Contact for queries :

Login

  UpComing Live WebEx Workshop Series

Configuring Linux Web Services using Apache httpd

The most commonly used web server in the world today is Apache—and with good reason. Built with security in mind, Apache is a solid and stable web server that has been around for years. The module design allows for scalability and ease of use.
Apache can also be used to host multiple websites at a single time through the use of its virtual hosts feature. There is also an option to use the SSL protocol, making websites safe and secure. This secure base provides a platform for developers to use when writing secure code for banks, retail sites, and so on.

Task 1: Installing Apache Webserver Packages

When you’re working with Apache, you need two packages.
-> The first is httpd, which actually installs the Apache web server.
-> The second is the mod_ssl package, which provides the ability to create secure websites
Step 1. Install the two required packages:
# yum install –y httpd mod_ssl
Step 2. Verify that the packages were installed correctly:
# rpm -qa | grep http
httpd-2.2.15-5.el6.x86_64
httpd-tools-2.2.15-5.el6.x86_64
# rpm -qa | grep ssl
mod_ssl-2.2.15-5.el6.x86_64
openssl-1.0.0-4.el6.x86_64
Step 3. With the packages installed, make sure that the service is set to start when the system boots:
# chkconfig httpd on
Step 4. Verify your changes:
# chkconfig httpd –list
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
 

Task 2: Configuring the  Web Server

Now that the web server is installed, we can shift our attention to the config files and directories. During the installation, a directory (/var/www) is created with a set of subdirectories. This directory tree is the place where you store your websites.
There are also a few config files to look at:

  • /etc/httpd/conf/httpd.conf                 Main config file
  • /var/log/httpd                                       Log file directory for the web server
  • /usr/lib64/httpd/modules                  Modules for Apache

The main config file for Apache is completely usable right out of the box, which is great if you’d like to just get up and running. You should spend some time looking through the main config file because it provides many options and good documentation in the comments. The top of the config file is grouped into three sections.
Below are the comments sectionfrom the /etc/httpd/conf/httpd.conf file:
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the ‘global environment’).
# 2. Directives that define the parameters of the ‘main’ or ‘default’ server,
# which responds to requests that aren’t handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
Below are some important directives that we might be interested to configure to setup as basic webserver:

  • ServerRoot    Defines where the config files are held
  • Timeout              Specifies the time before a request times out (120 seconds is the default)
  • Listen                   Indicates the port number to listen on (default is 80)
  • User                     Identifies the user to run the web server as
  • Group                  Identifies the group to run the web server as
  • LoadModule      Defines a module to load when the web server starts
  • DocumentRoot Defines where the website files are located
  • ServerName       Defines a server name or IP address and port number

Let’s start by defining the location of a website on the file system. By default, it is located in the /var/www/html directory, although this can be changed if you’d like.
In the main config file, you see a section denoted by the Directory option.
Section of /etc/httpd/conf/httpd.conf:
<Directory “/var/www/html”>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
The options defined within this section apply specifically to the website and directory structure, as defined by the Directory option. For the preceding example, this means the site located in the /var/www/html directory. If you want to change the directory where your site is located, you need to change the  DocumentRoot option as well as the Directory option. The default option is

DocumentRoot “/var/www/html”

There is also a way to have multiple sites using virtual hosts, as you see later. When your config file is completely set up the way you want it, you can use the httpd service options to test your config file. Using the configtest argument, the service parses the main config file for any errors and reports back if something is found. It is always a good idea to check your config file before trying to use it because it will prevent the server from starting if it contains any errors.
Test the config file:
# service httpd configtest
Syntax OK
There is also another cool option that the httpd service has (many services have it, but it is more useful here). Normally, for a service to use a new config file, it requires that the service is restarted. This restart process actually stops the service from running before starting it over again.
Normally, this isn’t a big deal, but when hundreds of people are hitting your site, can you afford to have even a two-second outage? To circumvent this issue, you can use the reload argument, which allows the main config file to be reread without the actual service being brought down.
This is why it is important to test your config files first.
To restart the httpd service, use the following command:
# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
To only reload the service and reread the config file, use this command instead:
# service httpd reload
Reloading httpd: [ OK ]
One other option to keep in mind is the graceful parameter. It restarts the web server, allowing it to read the new config file changes without disconnecting any currently connected clients. The only downfall here is that the currently active connections use the old config file until they terminate their connection and  reconnect.
You can use it as follows:
# service httpd graceful

Task 3 : Firewall and SELinux Configuration for apache webserver

For your web server to become fully functional, you need to make some security changes. First and foremost, the firewall needs to be opened on port 80.
Step 1. Use iptables to create the additional firewall rules:

# iptables -I INPUT 5 -p tcp -m tcp –dport 80 -j ACCEPT

Step 2. Save the firewall rules you have just created:

# service iptables save
Saving firewall rules to /etc/sysconfig/iptables: [ OK ]

Step 3. Then restart the iptables service:

# service iptables restart
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]

Additionally, you need to look at SELinux protection for the web server.
 

November 14, 2015

0 responses on "Configuring Linux Web Services using Apache httpd"

Leave a Message

Your email address will not be published. Required fields are marked *

About iGURKUL

IGURKUL I.T. Training Hub offering various Career Certification courses in Computer Networking, Unix, Linux, Cloud Computing and DevOps Technologies. With its rich experience in IT training service sector, iGURKUL has been able to set Industry best practices in IT Training for the past five years.

In Past five years, more than 5000 professionals have been trained by iGURKUL for System administration, Cloud Computing and DevOps Skill set through our Online Training portal www.unixadminschool.com. And , each day , more than 10000 working professionals from all over the globe visiting our knowledge base www.unixadminschool.com/blog for the best practices and Knowledge learning.

top
copyright protected - 2011 © igurkul I.T. solutions. All rights reserved.