Configuring with the Red Hat GUI Apache Utility

Red Hat has developed a GUI tool for configuring Apache, which you can start with the redhat-config-httpd command. When you first start the tool in a GUI, you should see the Apache Configuration window, shown in Figure 30.6.

click to expand
Figure 30.6: The graphical Apache configuration utility

As you can see, this utility includes four tabs, which we cover in the following sections. When you finish your changes and click OK, changes are written to your httpd.conf file, overwriting any changes that you may have made earlier in a text editor.

Note  

As of this writing, redhat-config-httpd is still a work in progress. Before I use this utility, I first back up my current httpd.conf file. After I make changes, I make sure to test the syntax of httpd.conf with the httpd -t command. I open httpd.conf in a text editor to analyze the changes. Nevertheless, redhat-config-httpd is a great way to learn more about configuring Apache.

Setting Main Apache Parameters

The basic setup of Apache is straightforward. You re configuring three directives in the Apache Configuration window Main tab:

  • The Server Name text box corresponds to the ServerName directive, which sets the name for the main website for the Apache server. This utility won t work unless you enter the name or IP address of your server in this text box. If you re configuring Virtual Hosts , don t enter any of those domain names in this text box. It is usually best to enter the IP address for your server, to avoid unnecessary traffic to any DNS servers connected to your network.

  • The Webmaster Email Address text box corresponds to the ServerAdmin directive, which sets the default e-mail address listed by automatically generated web pages. You can see the default setting, root@localhost , in Figure 30.6.

  • The Available Addresses box sets the TCP/IP ports where Apache listens for requests , using the Listen directive. Port 80 is the standard HTTP TCP/IP port, and Apache normally listens to requests from all addresses on the Internet, with the Allow from all command.

You can limit the range of computers allowed to view your website. Highlight All Available Addresses On Port 80 and click Edit. This opens the Edit An Address window, shown in Figure 30.7.


Figure 30.7: Limiting access to your web server

For example, Figure 30.7 illustrates limiting access to the network adapter on your computer with an IP address of 192.168.13.64. This changes the Listen directive in httpd.conf to

 Listen 192.168.13.64:80 

If you need to configure other services, such as secure web pages (HTTPS), click the Add button. This opens the Add New Address window, which looks almost identical to Figure 30.7. You can then enter the IP address of the desired network adapter and the TCP/IP port associated with HTTPS, 443. When you ve completed your desired changes, click the Virtual Hosts tab.

Configuring Virtual Hosts

Next , you can start configuring Virtual Hosts within Apache. If you haven t already done so, start the redhat-config-httpd utility and click the Virtual Hosts tab. The default view is shown in Figure 30.8.

click to expand
Figure 30.8: The Virtual Hosts tab

The Default Virtual Host settings associated with the default httpd.conf file are shown. If you want to know more about the default settings, click Edit or Edit Default Settings and analyze the properties window. However, we re focused on creating a Virtual Host for a real website, so click Add. This opens the Virtual Host Properties window, shown in Figure 30.9.

click to expand
Figure 30.9: Configuring a virtual host

As you can see, there are six sections in this window: General Options, Site Configuration, SSL, Logging, Environment Variables , and Directories.

General Options

Every Virtual Host includes General Options, similar to those shown in Figure 30.9. In that figure, we ve filled in some basic parameters for a website named mywebsite.abc .

As described earlier, you can set up multiple Virtual Hosts on a single IP address using the IP-based Virtual Host setting. The alternative, name-based Virtual Hosts, requires an IP address for each website configured through your Apache server.

Site Configuration

Next, select the Site Configuration option on the left side of the window. This opens a list of directory pages and error file settings, as shown in Figure 30.10.

click to expand
Figure 30.10: Site configuration settings

When users look for your website, they re taken to the directory associated with the DocumentRoot directive. As you can tell in Figure 30.9, that s the /var/www/mywebsite.abc/html directory. It looks for one of the filenames shown in the Directory Page Search List box: index.php , index.html , index .htm , or index.shtml .

The Error Pages shown at the bottom of the window display Apache s response to various HTTP errors. For example, the highlighted error, file not found , is associated with HTTP error code 404. The default behavior refers to ErrorDocument directives in httpd.conf . If you want special error pages, you can create special ErrorDocument directives for this particular Virtual Host. To do so, highlight the error code of your choice and click Edit. This opens the ApacheConf.py window, shown in Figure 30.11.

click to expand
Figure 30.11: Changing error code behavoir

As you can see in the figure, you can point the user in three directions for Error Code 404: Default points to the standard ErrorDocument directive in httpd.conf; File allows you to specify the web page of your choice; and URL lets you set the location of the desired error message online.

Finally, the Default Error Page Footer specifies the information associated with each error page. The standard footer is based on the bottom.html file in the /var/www/error/include directory. You can choose to not show the footer at all, or you can show it with or without an e-mail address.

SSL

Next, select the SSL option on the left side of the window. This opens a series of options associated with the Secure Socket Layer, as shown in Figure 30.12. When you install the Apache mod_ssl-* RPM, you get a series of fake keys in the /etc/httpd/conf directory, which are shown in the figure.

click to expand
Figure 30.12: Secure Socket Layer settings

If you re actually planning to run a secure web server, you ll need a real set of certificate data from a Certificate Authority (CA) such as VeriSign ( www.verisign.com ) or Thawte ( www.thawte.com ). While we provide general instructions for setting up a secure server in the sidebar "Generating Security Keys," details are extensive and beyond the scope of this book. Refer to httpd.apache.org , www.apache-ssl .org , and Linux Apache Web Server Administration, Second Edition (Sybex, 2002) for more information.

Changes that you make here are written to the ssl.conf file in /etc/httpd/conf.d directory.

start sidebar
Generating Security Keys

This sidebar gives basic instructions on generating a real set of security keys for Apache. Assuming you have the appropriate RPM packages installed, follow these steps:

  1. Delete the basic server keys with the following commands:

     # rm /etc/httpd/conf/ssl.key/server.key # rm /etc/httpd/conf/ssl.crt/server.crt 
  2. Navigate to the /usr/share/ssl/certs directory:

     # cd /usr/share/ssl/certs 
  3. Next, generate a new server key:

     # make genkey 

    You re prompted twice for a special password known as a passphrase . Be careful ”this case-sensitive password holds the key to the secure information on your web server.

  4. You can now set up a request to a CA with the following command:

     # make certreq 

    You re prompted for your passphrase and administrative information for your server. Once complete, this command creates the following file, which you can send as part of your request to the CA:

     /etc/httpd/conf/ssl.csr/server.csr 
  5. The CA should respond to you with a file that you can save as server.crt in the /etc/httpd/ conf/ssl.crt directory.

    You can make your own unofficial certificate for test purposes by running the make testcert command in step 4.

    The next time you start Apache, it prompts you for the passphrase. If you don t get it right, Apache does not start.

end sidebar
 

Logging

Next, select the Logging option on the left side of the window. This opens a series of options associated with logging and log files, as shown in Figure 30.13.

click to expand
Figure 30.13: Virtual Host logging

The default log files are shown in the figure; the path is relative to the ServerRoot directive, normally /etc/httpd . Naturally, you may want to specify log files in special directories associated with the Virtual Host, such as mywebsite.abc/logs/access_log .

You can specify the information that goes into this log file in the Custom Log String text box. The information here is associated with the LogFormat directive described earlier in this chapter.

The options available in the Log Level drop-down list match those described earlier for the LogLevel directive: Emergency, Alert, Critical, Error, Warn, Notice, Info , and Debug.

You may want to make sure the Reverse DNS Lookup setting is set to No Reverse Lookup. Unless you have a reliable and speedy connection to a DNS server, finding the fully qualified domain names associated with an IP address could hurt your web server s performance.

Environment Variables

Next, select the Environment Variables option on the left side of the window. This opens a group of settings where you can set environment variables associated with CGI or SSI scripts, as shown in Figure 30.14.

click to expand
Figure 30.14: Environment variables

While the principle is the same as regular environment variables in the shell, what you set here applies only to CGI and or SSI scripts.

Directory Options

Finally, select the Directories option on the left side of the window. This opens a group of settings where you can set the Options directive for various directories, as shown in Figure 30.15.

click to expand
Figure 30.15: Directory options

The Options for the default directory are shown in Figure 30.15: ExecCGI , FollowSymLinks , Includes , IncludesNOEXEC , Indexes , and SymLinuxIfOwnerMatch (they are explained back in Table 30.5 ). You can edit the default settings by clicking the Edit button in the upper-right corner of the window.

You can specify Options for other directories. Click Add to open the Directory Options window shown in Figure 30.16. The options in this window are explained in Table 30.11.

click to expand
Figure 30.16: Setting Options on a new directory
Table 30.11: Selections in the Directory Options Window

Selection

Description

Order

Sets the order of directives; the options are Allow from all; Order deny,allow; or Order allow,deny .

Deny List

If you re not allowing in all hosts, you can deny access to this directory to some or all hosts, by domain name or IP address.

Allow List

If you re not allowing in all hosts, you can allow access to this directory to some or all hosts, by domain name or IP address.

Directory

Specifies the directory to which the Options directive is to be applied.

Options

The settings associated with the Options directive.

.htaccess

If you activate this setting, the AllowOverride directive is added to this directory.

Configuring the Server

There are some basic settings associated with each Apache server. Return to the Apache Configuration window and click the Server tab. The information should look similar to Figure 30.17. These settings are summarized in Table 30.12.

click to expand
Figure 30.17: Apache configuration server settings
Table 30.12: Apache Configuration Server Settings

Setting

Description

Lock File

The file opened by Apache when it starts.

PID File

Another file opened by the Apache when it starts. Includes the PIDs associated with open httpd daemons.

Core Dump Directory

Specifies the directory for core dumps, which are used for debugging. Must be writeable by the user associated with the Apache server, normally apache.

User

The username associated with the Apache server.

Group

The group name associated with the Apache server.

Performance Tuning

Several basic performance settings are associated with each Apache server. In the Apache Configuration window, click the Performance Tuning tab. The information should look similar to Figure 30.18. These settings are summarized in Table 30.13.

click to expand
Figure 30.18: The Performance Tuning tab
Table 30.13: Apache Configuration Performance Settings

Setting

Description

Max Number Of Connections

Corresponds to the maximum number of clients who can connect to your web server simultaneously ; sets the MaxClients directive.

Connection Timeout

Sets the time the web server waits for further communication from a client browser, in seconds; sets the TimeOut directive.

Requests Per Connection

Limits the number of requested items per connected browser; sets the MaxRequestsPerChild directive.

Allow Persistent Connections

Keeps connections open to a browser, independent of TimeOut; if selected, the KeepAlive directive is set to true.

Timeout For Next Connection

Sets the time which Apache waits for the next request from a client, if KeepAlive is true; sets the KeepAliveTimeout directive.

 


Mastering Red Hat Linux 9
Building Tablet PC Applications (Pro-Developer)
ISBN: 078214179X
EAN: 2147483647
Year: 2005
Pages: 220

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net