Servidor Web Apache

Caracteristicas Apache Configuracion

VirtualHost

Apache

Ventajas

ModularCódigo abierto

Multi-plataformaExtensible

Popular (fácil conseguir ayuda/soporte)

Apache

Apache

Instalacion:

--> Desde la fuente y compilarlaTener en cuenta al compilar lo que se desea habilitar y darle

soporte para DSO

--> Desde el repositorio de cada distribucion

ApacheInstalacion desde la fuente

Instalacion desde el fuente:

Apache

Instalacion

Instalar desde el grupo:

Yum groupinstall “Web Server”

Chequear Modulos cargados

Httpd -lHttpd -M

Apache

Archivo Principal:Archivo Principal:

/etc/httpd/conf/httpd.conf/etc/httpd/conf/httpd.conf

Apache

Configuracion:

[root@jmr httpd]# ls -l /etc/httpd[root@jmr httpd]# ls -l /etc/httpd

confconf conf.dconf.d

logs -> ../../var/log/httpdlogs -> ../../var/log/httpd modules -> ../../usr/lib64/httpd/modulesmodules -> ../../usr/lib64/httpd/modules

run -> ../../var/runrun -> ../../var/run[root@jmr httpd]# [root@jmr httpd]#

Apache

Testear que ande:Testear que ande:

Service httpd startService httpd startElinks 127.0.0.1Elinks 127.0.0.1

netstat -atnp |grep 80netstat -atnp |grep 80tcp 0 0 :::80 :::* LISTEN 3081/httpd tcp 0 0 :::80 :::* LISTEN 3081/httpd

Nos muestra el documento que tenemos en /var/www/error/noindex.htmlNos muestra el documento que tenemos en /var/www/error/noindex.html/etc/httpd/conf.d/welcome.conf/etc/httpd/conf.d/welcome.conf

Apache

El archivo /etc/httpd/conf/httpd.conf se divide en tres partes:El archivo /etc/httpd/conf/httpd.conf se divide en tres partes:

Section 1: Global EnvironmentSection 1: Global EnvironmentSection 2: 'Main' server configurationSection 2: 'Main' server configurationSection 3: Virtual HostsSection 3: Virtual Hosts

Apache

Virtual Hosts

IP-Based Virtual Host and IP-Based Virtual Host and

Name-based Virtual HostName-based Virtual Host

Apache

Archivo /etc/httpd/conf.d/virtual.conf

NameVirtualHost *:80 (para Ip Named)NameVirtualHost *:80 (para Ip Named)

NameVirtualHost 203.54.2.5:80 ( para Named Based)NameVirtualHost 203.54.2.5:80 ( para Named Based)

Apache IP Based Virtual Host

Apache

Ejemplo de VirtualHost/etc/httpd/conf.d/sitio.conf

<VirtualHost test.com/>ServerAdmin webmaster@theos.inDocumentRoot /var/www/test.comServerName test.comServerAlias www.test.comErrorLog /var/logs/httpd/test.com/error_logCustomLog /var/logs/httpd/test.com/access_log

common</VirtualHost>

Apache Named Based Virtual Host

Apache

Ejemplo de VirtualHost/etc/httpd/conf.d/sitio.conf

<VirtualHost *:80>ServerName www.itrestauracion.com.arServerAlias itrestauracion.com.ar ErrorLog logs/www.itrestauracion.com.ar-error_log CustomLog logs/www.itrestauracion.com.ar-

access_log commonDocumentRoot /var/www/com/ar/itrestauracionDirectoryIndex index.php</VirtualHost>

Apache

Configurando una clave para el acceso:

/opt/apache/bin/htpasswd -c /opt/apache/password.list /opt/apache/bin/htpasswd -c /opt/apache/password.list rootroot

Apache

Configurando una clave para el acceso:

<VirtualHost *:80>ServerName www.villadalmine.comDocumentRoot /opt/apache/dalmine<Directory "/opt/apache/dalmine"> Order allow,deny AuthType Basic AuthName "Solo personal autorizado" AuthType Basic AuthUserFile /opt/apache/password.list Require valid-user# Require user test Allow from all</Directory></VirtualHost>

Apache

Limitando Accesos:

Order deny,allowDeny from allAllow from .example.com

Order allow,denyAllow from all

Deny from allAllow from 192.168.10.

Apache

Reconfigurando:

AllowOverride Options/None/All/Indexes/FileInfo/Limits/AuthConfig

Permite que directivas que se encuentran en un .htaccess se puedan redefinir

Apache

Controlando acceso por Location:

<Location /example>Order deny,allowDeny from all– Allow from .example.net– </Location>

Usando Alias

Alias /test “/usr/local/test”

Apache

Compartiendo el home directory:

Habilitar el modulo user_dirUserDir enable user1 user2UserDir public_html

Chmod 701 /home/usuarioChmod 701 /home/usuario/public_htmlMount -o remount,acl / ( o donde este el home)Setfacl -m u:apache:x /home/usuarioSetfacl -m u:apache:x /home/usuario/public_html

Si activamos </Directory /home/*/public_html> en httpd.conf todos los usuarios del sistema podrian compartir su home.

Apache

Controlar la Sintaxis:

[root@jmr1 conf.d]# httpd -t[root@jmr1 conf.d]# httpd -tSyntax OK[root@jmr1 conf.d]#

VirtualHost Levantados:[root@jmr1 conf.d]# httpd -S o con httpd -D DUMP_VHOSTS[root@jmr1 conf.d]# httpd -S o con httpd -D DUMP_VHOSTSVirtualHost configuration:wildcard NameVirtualHosts and _default_ servers:*:80 is a NameVirtualHost default server www.cabresto.com.ar

(/etc/httpd/conf.d/www.cabresto.com.ar.conf:1) port 80 namevhost www.cabresto.com.ar

(/etc/httpd/conf.d/www.cabresto.com.ar.conf:1) port 80 namevhost www.fundacion-uom.com.ar

(/etc/httpd/conf.d/www.fundacion-uom.com.ar.conf:1)Syntax OK

Apache

Usando SSLLoadModule ssl_module modules/mod_ssl.so ( en httpd.conf)

Apache

[root@jmr1 conf.d]# cat ssl.conf |grep -v \# |sed '/^$/d'cat ssl.conf |grep -v \# |sed '/^$/d'LoadModule ssl_module modules/mod_ssl.soListen 443SSLPassPhraseDialog builtinSSLSessionCache

shmcb:/var/cache/mod_ssl/scache(512000)SSLSessionCacheTimeout 300SSLMutex defaultSSLRandomSeed startup file:/dev/urandom 256SSLRandomSeed connect builtinSSLCryptoDevice builtin

Apache

Genero Certificados con clave:[root@jmr1 conf.d]# cd /etc/pki/tls/certs[root@jmr1 certs]# make restauracion.key[root@jmr1 certs]# make restauracion.crt[root@jmr1 certs]# ls -l restauracion.*-rw------- 1 root root 1208 may 31 04:58 restauracion.crt-rw------- 1 root root 1766 may 31 04:57 restauracion.key[root@jmr1 certs]# [root@jmr1 certs]# mv restauracion.key ../private/

Otra con genkey (crypto-utils)

Apache

[root@jmr1 conf.d]# cat www.restauradordeleyes.com.ar.conf<VirtualHost *:443>Servername www.restauradordeleyes.com.arDocumentRoot /var/www/webdavCustomLog /var/log/httpd/www.restauradordeleyes.com.ar.access.log combinedSSLEngine on SSLCertificateFile /etc/pki/tls/certs/ca.crt SSLCertificateKeyFile /etc/pki/tls/private/ca.key</VirtualHost>[root@jmr1 conf.d]#

Apache

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

<Directory "/var/www/cgi-bin"> AllowOverride None Options None Order allow,deny Allow from all</Directory>

Apache

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

<Directory "/var/www/cgi-bin"> AllowOverride None Options ExecCGI

AddHandler cgi-script .pl .sh Order allow,deny Allow from all</Directory>

Apache

[root@dhcp-9-6-163-114 cgi-bin]# pwd/var/www/cgi-bin[root@dhcp-9-6-163-114 cgi-bin]# cat hello.pl #!/usr/bin/perl

print "Content-type: text/html\n\n";print "Hello, World";[root@dhcp-9-6-163-114 cgi-bin]#

Apache

Algunos script de cgi para bash como para empezar:

http://tldp.org/LDP/abs/html/networkprogramming.html

Apache

Bibliografia:

http://es.wikipedia.org/wiki/Servidor_HTTP_Apachehttp://httpd.apache.org/

http://www.thegeekstuff.com/2011/07/apache-virtual-host/http://www.thegeekstuff.com/2011/03/install-apache2-ssl/

http://www.thegeekstuff.com/2009/07/linux-apache-mod-ssl-generate-key-csr-crt-file/

http://www.itrestauracion.com.ar/?p=1406http://www.itrestauracion.com.ar/?p=771

http://www.ffnn.nl/pages/articles/linux/cgi-scripting-tips-for-bash-or-sh.php

http://linuxaria.com/article/bash-cgi?lang=en