Installing the Apache webserver is pretty straightforward. Do not use Apache 2.x, but instead rely on Apache 1.3.x. See the php.org website why. (The Apache 2 architecture is just not safe enough for php in production environments).
Stopping the webserver:
[root@1038 bin]# pwd /www/bin [root@1038 bin]# ./apachectl stop ./apachectl stop: httpd stopped
And starting it:
[root@1038 bin]# ./apachectl start ./apachectl start: httpd started
N.B.: the Flexserver computer comes with Plesk 7 reloaded installed by default. This control panel program in turn uses Apache 2 in combination with php. Bad!
Also note that the compile and build operations for Apache 3.3.33 have resulted in an httpd.conf file which does not contain a ClearModuleList directive. According to serveral postings on the web, this is actually okay:
“PHP works with many different web servers in many different ways, but by far the most popular way to run PHP is as an Apache module with Apache 1.3.x. Full installation instructions for all the different ways to install PHP can be found in the PHP documentation. Here, I cover the Apache module installation.” (…)
“Note that in many default httpd.conf files you will find AddModule lines. These really aren't necessary. They are only needed if you have a ClearModuleList directive somewhere in your httpd.conf file. I would suggest simply deleting the ClearModuleList directive and deleting all your AddModule lines. The idea behind ClearModuleList/AddModule is to make it possible to reorder already loaded modules in case module order is an issue. With most modules, the order that they are loaded – which governs the order they are called – is not important. And further, most binary distributions of Apache ship with most modules compiled as dynamically loadable modules, which means that if order is an issue for some reason, you can simply change the order of the LoadModule calls to fix it.”
http://www.cnop.net/article.php?story=20041002040920660
“Changes with Apache 1.3.23” (...) “* Prevent an Apache module from being loaded or added twice due to duplicate LoadModule or AddModule directives (or a missing ClearModuleList directive). [William Rowe, Brian Pane <bpane@pacbell.net>]”
http://www.opensource.apple.com/darwinsource/10.1.4/apache-650/apache/src/CHANGES
You can use a special kind of virtual server which handles any requests not handled by the standard virtual servers. This is the Default Server. I ran into trouble when trying to configure this Devault Server through Webmin. My Default Server did not follow symbolic links, even though I had configured it to.
So I have simply adjusted to global configuration by editing httpd.conf to allow symbolic links:
<Directory /> Options FollowSymLinks AllowOverride None </Directory>
In Webmin, “Virtualmin Virtual Servers” > “Server Settings and Templates” >
“Server Templates”, I have changed the setting “Create alias websites by” from “Creating Redirect virtual host” to ”Adding ServerAlias to parent”.
You can have two kinds of aliasing in Webmin. On the Apache side of things they are the following directives:
If you're using applications such as Moodle, be sure to tell them your domain name is not the parent domain name, but rather the Server Alias is. For Moodle, you do this in the /config.php file:
Change:
$CFG->wwwroot = 'http://maartenskliniek.solin.nl';
Into:
$CFG->wwwroot = 'http://www.e-learning-maartenskliniek-rde.nl';
I have made the following (non-trivial, security related) changes to httpd.conf:
<Directory /> Options SymLinksIfOwnerMatch AllowOverride None </Directory> [...] <Directory "/www/htdocs"> # # This may also be "None", "All", or any combination of "Indexes", # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews". # # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. # [DELETED Indexes, O.S.] # Options SymLinksIfOwnerMatch MultiViews # # This controls which options the .htaccess files in directories can # override. Can also be "All", or any combination of "Options", "FileInfo", # "AuthConfig", and "Limit" # AllowOverride None # # Controls who can get stuff from this server. # Order allow,deny Allow from all </Directory>
To fix some IE-CSS related problems (hint: hover), I have added a mime type to the Global mime types list located in /www/conf/mime.types:
text/x-component htc
See http://www.xs4all.nl/~peterned/csshover.html, and http://www.hoeben.net/node/view/33 how this relates to IE-CSS hover-problems.
20050223
To add a subdomain that is just an alias for your full domain, use the ServerAlias directive.
<VirtualHost 213.193.214.124:80> ServerName solin.nl ServerAlias www.solin.nl onderwijs.solin.nl www.onderwijs.solin.nl DocumentRoot /home/solin/public_html ErrorLog /home/solin/logs/error_log CustomLog /home/solin/logs/access_log common ScriptAlias /cgi-bin/ /home/solin/cgi-bin/ <Directory /home/solin/public_html> Options -Indexes IncludesNOEXEC FollowSymLinks </Directory> </VirtualHost>
20060218
The module mod_rewrite.so promises user friendly urls. To install the module, I have followed the advice posted here:
http://www.mailarchives.org/list/apache-httpd-users/msg/2003/13765
Here, it says to do a ./configure and ./make:
./configure --prefix=/www --enable-module=so --enable-module=rewrite --enable-shared=rewrite
After the subsequent ./make, the mod_rewrite.so can be found in the directory /usr/src/apache_1.3.33/src/modules/standard/mod_rewrite.so. Copy the file to /www/modules/mod_rewrite.so and add the following line to httpd.conf:
LoadModule rewrite_module modules/mod_rewrite.so
Now, restart the webserver, and you should be good to go.
Installing mod_rewrite under Debian (where I use Apache 2 instead of 1.3x) is even easier. This site explains it all: Managing Apache2 modules the Debian way.
Debian has two directories:
To enable a module, you need to symlink some files. This is what the Debian tool a2enmod does for you. For instance, to install mod_rewrite, simply type in:
a2enmod rewrite
Then, restart Apache and you're good to go!
/etc/init.d/apache2 force-reload
By the way, Webmin does not display the loaded Apache modules correctly! Just forget about trying to enable Apache modules through Webmin.
First, make a password file and type in a password for a user:
[root@1038 public_html]# htpasswd -cm /etc/phpMyAdmin_auth_file onno New password: Re-type new password: Adding password for user onno
Leave out the -c parameter if you're using the same password file twice (c = create).
Then, restrict access to a directory by specifying the following directives for a given directory:
<Directory /home/solin/public_html/phpMyAdmin> Options -Indexes IncludesNOEXEC Includes FollowSymLinks AuthType Basic AuthName "Access Restricted" AuthUserFile /etc/phpMyAdmin_auth_file Require user onno </Directory>
Don't forget to disable the allow from all and AllowOverride All directives:
#allow from all #AllowOverride All
First of all, make sure you've got the OpenSSL library (comes with Apache2 by default).
Now, Ubuntu has a tool called apache2-ssl-certificate which you can use to generate a certificate for testing purposes.
For a guide to the real deal, a signed certificate, look here: Ubuntu: Certificates.
What it comes down to is this:
/etc/ssl/private/server.keyopenssl genrsa -des3 -out server.key 1024
Please note: the following command will prompt you for some data. When you see: Common Name (eg, your name or your server's hostname), enter the exact domain name that you want to secure. For instance, if you have a specific subdomain that must be secured, provide the complete url for the subdomain (minus the protocol). E.g.: tech.solin.eu.
openssl req -new -key server.key -out server.csr
/etc/ssl/certs/your_certificate.crtSSLEngine on SSLCertificateFile /etc/ssl/certs/your_certificate.crt SSLCertificateKeyFile /etc/ssl/private/server.key
SSLEngine on SSLCertificateFile /etc/ssl/certs/your_certificate.crt SSLCertificateKeyFile /etc/ssl/private/server.key SSLCertificateChainFile /etc/ssl/certs/AddTrustExternalCARoot.crt SSLCertificateChainFile /etc/ssl/certs/UTNAddTrustServerCA.crt SSLCertificateChainFile /etc/ssl/certs/PositiveSSLCA.crt
/etc/init.d/apache2 restartTo actually use ssl on Apache, you first need to make a few slight adjustments. This is explained here: Setting up SSL: Ubuntu and Apache 2.
The default log file rotation for Apache requires a restart of the server. This means you have to restart the server manually, since you'll have to provide the pass phrase. You can circumvent this problem by using another log file rotation method. See Piped logging program to rotate Apache logs.
In /etc/apache2/apache2.conf add:
CustomLog "|/usr/sbin/rotatelogs /var/log/apache2/access.log 604800" common ErrorLog "|/usr/sbin/rotatelogs /var/log/apache2/error.log 604800"
And then in /etc/apache2/sites-available/your_site.conf:
<VirtualHost *:80> [...] ErrorLog "|/usr/sbin/rotatelogs /home/your_site/logs/error_log 604800" CustomLog "|/usr/sbin/rotatelogs /home/your_site/logs/access_log 604800" combined [...] </VirtualHost>
The number at the end represents the rotation time, here 7 days.
If you make a typo in site's subdomain, chances are you'll be “redirected” to the first website of the webserver. For instance, if *.solin.nl points to our webserver where 1xmyclient.nl is the first website, “nonexistentsubdomain.solin.nl” will “redirect” to 1xmyclient.nl.
To avoid this, simply create a virtualhost called 000aaa.solin.nl which contains an index.html file stating something like “Website not found. Perhaps you made a typing error?”.
See also this wiki.
The following worked for me under Ubuntu 11.10, using the default Apache2 installation. This solution uses virtual hosts.
Add the subdomain to /etc/hosts. E.g.:
127.0.0.1 localhost 127.0.0.1 testclient.localhost #127.0.1.1 my-computer
UPDATE: in a recent version of 12.04, a line 127.0.1.1 my-computer was automatically added to the hosts file. Comment out this line!
Modify etc/apache2/ports.conf to explicitly name your localhost ip address:
NameVirtualHost 127.0.0.1:80 Listen 80
In all your virtualhosts, add the localhost ip address, the port and the servername directive.
/etc/apache2/sites-available/default:
<VirtualHost 127.0.0.1:80> ServerAdmin webmaster@localhost ServerName localhost # ... etc
/etc/apache2/sites-available/testclient:
<VirtualHost 127.0.0.1:80>
DocumentRoot /home/onno/testclient.localhost/public_html/
ServerName testclient.localhost
<Directory /home/onno/testclient.localhost/public_html/>
Options Indexes FollowSymLinks MultiViews +Includes
AllowOverride None
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Of course, don't forget to symlink from sites-enabled to sites-available and restart the webserver after you're done configuring.
If apache is on one partition, and your websites are on another partition, you can still use symlinks. There are two things to take into account though.
FollowSymLinks directive in your virtual host's configuration file (i.e. the site in the sites-available directory).
As an example I have a SOLINDATA partition on my local machine containing a php directory. This partition is accessed through /media/SOLINDATA. My /etc/apache2/sites-available directory is on another partition. So, I had to do:
sudo chmod -R 755 /media
There are a few minor changes from Apache 2.2 (Ubuntu 12.04 LTS) to Apache 2.4 (Ubuntu 13.10).
Here's an example configuration file called etc/apache2/sites-available/jeelo.conf:
<VirtualHost *:80>
DocumentRoot /home/onno/php/jeelo/public_html
ServerName jeelo
<Directory /home/onno/php/jeelo/public_html/>
Order allow,deny
Allow from all
Require all granted
</Directory>
</VirtualHost>
Don't forget to make a symlink in etc/apache2/sites-enabled and do add your ServerName to /etc/hosts.
Add this to apache2.conf:
AddType application/x-httpd-php .php
And make sure there is no .htaccess file in your webroot which overwrites anything related to php. For instance, in one of my projects, I found this inside the .htaccess file of a customer's virtualhost:
# inside .htaccess file: AddHandler application/x-httpd-php55 .php
URL Rewriting for Beginners is an excellent tutorial on this topic.
Here's an example I'm using for Moodle, which allows the user to go directly to mymoodlesite.com/moodle-as-an-lms instead of having to use mymoodlesite.com/mod/page/view.php?id=99998. The browser's address bar will show the user-friendly url as well.
RewriteEngine On # Turn on the rewriting engine RewriteRule ^moodle-as-an-lms/?$ /mod/page/view.php?id=99998 [NC,L] RewriteRule ^support-requests/?$ /mod/page/view.php?id=99999 [NC,L]
NC: Non Case-sensitive L: Do no apply any other rewrite rules after having applied the current one
RewriteEngine On # Turn on the rewriting engine
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
This can be used in combination with other rules listed below this one.
QSA: Query String Append - keeps the original query string and appends it to the new one.
RewriteRule ^language-learning/?$ /mod/page/view.php?id=161 [QSA,NC,L]
For example, if your incoming url is: myhost.com/language-learning?keyword=french then the resulting url will be: myhost.com/mod/page/view.php?id=161&keyword=french (though the browser will still display the original query string in the address bar).
RewriteEngine on
RewriteRule ^mastersinlean.trainertops.com$ mastersinlean.trainertops.nl [R=301,NC,L]
RewriteCond %{HTTP_HOST} ^mastersinlean.trainertops.nl$
RewriteRule ^(.*)$ http://trainingen.mastersinlean.com/$1 [R=301,L]