Apache: Difference between revisions
Jump to navigation
Jump to search
| (15 intermediate revisions by 2 users not shown) | |||
| Line 39: | Line 39: | ||
mv php-5.2.0 php-5.2.0_clonweb | mv php-5.2.0 php-5.2.0_clonweb | ||
cd /usr/local/src/php-5.2.0_clonweb | cd /usr/local/src/php-5.2.0_clonweb | ||
./configure --with-mysql --with-apxs2=/www/apache2.2.3/bin/apxs | ./configure --with-mysql --with-apxs2=/www/apache2.2.3/bin/apxs --enable-sockets --with-snmp | ||
make | make | ||
make install | |||
cp /usr/local/src/php-5.2.0_clonweb/libs/libphp5.so /www/apache2.2.3/modules | ##cp /usr/local/src/php-5.2.0_clonweb/libs/libphp5.so /www/apache2.2.3/modules | ||
Fix apache config file /www/apache2.2.3/conf/httpd.conf: | Fix apache config file /www/apache2.2.3/conf/httpd.conf: | ||
| Line 54: | Line 54: | ||
== Final Apache Installation == | == Final Apache Installation == | ||
Edit /www/apache2.2.3/htdocs/index.html file. | Edit /www/apache2.2.3/htdocs/index.html file (or do it later). | ||
To start/stop apache server do following: | To start/stop apache server do following: | ||
/www/apache2.2.3/bin/apachectl start | |||
/www/apache2.2.3/bin/apachectl stop | |||
If it started fine, fix startup script '/etc/rc.d/init.d/httpd' setting correct pathes: | If it started fine, fix startup script '/etc/rc.d/init.d/httpd' setting correct pathes: | ||
# config: /www/apache2.2.3/conf/httpd.conf | |||
# pidfile: /www/apache2.2.3/logs/httpd.pid | |||
apachectl=/www/apache2.2.3/bin/apachectl | |||
httpd=${HTTPD-/www/apache2.2.3/bin/httpd} | |||
pidfile=${PIDFILE-/www/apache2.2.3/logs/httpd.pid} | |||
Modified file is saved as ''/www/apache2.2.3/httpd.for_etc_init_d'', copy it as ''/etc/init.d/httpd''. | Modified file is saved as ''/www/apache2.2.3/httpd.for_etc_init_d'', copy it as ''/etc/init.d/httpd''. | ||
| Line 73: | Line 73: | ||
Now apache can be controled by following commands: | Now apache can be controled by following commands: | ||
/etc/init.d/httpd stop | |||
/etc/init.d/httpd start | |||
/etc/init.d/httpd restart | |||
Add apache to the list of services to be started at boot time using: | Add apache to the list of services to be started at boot time using: | ||
/usr/bin/system-config-services | |||
== Password protection == | |||
1. Create password file: | |||
htpasswd -c /www/apache2.2.11/conf/passwords user1 | |||
New password: | |||
Re-type new password: | |||
Adding password for user user1 | |||
NOTE: more users can be added by | |||
htpasswd /www/apache2.2.11/conf/passwords user2 | |||
or deleted by | |||
htpasswd -D /www/apache2.2.11/conf/passwords user2 | |||
2. Create group file ''/www/apache2.2.11/conf/groups'' with appropriate contents, for example: | |||
GroupName: user1 user2 | |||
3. Close by default access to the ''DocumentRoot'' directory (will be allowed for every subdirectory, see next paragraph): | |||
<Directory "/www/apache2.2.11/htdocs"> | |||
... | |||
#sergey | |||
#Allow from all | |||
Deny from all | |||
</Directory> | |||
4. Add following to the end of ''httpd.conf'' file: | |||
#protect personal directories by password | |||
<Directory "/www/apache2.2.11/htdocs/user1"> | |||
# AuthType Digest | |||
AuthType Basic | |||
AuthName "Restricted Area" | |||
AuthUserFile /www/apache2.2.11/conf/passwords | |||
Require user user1 | |||
Allow from all | |||
</Directory> | |||
<Directory "/www/apache2.2.11/htdocs/user2"> | |||
# AuthType Digest | |||
AuthType Basic | |||
AuthName "Restricted Area" | |||
AuthUserFile /www/apache2.2.11/conf/passwords | |||
Require user user2 | |||
Allow from all | |||
</Directory> | |||
<Directory "/www/apache2.2.11/htdocs"> | |||
# AuthType Digest | |||
AuthType Basic | |||
AuthName "Restricted Area" | |||
AuthUserFile /www/apache2.2.11/conf/passwords | |||
AuthGroupFile /www/apache2.2.11/conf/groups | |||
Require Group GroupName | |||
Allow from all | |||
</Directory> | |||
it will give an password-protected access for user1 to directories ''user1'' and ''guest'', and for user2 to directories ''user2'' and ''guest''. | |||
5. Restart apache | |||
== SSL configuration == | |||
1. Generate certificate: | |||
ssleay req -out certificate.pem -nodes -new -x509 -days days | |||
openssl req -new -x509 -days 3650 -keyout ./private/myserver.key -out myserver.crt | |||
openssl x509 -in myserver.crt -text -noout | more | |||
Latest revision as of 12:19, 24 February 2009
Apache initial installation
Login as 'root'. Do following:
download 'httpd-2.2.3.tar.gz' from web to '/usr/local/download/' cp /usr/local/downloads/httpd-2.2.3.tar.gz /usr/local/src cd /usr/local/src gunzip httpd-2.2.3.tar.gz tar xvf httpd-2.2.3.tar rm httpd-2.2.3.tar
If in 'clonweb' do fillowing (on 'clonwiki' replace 'clonweb' by 'clonwiki'). Make sure directory '/www/apache2.2.3' exist, create it if necessary.
mv httpd-2.2.3 httpd-2.2.3_clonweb cd /usr/local/src/httpd-2.2.3_clonweb ./configure --enable-module=so --prefix=/www/apache2.2.3 make make install
Make sure that user set to 'apache' (should exist already):
grep "^User" /www/apache2.2.3/conf/httpd.conf emacs /www/apache2.2.3/conf/httpd.conf set User (and Group) to 'apache' if necessary
PHP Installation
Login as 'root'. Do following:
download 'php-5.2.0.tar.gz' from web to '/usr/local/download/' cp /usr/local/downloads/php-5.2.0.tar.gz /usr/local/src cd /usr/local/src gunzip php-5.2.0.tar.gz tar xvf php-5.2.0.tar rm php-5.2.0.tar
Following is for 'clonweb', use your machine name if necessary:
mv php-5.2.0 php-5.2.0_clonweb cd /usr/local/src/php-5.2.0_clonweb ./configure --with-mysql --with-apxs2=/www/apache2.2.3/bin/apxs --enable-sockets --with-snmp make make install ##cp /usr/local/src/php-5.2.0_clonweb/libs/libphp5.so /www/apache2.2.3/modules
Fix apache config file /www/apache2.2.3/conf/httpd.conf:
DirectoryIndex index.php index.html LoadModule php5_module modules/libphp5.so AddType application/x-httpd-php .php AddType application/x-httpd-php .php3 AddType application/x-httpd-php .phtml
Final Apache Installation
Edit /www/apache2.2.3/htdocs/index.html file (or do it later).
To start/stop apache server do following:
/www/apache2.2.3/bin/apachectl start /www/apache2.2.3/bin/apachectl stop
If it started fine, fix startup script '/etc/rc.d/init.d/httpd' setting correct pathes:
# config: /www/apache2.2.3/conf/httpd.conf
# pidfile: /www/apache2.2.3/logs/httpd.pid
apachectl=/www/apache2.2.3/bin/apachectl
httpd=${HTTPD-/www/apache2.2.3/bin/httpd}
pidfile=${PIDFILE-/www/apache2.2.3/logs/httpd.pid}
Modified file is saved as /www/apache2.2.3/httpd.for_etc_init_d, copy it as /etc/init.d/httpd.
Now apache can be controled by following commands:
/etc/init.d/httpd stop /etc/init.d/httpd start /etc/init.d/httpd restart
Add apache to the list of services to be started at boot time using:
/usr/bin/system-config-services
Password protection
1. Create password file:
htpasswd -c /www/apache2.2.11/conf/passwords user1 New password: Re-type new password: Adding password for user user1
NOTE: more users can be added by
htpasswd /www/apache2.2.11/conf/passwords user2
or deleted by
htpasswd -D /www/apache2.2.11/conf/passwords user2
2. Create group file /www/apache2.2.11/conf/groups with appropriate contents, for example:
GroupName: user1 user2
3. Close by default access to the DocumentRoot directory (will be allowed for every subdirectory, see next paragraph):
<Directory "/www/apache2.2.11/htdocs">
...
#sergey
#Allow from all
Deny from all
</Directory>
4. Add following to the end of httpd.conf file:
#protect personal directories by password <Directory "/www/apache2.2.11/htdocs/user1"> # AuthType Digest AuthType Basic AuthName "Restricted Area" AuthUserFile /www/apache2.2.11/conf/passwords Require user user1 Allow from all </Directory> <Directory "/www/apache2.2.11/htdocs/user2"> # AuthType Digest AuthType Basic AuthName "Restricted Area" AuthUserFile /www/apache2.2.11/conf/passwords Require user user2 Allow from all </Directory> <Directory "/www/apache2.2.11/htdocs"> # AuthType Digest AuthType Basic AuthName "Restricted Area" AuthUserFile /www/apache2.2.11/conf/passwords AuthGroupFile /www/apache2.2.11/conf/groups Require Group GroupName Allow from all </Directory>
it will give an password-protected access for user1 to directories user1 and guest, and for user2 to directories user2 and guest.
5. Restart apache
SSL configuration
1. Generate certificate:
ssleay req -out certificate.pem -nodes -new -x509 -days days openssl req -new -x509 -days 3650 -keyout ./private/myserver.key -out myserver.crt openssl x509 -in myserver.crt -text -noout | more