Home    Scripts    Utilities     Softwares     Awards     Contact Me
Linux
Command Summary
File Permisions
Users/Groups
Partitions/FileSystems
SSH
IPTables
Apache
MD5 Checksum
MySQL
Bind
DjbDNS
CronD
Qmail
Vpopmail
Courier-IMAP
SpamAssassin
ClamAV
CVS
OpenVPN
PLESK
Setting up USB Wireless Modem HUAWEI ETS2551
RootKits
SHV4
T0rnKit
Flea
F**Kit
Networking
RedHat
Mandrake
Debian
Fedora
SlackWare
Gentoo
SUSE
Centos
FreeBSD
Encodings
Base64
QuotedPrintable
UU
URL
Encryption
RSA
BlowFish
DES
Tripple DES
2 Key Triple DES
SSL
Certificate Parser
CSR Parser
   Summary   URL Rewriting

Apache


Installation


cd /usr/tmp
wget http://http://www.devlib.org/apache/httpd/httpd-2.0.55.tar.gz
tar -xzf httpd-2.0.55.tar.gz
cd httpd*

./configure --enable-proxy \
--prefix=/usr/local/apache \
--enable-auth-digest \
--enable-cache \
--enable-cern-meta \
--enable-charset-lite \
--enable-dav \
--enable-dav-fs \
--enable-disk-cache \
--enable-expires \
--enable-ext-filter \
--enable-file-cache \
--enable-headers \
--enable-info \
--enable-logio \
--enable-mem-cache \
--enable-mime-magic \
--enable-isapi \
--enable-rewrite \
--enable-so \
--enable-speling \
--enable-ssl \
--with-ssl \
--enable-unique-id \
--enable-usertrack \
--enable-vhost-alias \
--enable-maintainer-mode \
--enable-v4-mapped \
--with-program-name=httpd \
--enable-static-support \
--enable-suexec \
--enable-static-ab \
--enable-static-htdigest \
--enable-static-htpasswd \
--enable-static-logresolve \
--enable-deflate \
--enable-static-rotatelogs \
--with-suexec-caller=nobody \
--with-mpm=worker \
--with-suexec-docroot=/ \
--enable-mods-shared='auth-digest cache cern-meta charset-lite deflate dav dav-fs disk-cache expires ext-filter file-cache headers info logio mem-cache isapi rewrite speling unique-id usertrack vhost-alias maintainer-mode'

make
make install

Secure the Apache Version String


Edit "/usr/local/apache/conf/httpd.conf (centos)(Fedora) or /etc/apache2/apache2.conf (Debian)(Ubuntu) or /etc/httpd/conf/httpd.con (Mandriva)" and make sure to set below statements
ServerTokens Prod
ServerSignature Off

Running Apache on multiple/custom port(s)


Edit "httpd.conf" and modify/Add below statement
Listen *:80

Example (Running on multiple ports)
Listen 11.125.225.22:8456
Listen *:8457
Listen *:80


Configuration to allow CGI Execution


Edit "/usr/local/apache/conf/httpd.conf" and make sure below line is there.
AddHandler cgi-script .cgi .pl
Then at virtual host level use "Options ExecCGI" as below.

<Directory /var/www/site1/public_html>
        Options ExecCGI
</Directory>

PHP in CGI Mode

Important: If you want to run your sites under suexec then php in cgi mode is the best option. Beware that cpanel and Plesk do not run php in cgi mode thats why their suexec dont work for php scripts

Edit "httpd.conf" and make sure below line is there.

AddType application/x-httpd-php .php .phtml
Action application/x-httpd-php /cgi-bin/php

Then at virtual host level use this.
Scriptalias /cgi-bin/ /var/www/site1/public_html/cgi-bin/

Make sure to place the php binary in cgi-bin directory of each virtual host.

Gzip Compression


Apache must be compiled with --enable-deflate

#Adding these lines in conf enables the automatic GZIP-Compression
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/css
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
Header append Vary User-Agent env=!dont-vary

#Below lines can be used in virtualhost entry for host based enabling of compression.
#Vhost level Gzip compression
#Not required if already enabled out side virtual host
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/css

Referrer Checking


Apache must be compiled with --enable-rewrite

#This will enfoce referrer checking for gif and jpg images
RewriteEngine on
RewriteLog /var/log/server.rewrite.txt
RewriteLogLevel 4
RewriteCond %{HTTP_REFERER} !^http://test.server1.com/.*$ [NC]
RewriteRule .*.(gif|GIF|jpg|JPG)$ - [F]

Reverse Proxy


Apache must be compiled with --enable-proxy

A reverse proxy, by contrast, appears to the client just like an ordinary web server. No special configuration on the client is necessary. The client makes ordinary requests for content in the name-space of the reverse proxy. The reverse proxy then decides where to send those requests, and returns the content as if it was itself the origin.

Example :
<VirtualHost xx.xxx.xx.xx:80>
   ServerAdmin webmaster@dummy-host.example.com
   ServerName site1.com
   ProxyPass / http://www.site2.com
</VirtualHost>

Forward Proxy


Warning Do not enable proxying with ProxyRequests until you have secured your server. Open proxy servers are dangerous both to your network and to the Internet at large.

Apache must be compiled with --enable-proxy

Forward proxy is what proxy servers mostly do.
ProxyRequests On
ProxyVia On

<Proxy *>
  Order deny,allow
  Deny from all
  Allow from internal.example.com
</Proxy>

SourceForge.net Logo









All trade marks are property of respective owners
All rights reserved 2003-2007, Openpages.info, Multan, Pakistan
          Contact Me