Linux

SolutionBase: Build a simple Web site with Apache 2.2.4

If you're in the market for a new Web server, it's very easy to create a simple Apache site on either Windows or Linux. Scott Lowe shows how easy it is to create a simple Apache site on Windows or Linux.

With the release of the 2.2 branch of the Apache Web server, the Apache group has improved upon an already outstanding service. If you're in the market for a new Web server, or are interested in putting Apache 2.2.4 -- the latest version as of this writing -- through its paces, it's very easy to create a simple Apache site on either Windows or Linux.

Linux

The installation of Apache 2.2.4 on Linux can be handled in almost unlimited different ways, some dependent on your preferred Linux distribution. For example, if you're a Red Hat or Fedora fan, RPM is your best choice. If you're using some other distribution, you may be able to use RPM, or your distribution may have its own package format.

If you're installing your Linux server from scratch, you can usually choose Apache as an installation option. If you have this option, take it, unless you need something unusual in your installation.

If you're using an existing server and don't want to reinstall the OS, or if you want to have the most granular control over how your Apache installation is configured, your best bet is to build Apache from source code. If you're somewhat new to Linux and the sound of this makes you nervous, it's actually a whole lot easier than it sounds. Better yet, this option works on any Linux distribution out there. It even works for Windows if you have an appropriate compiler installed.

For the example installation in this section, I'm going to build Apache 2.2.4 from source and install it on a Fedora 7 installation. You won't see anything fancy in this build -- just the basics will be included -- but your Linux server will be serving Web pages in just minutes.

Note: Although I could have just chosen the "Web server" option when I installed Fedora, that would have defeated the purpose of this article.

Before you can compile Apache, you need the source, which is available for download from the Apache Web site. As of this writing, the latest version of Apache available is 2.2.4. I've saved the file, named httpd-2.2.4.tar.gz to a folder named /usr/src/apache-2.2.4 on my server. I like to save installations in this location so I have them for the future.

The next few commands are entered from a command line. I've put them, in order, in Table A.

Table A

cd /usr/src/apache-2.2.4

Change to the directory to which you saved the Apache source download.

tar -zxvf httpd-2.2.4.tar.gz

Extract the contents of the downloaded file into a subdirectory named httpd-2.2.4.

cd httpd-2.2.4

Change to the new source directory.

./configure --prefix=/usr/
local/apache

Install the Web server to the directory identified by the prefix directive. This step may take quite some time, as the installer checks for a number of items on your system.

I'm not including any other directives, but note that a standard Apache installation automatically includes a number of modules that, if you don't want, you need to individually exclude. Further, there are a number of modules that are disabled by default that have to be specifically included if you need the feature. A complete list of what is included and excluded is listed in Table B.

make

Compile Apache.

make install

Copy the newly compiled binaries to the /usr/local/apache directory/ (and to other places on your system, as needed).

/usr/local/apache/bin/apachectl start

Start Apache with its default configuration file.

When you're done with the steps in Table A, browse to your new server. You should get a "It works!" message, as shown in Figure A.

Figure A

Apache was successfully installed.

Before you do too much, you should configure Apache to automatically start when your system boots. The steps to make this happen depend on which Linux distribution you're using. Please refer to your system docs for more information. Until you get that set straight, use the "start" command in the last part of Table A.

Table B lists the various modules available for your control during the ./configure portion of the instructions in Table A. I've indicated whether a module is enabled by default or disabled by default, the module name, the configure directive you need to use to enable or disable the module and an explanation of the module, and linked it to the official Apache documentation page. I gathered this information from the Apache 2.2.4 documentation site and reformatted it to be easier to read.

Table B

Default

Module

Configure directive

Explanation and link

Enabled

mod_actions

--disable-actions

Disable action triggering on requests, which is provided by mod_actions.

Enabled

mod_alias

--disable-alias

Disable the mapping of requests to different parts of the filesystem, which is provided by mod_alias.

Enabled

mod_asis

--disable-asis

Disable support for as-is filetypes, which is provided by mod_asis.

Disabled

mod_auth_anon

--enable-auth-anon

Enable anonymous user access provided by mod_auth_anon.

Enabled

mod_auth_basic

--disable-auth-basic

Allows the use of HTTP Basic Authentication to restrict access.

Disabled

mod_auth_dbm

--enable-auth-dbm

mod_auth_dbm provides for HTTP Basic Authentication, where the usernames and passwords are stored in DBM type database files. Use this option to enable the module.

Disabled

mod_auth_digest

--enable-auth-digest

Enable RFC2617 Digest authentication provided by mod_auth_digest. This module uses plain text files to store the credentials.

Disabled

mod_authn_alias

--enable-authn-alias

Provides the ability to create extended authentication providers based on actual providers.

Disabled

mod_authn_dbd

--enable-authn-dbd

User authentication using an SQL database

Enabled

mod_authn_default

--disable-authn-default

Authentication fallback module

Enabled

mod_authn_file

--disable-authn-file

User authentication using text files

Disabled

mod_authnz_ldap

--enable-authnz-ldap

Enable LDAP based authentication provided by mod_authnz_ldap.

Disabled

mod_authz_dbm

--enable-authz-dbm

Group authorization using DBM files

Enabled

mod_authz_default

--disable-authz-default

Authorization fallback module

Enabled

mod_authz_groupfile

--disable-authz-groupfile

Group authorization using plaintext files

Enabled

mod_authz_host

--disable-authz-host

Group authorizations based on host (name or IP address)

Disabled

mod_authz_owner

--enable-authz-owner

Authorization based on file ownership

Enabled

mod_authz_user

--disable-authz-user

User Authorization

Enabled

mod_autoindex

--disable-autoindex

Disable the directory listing functionality provided by mod_autoindex.

Disabled

mod_cache

--enable-cache

Enable dynamic file caching provided by mod_cache. This experimental module may be interesting for servers with high load or caching proxy servers. At least one storage management module (e.g. mod_disk_cache or mod_mem_cache) is also necessary.

Disabled

mod_cern_meta

--enable-cern-meta

Enable the CERN-type meta files support provided by mod_cern_meta.

Enabled

mod_cgi

--disable-cgi

mod_cgi, which provides support for CGI scripts, is enabled by default when using a non-threaded MPM. Use this option to disable CGI support.

Enabled

mod_cgid

--disable-cgid

When using the threaded MPMs, worker support for CGI scripts is provided by mod_cgid by default. To disable CGI support, use this option.

Disabled

mod_charset_lite

--enable-charset-lite

Enable character set translation provided by mod_charset_lite. This module will be installed by default only on EBCDIC systems. On other systems, you have to enable it.

Disabled

mod_dav

--enable-dav

Enable the WebDAV protocol handling provided by mod_dav. Support for filesystem resources is provided by the separate module mod_dav_fs. This module is also automatically enabled with --enable-dav.

Disabled

mod_dav_fs

--enable-dav-fs

Enable DAV support for filesystem resources, which is provided by mod_dav_fs. This module is a provider for the mod_dav module, so you should also use --enable-dav.

Disabled

mod_dav_lock

--enable-dav-lock

Enable mod_dav_lock which provides generic DAV locking support for backend modules. This module needs at least mod_dav to function, so you should also use --enable-dav.

Disabled

mod_dbd

--enable-dbd

Manages SQL database connections

Disabled

mod_deflate

--enable-deflate

Enable deflate transfer encoding provided by mod_deflate.

Enabled

mod_dir

--disable-dir

Disable directory request handling provided by mod_dir.

Disabled

mod_disk_cache

--enable-disk-cache

Enable disk caching provided by mod_disk_cache.

Disabled

mod_dumpio

--enable-dumpio

Dumps all I/O to error log as desired.

Disabled

mod_echo

--enable-echo

A simple echo server to illustrate protocol modules.

Enabled

mod_env

--disable-env

Enable setting and clearing of environment variables, which is provided by mod_env.

Disabled

mod_expires

--enable-expires

Enable Expires header control provided by mod_expires.

Disabled

mod_ext_filter

--enable-ext-filter

Enable the external filter support provided by mod_ext_filter.

Disabled

mod_file_cache

--enable-file-cache

Enable the file cache provided by mod_file_cache.

Enabled

mod_filter

--disable-filter

Context-sensitive smart filter configuration module

Disabled

mod_headers

--enable-headers

Enable control of HTTP headers provided by mod_headers.

Enabled

mod_http

--disable-http

Disable the HTTP protocol handling. The http module is a basic one, enabling the server to function as an HTTP server. It is only useful to disable it if you want to use another protocol module instead. Don't disable this module unless you are really sure what you are doing.

Disabled

mod_ident

--enable-ident

RFC 1413 ident lookups

Enabled

mod_imagemap

--disable-imagemap

Disable support for server-based imagemaps, which provided by mod_imagemap.

Enabled

mod_include

--disable-include

Disable Server Side Includes provided by mod_include.

Disabled

mod_info

--enable-info

Enable the server information provided by mod_info.

Disabled

mod_isapi

--enable-isapi

Enable the isapi extension support provided by mod_isapi.

Disabled

mod_ldap

--enable-ldap

Enable LDAP caching and connection pooling services provided by mod_ldap.

Enabled

mod_log_config

--disable-log-config

Disable the logging configuration provided by mod_log_config. You won't be able to log requests to the server without this module.

Disabled

mod_log_forensic

--enable-log-forensic

Forensic Logging of the requests made to the server

Disabled

mod_logio

--enable-logio

Enable logging of input and output bytes including headers provided by mod_logio.

Disabled

mod_mem_cache

--enable-mem-cache

Enable memory caching provided by mod_mem_cache.

Enabled

mod_mime

--disable-mime

mod_mime associates the requested filename's extensions with the file's behavior and content (mime-type, language, character set and encoding). Disabling this module is normally not recommended.

Disabled

mod_mime_magic

--enable-mime-magic

Enable automatic determining of MIME types, which is provided by mod_mime_magic.

Enabled

mod_negotiation

--disable-negotiation

Disable content negotiation provided by mod_negotiation.

Disabled

mod_proxy

--enable-proxy

Enable the proxy/gateway functionality provided by mod_proxy. The proxying capabilities for AJP13, CONNECT, FTP, HTTP and the balancer are provided by the separate modules mod_proxy_ajp, mod_proxy_connect, mod_proxy_ftp, mod_proxy_http and mod_proxy_balancer. These five modules are also automatically enabled with --enable-proxy.

Disabled

mod_proxy_ajp

--enable-proxy-ajp

Enable proxy support for AJP13 (Apache JServ Protocol 1.3) request handling, which is provided by mod_proxy_ajp. This module is an extension for the mod_proxy module, so you should also use --enable-proxy.

Disabled

mod_proxy_balancer

--enable-proxy-balancer

Enable load balancing support for the AJP13, FTP and HTTP protocols, which is provided by mod_proxy_balancer. This module is an extension for the mod_proxy module, so you should also use --enable-proxy.

Disabled

mod_proxy_connect

--enable-proxy-connect

Enable proxy support for CONNECT request handling, which is provided by mod_proxy_connect. This module is an extension for the mod_proxy module, so you should also use --enable-proxy.

Disabled

mod_proxy_ftp

--enable-proxy-ftp

Enable proxy support for FTP requests, which is provided by mod_proxy_ftp. This module is an extension for the mod_proxy module, so you should also use --enable-proxy.

Disabled

mod_proxy_http

--enable-proxy-http

Enable proxy support for HTTP requests, which is provided by mod_proxy_http. This module is an extension for the mod_proxy module, so you should also use --enable-proxy.

Disabled

mod_rewrite

--enable-rewrite

Enable rule-based URL manipulation provided by mod_rewrite.

Enabled

mod_setenvif

--disable-setenvif

Disable support for basing environment variables on headers, which is provided by mod_setenvif.

Disabled

mod_so

--enable-so

Enable DSO capability provided by mod_so. This module will be automatically enabled if you use the --enable-mods-shared option.

Disabled

mod_speling

--enable-speling

Enable the functionality to correct common URL misspellings, which is provided by mod_speling.

Disabled

mod_ssl

--enable-ssl

Enable support for SSL/TLS provided by mod_ssl.

Enabled

mod_status

--disable-status

Enable the process/thread monitoring, which is provided by mod_status.

 Disabled

mod_suexec

 --enable-suexec

Allows CGI scripts to run as a specified user and Group

Disabled

mod_unique_id

--enable-unique-id

Enable the generation of per-request unique ids, which is provided by mod_unique_id.

Enabled

mod_userdir

--disable-userdir

Disable the mapping of requests to user-specific directories, which is provided by mod_userdir.

Disabled

mod_usertrack

--enable-usertrack

Enable user-session tracking provided by mod_usertrack.

Disabled

mod_vhost_alias

--enable-vhost-alias

Enable mass virtual hosting provided by mod_vhost_alias.

Installing Apache 2.2.4 on Windows

The Windows installation of Apache is substantially easier than installing Apache from source under Linux. While you can install Apache using source under Windows, how many Windows administrators do you know that actually do this? Yeah     I don't know any either.

The Apache group provides a Windows MSI installer version of their Web server just for the purpose of easily installing under Windows. Before you get started, make sure that you don't have IIS installed on your server. If you continue with IIS installed, Apache will not be able to listen for requests on port 80. You can run Apache and IIS side-by-side if you want to run one of the products on a port other than 80 or if the two products listen to different IP addresses.

After you make sure IIS is removed from your Windows server, download the Apache Windows binary. As of this writing, the latest edition of Apache for Windows is 2.2.4. I've downloaded the file named apache_2.2.4-win32-x86-no_ssl.msi. As you can probably guess, this is a basic Apache build without SSL support, which will suffice perfectly for a simple Apache site.

After download, execute the MSI file and follow the on-screen instructions.

The first screen you get provides you with an introduction. Press the Next button to move on. And, of course, there is the obligatory license screen. Accept the license and press the Next button to continue with the installation.

Next, provide the Apache installer with information about your server, including your network domain, the server name, the e-mail address of a server administrator, and decide how you want to run the Apache Web server service, as shown in Figure B. If your server is joined to a domain, most, if not all, of this information will be filled in. Otherwise, you will need to provide this information for the Apache installer. Where possible, stick with the defaults. If you plan to run Apache only for testing, run "only for the Current User."

Figure B

All of this information is filled in for you.

Now choose your installation type. While a Typical installation is perfectly fine, I chose to perform a Custom installation in order to demonstrate your installation options.

By default, everything on the Custom screen is selected for installation and the server is installed to C:\Program Files (x86)\Apache Software Foundation\Apache2.2\. If you want to change the installation path, press the Change button and choose a new path. Note that, since I am installing Apache to a server running Windows Server 2003 x64, the path indicates "Program Files (x86)." If this was a 32-bit Windows installation, the path would simply read "Program Files."

Once you've made your selections, the Apache installer gives you one final chance to bow out. If you're ready to forge ahead, press the Install button.

After the installation options screen, the installer does its job and installs Apache using the options you provided. When you're done, open a Web browser on another system and point it to your new Apache server. You should get a test page that says "It works!" just like you saw in Figure A.

Adding and modifying pages

Congratulations on getting your Linux- or Windows-based Apache server up and running. Now I'll go over how you can add new and edit current pages on your site. After all, you probably don't want to keep the sample pages around for a production site.

As you start adding pages, you'll need a decent editor to make changes to the HTML files. You could use something like FrontPage, but if you want to keep things simple, you can just use a text editor. Under Linux, I usually use pico or nano for this purpose. For Windows, I've fallen in love with the open source Notepad++.

To add or edit pages on your site, you need to know the location of your document root, the folder in which all of your Web pages are stored:

  • 64-bit Windows: C:\Program Files (x86)\Apache Software Foundation\Apache2.2\htdocs
  • 32-bit Windows: C:\Program Files\Apache Software Foundation\Apache2.2\htdocs
  • Linux: /usr/local/apache/htdocs

Make sure that you give any files you create an extension of .html so Apache knows how to handle them. Apache is very dependent on the extension to determine which module should handle a file.

As an example, on my Windows system, I've created a file in the C:\Program Files (x86)\Apache Software Foundation\Apache2.2\htdocs folder named tr-test.html with the contents "TechRepublic test."

Managing Apache

In this article, I won't be going too deeply into managing an Apache configuration file, but will provide you with some general tips. First off, Apache, under both Linux and Windows, is managed through the manipulation of the file named httpd.conf. These files are located here:

  • 64-bit Windows: C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf
  • 32-bit Windows: C:\Program Files\Apache Software Foundation\Apache2.2\conf
  • Linux: /usr/local/apache/conf/httpd.conf

Httpd.conf is a long text file full of directives that tell Apache what to do. For example, on both servers, the httpd.conf file has a line that reads "Listen 80." This directive tells Apache to listen on port 80 for incoming requests. Going through the various directives is beyond the scope of this article (I will go over the possible options in a future article). However, after you make changes to the file, you need to restart the Apache service. To do this:

  • In Windows: Click Start | Control Panel | Administrative Tools | Services. Locate the Apache2 service and click the Restart button.
  • In Linux: execute the command:

/usr/local/apache/bin/apachectl restart

Summary

For a simple site, this is all you really need to know to get up and running. Once you get used to it, Apache is very easy to work with and provides an outstanding platform for robust Web development and page serving. As you get into more advanced techniques, such as scripting languages and database access, you'll come to appreciate Apache's flexibility.

About

Since 1994, Scott Lowe has been providing technology solutions to a variety of organizations. After spending 10 years in multiple CIO roles, Scott is now an independent consultant, blogger, author, owner of The 1610 Group, and a Senior IT Executive w...

2 comments
arifx
arifx

hi, i have come across thousands of references concentrating on apache installation/configuration as a localhost. i have even read dozens of webpages and seen many youtube screencats. PLEEEEZE, COULD SOMEBODY KINDLY SHOW HOW TO RE-CONFIGURE APACHE AFTER YOUR WEBSITE IS DEVELOPED VIA LAMP on your computer AND YOU JUST WANT TO GO ONLINE / LIVE! AND ALLOW INTERNET USERS WORLDOVER TO ACCESS YOU WEBSITE. PLESAE EXPLAIN & INCLUDE DIRECTIONS ALSO ABOUT DNS, WEB-FORWARDING ETC TO MAKE THE WHOLE THING WORK. eternally greatful. alan.

Jaqui
Jaqui

[b]Enabled mod_autoindex --disable-autoindex[/b] This actually should be disabled for security, with it enabled if you don't have a default web page in any folder the contents are displayed in a list. Unless you need to allow an ftp type listing of files for downloading, it is not a good idea to enable it. if you do need this functionality, use a global config of autoindex order deny allow deny from all and override that with an .htaccess for the specific folder or a folder specific allow in the config file. [b]Disabled mod_deflate --enable-deflate[/b] This module saves on data transfer used, for those browsers that support it, and on systems with gzip installed. It is usually a good module to have enabled. [b]Disabled mod_ident --enable-ident[/b] If you want hostname lookups in your log files, you will need to enable this module. [b]Disabled mod_rewrite --enable-rewrite[/b] This module is very usefull for creating a browser window url that conceals information that can lead to exploits, like the content of the TR url after the ? in it. [b]Disabled mod_so --enable-so[/b] What, you don't like shared libraries? This module allows for adding extra functionality as needed without having to recompile the server from sources, a very good module to have enabled. [b]Enabled mod_userdir --disable-userdir[/b] This is a hangover from early days, not many systems still use the http://www.something.com/~username for websites. It can be usefull to have though, I use this one for my testing of websites on my workstation. [b] * 64-bit Windows: C:\Program Files (x86)\Apache Software Foundation\Apache2.2\htdocs * 32-bit Windows: C:\Program Files\Apache Software Foundation\Apache2.2\htdocs * Linux: /usr/local/apache/htdocs [/b] These may be the default locations, but you can change that in the httpd.conf, also, some linux distros use different location for websites, Mandriva and PCLOS both use /var/www/html/ I have also seen /srv/html [ htdocs ] used as well as under /opt If someone uses distro supplied packages they had best look under /etc/httpd/conf/httpd.conf and see where the documentroot is set by the distro.

Editor's Picks