Configuring Apache


Just as in /etc/mail (which you saw in Chapter 25, "Configuring Email Services"), /usr/local/etc/apache (the Apache configuration directory) contains a number of files, some of which are of interest to us and some of which are not. Let's take a look at each of them in turn:

  • httpd.conf This is the main Apache configuration file. These days, everything is consolidated into this one file, rather than being grouped into as many as three more specific files, as in earlier years. However, many administrators use additional config files such as httpd-vhosts.conf to separate out configuration sections like virtual hosts.

  • mime.types This file provides a lookup table between filename extensions and MIME types (Content-Type headers) in files that Apache sends. This is how browsers know how to handle files they download.

  • magic An alternative method to MIME types is magic, which tries to determine a file type by looking for certain patterns within the file, making filename extensions unnecessary. This is the same method that's used by the file command. The magic file specifies the methods used for various file types.

  • access.conf and srm.conf These files used to contain certain parts of what is now incorporated into httpd.conf (these files don't exist in Apache 2.0). They will still be read if you put configuration items into them, which is why they're still here (to maintain compatibility with legacy installations). However, these files have become unnecessary and can be ignored.

Note

Additionally, Apache 2.x installs a /usr/local/etc/apache2x/extra directory, which contains several additional files: httpd-ssl.conf, httpd-vhosts.conf, httpd-userdir.conf, and so on. These files allow you to configure certain specific features of Apache (such as SSL security or users' home directories) in smaller external files, to help keep them organized better and easier to maintain. If you prefer to keep all your configuration options in a single file, you can copy the contents of these extra files into httpd.conf and modify them there.


Again, note that -dist versions of all these files exist. Immediately after a clean installation, these are copies of the regular versions of each file. After you've made changes to the regular versions over the course of regular usage, though, if you install a newer version of Apache, only the -dist files will be touched by the installation scripts. This allows you to upgrade your system and merge in new configuration options at your leisure, using diff or another method of your choice.

Using httpd.conf

The httpd.conf file is long and detailed, but (unlike /etc/mail/sendmail.cf) it's entirely human-readable and very well commented. Every one of the configuration directives is set to a sensible default value; you can modify any of them that you want, and the inline documentation explains quite clearly what each one does. If you misconfigure something, Apache will tell you exactly what's wrong when you try to start it up.

Caution

Before you make any changes to httpd.conf, be sure to make a backup copy (for instance, httpd.conf.20060225) so that you can easily revert to your previous working configuration.


Immediately after installation, Apache can be started up and will serve requests properly. However, just to be safe, you should first set a couple of key configuration directives. Find each of these in the httpd.conf file and alter it accordingly:

# # ServerAdmin: Your address, where problems with the server should be # e-mailed.  This address appears on some server-generated pages, such # as error documents. # ServerAdmin you@your.address # # ServerName allows you to set a host name which is sent back to clients for # your server if it's different than the one the program would get (i.e., use # "www" instead of the host's real name). # #ServerName www.example.com


The second directive, ServerName, which you must uncomment and change to match your server's hostname, is used in 301 redirections (discussed earlier in the chapter). If the trailing slash is left off of a request for a directory index or listing, Apache responds with a 301 code (Moved Permanently) and the URL to which the browser should go. Apache has to construct this redirection URL from the information it has from the client's request, which (as you've seen) contains only the portion of the URL beginning with the slash after the hostnamefor example, if the requested URL is http://some.host.com/images/foo, the request is /images/foo. If it's an HTTP/1.1 request, it contains a Host: header, which Apache can use to rebuild the full URL, but otherwise it's on its own unless you've specified the server's hostname with the ServerName directive.

HTTP/1.1 does cause a few other repercussions regarding the ServerName directive. If you're doing name-based virtual hosting, which we'll get to shortly, Apache uses ServerName to match a virtual host with a request based on its Host: header. Each virtual host must have a ServerName specified, but even if you're not doing virtual hosting, it's a good idea to define ServerName to help Apache construct its redirection URLs and match requests with the single main host configuration, effectively treating the default configuration as a virtual host that must match a Host: header.

We could go through all the available configuration directives here, but too many of them are equally important relative to each other and unimportant relative to the default configuration. Authoritative documentation can be found at the Apache Group's website at http://httpd.apache.org/docs/.

Using .htaccess Files and Overrides

Although httpd.conf provides global configuration options, many of them can be overridden on a per-directory basis without the server having to be restarted. You do this by placing a file called .htaccess, containing any directives you want to override, into the directory to which you want it to apply. On every request that comes in, the global configuration that was loaded into memory from httpd.conf is consulted, followed by every per-directory configuration file (.htaccess) sequentially down the path to where the requested file is. Each successive .htaccess file can override previously seen directives, but otherwise an .htaccess applies to its own directory and all subdirectories. This allows not just you but your regular users to alter Apache's behavior when serving files from their directories.

Whether .htaccess files can be used depends on the setting of the AllowOverride directive. As you can see by reading through httpd.conf, AllowOverride is set to None at the operating system root level and again on the /usr/local/www/data directory; therefore, .htaccess files are ignored by default. However, you can turn them on by replacing AllowOverride None (in the /usr/local/www/data block) with any of the directives in Table 26.2, or any combination thereof (for example, AllowOverride AuthConfig Limit).

Table 26.2. AllowOverride Configuration Options

Directive

Allows .htaccess Files to Override

AllowOverride Options

The Options directive

AllowOverride FileInfo

File-typing directives, such as AddType and ErrorDocument

AllowOverride AuthConfig

Authorization directives, such as Require and Auth*

AllowOverride Limit

Host access directives, such as Allow, Deny, and Order

AllowOverride All

All of the above


Note

The Options directive is one of the largest and most versatile configuration items in Apache; it controls the availability of many of Apache's most significant features, such as ExecCGI (the ability to execute CGI scripts), Includes (server-side includes), and MultiViews (versatile content negotiation). These features can be added to or subtracted from the current configuration at any level in the hierarchical directory structure. Refer to http://httpd.apache.org/docs/1.3/mod/core.html#options for full coverage of the Options directive and how to use it.


After changing httpd.conf accordingly, restart the server (as we will discuss in a moment). You can now put an .htaccess file into any web-accessible directory and place into it any configuration directives that Apache allows in .htaccess files (for details on which directives can be used in the .htaccess context, see http://httpd.apache.org/docs/).

Note

An .htaccess file in a commonly accessed directory can cause a performance hit because the server has to open and read it with every new HTTP request. If possible, it's better to put configuration changes into the global httpd.conf file so that it's only read once.


The httpd.conf file (or exTRa/http-userdir.conf file) contains a commented-out block for controlling user directories (in /home); if you plan to run a server where your users can have sites of their own, but you want to make sure browsers that support various data-changing HTTP/1.1 methods (such as DELETE, COPY, and MOVE) can't exercise them, you might want to uncomment this block:

# # Control access to UserDir directories.  The following is an example # for a site where these directories are restricted to read-only. # #<Directory /home/*/public_html> #    AllowOverride FileInfo AuthConfig Limit #    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec #    <Limit GET POST OPTIONS PROPFIND> #        Order allow,deny #        Allow from all #    </Limit> #    <LimitExcept GET POST OPTIONS PROPFIND> #        Order deny,allow #        Deny from all #    </LimitExcept> #</Directory>


Note that the AllowOverride here allows .htaccess files to override FileInfo, AuthConfig, and Limit directives, but the Options directives are set at the global level and not allowed to be overridden.

Note

In accordance with historical convention, per-user document directories are called public_html; therefore, a request for http://some.host.com/~user/ would show the documents in /home/user/public_html. Also traditionally, if there's an index.html file present, Apache will serve that file instead of the directory listing. (Microsoft servers generally use Default.htm for this function.) You can specify as many of these index filenames as you like using the DirectoryIndex directive. Apache will try each filename you specify, in the order in which you enter them.





FreeBSD 6 Unleashed
FreeBSD 6 Unleashed
ISBN: 0672328755
EAN: 2147483647
Year: 2006
Pages: 355
Authors: Brian Tiemann

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net