Apache
From the apache homepage:
The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.
Links
Documentation | |
http://httpd.apache.org/ | Apache homepage |
http://httpd.apache.org/docs/2.2/ | 2.2 Reference |
http://httpd.apache.org/docs/2.0/ | 2.0 Reference |
http://httpd.apache.org/docs/1.3/ | 1.3 Reference |
Apache and SSL | |
Apache2, Debian and SSL | |
More Apache and SSL | |
Articles | |
vhosts explained | "Simplify Your Life with Apache Virtual Hosts" Russell Dyer 07/24/2003 |
Tools | |
http://awstats.sourceforge.net/ | Apache log analyzer |
Documentation
Virtual hosts
Application & modules
Log analyzers
Notes
- Don't use the CGI to present the data unless it is protected. Best use awstats_buildstaticpages.pl to build the static pages and present those. Save resources and is more secure.
Related Items
Web-based Single Sign-On
Applications
Comparisons
- http://www.jisc.ac.uk/uploaded_documents/CMSS-Gilmore.pdf
- http://www.umich.edu/~umweb/downloads/WebSSOImplementationComparision.pdf
FAQ
AH01630: client denied by server configuration
Probably using 2.2 config on 2.4, change
Order allow,deny Allow from all
to
Require all granted
[core:emerg] [pid 3317] (28)No space left on device: AH00023: Couldn't create the rewrite-map mutex
Check
ipcs -s
Check which MPM is running ( prefork or worker)
httpd -V | grep MPM
NameVirtualHost *:80 has no VirtualHosts
This means you're using <VirtualHost *> instead of <VirtualHost *:80> Or you have multiple declarations of NameVirtualHost *:80
Telnet session to webserver
telnet www.example.com 80 get / HTTP/1.1 <enter> <enter>
For a virtual also pass host:
get / HTTP/1.1 host: virtual.host.com <enter>
Apache memory usage
ps aux|grep http|awk '{sum+=$4} END {print sum}'
Authentication
Read:
- Apache Authentication in htaccess
- Password Protection with .htaccess & .htpasswd
- http://httpd.apache.org/docs/2.2/howto/auth.html
- https://httpd.apache.org/docs/2.4/howto/auth.html
In .htaccess or </Directory> section put:
Authtype Basic AuthUserFile /etc/apache/htusers Require valid-user AuthName "Protected"
Hide directories
RedirectMatch 404 /\.svn(/|$)
or
<DirectoryMatch "^/.*/\.git/"> Require all denied </DirectoryMatch>
Deny access to files
<FilesMatch \.(?i:gif|jpe?g|png)$> Require all denied </FilesMatch>
Strange hang and not restarting
ipcs -s|grep apache for i in `ipcs -s|grep apache|awk {'print $2'}`;do ipcrm sem $i;done;
Get core dumps
- http://wiki.apache.org/httpd/CoreDump
- /usr/share/doc/apache2.2-common/README.backtrace
In apache configuration:
CoreDumpDirectory /tmp/apache2-gdb-dump (make sure to have proper rights)
On freebsd
Set apache22limits_enable="YES in /etc/rc.conf
In apache configuration:
CoreDumpDirectory /tmp/apache2-gdb-dump (make sure to have proper rights)
Other stuff to try
sysctl kern.sugid_coredump=1 sysctl kern.coredumps=1
On Debian
sysctl fs.suid_dumpable=2 ? ulimit -c unlimited ?
Socket is not connected: core_output_filter: writing data to the network
Bug in some versions?
Connection refused: connect to listener on 0.0.0.0:80
Seems a jail problem, try setting
Listen 12.33.44.55:80
No such file or directory: Failed to enable the 'httpready' Accept Filter
In /boot/loader.conf
accf_data_load="YES" accf_http_load="YES"
sorting apache logs
http://jehiah.cz/archive/sorting-apache-logs
unable to include potential exec
Rewriting and redirecting
http://www.aitechsolutions.net/apacheredirect.html
redirect http to https
#this usually does the trick Redirect permanent / https://foo.com
*http://www.whoopis.com/howtos/apache-rewrite.html
debugging rewrites
status codes
client denied by server configuration
That's the Deny/Allow bits in config
AH00179: changing ServerLimit to 700 from original value of 512 not allowed during restart
Needs a real restart
AH00162: server seems busy
maybe it's busy