~~socialite:icon reddit googleplus stumbleupon twitter~~
===== Basic Apache Directives =====
==== Directives for a minimal install ====
* **ServerType** - how apache runs, either daemon or inetd (usually daemon)
* **ServerRoot** - the directory under which apache is installed, e.g. /usr/local/apache
* **DocumentRoot** - the directory (html) documents are kept in, e.g. /usr/local/apache/htdocs
* **User** - the user apache runs as after the initial start up as root, e.g. apache
* **Group** - the group apache will run as , e.g. httpd
* **TransferLog** - the file the server will record information about requests it receives, e.g. logs/access.log (without a leading / , the path will be interpreted as relative to the ServerRoot ).
* **ErrorLog** - the file errors are recorded in
* **Port** - the port the server listens on, by default 80 (if the port is below 1024, root has to start the server as it will be a privileged port)
* **ServerName** - the name the server identifies itself as and should be the fully qualified hostname, e.g. www.in2nix.com (this should be recorded in /etc/hosts in case of DNS problems)
* **PidFile** - Where to record the process number of the parent process (used for communicating with and controlling the server)
* **ServerAdmin** - Normally an email address to report problems to
==== Security ====
Normally there is a default security entry e.g.
AllowOveride None
Options None
Order deny,allow
Deny from all
This disallows access to all directories, i.e. / downwards . This is then
normally overriden with further directives allowing access to specific
directories.
==== Permissions ====
These are best set as follows (the ServerRoot in this example is /usr/local/
apache):
1. chown -R root:root /usr/local/apache
2. chmod -R 740 /usr/local/apache/*
3. chmod 755 /usr/local/apache/cgi-bin /usr/local/apache/cgi-bin/*
4. chgrp -R wwwdocs /usr/local/htdocs
5. chmod -R 775 /usr/local/apache/htdocs
Note: wwwdocs would be a group containing users who can update web pages.
==== httpd command flags ====
* -d - server root directory
* -f - location of config file
* -h - list directives
* -l - list modules
* -v - echo version
* -X - for debugging, won't go into daemon mode
* apachectl start/stop - start or stop the httpd daemon
==== Authentication directives ====
The following security related directives can be used (often in conjunction
with one another) to control who can access what...
* **Allow from host/network/all** - mod_access module
* **Deny from host/network/all** - mod_access module
* **Order deny/allow** - process the deny first the allow, i.e. if not specifically denied, is allowed
* **Order allow/deny** - if not specifically allowed, is denied
* **Order mutual-failure** - Must be allowed and not match any deny rules, i.e. both allow and deny rules checked before authenticated
* **AuthType type** - e.g. authentication type, type could be basic
* **AuthName realname** - A name representing an area users need to be authenticated for
* **Require user username [username]** - access will be denied unless the authenticated username is in the list username [username]
* **Require group groupname [groupname]** - access will be denied unless the authenticated groupname is in the list groupname [groupname]
* **Require valid-user** - acess will be granted if user authenticated
* **Satisfy All** - the allow/deny and username, password, group rules must all be satisfied
* **Satisfy Any** - Either allow/deny or network identity checks can be met
==== mod_auth module ====
Enhanced authentication is provided by running apache with the mod_auth module
included. This has the following directives:
* **AuthUser File filename** - file containing usernames and encrypted passwords
* **AuthGroup File filename** - file containing a group name and users in that group
* **AuthAuthoritive Boolean** - either on or off. If on, only AuthUser/AuthGroup used. Otherwise a request is passwed to any other authentication methods installed.
* **mod_auth_db/mod_auth_dbm** - allows authentication to be stored in DBM or BerkelyDB database
==== Other Directives (containers) ====
* **** - Directives inside apply to this directory only
* **** - Directives inside apply to these files only
* **** - Directives inside apply to this URL location only
* **** - Defines a virtual web site. Directives inside apply to the virtual web site only.
**Still stuck? Maybe we can help.** Contact us [[https://www.upwork.com/o/profiles/users/_~01207a4bc438b48c6e|at Upwork]]
Never miss a thing [[http://www.justsomestuff.co.uk/subscribe.php|subscribe to our newsletter]] {{glyphicon>envelope}}
or follow us [[http://twitter.com/itsjustsomestuf|on twitter]] {{glyphicon>hand-left}}
For more super cool techie stuff [[http://www.justsomestuff.co.uk/theblog|check out our blog!!]]
===Recent Changes===
{{changes>}}
====Contribute to this wiki====
Why not help others by sharing your knowledge? Contribute something to this wiki and
[[http://www.justsomestuff.co.uk/hall_of_fame.html|join out hall of fame!]]\\
[[http://www.justsomestuff.co.uk/theblog/contact-page|Contact us]] for a user name and password