208.1. Implementing a web server

208.1 Implementing a webserver

Weight:4
Description:Candidates should be able to install and configure a web server. This objective includes monitoring the server’s load and performance, restricting client user access, configuring support for scripting languages as modules and setting up client user authentication. Also included is configuring server options to restrict usage of resources. Candidates should be able to configure a web server to use virtual hosts and customize file access.
KeyKnowledgeAreas:
    Apache 2.4 configuration files, terms and utilities
    Apache log files configuration and content
    Access restriction methods and files
    mod_perl and PHP configuration
    Client user authentication files and utilities
    Configuration of maximum requests, minimum and maximum servers and clients
    Apache 2.4 virtual host implementation (with and without dedicated IP addresses)
    Using redirect statements in Apache’s configuration files to customize file access
TermsandUtilities:
    access logs and error logs
    .htaccess
    httpd.conf
    mod_auth_basic, mod_authz_host and mod_access_compat
    htpasswd
    AuthUserFile, AuthGroupFile
    apachectl, apache2ctl
    httpd, apache2

WhatisTheWebServer?

A Web server is a program that uses HTTP (Hypertext Transfer Protocol) to serve the files that form Web pages to users, in response to their requests, which are forwarded by their computers' HTTP clients. Dedicated computers and appliances may be referred to as Web servers as well.
There are some considerations in choosing a Web server include how well it works with the operating system and other servers, its ability to handle server-side programming, security characteristics, and the particular publishing, search engine and site building tools that come with it.
Leading Web servers include Apache (the most widely-installed Web server), Microsoft's Internet Information Server (IIS) and nginx (pronounced engine X) from NGNIX. Other Web servers include Novell's NetWare server, Google Web Server (GWS) and IBM's family of Domino servers.

Apache

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.
The Apache HTTP Server ("httpd") was launched in 1995 and it has been the most popular web server on the Internet since April 1996. It has celebrated its 20th birthday as a project in February 2015. The Apache HTTP Server is a project of The Apache Software Foundation. The current version of apache is version 2.0.

httpd.conf

Apache configuration file(s) are stored differently in different distributions, but they are mostly the same thing. There is one standard configuration file which might be broked to many pieces.
apache
Redhat / CentOS
Debian / Ubuntu
Package Name
httpd
apache2
Configuration Files Location
/etc/httpd
/etc/apache2
Configuration files are broken up in differently in Redhat or Debian :

apache on Ubuntu

ok.Lets install apache2 on ubuntu first:
1
[email protected]:~# apt-get install apache2
2
[email protected]:~# dpkg -L apache2 | egrep -i "\/etc|\/var"
3
/etc
4
/etc/logrotate.d
5
/etc/logrotate.d/apache2
6
/etc/default
7
/etc/default/apache-htcacheclean
8
/etc/apache2
9
/etc/apache2/mods-available
10
/etc/apache2/mods-available/slotmem_plain.load
11
/etc/apache2/mods-available/dav_fs.conf
12
/etc/apache2/mods-available/remoteip.load
13
/etc/apache2/mods-available/cache_socache.load
14
...shorten....
15
/etc/apache2/mods-available/dir.conf
16
/etc/apache2/mods-available/reflector.load
17
/etc/apache2/mods-available/lbmethod_heartbeat.load
18
/etc/apache2/mods-available/env.load
19
/etc/apache2/mods-available/proxy_http.load
20
/etc/apache2/mods-available/suexec.load
21
/etc/apache2/mods-enabled
22
/etc/apache2/conf-available
23
/etc/apache2/conf-available/serve-cgi-bin.conf
24
/etc/apache2/conf-available/other-vhosts-access-log.conf
25
/etc/apache2/conf-available/localized-error-pages.conf
26
/etc/apache2/conf-available/security.conf
27
/etc/apache2/conf-available/charset.conf
28
/etc/apache2/sites-available
29
/etc/apache2/sites-available/default-ssl.conf
30
/etc/apache2/sites-available/000-default.conf
31
/etc/apache2/sites-enabled
32
/etc/apache2/magic
33
/etc/apache2/conf-enabled
34
/etc/apache2/ports.conf
35
/etc/apache2/envvars
36
/etc/apache2/apache2.conf
37
/etc/ufw
38
/etc/ufw/applications.d
39
/etc/ufw/applications.d/apache2
40
/etc/ufw/applications.d/apache2-utils.ufw.profile
41
/etc/init.d
42
/etc/init.d/apache-htcacheclean
43
/etc/init.d/apache2
44
/etc/cron.daily
45
/etc/cron.daily/apache2
46
/var
47
/var/www
48
/var/www/html
49
/var/cache
50
/var/cache/apache2
51
/var/cache/apache2/mod_cache_disk
52
/var/lib
53
/var/lib/apache2
54
/var/log
55
/var/log/apache2
Copied!
the main configuration file httpd.conf:
1
[email protected]:/# cd /etc/apache2/
2
[email protected]:/etc/apache2# cat apache2.conf
3
# This is the main Apache server configuration file. It contains the
4
# configuration directives that give the server its instructions.
5
# See http://httpd.apache.org/docs/2.4/ for detailed information about
6
# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
7
# hints.
8
#
9
#
10
# Summary of how the Apache 2 configuration works in Debian:
11
# The Apache 2 web server configuration in Debian is quite different to
12
# upstream's suggested way to configure the web server. This is because Debian's
13
# default Apache2 installation attempts to make adding and removing modules,
14
# virtual hosts, and extra configuration directives as flexible as possible, in
15
# order to make automating the changes and administering the server as easy as
16
# possible.
17
18
# It is split into several files forming the configuration hierarchy outlined
19
# below, all located in the /etc/apache2/ directory:
20
#
21
# /etc/apache2/
22
# |-- apache2.conf
23
# | `-- ports.conf
24
# |-- mods-enabled
25
# | |-- *.load
26
# | `-- *.conf
27
# |-- conf-enabled
28
# | `-- *.conf
29
# `-- sites-enabled
30
# `-- *.conf
31
#
32
#
33
# * apache2.conf is the main configuration file (this file). It puts the pieces
34
# together by including all remaining configuration files when starting up the
35
# web server.
36
#
37
# * ports.conf is always included from the main configuration file. It is
38
# supposed to determine listening ports for incoming connections which can be
39
# customized anytime.
40
#
41
# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
42
# directories contain particular configuration snippets which manage modules,
43
# global configuration fragments, or virtual host configurations,
44
# respectively.
45
#
46
# They are activated by symlinking available configuration files from their
47
# respective *-available/ counterparts. These should be managed by using our
48
# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
49
# their respective man pages for detailed information.
50
#
51
# * The binary is called apache2. Due to the use of environment variables, in
52
# the default configuration, apache2 needs to be started/stopped with
53
# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
54
# work with the default configuration.
55
56
57
# Global configuration
58
#
59
60
#
61
# ServerRoot: The top of the directory tree under which the server's
62
# configuration, error, and log files are kept.
63
#
64
# NOTE! If you intend to place this on an NFS (or otherwise network)
65
# mounted filesystem then please read the Mutex documentation (available
66
# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);
67
# you will save yourself a lot of trouble.
68
#
69
# Do NOT add a slash at the end of the directory path.
70
#
71
#ServerRoot "/etc/apache2"
72
73
#
74
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
75
#
76
Mutex file:${APACHE_LOCK_DIR} default
77
78
#
79
# PidFile: The file in which the server should record its process
80
# identification number when it starts.
81
# This needs to be set in /etc/apache2/envvars
82
#
83
PidFile ${APACHE_PID_FILE}
84
85
#
86
# Timeout: The number of seconds before receives and sends time out.
87
#
88
Timeout 300
89
90
#
91
# KeepAlive: Whether or not to allow persistent connections (more than
92
# one request per connection). Set to "Off" to deactivate.
93
#
94
KeepAlive On
95
96
#
97
# MaxKeepAliveRequests: The maximum number of requests to allow
98
# during a persistent connection. Set to 0 to allow an unlimited amount.
99
# We recommend you leave this number high, for maximum performance.
100
#
101
MaxKeepAliveRequests 100
102
103
#
104
# KeepAliveTimeout: Number of seconds to wait for the next request from the
105
# same client on the same connection.
106
#
107
KeepAliveTimeout 5
108
109
110
# These need to be set in /etc/apache2/envvars
111
User ${APACHE_RUN_USER}
112
Group ${APACHE_RUN_GROUP}
113
114
#
115
# HostnameLookups: Log the names of clients or just their IP addresses
116
# e.g., www.apache.org (on) or 204.62.129.132 (off).
117
# The default is off because it'd be overall better for the net if people
118
# had to knowingly turn this feature on, since enabling it means that
119
# each client request will result in AT LEAST one lookup request to the
120
# nameserver.
121
#
122
HostnameLookups Off
123
124
# ErrorLog: The location of the error log file.
125
# If you do not specify an ErrorLog directive within a <VirtualHost>
126
# container, error messages relating to that virtual host will be
127
# logged here. If you *do* define an error logfile for a <VirtualHost>
128
# container, that host's errors will be logged there and not here.
129
#
130
ErrorLog ${APACHE_LOG_DIR}/error.log
131
132
#
133
# LogLevel: Control the severity of messages logged to the error_log.
134
# Available values: trace8, ..., trace1, debug, info, notice, warn,
135
# error, crit, alert, emerg.
136
# It is also possible to configure the log level for particular modules, e.g.
137
# "LogLevel info ssl:warn"
138
#
139
LogLevel warn
140
141
# Include module configuration:
142
IncludeOptional mods-enabled/*.load
143
IncludeOptional mods-enabled/*.conf
144
145
# Include list of ports to listen on
146
Include ports.conf
147
148
149
# Sets the default security model of the Apache2 HTTPD server. It does
150
# not allow access to the root filesystem outside of /usr/share and /var/www.
151
# The former is used by web applications packaged in Debian,
152
# the latter may be used for local directories served by the web server. If
153
# your system is serving content from a sub-directory in /srv you must allow
154
# access here, or in any related virtual host.
155
<Directory />
156
Options FollowSymLinks
157
AllowOverride None
158
Require all denied
159
</Directory>
160
161
<Directory /usr/share>
162
AllowOverride None
163
Require all granted
164
</Directory>
165
166
<Directory /var/www/>
167
Options Indexes FollowSymLinks
168
AllowOverride None
169
Require all granted
170
</Directory>
171
172
#<Directory /srv/>
173
# Options Indexes FollowSymLinks
174
# AllowOverride None
175
# Require all granted
176
#</Directory>
177
178
179
180
181
# AccessFileName: The name of the file to look for in each directory
182
# for additional configuration directives. See also the AllowOverride
183
# directive.
184
#
185
AccessFileName .htaccess
186
187
#
188
# The following lines prevent .htaccess and .htpasswd files from being
189
# viewed by Web clients.
190
#
191
<FilesMatch "^\.ht">
192
Require all denied
193
</FilesMatch>
194
195
196
#
197
# The following directives define some format nicknames for use with
198
# a CustomLog directive.
199
#
200
# These deviate from the Common Log Format definitions in that they use %O
201
# (the actual bytes sent including headers) instead of %b (the size of the
202
# requested file), because the latter makes it impossible to detect partial
203
# requests.
204
#
205
# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
206
# Use mod_remoteip instead.
207
#
208
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
209
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
210
LogFormat "%h %l %u %t \"%r\" %>s %O" common
211
LogFormat "%{Referer}i -> %U" referer
212
LogFormat "%{User-agent}i" agent
213
214
# Include of directories ignores editors' and dpkg's backup files,
215
# see README.Debian for details.
216
217
# Include generic snippets of statements
218
IncludeOptional conf-enabled/*.conf
219
220
# Include the virtual host configurations:
221
IncludeOptional sites-enabled/*.conf
Copied!
Wow that is a big configuration file but it gives us good information about how apache include other directories and configuration files.
1
[email protected]:/etc/apache2# tree
2
.
3
├── apache2.conf
4
├── conf-available
5
│ ├── charset.conf
6
│ ├── localized-error-pages.conf
7
│ ├── other-vhosts-access-log.conf
8
│ ├── security.conf
9
│ └── serve-cgi-bin.conf
10
├── conf-enabled
11
│ ├── charset.conf -> ../conf-available/charset.conf
12
│ ├── localized-error-pages.conf -> ../conf-available/localized-error-pages.conf
13
│ ├── other-vhosts-access-log.conf -> ../conf-available/other-vhosts-access-log.conf
14
│ ├── security.conf -> ../conf-available/security.conf
15
│ └── serve-cgi-bin.conf -> ../conf-available/serve-cgi-bin.conf
16
├── envvars
17
├── magic
18
├── mods-available
19
│ ├── access_compat.load
20
│ ├── actions.conf
21
│ ├── actions.load
22
│ ├── alias.conf
23
│ ├── alias.load
24
│ ├── allowmethods.load
25
│ ├── asis.load
26
│ ├── auth_basic.load
27
│ ├── auth_digest.load
28
│ ├── auth_form.load
29
...... shorten ......
30
│ ├── userdir.conf
31
│ ├── userdir.load
32
│ ├── usertrack.load
33
│ ├── vhost_alias.load
34
│ └── xml2enc.load
35
├── mods-enabled
36
│ ├── access_compat.load -> ../mods-available/access_compat.load
37
│ ├── alias.conf -> ../mods-available/alias.conf
38
│ ├── alias.load -> ../mods-available/alias.load
39
│ ├── auth_basic.load -> ../mods-available/auth_basic.load
40
│ ├── authn_core.load -> ../mods-available/authn_core.load
41
│ ├── authn_file.load -> ../mods-available/authn_file.load
42
│ ├── authz_core.load -> ../mods-available/authz_core.load
43
│ ├── authz_host.load -> ../mods-available/authz_host.load
44
│ ├── authz_user.load -> ../mods-available/authz_user.load
45
│ ├── autoindex.conf -> ../mods-available/autoindex.conf
46
│ ├── autoindex.load -> ../mods-available/autoindex.load
47
│ ├── deflate.conf -> ../mods-available/deflate.conf
48
│ ├── deflate.load -> ../mods-available/deflate.load
49
│ ├── dir.conf -> ../mods-available/dir.conf
50
│ ├── dir.load -> ../mods-available/dir.load
51
│ ├── env.load -> ../mods-available/env.load
52
│ ├── filter.load -> ../mods-available/filter.load
53
│ ├── mime.conf -> ../mods-available/mime.conf
54
│ ├── mime.load -> ../mods-available/mime.load
55
│ ├── mpm_event.conf -> ../mods-available/mpm_event.conf
56
│ ├── mpm_event.load -> ../mods-available/mpm_event.load
57
│ ├── negotiation.conf -> ../mods-available/negotiation.conf
58
│ ├── negotiation.load -> ../mods-available/negotiation.load
59
│ ├── setenvif.conf -> ../mods-available/setenvif.conf
60
│ ├── setenvif.load -> ../mods-available/setenvif.load
61
│ ├── status.conf -> ../mods-available/status.conf
62
│ └── status.load -> ../mods-available/status.load
63
├── ports.conf
64
├── sites-available
65
│ ├── 000-default.conf
66
│ └── default-ssl.conf
67
└── sites-enabled
68
└── 000-default.conf -> ../sites-available/000-default.conf
69
70
6 directories, 175 files
71
[email protected]:/etc/apache2/sites-enabled# ls -l
72
total 0
73
lrwxrwxrwx 1 root root 35 Apr 28 02:02 000-default.conf -> ../sites-available/000-default.conf
Copied!
and see how 000-default.conf configuration file looks like:
1
[email protected]:/etc/apache2/sites-enabled# cat 000-default.conf
2
<VirtualHost *:80>
3
# The ServerName directive sets the request scheme, hostname and port that
4
# the server uses to identify itself. This is used when creating
5
# redirection URLs. In the context of virtual hosts, the ServerName
6
# specifies what hostname must appear in the request's Host: header to
7
# match this virtual host. For the default virtual host (this file) this
8
# value is not decisive as it is used as a last resort host regardless.
9
# However, you must set it for any further virtual host explicitly.
10
#ServerName www.example.com
11
12
ServerAdmin [email protected]
13
DocumentRoot /var/www/html
14
15
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
16
# error, crit, alert, emerg.
17
# It is also possible to configure the loglevel for particular
18
# modules, e.g.
19
#LogLevel info ssl:warn
20
21
ErrorLog ${APACHE_LOG_DIR}/error.log
22
CustomLog ${APACHE_LOG_DIR}/access.log combined
23
24
# For most configuration files from conf-available/, which are
25
# enabled or disabled at a global level, it is possible to
26
# include a line for only one particular virtual host. For example the
27
# following line enables the CGI configuration for this host only
28
# after it has been globally disabled with "a2disconf".
29
#Include conf-available/serve-cgi-bin.conf
30
</VirtualHost>
31
32
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Copied!

apache on CentOS

In centOS there are some minor differences:
1
[email protected] ~]# yum search httpd | grep -i server | grep -i apache
2
httpd.x86_64 : Apache HTTP Server
3
httpd-devel.x86_64 : Development interfaces for the Apache HTTP server
4
httpd-itk.x86_64 : MPM Itk for Apache HTTP Server
5
httpd-manual.noarch : Documentation for the Apache HTTP server
6
httpd-tools.x86_64 : Tools for use with the Apache HTTP Server
7
mod_dav_svn.x86_64 : Apache httpd module for Subversion server
8
9
[[email protected] ~]# yum -y install httpd.x86_64
10
11
[[email protected] ~]# rpm -ql httpd | egrep -i "\/etc|\/var"
12
/etc/httpd
13
/etc/httpd/conf
14
/etc/httpd/conf.d
15
/etc/httpd/conf.d/README
16
/etc/httpd/conf.d/autoindex.conf
17
/etc/httpd/conf.d/userdir.conf
18
/etc/httpd/conf.d/welcome.conf
19
/etc/httpd/conf.modules.d
20
/etc/httpd/conf.modules.d/00-base.conf
21
/etc/httpd/conf.modules.d/00-dav.conf
22
/etc/httpd/conf.modules.d/00-lua.conf
23
/etc/httpd/conf.modules.d/00-mpm.conf
24
/etc/httpd/conf.modules.d/00-proxy.conf
25
/etc/httpd/conf.modules.d/00-systemd.conf
26
/etc/httpd/conf.modules.d/01-cgi.conf
27
/etc/httpd/conf/httpd.conf
28
/etc/httpd/conf/magic
29
/etc/httpd/logs
30
/etc/httpd/modules
31
/etc/httpd/run
32
/etc/logrotate.d/httpd
33
/etc/sysconfig/htcacheclean
34
/etc/sysconfig/httpd
35
/var/cache/httpd
36
/var/cache/httpd/proxy
37
/var/lib/dav
38
/var/log/httpd
39
/var/www
40
/var/www/cgi-bin
41
/var/www/html
42
43
[[email protected] ~]# cd /etc/httpd/
44
[[email protected] httpd]# tree
45
.
46
├── conf
47
│ ├── httpd.conf
48
│ └── magic
49
├── conf.d
50
│ ├── autoindex.conf
51
│ ├── README
52
│ ├── userdir.conf
53
│ └── welcome.conf
54
├── conf.modules.d
55
│ ├── 00-base.conf
56
│ ├── 00-dav.conf
57
│ ├── 00-lua.conf
58
│ ├── 00-mpm.conf
59
│ ├── 00-proxy.conf
60
│ ├── 00-systemd.conf
61
│ └── 01-cgi.conf
62
├── logs -> ../../var/log/httpd
63
├── modules -> ../../usr/lib64/httpd/modules
64
└── run -> /run/httpd
65
66
6 directories, 13 files
Copied!
and the main configuration file in CentOS /etc/httpd/httpd.conf :
1
[[email protected] httpd]# ll
2
total 0
3
drwxr-xr-x. 2 root root 37 Apr 28 06:22 conf
4
drwxr-xr-x. 2 root root 82 Apr 28 06:22 conf.d
5
drwxr-xr-x. 2 root root 146 Apr 28 06:22 conf.modules.d
6
lrwxrwxrwx. 1 root root 19 Apr 28 06:22 logs -> ../../var/log/httpd
7
lrwxrwxrwx. 1 root root 29 Apr 28 06:22 modules -> ../../usr/lib64/httpd/modules
8
lrwxrwxrwx. 1 root root 10 Apr 28 06:22 run -> /run/httpd
9
10
[[email protected] httpd]# cd conf
11
12
total 28
13
-rw-r--r--. 1 root root 11753 Oct 19 2017 httpd.conf
14
-rw-r--r--. 1 root root 13077 Oct 19 2017 magic
15
16
[[email protected] conf]# cat httpd.conf
17
#
18
# This is the main Apache HTTP server configuration file. It contains the
19
# configuration directives that give the server its instructions.
20
# See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
21
# In particular, see
22
# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
23
# for a discussion of each configuration directive.
24
#
25
# Do NOT simply read the instructions in here without understanding
26
# what they do. They're here only as hints or reminders. If you are unsure
27
# consult the online docs. You have been warned.
28
#
29
# Configuration and logfile names: If the filenames you specify for many
30
# of the server's control files begin with "/" (or "drive:/" for Win32), the
31
# server will use that explicit path. If the filenames do *not* begin
32
# with "/", the value of ServerRoot is prepended -- so 'log/access_log'
33
# with ServerRoot set to '/www' will be interpreted by the
34
# server as '/www/log/access_log', where as '/log/access_log' will be
35
# interpreted as '/log/access_log'.
36
37
#
38
# ServerRoot: The top of the directory tree under which the server's
39
# configuration, error, and log files are kept.
40
#
41
# Do not add a slash at the end of the directory path. If you point
42
# ServerRoot at a non-local disk, be sure to specify a local disk on the
43
# Mutex directive, if file-based mutexes are used. If you wish to share the
44
# same ServerRoot for multiple httpd daemons, you will need to change at
45
# least PidFile.
46
#
47
ServerRoot "/etc/httpd"
48
49
#
50
# Listen: Allows you to bind Apache to specific IP addresses and/or
51
# ports, instead of the default. See also the <VirtualHost>
52
# directive.
53
#
54
# Change this to Listen on specific IP addresses as shown below to
55
# prevent Apache from glomming onto all bound IP addresses.
56
#
57
#Listen 12.34.56.78:80
58
Listen 80
59
60
#
61
# Dynamic Shared Object (DSO) Support
62
#
63
# To be able to use the functionality of a module which was built as a DSO you
64
# have to place corresponding `LoadModule' lines at this location so the
65
# directives contained in it are actually available _before_ they are used.
66
# Statically compiled modules (those listed by `httpd -l') do not need
67
# to be loaded here.
68
#
69
# Example:
70
# LoadModule foo_module modules/mod_foo.so
71
#
72
Include conf.modules.d/*.conf
73
74
#
75
# If you wish httpd to run as a different user or group, you must run
76
# httpd as root initially and it will switch.
77
#
78
# User/Group: The name (or #number) of the user/group to run httpd as.
79
# It is usually good practice to create a dedicated user and group for
80
# running httpd, as with most system services.
81
#
82
User apache
83
Group apache
84
85
# 'Main' server configuration
86
#
87
# The directives in this section set up the values used by the 'main'
88
# server, which responds to any requests that aren't handled by a
89
# <VirtualHost> definition. These values also provide defaults for
90
# any <VirtualHost> containers you may define later in the file.
91
#
92
# All of these directives may appear inside <VirtualHost> containers,
93
# in which case these default settings will be overridden for the
94
# virtual host being defined.
95
#
96
97
#
98
# ServerAdmin: Your address, where problems with the server should be
99
# e-mailed. This address appears on some server-generated pages, such
100
# as error documents. e.g. [email protected]
101
#
102
ServerAdmin [email protected]
103
104
#
105
# ServerName gives the name and port that the server uses to identify itself.
106
# This can often be determined automatically, but we recommend you specify
107
# it explicitly to prevent problems during startup.
108
#
109
# If your host doesn't have a registered DNS name, enter its IP address here.
110
#
111
#ServerName www.example.com:80
112
113
#
114
# Deny access to the entirety of your server's filesystem. You must
115
# explicitly permit access to web content directories in other
116
# <Directory> blocks below.
117
#
118
<Directory />
119
AllowOverride none
120
Require all denied
121
</Directory>
122
123
#
124
# Note that from this point forward you must specifically allow
125
# particular features to be enabled - so if something's not working as
126
# you might expect, make sure that you have specifically enabled it
127
# below.
128
#
129
130
#
131
# DocumentRoot: The directory out of which you will serve your
132
# documents. By default, all requests are taken from this directory, but
133
# symbolic links and aliases may be used to point to other locations.
134
#
135
DocumentRoot "/var/www/html"
136
137
#
138
# Relax access to content within /var/www.
139
#
140
<Directory "/var/www">
141
AllowOverride None
142
# Allow open access:
143
Require all granted
144
</Directory>
145
146
# Further relax access to the default document root:
147
<Directory "/var/www/html">
148
#
149
# Possible values for the Options directive are "None", "All",
150
# or any combination of:
151
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
152
#
153
# Note that "MultiViews" must be named *explicitly* --- "Options All"
154
# doesn't give it to you.
155
#
156
# The Options directive is both complicated and important. Please see
157
# http://httpd.apache.org/docs/2.4/mod/core.html#options
158
# for more information.
159
#
160
Options Indexes FollowSymLinks
161
162
#
163
# AllowOverride controls what directives may be placed in .htaccess files.
164
# It can be "All", "None", or any combination of the keywords:
165
# Options FileInfo AuthConfig Limit
166
#
167
AllowOverride None
168
169
#
170
# Controls who can get stuff from this server.
171
#
172
Require all granted
173
</Directory>
174
175
#
176
# DirectoryIndex: sets the file that Apache will serve if a directory
177
# is requested.
178
#
179
<IfModule dir_module>
180
DirectoryIndex index.html
181
</IfModule>
182
183
#
184
# The following lines prevent .htaccess and .htpasswd files from being
185
# viewed by Web clients.
186
#
187
<Files ".ht*">
188
Require all denied
189
</Files>
190
191
#
192
# ErrorLog: The location of the error log file.
193
# If you do not specify an ErrorLog directive within a <VirtualHost>
194
# container, error messages relating to that virtual host will be
195
# logged here. If you *do* define an error logfile for a <VirtualHost>
196
# container, that host's errors will be logged there and not here.
197
#
198
ErrorLog "logs/error_log"
199
200
#
201
# LogLevel: Control the number of messages logged to the error_log.
202
# Possible values include: debug, info, notice, warn, error, crit,
203
# alert, emerg.
204
#
205
LogLevel warn
206
207
<IfModule log_config_module>
208
#
209
# The following directives define some format nicknames for use with
210
# a CustomLog directive (see below).
211
#
212
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
213
LogFormat "%h %l %u %t \"%r\" %>s %b" common
214
215
<IfModule logio_module>
216
# You need to enable mod_logio.c to use %I and %O
217
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
218
</IfModule>
219
220
#
221
# The location and format of the access logfile (Common Logfile Format).
222
# If you do not define any access logfiles within a <VirtualHost>
223
# container, they will be logged here. Contrariwise, if you *do*
224
# define per-<VirtualHost> access logfiles, transactions will be
225
# logged therein and *not* in this file.
226
#
227
#CustomLog "logs/access_log" common
228
229
#
230
# If you prefer a logfile with access, agent, and referer information
231
# (Combined Logfile Format) you can use the following directive.
232
#
233
CustomLog "logs/access_log" combined
234
</IfModule>
235
236
<IfModule alias_module>
237
#
238
# Redirect: Allows you to tell clients about documents that used to
239
# exist in your server's namespace, but do not anymore. The client
240
# will make a new request for the document at its new location.
241
# Example:
242
# Redirect permanent /foo http://www.example.com/bar
243
244
#
245
# Alias: Maps web paths into filesystem paths and is used to
246
# access content that does not live under the DocumentRoot.
247
# Example:
248
# Alias /webpath /full/filesystem/path
249
#
250
# If you include a trailing / on /webpath then the server will
251
# require it to be present in the URL. You will also likely
252
# need to provide a <Directory> section to allow access to
253
# the filesystem path.
254
255
#
256
# ScriptAlias: This controls which directories contain server scripts.
257
# ScriptAliases are essentially the same as Aliases, except that
258
# documents in the target directory are treated as applications and
259
# run by the server when requested rather than as documents sent to the
260
# client. The same rules about trailing "/" apply to ScriptAlias
261
# directives as to Alias.
262
#
263
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
264
265
</IfModule>
266
267
#
268
# "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
269
# CGI directory exists, if you have that configured.
270
#
271
<Directory "/var/www/cgi-bin">
272
AllowOverride None
273
Options None
274
Require all granted
275
</Directory>
276
277
<IfModule mime_module>
278
#
279
# TypesConfig points to the file containing the list of mappings from
280
# filename extension to MIME-type.
281
#
282
TypesConfig /etc/mime.types
283
284
#
285
# AddType allows you to add to or override the MIME configuration
286
# file specified in TypesConfig for specific file types.
287
#
288
#AddType application/x-gzip .tgz
289
#
290
# AddEncoding allows you to have certain browsers uncompress
291
# information on the fly. Note: Not all browsers support this.
292
#
293
#AddEncoding x-compress .Z
294
#AddEncoding x-gzip .gz .tgz
295
#
296
# If the AddEncoding directives above are commented-out, then you
297
# probably should define those extensions to indicate media types:
298
#
299
AddType application/x-compress .Z
300
AddType application/x-gzip .gz .tgz
301
302
#
303
# AddHandler allows you to map certain file extensions to "handlers":
304
# actions unrelated to filetype. These can be either built into the server
305
# or added with the Action directive (see below)
306
#
307
# To use CGI scripts outside of ScriptAliased directories:
308
# (You will also need to add "ExecCGI" to the "Options" directive.)
309
#
310
#AddHandler cgi-script .cgi
311
312
# For type maps (negotiated resources):
313
#AddHandler type-map var
314
315
#
316
# Filters allow you to process content before it is sent to the client.
317
#
318
# To parse .shtml files for server-side includes (SSI):
319
# (You will also need to add "Includes" to the "Options" directive.)
320
#
321
AddType text/html .shtml
322
AddOutputFilter INCLUDES .shtml
323
</IfModule>
324
325
#
326
# Specify a default charset for all content served; this enables
327
# interpretation of all content as UTF-8 by default. To use the
328
# default browser choice (ISO-8859-1), or to allow the META tags
329
# in HTML content to override this choice, comment out this
330
# directive:
331
#
332
AddDefaultCharset UTF-8
333
334
<IfModule mime_magic_module>
335
#
336
# The mod_mime_magic module allows the server to use various hints from the
337
# contents of the file itself to determine its type. The MIMEMagicFile
338
# directive tells the module where the hint definitions are located.
339
#
340
MIMEMagicFile conf/magic
341
</IfModule>
342
343
#
344
# Customizable error responses come in three flavors:
345
# 1) plain text 2) local redirects 3) external redirects
346
#
347
# Some examples:
348
#ErrorDocument 500 "The server made a boo boo."
349
#ErrorDocument 404 /missing.html
350
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
351
#ErrorDocument 402 http://www.example.com/subscription_info.html
352
#
353
354
#
355
# EnableMMAP and EnableSendfile: On systems that support it,
356
# memory-mapping or the sendfile syscall may be used to deliver
357
# files. This usually improves server performance, but must
358
# be turned off when serving from networked-mounted
359
# filesystems or if support for these functions is otherwise
360
# broken on your system.
361
# Defaults if commented: EnableMMAP On, EnableSendfile Off
362
#
363
#EnableMMAP off
364
EnableSendfile on
365
366
# Supplemental configuration
367
#
368
# Load config files in the "/etc/httpd/conf.d" directory, if any.
369
IncludeOptional conf.d/*.conf
Copied!
If want to load some thing we should put it in conf.d with ".conf" extention. No symbolic linking. So While in ubuntu we can enable / disable some thing with symbolic links, In centos we have to rename the configuration file and use any thing except ".conf" ath the end of file name to disable it.
You can see that the configuration files are the same although in ubuntu its some how classified but in centos all configurations have been wrapped up in one big file.
Another point is that in ubuntu apache service "apache2" is enabled and started right after installation but in centos we have to enable and start apache service "httpd" .
Some of common directives which we have to know are:
    ServerRoot : Is what defines the base directory that all of configurations, modules, ... for our apache instance is configured to be. It can be changed but it needs to update specific links or directories with reference that start with /etc/httpd .
    Listen: It can do two things for us. it allows us to define the port which apache service listen on(by default 80tcp). Also it allows us to bind a service to a specific IP Address on the system.
    DocumentRoot: Determine the base directory that all contents are served from. bedefault it is/var/www/ . We can change it but if we have selinux enbaled in our system, there are some consideration about that .(beyond the scope of LPIC2, LPIC3)
1
### Ubuntu ###
2
[email protected]:~# cd /var/www/
3
[email protected]:/var/www# ls -la
4
total 12
5
drwxr-xr-x 3 root root 4096 Apr 28 02:02 .
6
drwxr-xr-x 15 root root 4096 Apr 28 02:02 ..
7
drwxr-xr-x 2 root root 4096 Apr 28 02:02 html
8
9
### CentOS ###
10
[[email protected] ~]# cd /var/www
11
[[email protected] www]# ls -la
12
total 4
13
drwxr-xr-x. 4 root root 33 Apr 28 06:22 .
14
drwxr-xr-x. 22 root root 4096 Apr 28 06:22 ..
15
drwxr-xr-x. 2 root root 6 Oct 19 2017 cgi-bin
16
drwxr-xr-x. 2 root root 6 Oct 19 2017 html
Copied!
to check if it works, use same html file below:
1
<html>
2
<head>
3
</head>
4
<body>
5
It works!
6
</body>
7
</html>
Copied!
    LogLevels : There are two log files by default which every site writes to. They are in /var/log/apache2(ubuntu) or in /var/log/httpd(CentOS)
      Access Log: Contains all information about whose accessing the web sever, IP address , user agent and number of other things.
      ErrorLog : Determines and displays errors that are related to files missing, or some one who tries to log in to secure directory with a wrong password
1
### Ubuntu ###
2
[email protected]:~# ls -la /var/log/apache2/
3
total 16
4
drwxr-x--- 2 root adm 4096 Apr 28 02:02 .
5
drwxrwxr-x 15 root syslog 4096 Apr 28 02:02 ..
6
-rw-r----- 1 root adm 729 Apr 29 03:32 access.log
7
-rw-r----- 1 root adm 279 Apr 28 02:02 error.log
8
-rw-r----- 1 root adm 0 Apr 28 02:02 other_vhosts_access.log
9
### Cent OS ###
10
[[email protected] ~]# ls -la /var/log/httpd/
11
total 12
12
drwx------. 2 root root 41 Apr 29 03:06 .
13
drwxr-xr-x. 20 root root 4096 Apr 29 03:06 ..
14
-rw-r--r--. 1 root root 334 Apr 29 03:11 access_log
15
-rw-r--r--. 1 root root 1438 Apr 29 03:09 error_log
Copied!
    LogLevel can have several different values that we can set it for, debug, info, notice, warn, error, crit, alert, emerg \(default : warn\) it depends what we are doing.
All the thing we have seen till now were . Directives are lines ,(can be within a section ),in the configuration file that contains one or more values define our use in the configuration .
1
Directive1 yes
2
Directive2 no
3
<Section>
4
Directive3 all
5
Directive4 none
6
</Section>
Copied!
    Directory Section: sections have directives in them that tell the site how to eather protect or display the type of content in any messages about what can be viewed or what cannot be viewed.
We can restrict access to directories with “Allow” and “Deny” options . Here is an example, This will make root dierctory secure:
1
<Directory />
2
Options None
3
Order deny,allow
4
Deny from all
5
</Directory>
Copied!
    Options “None” – This option will not allow users to enable any optional features.
    Order deny, allow – This is the order in which the “Deny” and “Allow” directives will be processed. Here it will “deny” first and “allow” next.
    Deny from all – This will deny request from everybody to the root directory, nobody will be able to access root director

Apache Modules

What has made apache web server so powerful and popular is its modules. Apache is designed modular and we can add or remove modules based on our needs.
apache deals with html files, so if we have used other languages like "php" we have to install required module.

installing php module

For demonstaration we use Ubuntu here. Lets search and install php module for apache:
1
[email protected]:~# apt-cache search php | grep apache
2
libapache2-mod-php - server-side, HTML-embedded scripting language (Apache 2 module) (default)
3
libapache2-mod-php7.0 - server-side, HTML-embedded scripting language (Apache 2 module)
4
libapache2-mod-auth-memcookie - Apache2 authentication and authorization module.
5
libapache2-mod-auth-tkt - lightweight single-sign-on authentication module for Apache
6
libapache2-mod-authn-yubikey - Yubikey authentication provider for Apache
7
libapache2-mod-watchcat - Process monitoring Apache module
8
libapache2-mod-xsendfile - Serve large static files efficiently from web applications
9
10
[email protected]:~# apt-get install libapache2-mod-php
Copied!
congratulations, from now on we can use index.php in /var/www/ directory. Now lets do more investigation on how php module has became available:
1
[email protected]:~# cd /etc/apache2/
2
[email protected]:/etc/apache2# ls
3
apache2.conf conf-enabled magic mods-enabled sites-available
4
conf-available envvars mods-available ports.conf sites-enabled
5
6
[email protected]:/etc/apache2# ls -l mods-available | grep php
7
-rw-r--r-- 1 root root 867 Mar 15 08:42 php7.0.conf
8
-rw-r--r-- 1 root root 79 Mar 15 08:42 php7.0.load
9
10
[email protected]:/etc/apache2# ls -l mods-enabled/ | grep php
11
lrwxrwxrwx 1 root root 29 Apr 29 22:49 php7.0.conf -> ../mods-available/php7.0.conf
12
lrwxrwxrwx 1 root root 29 Apr 29 22:49 php7.0.load -> ../mods-available/php7.0.load
Copied!
In CentOS all available modules are exist in /etc/httpd/conf.modules.d folder.
1
[[email protected] ~]# cd /etc/httpd/modules/
2
[[email protected] modules]# ls -l
3
total 2472
4
-rwxr-xr-x. 1 root root 11208 Oct 19 2017 mod_access_compat.so
5
-rwxr-xr-x. 1 root root 11168 Oct 19 2017 mod_actions.so
6
-rwxr-xr-x. 1 root root 15360 Oct 19 2017 mod_alias.so
7
-rwxr-xr-x. 1 root root 11136 Oct 19 2017 mod_allowmethods.so
8
...........shorten............
9
-rwxr-xr-x. 1 root root 11096 Oct 19 2017 mod_version.so
10
-rwxr-xr-x. 1 root root 15272 Oct 19 2017 mod_vhost_alias.so
11
-rwxr-xr-x. 1 root root 19472 Oct 19 2017 mod_watchdog.so
Copied!
these modules can be loaded if related ".conf" file exist in modules.conf.d :
1
[[email protected] modules]# cd ..
2
[[email protected] httpd]# ls
3
conf conf.d conf.modules.d logs modules run
4
[[email protected] httpd]# cd conf.modules.d/
5
[[email protected] conf.modules.d]# ls
6
00-base.conf 00-lua.conf 00-proxy.conf 01-cgi.conf
7
00-dav.conf 00-mpm.conf 00-systemd.conf
8
[[email protected] conf.modules.d]# cat 00-dav.conf
9
LoadModule dav_module modules/mod_dav.so
10
LoadModule dav_fs_module modules/mod_dav_fs.so
11
LoadModule dav_lock_module modules/mod_dav_lock.so
Copied!
because every ".conf" file is included by /etc/httpd//conf/httpd.conf file:
1
[[email protected] conf.modules.d]# cd ..
2
[[email protected] httpd]# ls
3
conf conf.d conf.modules.d logs modules run
4
[[email protected] httpd]# cd conf
5
6
httpd.conf magic
7
[[email protected] conf]# cat httpd.conf | grep -i includeoptional
8
IncludeOptional conf.d/*.conf
Copied!
Now lets install php module on CentOS:
1
[[email protected]7 httpd]# yum install php
Copied!
and the configuration files:
1
[[email protected] httpd]# cd /etc/httpd/modules/
2
[[email protected] modules]# ls | grep php
3
libphp5.so
4
5
[[email protected] modules]# cd ..
6
[[email protected] httpd]# ls
7
conf conf.d conf.modules.d logs modules run
8
[[email protected] httpd]# cd conf.modules.d/
9
[[email protected] conf.modules.d]# ls -l
10
total 32
11
-rw-r--r--. 1 root root 3739 Oct 19 2017 00-base.conf
12
-rw-r--r--. 1 root root 139 Oct 19 2017 00-dav.conf
13
-rw-r--r--. 1 root root 41 Oct 19 2017 00-lua.conf
14
-rw-r--r--. 1 root root 742 Oct 19 2017 00-mpm.conf
15
-rw-r--r--. 1 root root 957 Oct 19 2017 00-proxy.conf
16
-rw-r--r--. 1 root root 88 Oct 19 2017 00-systemd.conf
17
-rw-r--r--. 1 root root 451 Oct 19 2017 01-cgi.conf
18
-rw-r--r--. 1 root root 216 Mar 7 08:37 10-php.conf
19
20
[[email protected] conf.modules.d]# cat 10-php.conf
21
#
22
# PHP is an HTML-embedded scripting language which attempts to make it
23
# easy for developers to write dynamically generated webpages.
24
#
25
<IfModule prefork.c>
26
LoadModule php5_module modules/libphp5.so
27
</IfModule>
28
29
[[email protected] conf.modules.d]# systemctl restart httpd.service
30
[[email protected] conf.modules.d]#
Copied!
now we can put a php file in /var/www/html and chek it!
1
<html>
2
<head>
3
<title>PHP Test</title>
4
</head>
5
<body>
6
<?php echo '<p>Hello Linux Learners PHP is working properly </p>'; ?>
7
If this is the only line you see then PHP is not enabled!
8
</body>
9
</html>
Copied!

Installing Perl Module

First start with ubuntu:
1
[email protected]:~# apt-cache search perl | grep apache2
2
libapache2-mod-perl2 - Integration of perl with the Apache2 web server
3
libapache2-mod-perl2-dev - Integration of perl with the Apache2 web server - development files
4
libapache2-mod-perl2-doc - Integration of perl with the Apache2 web server - documentation
5
libapache2-reload-perl - module for reloading Perl modules when changed on disk
6
libapache2-authcassimple-perl - Apache2 module to authenticate trough a CAS server
7
libapache2-authcookie-perl - Perl Authentication and Authorization via cookies
8
libapache2-authenntlm-perl - module for Microsoft NTLM and Basic User Authentication
9
libapache2-mod-apreq2 - generic Apache request library - Apache module
10
libapache2-mod-auth-tkt - lightweight single-sign-on authentication module for Apache
11
libapache2-mod-log-sql - Use SQL to store/write your Apache queries logs - Base
12
libapache2-mod-musicindex - Browse, stream, download and search through MP3/Ogg/FLAC/MP4 files
13
libapache2-mod-watchcat - Process monitoring Apache module
14
libapache2-mod-xsendfile - Serve large static files efficiently from web applications
15
libapache2-request-perl - generic Apache request library - Perl modules
16
libapache2-sitecontrol-perl - perl web site authentication/authorization system
17
libapache2-mod-fastcgi - Apache 2 FastCGI module for long-running CGI scripts
19
[email protected]:~# apt-get install libapache2-mod-perl2
Copied!
after finishing installation:
1
[email protected]:~# ls -l /etc/apache2/mods-enabled/ | grep perl
2
lrwxrwxrwx 1 root root 27 Apr 30 02:43 perl.load -> ../mods-available/perl.load
Copied!
as perl scripts are almost server side script (means they need to be processed on the server based on client condition and then turns back to the client) we need to make a directory to keep perl scripts inside:
1
[email protected]:/var/www# ls
2
html
3
[email protected]:/var/www# mkdir perl
Copied!
and now add some confogurations to /etc/apache2/apache2.conf :
1
################# Perl support
2
Alias /perl /var/www/perl
3
<Directory /var/www/perl>
4
AddHandler perl-script .cgi .pl
5
PerlResponseHandler ModPerl::PerlRun
6
PerlOptions +ParseHeaders
7
Options +ExecCGI
8
</Directory>
Copied!
and then put perl script in /var/www/perl:
1
[email protected]:/var/www/perl# vim hello.pl
2
[email protected]:/var/www/perl# ls -l
3
total 4
4
-rwxr-xr-x 1 root root 166 Apr 30 03:56 hello.pl
Copied!
and check it out!
Now lets install Perl module on cetOS:
1
[[email protected] ~]# yum install mod_perl
2
[[email protected] ~]# cd /etc/httpd/
3
[[email protected] httpd]# ls
4
conf conf.d conf.modules.d logs modules run
5
[email protected] httpd]# cd conf.modules.d/
6
7
[[email protected] conf.modules.d]# ls -l | grep perl
8
-rw-r--r--. 1 root root 448 Jan 4 2017 02-perl.conf
9
10
[[email protected] conf.modules.d]# cat 02-perl.conf
11
#
12
# Mod_perl incorporates a Perl interpreter into the Apache web server,
13
# so that the Apache web server can directly execute Perl code.
14
# Mod_perl links the Perl runtime library into the Apache web server
15
# and provides an object-oriented Perl interface for Apache's C
16
# language API. The end result is a quicker CGI script turnaround
17
# process, since no external Perl interpreter has to be started.
18
#
19
20
LoadModule perl_module modules/mod_perl.so
Copied!
Ok as we mentioned above, perl scripts are processed in server side so we need to make a place for scripts an then configure httpd service to deal with:
1
[[email protected] conf.modules.d]# mkdir /var/www/html/perl-cgi
Copied!
1
[[email protected] conf.modules.d]# cd ..
2
[[email protected] httpd]# ls
3
conf conf.d conf.modules.d logs modules run
4
[[email protected] httpd]# cd conf
5
[[email protected] conf]# vim httpd.conf
Copied!
and add bellow part to httpd.conf:
1
#enable perl server side CGI
2
<Directory /var/www/html/perl-cgi>
3
AllowOverride All
4
SetHandler perl-script
5
PerlHandler ModPerl::Registry
6
PerlOptions +ParseHeaders
7
Options ExecCGI
8
Order allow,deny
9
Allow from all
10
</Directory>
Copied!
next we need to restart httpd service and then add a perl script like this to test:
1
[[email protected] conf]# cd /var/www/html/perl-cgi/
2
[[email protected] perl-cgi]# vim hello.pl
3
[[email protected] perl-cgi]# cat hello.pl
4
#!/usr/bin/perl
5
6
print "Content-type: text/html\n\n";
7
print "<font size=+1>Environment</font>\n";
8
9
foreach (sort keys %ENV) {
10
print "<b>$_</b>: $ENV{$_}<br>\n";
11
}
12
13
1;
14
15
[[email protected] perl-cgi]# chmod 755 hello.pl
16
[[email protected] perl-cgi]# ls -l
17
total 4
18
-rwxr-xr-x. 1 root root 172 Apr 30 22:26 hello.pl
Copied!
a sample perl script could be like this:
1
#!/usr/bin/perl
2
3
print "Content-type: text/html\n\n";
4
print "<font size=+1>Environment</font>\n";
5
6
foreach (sort keys %ENV) {
7
print "<b>$_</b>: $ENV{$_}<br>\n";
8
}
Copied!
check it out!

a2enmod , a2dismod

Apache provides easiest way to enable and disable apache modules by using simple commands.
a2dismod is an inbuilt script that disabling the given module from an apache configuration file by removing symlinks.
    a2dismod [module name]
1
[email protected]:~# a2dismod php7.0
2
Module php7.0 disabled.
3
To activate the new configuration, you need to run:
4
service apache2 restart
5
[email protected]:~# systemctl restart apache2.service
6
[email protected]:~# ls -l /etc/apache2/mods-enabled/ | grep -i php
Copied!
a2enmod is an inbuilt script that enabling the given module in apache configuration file by creating symlinks.
    a2enmod [module name]
1
[email protected]:~# a2enmod php7.0
2
Considering conflict php5 for php7.0:
3
Enabling module php7.0.
4
To activate the new configuration, you need to run:
5
service apache2 restart
6
[email protected]:~# systemctl restart apache2.service
7
[email protected]:~# ls -l /etc/apache2/mods-enabled/ | grep -i php
8
lrwxrwxrwx 1 root root 29 May 1 02:41 php7.0.conf -> ../mods-available/php7.0.conf
9
lrwxrwxrwx 1 root root 29 May 1 02:41 php7.0.load -> ../mods-available/php7.0.load
Copied!

MPM Modules

MPM stands for Multi Processing Modules, actually Apache follows some mechanism to accept and complete web server requests. In practice, MPMs extend the modular functionality of Apache by allowing us to decide how to configure the web server to bind to network ports on the machine, accept requests from clients, and use children processes (and threads, alternatively) to handle such requests.
Apache offers three different MPMs to choose from, depending on our needs (Beginning with version 2.4):
    prefork
    worker
    event
The prefork MPM uses multiple child processes without threading. Each process handles one connection at a time without creating separate threads for each. Without going into too much detail, we can say that you will want to use this MPM only when debugging an application that uses, or if our application needs to deal with, non-thread-safe modules like mod_php.
The worker MPM uses several threads per child processes, where each thread handles one connection at a time. This is a good choice for high-traffic servers as it allows more concurrent connections to be handled with less RAM than in the previous case.
Finally, the event MPM is the default MPM in most Apache installations for versions 2.4 and above. It is similar to the worker MPM in that it also creates multiple threads per child process but with an advantage: it causes KeepAlive or idle connections (while they remain in that state) to be handled by a single thread, thus freeing up memory that can be allocated to other threads. This MPM is not suitable for use with non-thread-safe modules like mod_php, for which a replacement such a PHP-FPM must be used instead.
To check the MPM used by our Apache installation use httpd -V (CentOS):
1
-D SERVER_CONFIG_FILE="conf/httpd.conf"
2
[[email protected] perl-cgi]# httpd -V | grep -i mpm
3
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::20c:29ff:fea0:58c8. Set the 'ServerName' directive globally to suppress this message
4
Server MPM: prefork
Copied!
or apache2ctl -V (ubuntu):
1
[email protected]:/var/www/perl# apache2ctl -V | grep -i mpm
2
AH00557: apache2: apr_sockaddr_info_get() failed for server1
3
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
4
Server MPM: prefork