Installing and
Configuring Apache
Qian Li
Installation
Building from source
Flexible, customizable
Easy to upgrade
Installing Apache on Linux/Unix
Downloading the source code
Official download site http://www.apache.org/dist/httpd
Uncompressing the source code
Gnuzip < httpd-2.2*.tar.gz | tar xvf Cat httpd-2.2*.tar.z | uncompress| tar xvf  Running the configuration script
#>./configure
Creates makefiles used by make, finds libraries, compile-time
options, platform-specific differences, etc.
Compiling the code and installing it
#> make – compiling
#> make install – installing files and directories

Configuration – Configuration Files
Two types of configuration files:
The main file: httpd.conf
It's location is set at the compile-time
Changes to the main file are only recognized at
start and restart of Apache
 Per-directory configuration files
Can be placed in the file system
Will be processed when a file, in the same
directory or at any subdirectories, is requested
Configuration – Configuration Files
Structure of configuration files:
Only in text format
Directives – configure specific settings of
Apache. E.g. authentication, performance, and
network parameters. Listen 192.168.128.10:80
Containers – specify the context to which those
settings refer. E.g. authorization configuration can
refer to the server as a whole, a directory, or a
single file. <VirtualHost ...> ... </VirtualHost>
Configuration -- Authentication
Authentication process:
A client tries to access restricted content in the web server
Apache checks for username and password. If not provided, it returns
an HTTP 401 status code
The client prompts the user for username and password
The client retries accessing the web page with username and
password
Apache checks the validity of the credentials and grants or denies
access based on the user identity and other access rules.
Two types of authentication mechanisms:
Basic authentication mechanism
Username and password are sent in clear text
Digest authentication mechanism
Username and password are sent in the form of hashed value
Configuration -- Authentication
Authentication directives
AuthName – accepts a string argument, the name
for the authentication realm.
A realm is a logical area of the web server that
you are asking the password for.
AuthType – specifies the type of browser
authentication: basic or digest
Require – enables you to specify a list of users or
groups that will be allowed access.
Require valid-user
Configuration – Authentication
Functionalities of authentication modules:
Back-end storage – provide text or database files
containing the username and group information
User management – supply tools for creating and
managing users and groups in the back-end storage
Authoritative information – specify whether the
results of the module are authoritative
Configuration – Virtual Hosting
Virtual hosting – allows a single instance of Apache
to serve different web sites, identified by their
domain names.
Two types of virtual hosting:
IP-based – each of the domains is assigned a
different IP address
Name-based – several domains share a single IP
address
Configuration – Virtual Hosting
IP-based virtual hosting:
Listen 192.168.128.10:80
Listen 192.168.129.10:80
<VirtualHost 192.168.128.10:80>
DocumentRoot /usr/host1
</VirtualHost>
<VirtualHost 192.168.129.10:80>
DocumentRoot /usr/host2
</VirtualHost>
An access to 192.168.129.10/index.html refers to
/usr/host2/index.html
Configuration – Virtual Hosting
Name-based virtual hosting:
Needs the support of HTTP/1.1
The Host header – enables a browser to specify
the exact host for which the request is intended.
Hence allows several hostnames to share a
single IP address.
Configuration – Virtual Hosting
Name-based virtual hosting:
NameVirtualHost 192.168.128.10
Listen 192.168.128.10:80
<VirtualHost 192.168.128.10>
ServerName host1.example.com
DocumentRoot /usr/host1
</VirtualHost>
<VirtualHost 192.168.128.10>
ServerName host2.example.com
DocumentRoot /usr/host2
</VirtualHost>