Mar 08 2008

Apache

Published by blake

3.2 Apache

The backbone of any LAMP box is the Apache HTTP server. As I explained earlier, there are some packages I like to compile from source, and Apache is one of them. It's one of the core features of your box, and I like to make sure it's not full of cruft. Compiling from source can occasionally create some problems, however. One problem I've run into before is that other software packages that rely on Apache may be tough to install from yum if yum can't find the 'httpd' package (which is the standard Apache package distributed through yum). On the other hand, when the fine team at Apache fixes a security bug, you can get the latest version from source whenever you want, without the (sometimes extremely long) wait time associated with getting the official distribution. Joining the mailing lists for projects such as Apache is a good way to keep up on the latest releases.

3.2.1 Install Apache

If you have problems or don't care about slimming down Apache, you can simply run yum install httpd. Otherwise, the instructions below will guide you through the relatively painless process of installing from source. We'll do all this as root:

  • sudo su -
  • mkdir /usr/src/apache
  • cd /usr/src/apache

Go to http://httpd.apache.org/download.cgi to find the download link for the latest version of Apache 2.2 (it'll be something like "Unix Source: httpd-2.2.8.tar.gz"). Copy the link and paste it into wget:

  • wget http://[mirror path]/httpd-2.2.[version].tar.gz

Next to the download link on the apache page will be a link to the MD5 checksum of the package you're downloading. Click on it, and compare it to the results of:

  • md5sum httpd-2.2.[version].tar.gz

If they aren't the same, something's wrong with your tarball, so re-download it. Otherwise, continue:

  • tar zxvf httpd-2.2.[version].tar.gz
  • cd httpd-2.2.[version]

The following configuration command will set up the executable code in /usr/sbin, conf files in /etc/httpd, and the rest in /usr/local/apache. It also enables dynamic module loading, mod_rewrite, mod_geoip2, mod_ssl, and mod_deflate. Remove or add whichever configuration directives you may or may not need.

  • ./configure --prefix=/usr/local/apache --sbindir=/usr/sbin --sysconfdir=/etc/httpd --enable-so --enable-rewrite --enable-geoip --enable-ssl --enable-deflate
  • make
  • make install

Add an apache system account for the daemon to run under, and make it part of our web development group:

  • useradd -r apache
  • gpasswd -a apache webdev

Edit the Apache config file at /etc/httpd/httpd.conf to use these credentials to run under. We want to set the following options in this file:

User apache
Group apache

Save and close. Now, Apache provides a handy script called apachectl, found at /usr/sbin/apachectl, that we can use to start and stop the server. This script is so handy, I just copy it to the SysV control script directory and modify it slightly to make it work with chkconfig (SysV is a system of 'runlevels' that controls what gets started and stopped at boot or init time… Google around on it if you're interested). By copying and editing the apachectl script slightly, we can easily set up Apache to work with the service command, and have it started at boot time.

  • cp /usr/sbin/apachectl /etc/init.d/apache
  • vi /etc/init.d/apache

Add the following lines immediately after the very first line (the 'shebang' line that says #!/bin/sh):

# Startup script for the Apache Web Server
#
# chkconfig: 2345 85 15
# description: Apache is a World Wide Web server. It is used to serve \
# HTML files and CGI.
# processname: httpd

If you're curious about the inner workings of what we just did, see http://spiralbound.net/2006/11/15/controlling-services-with-chkconfig/ for more on chkconfig.

Now we can use apache as a service!

  • chkconfig --add apache

Great! Now all we have to do to start and stop apache is use commands like service apache stop/start/restart. It's also configured to load at boot time. Give it a try:

  • service apache start

Now hit your IP address or hostname in your browser (http://x.x.x.x). Apache should be serving up documents from it's default directory, which contains a basic HTML page. You should see a page that says "It works!". Nice job! Log out of your root session (CTRL-D) and take a break.

3.2.2 Configuring Apache

All that's left to do is work with the configuration file. Now, everyone who uses this guide is likely to have significantly different requirements in the way they host their websites, so I won't go into a lot of detail about each configuration option. It's really in your best interests to learn how to carefully configure Apache if you're going to be serving web pages, and it doesn't take much googling to figure out the configs. Start here if you're stuck.

I use name-based virtual hosting, so that I can host multiple web sites at a single IP address. I serve all of my files out of /srv/www/[sitename], put all my logs into a separate directory for each web site under /var/log/httpd/[sitename], and keep separate virtual host configuration files for each site in /etc/httpd/vhosts/[sitename].conf. This gives me the flexibility I need for per-site configuration and log analysis. So, to set this all up:

  • sudo su -
  • mkdir /srv/www
  • chown apache.webdev /srv/www
  • chmod g+w /srv/www
  • mkdir /var/log/httpd
  • chown apache.apache /var/log/httpd
  • mkdir /etc/httpd/vhost
  • exit

With that all done, there's not much to do in the main configuration file. Change the following configuration options in /etc/httpd/httpd.conf. You'll need to sudo to edit it.

DocumentRoot "/srv/www"
ErrorLog "/var/log/httpd/error_log"
CustomLog "/var/log/httpd/access_log" combined
ServerAdmin blake@example.com
ServerName 192.168.1.50

Look for the second <Directory> configuration and change it to /srv/www. It might look something like this:

#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/srv/www">

Near the bottom where all the Include directives are, add this:

Include /etc/httpd/vhost/*.conf

Enable GeoIP if you're installing it (see the GeoIP section) by placing the following at the bottom of the file:

#GeoIP
<IfModule mod_geoip.c>

GeoIPEnable On
GeoIPDBFile /usr/tmp/GeoIP.dat

</IfModule>

We'd also like to use mod_deflate to compress as much served content as possible. This is better than using PHP's built-in compression, as you can easily compress static content as well. See http://httpd.apache.org/docs/2.2/mod/mod_deflate.html for more on mod_deflate, and be sure you understand what the config options we're about to set are going to do.

Add this to the bottom of the config file:

# mod_deflate for server-wide output compression.
SetOutputFilter DEFLATE
# Netscape 4.x has some problems…
BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# Don't compress images
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary

Save your edits, then restart apache:

  • service apache restart

If you'd like to test it again now, your documents are being served out of /srv/www. So place a file called index.html into that directory with the line "hello" in it, and hit your IP address with a web browser. You should see your basic page appear! If you don't, check the error log in /var/log/httpd/error_log.

Not so bad, eh? Now you've got a lean and mean web server!

Log out of your root session with exit or CTRL-D.

« Prev: GeoIPIndexNext: mod_geoip2 »
  • Digg
  • del.icio.us
  • DotNetKicks
  • Slashdot
  • StumbleUpon

No responses yet

Leave a Reply