).
Escape character is '^]'.
TRACE / HTTP/1.0
A: b
C: d
Host: foo
<enter>
<enter>
%%
If you are getting a 403 error, then you have succeeded.
From Apache 1.3.34, 2.0.55 and later, one can put this into httpd.conf:
%%
TraceEnable Off
%%
