Apache
Intro
Source: vogella.com
- Apache remained the most widely used web server software, estimated to serve 46% of all active websites and 43% of the top million websites.
- The name was widely believed to be a pun on 'A Patchy Server' (since it was a set of software patches).
- When Apache is running, its process name is sometimes httpd, which is short for "HTTP daemon."
Basics
- List the available modules of the Apache HTTP server
apache2 -l
- Main configuration file for the Apache Http server
/etc/apache2/apache2.conf
- The error log of Apache is located in the
/var/log/apache2/error.log grep MaxClients /var/log/apache2/error.log
Multi-Processing-Module
Apache HTTP can run in different modes. MPM modes determine how the web requests of users are answered.
- The selected mode is compiled into the server and can be checked with:
sudo apachectl -V | grep -i mpm
- Configuration for the event mpm is stored in below file:
Configure only the module which your server is using.
/etc/apache2/mods-available/mpm_event.conf
htaccess
- One major application of this file is to redirect an URL to other URL’s.
- You should avoid using .htaccess files completely if you have access to httpd main server config file.
- Using .htaccess files slows down your Apache http server.
This section needs verification and rework. |
- The following .htacess file reroutes http://vogella.com to http://www.vogella.com.
- It also redirect access to a certain webpage (/articles/SpringFramework/article.html) to another webpage via a 301 redirect.
- The 301 redirect will tell search engines that this side has moved and is the recommended way to move webpages.
RewriteEngine on RewriteCond %{HTTP_HOST} !^www\.vogella\.de$ RewriteRule ^(.*)$ http://www.vogella.com/$1 [L,R=301] redirect 301 /articles/SpringFramework/article.html http://www.vogella.com/tutorials/SpringDependencyInjection/article.html
Using modules
Apache Http supports the usage of modules. To enable modules use the a2enmod command
a2enmod rewrite
Other modules Supporting php and wordpress
sudo apt-get install libapache2-mod-fcgid sudo apt-get install php5-cgi
Afterwards activate the corresponding modules:
sudo a2enmod fastcgi sudo a2enmod proxy # required for wordpress blog sudo a2enmod rewrite
Gzip compression
- To optimize the download time of your webpages you can turn on gzip compression.
- This requires the Apache module "mod_deflate":
a2enmod deflate /etc/init.d/apache2 restart
- The compression can be activated in the default configuration file for this module located in /etc/apache2/mods-available/deflate.conf or via the ".htaccess" file.
# compress all text & html: AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/x-javascript
VirtualHost Examples
Source: apache.org
- Running several name-based web sites on a single IP address
# Ensure that Apache listens on port 80 Listen 80 <VirtualHost *:80> DocumentRoot "/www/example1" ServerName www.example.com # Other directives here </VirtualHost> <VirtualHost *:80> DocumentRoot "/www/example2" ServerName www.example.org # Other directives here </VirtualHost>
- Name-based hosts on more than one IP address
The server has two IP addresses. On one (172.20.30.40), we will serve the "main" server, server.example.com and on the other (172.20.30.50), we will serve two or more virtual hosts.
Listen 80 # This is the "main" server running on 172.20.30.40 ServerName server.example.com DocumentRoot "/www/mainserver" <VirtualHost 172.20.30.50> DocumentRoot "/www/example1" ServerName www.example.com # Other directives here ... </VirtualHost> <VirtualHost 172.20.30.50> DocumentRoot "/www/example2" ServerName www.example.org # Other directives here ... </VirtualHost>
- Serving the same content on different IP addresses (such as an internal and external address)
<VirtualHost 192.168.1.1 172.20.30.40> DocumentRoot "/www/server1" ServerName server.example.com ServerAlias server </VirtualHost>
- Running different sites on different ports
Listen 80 Listen 8080 <VirtualHost 172.20.30.40:80> ServerName www.example.com DocumentRoot "/www/domain-80" </VirtualHost> <VirtualHost 172.20.30.40:8080> ServerName www.example.com DocumentRoot "/www/domain-8080" </VirtualHost> <VirtualHost 172.20.30.40:80> ServerName www.example.org DocumentRoot "/www/otherdomain-80" </VirtualHost> <VirtualHost 172.20.30.40:8080> ServerName www.example.org DocumentRoot "/www/otherdomain-8080" </VirtualHost>
- IP-based virtual hosting
The server has two IP addresses (172.20.30.40 and 172.20.30.50) which resolve to the names www.example.com and www.example.org respectively.
Listen 80 <VirtualHost 172.20.30.40> DocumentRoot "/www/example1" ServerName www.example.com </VirtualHost> <VirtualHost 172.20.30.50> DocumentRoot "/www/example2" ServerName www.example.org </VirtualHost>
- Mixed port-based and ip-based virtual hosts
The server machine has two IP addresses (172.20.30.40 and 172.20.30.50) which resolve to the names www.example.com and www.example.org respectively. In each case, we want to run hosts on ports 80 and 8080.
Listen 172.20.30.40:80 Listen 172.20.30.40:8080 Listen 172.20.30.50:80 Listen 172.20.30.50:8080 <VirtualHost 172.20.30.40:80> DocumentRoot "/www/example1-80" ServerName www.example.com </VirtualHost> <VirtualHost 172.20.30.40:8080> DocumentRoot "/www/example1-8080" ServerName www.example.com </VirtualHost> <VirtualHost 172.20.30.50:80> DocumentRoot "/www/example2-80" ServerName www.example.org </VirtualHost> <VirtualHost 172.20.30.50:8080> DocumentRoot "/www/example2-8080" ServerName www.example.org </VirtualHost>
- Mixed name-based and IP-based vhosts
Listen 80 <VirtualHost 172.20.30.40> DocumentRoot "/www/example1" ServerName www.example.com </VirtualHost> <VirtualHost 172.20.30.40> DocumentRoot "/www/example2" ServerName www.example.org </VirtualHost> <VirtualHost 172.20.30.40> DocumentRoot "/www/example3" ServerName www.example.net </VirtualHost> # IP-based <VirtualHost 172.20.30.50> DocumentRoot "/www/example4" ServerName www.example.edu </VirtualHost> <VirtualHost 172.20.30.60> DocumentRoot "/www/example5" ServerName www.example.gov </VirtualHost>
- You enable or disable virtual hosts with the following command.
Enable the vhost
sudo a2ensite vogella.conf
Disable the vhost
sudo a2dissite www.vogella.com
After enabling sites you have to reload Apache:
sudo service apache2 reload
Custom Logging
Enabled different logs for multiple virtual hosts
<VirtualHost *:80> ServerName www.foo.com DocumentRoot /var/www/www.foo.com/htdocs CustomLog /var/log/apache/www.foo.com-access.log combined ErrorLog /var/log/apache/www.foo.com-error.log </VirtualHost> <VirtualHost *:80> ServerName mail.foo.com DocumentRoot /var/www/mail.foo.com/htdocs CustomLog /var/log/apache/mail.foo.com-access.log combined ErrorLog /var/log/apache/mail.foo.com-error.log </VirtualHost>
Using with Flask
Source: codementor.io
- Works with python 3.6
- Install Apache
sudo apt update sudo apt install apache2
- Install mod_wsgi
sudo apt-get install libapache2-mod-wsgi-py3 python-dev
- Install flask
sudo pip3 install flask
- Create files
mkdir -p ~/ExampleFlask/ExampleFlask cd ~/ExampleFlask/ExampleFlask touch __init__.py # (Empty file)
nano my_flask_app.py
from flask import Flask
app = Flask(__name__)
@app.route("/")
def hello():
return "Hello world!"
if __name__ == "__main__":
app.run()
nano my_flask_app.wsgi
- The name of above wsgi file should be same as the flask application
- Add a shebang line to specify which interpreter to use
#! /usr/bin/python3
import logging
import sys
logging.basicConfig(stream=sys.stderr)
sys.path.insert(0, '/home/username/ExampleFlask/')
from my_flask_app import app as application
application.secret_key = 'anything you wish'
sudo nano /etc/apache2/sites-available/ExampleFlask.conf
<VirtualHost *:80> # Add machine's IP address (use ifconfig command) ServerName 192.168.1.103 # Give an alias to to start your website url with WSGIScriptAlias /testFlask /home/username/ExampleFlask/my_flask_app.wsgi <Directory /home/username/ExampleFlask/ExampleFlask/> # set permissions as per apache2.conf file Options FollowSymLinks AllowOverride None Require all granted </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>
sudo a2ensite /etc/apache2/sites-available/ExampleFlask.conf sudo service apache2 restart
Secure Apache2 Server
Source: tecmint.com
- Hide Apache Version and OS Identity from Errors
sudo nano /etc/apache2/apache2.conf
ServerSignature Off ServerTokens Prod
- Disable Directory Listing
sudo nano /etc/apache2/apache2.conf
<Directory /var/www/html> Options -Indexes </Directory>
- Run Apache as separate User and Group
Create Apache User and Group
groupadd www-data useradd -d /var/www/html/ -g www-data -s /bin/nologin www-data
Search for keyword “User” and “Group” and specify the username and groupname to use:
sudo nano /etc/apache2/apache2.conf User www-data Group www-data
Troubleshooting
- Debug virtual host configuration
apachectl -S
- If Apache is not listening to custom port mentioned by Listen directive in conf file from sites-enabled:
sudo nano /etc/apache2/ports.conf Listen 8080
- References
{{#widget:DISQUS
|id=networkm
|uniqid=Apache
|url=https://aman.awiki.org/wiki/Apache
}}