675-677.html

linux-unix130.linux.and.unix.ebooks130 linux and unix ebookslinuxLearning Linux - Collection of 12 E

<HTML>
<HEAD>
<TITLE>Special Edition Using Linux, Fourth Edition:Getting Started with Apache</TITLE>
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
<SCRIPT>
<!--
function displayWindow(url, width, height) {
        var Win = window.open(url,"displayWindow",'width=' + width +
',height=' + height + ',resizable=1,scrollbars=yes');
}
//-->
</SCRIPT>
</HEAD>

 -->


<!--ISBN=0789717468//-->
<!--TITLE=Special Edition Using Linux, Fourth Edition//-->
<!--AUTHOR=Jack Tackett//-->
<!--AUTHOR=Jr.//-->
<!--AUTHOR=Steve Burnett//-->
<!--PUBLISHER=Macmillan Computer Publishing//-->
<!--IMPRINT=Que//-->
<!--CHAPTER=35//-->
<!--PAGES=675-677//-->
<!--UNASSIGNED1//-->
<!--UNASSIGNED2//-->

<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="673-675.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="677-680.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<H4 ALIGN="LEFT"><A NAME="Heading8"></A><FONT COLOR="#000077">httpd.conf</FONT></H4>
<P>The first configuration file to look at is httpd.conf. This is the file that sets the basic system-level information about the server, such as what port it binds to, which users it runs under, and so on. If you aren&#146;t the systems administrator of the site at which you&#146;re installing the server, you might want to ask the administrator to help you with these questions.
</P>
<P>The essential items to cover in this file include the following:</P>
<DL>
<DD><B>&#149;</B>&nbsp;&nbsp;<TT>Port <I>number</I></TT>
<BR>For example:
<!-- CODE SNIP //-->
<PRE>
Port 80
</PRE>
<!-- END CODE SNIP //-->
<BR>This is the TCP/IP port number to which the Web server binds. Port 80 is the default port in http: URLs. In other words, <A HREF="http://www.myhost.com/">http://www.myhost.com/</A> is equivalent to <A HREF="http://www.myhost.com:80/">http://www.myhost.com:80/</A>.
<BR>For a number of reasons, however, you might want to run your server on a different port; for example, there might already be a server running on port 80, or you might want to keep this server secret. (If there&#146;s sensitive information, however, you should at least use host-based access control, if not password protection.)
<DD><B>&#149;</B>&nbsp;&nbsp;<TT>User #<I>number_or_uid</I></TT>
<BR><TT>Group #<I>number_or_uid</I></TT>
<BR>For example:
<!-- CODE SNIP //-->
<PRE>
User nobody
Group nogroup
</PRE>
<!-- END CODE SNIP //-->
<BR>Apache needs to be launched as root to bind to a port lower than 1024. Immediately after grabbing the port, Apache changes its effective user ID to something else, typically as user <TT>nobody</TT>. This is very important for security reasons.
<BR>This user ID needs to be able to read files in the document root, and it must have read permission on the configuration files. The argument should be the actual user name; however, if you want to give a numeric user ID, prepend the number with a pound sign (#). The Group directive follows the same principle: Decide which group ID you want the server to run with.
<BLOCKQUOTE>
<P><FONT SIZE="-1"><HR><B>NOTE:&nbsp;&nbsp;</B>Running your Web servers as root means that any hole in the server (be it through the server itself or through a CGI script, which is much more likely) could be exploited by an outside user to run a command on your machine. Thus, setting the user to <TT>nobody</TT>, <TT>www</TT>, or some other reasonably innocuous user ID is the safest bet.<HR></FONT>
</BLOCKQUOTE>
<DD><B>&#149;</B>&nbsp;&nbsp;<TT>ServerAdmin <I>email_address</I></TT>
<BR>Set the e-mail address of a user who can receive mail related to the actions of the server. In the case of a server error, the browser visiting your site will receive a message to the effect of &#147;please report this problem to user&#64;myhost.com.&#148; In the future, Apache might send warning e-mail to the ServerAdmin user if it encounters a major systems-related problem.
<DD><B>&#149;</B>&nbsp;&nbsp;<TT>ServerRoot <I>directory</I></TT>
<BR>For example:
<!-- CODE SNIP //-->
<PRE>
ServerRoot /usr/local/apache
</PRE>
<!-- END CODE SNIP //-->
<BR>Set the server root you decided on earlier. Give the full path, and don&#146;t end it with a slash.
<DD><B>&#149;</B>&nbsp;&nbsp;<TT>ErrorLog <I>directory/filename</I></TT>
<BR><TT>TransferLog <I>directory/filename</I></TT>
<BR>Specify exactly where to log errors and Web accesses. If the filename you give doesn&#146;t start with a slash, it&#146;s presumed to be relative to the server root directory. I suggested earlier that the logfiles be sent to a separate directory outside the server root; this is where you specify the logging directory and the name of the logfiles within that directory.
<DD><B>&#149;</B>&nbsp;&nbsp;<TT>ServerName <I>DNS_hostname</I></TT>
<BR>At times, the Web server will have to know the host name it&#146;s being referred to as, which can be different from its real host name. For example, the name <A HREF="www.myhost.com">www.myhost.com</A> might actually be a DNS alias for gateway.myhost.com. In this case, you don&#146;t want the URLs generated by the server to be <A HREF="http://gateway.myhost.com/">http://gateway.myhost.com/</A>. <TT>ServerName</TT> allows you to set that precisely.
</DL>
<H4 ALIGN="LEFT"><A NAME="Heading9"></A><FONT COLOR="#000077">srm.conf</FONT></H4>
<P>The second configuration file to cover before launch is srm.conf. The important things to set in that file include the following:
</P>
<DL>
<DD><B>&#149;</B>&nbsp;&nbsp;<TT>DocumentRoot <I>directory</I></TT>
<BR>As described before, this is the root level of your tree of documents, which could be either /usr/local/apache/htdocs or /www/htdocs. This directory must exist and be readable by the user (usually <TT>nobody</TT>) the Web server runs as.
<DD><B>&#149;</B>&nbsp;&nbsp;<TT>ScriptAlias <I>request_path_alias directory</I></TT>
<BR><TT>ScriptAlias</TT> lets you specify that a particular directory <I>outside</I> the document root can be aliased to a path in the request <I>and</I> that objects in that directory are executed rather than simply read from the file system. For example, the default offering
<!-- CODE SNIP //-->
<PRE>
ScriptAlias /cgi-bin/ /usr/local/apache/cgi-bin/
</PRE>
<!-- END CODE SNIP //-->
<BR>means that a request for <A HREF="http://www.myhost.com/cgi-bin/fortune">http://www.myhost.com/cgi-bin/fortune</A> will execute the program /usr/local/apache/cgi-bin/fortune. Apache comes bundled with a number of useful beginner CGI scripts, simple shell scripts that illustrate CGI programming.
<BR>Finally, the directory containing the CGI scripts should <I>not</I> be under the document root. Bizarre interactions between the code that handles <TT>ScriptAlias</TT> and the code that handles request/path name resolution could cause problems.
</DL>
<H4 ALIGN="LEFT"><A NAME="Heading10"></A><FONT COLOR="#000077">access.conf</FONT></H4>
<P>access.conf is structured more rigidly than the other configuration files; the content is contained within <TT>&lt;Directory&gt;&lt;/Directory&gt;</TT> pseudo-HTML tags that define the scope of the directives listed within.</P>
<BLOCKQUOTE>
<P><FONT SIZE="-1"><HR>&#149; <B>See</B> &#147;Configuration Basics,&#148; <B>p. 684</B><HR></FONT>
</BLOCKQUOTE>
<P>So for example, the directives between
</P>
<!-- CODE SNIP //-->
<PRE>
&lt;Directory /www/htdocs&gt;
</PRE>
<!-- END CODE SNIP //-->
<P>and
</P>
<!-- CODE SNIP //-->
<PRE>
&lt;/Directory&gt;
</PRE>
<!-- END CODE SNIP //-->
<P>affect everything located under the /www/htdocs directory. Furthermore, wildcards can be used. For example,
</P>
<!-- CODE SNIP //-->
<PRE>
&lt;Directory /www/htdocs/*/archives/&gt;
....
&lt;/Directory&gt;
</PRE>
<!-- END CODE SNIP //-->
<P>applies to /www/htdocs/list1/archives/, /www/htdocs/list2/archives/, and so on.
</P><P><BR></P>
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="673-675.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="677-680.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>


</td>
</tr>
</table>
<!-- begin footer information -->



</body></html>