Installation and setup of the Apache Web Server (Linux)


Apache is the Web Server most frequently used on the Internet today. This tutorial covers its installation and and configuration in Red Hat Linux 6.0 and 7.0. The CD-ROM distribution includes an Apache package, but you can also download Apache for free. There is another tutorial for Apache in Windows.

  • Installing Apache

    Mount the CD-ROM 1 and install the package for apache. The package will automatically create all the directories for you besides installing the software. The document root will be placed in /home/httpd in 6.0 and in /var/www in 7.0. The server root will be located in /etc/httpd. The path to the apache program will be /usr/sbin/httpd.

    In the document root three directories are created: cgi-bin, html and icons. In the html directory you will store the Web pages for your server. In the cgi-bin directory you will store your CGI programs.

    In the server root three directories are created: conf, logs and modules. In the /etc/httpd/conf directory you will find the three basic Apache configuration files: httpd.conf, access.conf and srm.conf. In the /etc/httpd/logs directory you will find the access and error logs. The /etc/httpd/modules directory is where the Apache modules are resident.

  • Configuring Apache in 6.0

    Apache comes with the three configuration files mentioned above already with basic configuration information. Your job will be to tailor these configuration files to your needs. In this tutorial we will only deal with some basic features you need or may be interested in adding to your Web server.

    1. httpd.conf: this is the configuration file related to the server in itself. Open the file httpd.conf in Kedit or any other text editor like Pico or Emacs. You are supposed to find the line ServerName and enter the FQDN of your machine, and also find the line ServerAdmin and enter your e-mail address. The server comes configured to run in standalone mode, to listen in port 80, with user and group nobody privileges (low level of permissions for security reasons), and you don't need to change these options.

    2. access.conf: this is the configuration file related to access to directories and services in the Web server. Again, open the file access.conf in a text editor. Look for the section that starts with <Directory /home/httpd/html> and look for the Options line and change it to allow Server Side Includes, but disabling scripts to be run from a Web page, as follows: Options Indexes Includes FollowSymLinks IncludesNOEXEC. This will allow the dynamic dating of your changes, the dynamic display of time and date in your pages, but will prevent scripts to be run outside of your cgi-bin directory. For example, the HTML code   <!--#config timefmt="%A %B %d, %Y -- %I:%M %p " --><!--#echo var="DATE_LOCAL"-->

      will be displayed as   Monday July 07, 2003 -- 08:11 PM

      As an additional security measure you may also change the section starting with <Directory /home/httpd/cgi-bin> so that the Options line be commented out as follows: # Options ExecCGI. This will not prevent you to run CGI programs in cgi-bin, but rather it will prevent the command exec to be used even in the cgi-bin directory.

    3. srm.conf: this is the configuration file related to the location of the document root, directory infornation formatting, user directories, etc. Once more, open the file srm.conf in a text editor. If you want to change the location of the document root, look for the line DocumentRoot /home/httpd/html and change it to a new location, but do not forget to move its three sub-directories (html, cgi-bin and icons) to the new location, but there is no need for it. You may wish, however, to change the default user Web directory to www . Look for the line UserDir and change it to UserDir www . Files placed in the user accounts in this directory are displayed in the web when  /~username is used after the server name (e.g. rip.k-security.de/~user). You may also want to add index.htm to the list of files that may be index files to a Web directory. In order to do so, look for the line DirectoryIndex and change it to DirectoryIndex  index.html  index.shtml  index.htm

      Check that your cgi-bin directory is properly identified as follows: ScriptAlias  /cgi-bin/  /home/httpd/cgi-bin/ . If you moved your document root path change this line accordingly. If you want your CGI script files to be identified with .cgi be sure that the line AddHandler cgi-script .cgi is not commented out (market with in * in front).

      To complete the installation of server side includes be sure that the following two lines are present:

      AddType  text/html   .shtml
      AddHandler  server-parsed   .shtml

      Finally, to make your Web server support image maps be sure that the following line exists:  AddHandler  imap-file   map

  • Configuring Apache in 7.0

    Apache in 7.0 comes with the same three configuration files, but only httpd.conf needs to be configured, changed, by you. The other two are considered obsolete and should not be changed.

    • httpd.conf: this is the overall configuration file. Open the file httpd.conf in Kedit or any other text editor like Pico or Emacs. Find first the line #BindAddress * and delete the # (uncomment it) to make it active. Find the line ServerAdmin and enter your e-mail address, and look for the line ServerName and enter the FQDN, or IP number of your machine, or yet localhost. The server comes configured to run in standalone mode, to listen in port 80, with user and group apache ( with low level of permissions for security reasons), and you don't need to change these options. The document root directory is by default in the line DocumentRoot "/var/www/html"

      Look for the section that starts with <Directory "/var/www/html"> and look for the Options line and change it to allow Server Side Includes, but disabling scripts to be run from a Web page, as follows: Options Indexes Includes FollowSymLinks IncludesNOEXEC. This will allow the dynamic dating of your changes, the dynamic display of time and date in your pages, but will prevent scripts to be run outside of your cgi-bin directory. For example, the HTML code   <!--#config timefmt="%A %B %d, %Y -- %I:%M %p " --><!--#echo var="DATE_LOCAL"-->

      will be displayed as   Monday July 07, 2003 -- 08:11 PM

      Look for the line UserDir and I suggest you replace public_html (the default) by www a more familiar directory name. This will allow users to place files in their www directory and be seen on the Web using the server address followed by the tilde (~) and the username, like my URL in UBMail: http://home.ubalt.edu/~abento . If you do this, also change the line <Directory /home/*/public_html> replacing public_html with www.

      You may want to change the order of your index files, making index.shtml (the SSI version) to be the first to be displayed by the browsers. In order to do so, look for the line DirectoryIndex and change it to DirectoryIndex  index.shtml  index.html  index.htm

      Check that your cgi-bin directory is properly identified as follows: ScriptAlias  /cgi-bin/  /var/www/cgi-bin/ . If you moved your document root path change this line accordingly. As an additional security measure you may also change the section starting with <Directory /var/www/cgi-bin> so that the Options line be commented out as follows: # Options ExecCGI. This will not prevent you to run CGI programs in cgi-bin, but rather it will prevent the command exec to be used even in the cgi-bin directory.

      Look for the line starting with # AddHandler. If you want your CGI script files to be identified with .cgi be sure that the line AddHandler cgi-script .cgi is not commented out (market with in * in front). To complete the installation of server side includes be sure that the following two lines are present:

      AddType  text/html   .shtml
      AddHandler  server-parsed   .shtml

      Finally, to make your Web server support image maps be sure that the following line exists:  AddHandler  imap-file   map

  • Starting Apache

    You can start, stop and restart the Apache Web server by using scripts created for this purpose in Red Hat Linux. Type in a shell prompt as root: /etc/rc.d/init.d/httpd  start to start the server. To stop or restart use the same script but replacing start with stop or restart. You must start the server as root, in order to run the server in port 80, as defined in httpd.conf. The server will run as the user nobody (not root) with low level privileges, as discussed before.

    I suggest you create in the /root/bin directory three files with the file names startap (start apache), stopap (stop apache), and restartap (restart apache) with the command line above adapted to each case (e.g. for restart: /etc/rc.d/init.d/httpd restart). Then change the permissions of each file using: chmod u+x . This way when you type startap the Apache server will be started, without you having to remember the whole script command line.


Top                                                                                                                                                                      Back
Last Update: Thursday, June 24, 2003 | © 2002-2003 Kay Nix  ·  K-SeCuRiTy Timisoara, Romania