Apache: Difference between revisions
Line 301: | Line 301: | ||
See also [[Linux#Create_an_animated_gif_file|Create an animated gif file]] on how I create an animated gif file from a single png file. | See also [[Linux#Create_an_animated_gif_file|Create an animated gif file]] on how I create an animated gif file from a single png file. | ||
Note that [http://stackoverflow.com/questions/16090206/putting-gif-image-in-favicon-not-working-on-chrome chrome browser does not support animated gif file]. |
Revision as of 14:30, 6 June 2016
Apache2 Structure
/etc/apache2/ |-- apache2.conf |-- envvars |-- httpd.conf |-- magic |-- ports.conf |-- conf-enabled | `-- *.conf |-- mods-available | |-- *.load | `-- *.conf |-- mods-enabled | |-- *.load | `-- *.conf |-- sites-available | default, default-ssl |-- sites-enabled | |-- 000-default # points to ../sites-available/default | `-- default-ssl # points to ../sites-available/default-ssl |-- ssl | *.crt, *.key
- apache2.conf is the main configuration file. It puts the pieces together by including all remaining configuration files when starting up the web server.
- ports.conf is always included from the main configuration file. It is used to determine the listening ports for incoming connections, and this file can be customized anytime.
- Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/ directories contain particular configuration snippets which manage modules, global configuration fragments, or virtual host configurations, respectively.
- They are activated by symlinking available configuration files from their respective *-available/ counterparts. These should be managed by using our helpers a2enmod, a2dismod, a2ensite, a2dissite, and a2enconf, a2disconf . See their respective man pages for detailed information.
- The binary is called apache2. Due to the use of environment variables, in the default configuration, apache2 needs to be started/stopped with /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not work with the default configuration.
Document Root
By default, Ubuntu does not allow access through the web browser to any file apart of those located in /var/www, public_html directories (when enabled) and /usr/share (for web applications). If your site is using a web document root located elsewhere (such as in /srv) you may need to whitelist your document root directory in /etc/apache2/apache2.conf.
The default Ubuntu document root is /var/www/html (Ubuntu 14.04) or /var/www (Ubuntu 12.04). You can make your own virtual hosts under /var/www. This is different to previous releases which provides better security out of the box. In my case, the document roots for http and https are specified in the files
Important files
- http://www.basicconfig.com/linuxnetwork/ubuntu_web_server_setup Good cover
- http://www.htpcbeginner.com/how-to-setup-apache-web-server-on-ubuntu/2/. It includes how to set up DNS, running multiple websites
- How To Set Up Apache Virtual Hosts on Ubuntu 12.04 LTS from digitalocean.com. It teaches how to create a new virtual host file (instead of using the default one).
/etc/apache2/apache2.conf (important)
Main configuration file
/etc/apache2/httpd.conf
By default, this file is empty
/etc/apache2/envvars
/etc/apache2/ports.conf (important)
NameVirtualHost *:80 Listen 80 <IfModule mod_ssl.c> # If you add NameVirtualHost *:443 here, you will also have to change # the VirtualHost statement in /etc/apache2/sites-available/default-ssl # to <VirtualHost *:443> # Server Name Indication for SSL named virtual hosts is currently not # supported by MSIE on Windows XP. Listen 443 </IfModule> <IfModule mod_gnutls.c> Listen 443 </IfModule>
/etc/apache2/mods-available/
Contains all the modules installed for your server.
/etc/apache2/mods-enabled/
Symbolic link in this directory that refers to the module file in /mods-available above to enable it.
/etc/apache2/sites-available/ (important)
Stores all the configuration files for the web sites serviced by Apache server. By default, only one file available, a default virtual host configuration file.
/etc/apache2/sites-available/default
This is the place to set up the document root for http port 80.
<VirtualHost *:80> ServerAdmin webmaster@localhost ServerName taichimd.us DocumentRoot /var/www/ <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ... </VirtualHost>
/etc/apache2/sites-available/default-ssl
This is the place to set up the document root for https port 443.
<IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin webmaster@localhost ServerName taichimd.us DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ... # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on SSLCertificateFile /FullPathTo/CAName.crt SSLCertificateKeyFile /FullPathTo/KeyName.key SSLCACertificateFile "/FullPathTo/bundle.crt" ... </VirtualHost>
/etc/apache2/sites-enabled/
Create a symbolic link to enable sites in /etc/apache2/sites-available.
Commands
sudo a2ensite default # activate the default site /etc/apache2/sites-available/default sudo a2ensite domain2.com # activate each virtual host sudo service apache2 reload service apache2 status # check if apache2 is running sudo service apache2 start # run this if apache2 is not running
Misc
Running different sites on different ports
http://httpd.apache.org/docs/2.2/vhosts/examples.html#port
.htaccess file
https://www.digitalocean.com/community/tutorials/how-to-use-the-htaccess-file
Set Up Mod_Rewrite
- https://www.digitalocean.com/community/tutorials/how-to-set-up-mod_rewrite-page-2 It contains an example to add www to a url.
- http://xmodulo.com/how-to-enable-mod_rewrite-in-apache2-on-debian-ubuntu.html
Forbidden You don't have permission to access /xxx/yyy on this server. =
When I add a symbolic link file in /var/www/html to link to a sub-directory /home/$USER/Downloads/xxx, it does not work.
The detail error can be found in /var/log/apache2/error.log
Error: Symbolic link not allowed or link target not accessible
This post gives an explanation.
The solution in this case is to run
chmod 755 ~/Downloads
The problem seems to be specific to the attribute of the Downloads folder. If we untar/unzip to the $HOME folder, it does not have this problem because the attribute is already 755. The default attribute of Downloads in my Debian 8.4 is 700.
Error. Could not determine the server’s fully qualified domain name
http://tuxtweaks.com/2009/07/how-to-configure-apache-linux/
echo "ServerName localhost" | sudo tee /etc/apache2/conf.d/fqdn sudo service apache2 reload
How to set up a secure Apache webserver on Ubuntu
http://xmodulo.com/secure-apache-webserver-ubuntu.html
- Update TimeZone and Check Correct Time
- Disable AppArmor Conflicts
- Stop DDoS Attacks
- Stop Slowloris Attacks
- Stop DNS Injection Attacks
- Turn off Server Signature
How To Enable And Run Multiple Websites Using Apache2
we’re going to be using example.com and myexample.com domain names on a single Ubuntu server assigned IP address 192.168.20.1.
Note: As you can see from this exercise, it is perfectly OK to have multiple hostnames associated with the same IP4 address.
sudo apt-get install apache2 sudo mkdir -p /var/www/html/example.com/public_html sudo mkdir -p /var/www/html/myexample.com/public_html sudo vi /var/www/html/example.com/public_html/index.html sudo vi /var/www/html/myexample.com/public_html/index.html sudo chown www-data:www-data /var/www/html sudo chmod -R 755 /var/www/html sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/example.com.conf sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/myexample.com.conf # Change ServerName, ServerAlias and DocumentRoot entries sudo vi /etc/apache2/sites-available/example.com.conf sudo vi /etc/apache2/sites-available/myexample.com.conf sudo a2dissite 000-default.conf sudo a2ensite example.com.conf sudo a2ensite myexample.com.conf sudo service restart apache2 sudo nano /etc/hosts # 192.168.20.1 example.com # 192.168.20.1 myexample.com
How to create multiple virtual hosts
- http://codingpad.maryspad.com/2012/03/14/how-to-create-multiple-virtual-hosts-in-ubuntu/
- http://httpd.apache.org/docs/2.2/vhosts/examples.html Virtual host examples for different scenarios
- http://www.tecmint.com/apache-ip-based-and-name-based-virtual-hosting/
- https://www.digitalocean.com/community/tutorials/how-to-set-up-multiple-wordpress-sites-on-a-single-ubuntu-vps
- http://www.unixmen.com/setup-virtual-hosts-apache-ubuntu-14-04-lts/
25 Apache Interview Questions for Beginners and Intermediates
http://www.tecmint.com/apache-interview-questions/
Add www to your domain name for your website
https://www.linux.com/learn/tutorials/464510:weekend-project-create-virtual-hosts-with-apache Using ServerAlias or creating multiple virtualhost.
Disable directory browsing
Remove word Indexes from the following line in the file </etc/apache2/sites-available/default> & </etc/apache2/sites-available/default-ssl>
Options Includes Indexes FollowSymLinks MultiViews
Or try the following commands
sudo a2dismod autoindex sudo service apache2 restart
List of all virtual hosts
apache2ctl -S
Diable a website through virtual host
sudo a2dissite 000-default
Show all loaded modules
apache2ctl -M /usr/sbin/apache2ctl: 87: ulimit: error setting limit (Operation not permitted) Loaded Modules: core_module (static) log_config_module (static) logio_module (static) mpm_prefork_module (static) http_module (static) so_module (static) alias_module (shared) auth_basic_module (shared) authn_file_module (shared) authz_default_module (shared) authz_groupfile_module (shared) authz_host_module (shared) authz_user_module (shared) autoindex_module (shared) cgi_module (shared) deflate_module (shared) dir_module (shared) env_module (shared) mime_module (shared) negotiation_module (shared) php5_module (shared) reqtimeout_module (shared) setenvif_module (shared) ssl_module (shared) status_module (shared) Syntax OK
favicon.ico
For some reason, if I just rename an animated gif file to <favicon.ico>, the file can be viewed locally and works when I put it on /var/www (http). For https, the default favicon does not show up and I have to manually put the favicon in the index.html file (good if you wish your pages to use different favicon sets).
<head> ... <link rel="icon" href="yinyang_rot.gif" type="image/x-icon"> </head>
For mediawiki, I don't need to rename to <favicon.ico>.
See also Create an animated gif file on how I create an animated gif file from a single png file.
Note that chrome browser does not support animated gif file.