Using Linux, you can configure your computer to act as a web servera computer that delivers web content to web browsers running on computers around your network or around the Internet at large. The web server software included with Fedora Core 4 is the single most popular web server platform in use today and is known as the Apache web server. To use your Fedora Core 4 system as a web server with existing web content, you must complete the following tasks:
Installing ApacheYou can install the Apache web server using the Package Management tool. Start this tool by choosing Desktop, System Settings, Add/Remove Applications. In the Package Management tool, scroll down to the Servers category and check the box next to the Web Server package group, as shown in Figure 34.1. Then click the Update button to install the new software. Figure 34.1. Use the Package Management tool to install the Apache web server that comes with Fedora Core 4.Before you use the Apache web server, you should also install the Apache Configuration tool, so that you can make more involved changes to Apache's configuration if you choose to do so. You can do this in the software configuration tool by following these steps:
The Apache web server and a user-friendly tool to configure it are now installed on your computer system and ready for use. In fact, for many users, no additional Apache configuration is required at all! Configuring Apache to Start AutomaticallyTo use your Fedora Core 4 computer as a web server after you have installed the Apache web server software, you must configure Apache to start automatically each time you start Linux. To configure Apache to start automatically using desktop tools, choose Desktop, System Settings, Server Settings, Services to start the Service Configuration tool. Check the box next to the httpd service, as shown in Figure 34.3. Figure 34.3. Use the Service Configuration tool to configure the Apache web server to start each time Linux starts.After you check the box next to the httpd service, click the Save button to save your changes. Next, click the Start button to start the httpd service now. Then choose File, Quit to exit the Service Configuration tool. If you prefer to use command-line tools, you can use the chkconfig command to configure the Apache web server to start automatically each time Linux starts at your default runlevel. Call the chkconfig command, supplying httpd and the word on as arguments: [root@workstation20 you]# /sbin/chkconfig --level 5 httpd on [root@workstation20 you]# You have now configured your web server to start automatically when Linux starts, but if you've just installed it, it isn't running yet. To start it, either reboot Linux or call the service command, supplying httpd and the word start as arguments to cause the server to start now: [root@workstation20 you]# /sbin/service httpd start Starting httpd: [ OK ] [root@workstation20 you]# Allowing Web Requests Through Your FirewallNow you have the Apache web server running, but before it can answer web requests from machines on your network or from the Internet at large, you must configure your firewall to allow web requests. To do this, start the Security Level Configuration tool by choosing Desktop, System Settings, Security Level. Ensure that the security level is set to Enable Firewall, then check the WWW (HTTP) option in the Trusted Services area of the tool, as shown in Figure 34.4. Click OK to save your changes. Figure 34.4. Check the WWW (HTTP) box in the Security Level Configuration tool to allow web requests through your firewall.Using the Apache Web ServerAfter a reboot, or after starting Apache using the Service Configuration tool, your web server is up and running and allowing requests from the outside world. The default Apache configuration is adequate and correct for most usersno need for additional up-front configuration when starting out. The properties of the web server in its default configuration are as follows:
Because your web serveris already online if you've followed the steps outlined thus far in this chapter, you can begin copying your content to or creating your content in /var/www/html; any files you place there from now on will be instantly available to the world. Enabling Home Directory WebsitesIf your Linux computer system serves a number of users, you might want to give each user the opportunity to host his or her own home page. Although you can do this while still keeping all content in the /var/www/html directory tree, it is certainly not convenient, and of course it's not a good idea to give multiple users write access to system directories. The Apache web server has the capability of giving each user on a Linux system her own HTML content directory, by default in /home/user/public_html. Visitors can then load the index page at /home/user/public_html/index.html by constructing a URL using the hostname of your web server followed by a slash (/), a tilde (~), another slash, and the name of the user whose home page should be loaded, as follows: http://host.mycompany.com/~jane/ For example, this URL loads the file index.html stored in the /home/jane/public_html directory. To enable this functionality in Apache, you must edit the web server configuration file, /etc/httpd/conf/httpd.conf. Load the file into your favorite text editor and search for the text shown in Listing 34.1. Listing 34.1. Text to Change to Enable Home Pages<IfModule mod_userdir.c> # # UserDir is disabled by default since it can confirm the presence # of a username on the system (depending on home directory # permissions). # UserDir disable Notice the text UserDir disable. If user home directories are to be enabled, you must change this line to read UserDir public_html, as shown in Listing 34.2. Listing 34.2. Text Changed to Enable Home Pages<IfModule mod_userdir.c> # # UserDir is disabled by default since it can confirm the presence # of a username on the system (depending on home directory # permissions). # UserDir public_html Then save the httpd.conf file and exit. To cause the changes to take effect, restart your web server using either the Service Configuration tool you used earlier or using the service command, supplying httpd and restart as arguments: [root@workstation20 you]# /sbin/service httpd restart Stopping httpd: [ OK ] Starting httpd: [ OK ] [root@workstation20 you]#
Before a user's public_html directory can be used, the permissions for the user's home directory, the ~/public_html directory, and the contents of the ~/public_html directory must be correctly configured:
If permissions are incorrectly set or if a user does not have a public_html directory, visitors who try to load a user's home page get an error message saying that the page in question is Forbidden. Introducing the Apache Configuration ToolThe default configuration of the Apache web server is sufficient to provide access to basic public web content. The default configuration may not be appropriate, however, when business interests or large amounts of content are at stake. You can use the Apache Configuration tool to configure many of the options related to the Apache web server and its level of security and performance while operating. To start the Apache Configuration tool, choose Desktop, System Settings, Server Settings, HTTP; the Apache Configuration tool is displayed, as shown in Figure 34.5. Figure 34.5. The Apache Configuration tool provides a graphical interface for configuring the Apache web server.The Apache configuration tool contains four basic tabsMain, Virtual Hosts, Server, and Performance Tuningthat function as follows:
The two most important tabs are the Virtual Hosts tab, where most security control occurs and where multiple hosts are managed if you are running a larger server, and the Performance Tuning tab, which enables you to adjust Apache's workload to suit your computer system hardware and the set of scripts (if any) you'll be using on your website. Basic Apache SecurityAs you run your web server on a day-to-day basis, you will likely want to be able to control which Internet users can view which parts of your website. Some areas of a site are meant for public consumption, and other parts are intended for certain viewers only. You can control viewership of your site by filtering web requests based on the Internet addresses from which viewers originate. You can filter requests through the Virtual Hosts tab. Because we're covering only the basics in this chapter, let's assume that you are running only a single web host that provides you with basic web server functionality. To control which visitors will be able to see files delivered by your default virtual host, follow these steps:
By default, only one directory, the root directory (/) appears in the list, meaning that all of the directories on your web server share the same set of security properties. If you wish to specify different per-directory security measures, you can add new directory trees to the list by clicking the Add button; you can then give different directories different access properties. For now, simply highlight the root directory and click the Edit button to display the Directory Options dialog box, as shown in Figure 34.7. Figure 34.7. Using the Directory Options dialog box, you can give specific security properties to directories within your web content directory tree.Several settings on the left side of the Directory Options dialog box are related to access control based on the IP address or domain name of connecting hosts. These settings are configured as follows:
In the Options list box, you can choose from a number of options to enable or disable certain capabilities for the specified directory. Select or deselect check boxes to control the following capabilities:
Near the bottom of the dialog, you'll also find a check box labeled Let .htaccess Override Directory Options. If this box is checked and Apache finds a file called .htaccess in the directory in question, configuration directives in the .htaccess file will override the configuration you've specified in the configuration tool. When you finish configuring the host security options for the directory in question, click the OK button to save your changes and return to the Virtual Host Properties dialog box's Directory pane. If you want to configure additional security properties for other directories within your web content tree, click the Add button to bring the Directory Options dialog box back up. In the Directory box of the Directory Options dialog box, enter the name of the directory to which these options should apply and then set the options for that directory just as you did for your root content directory. When you finish making changes to your Apache configuration, click OK in the Virtual Host Properties dialog box and click OK in the Apache Configuration tool to exit and save your changes. Additional Apache Configuration InformationThe Apache web server can also be configured using your favorite text editor. To do this, edit the files stored in /etc/httpd/conf and /etc/httpd/conf.d. These files are large and fairly involved, however, so you shouldn't venture into editor-based configuration unless you have an Apache reference volume handy. Because the Apache web server is a relatively complex application, further Apache configuration is beyond the scope of a beginning-level book like this one. A great deal of in-depth documentation for Apache can be found on the main Apache website, at http://httpd.apache.org/docs-2.0/. |