It is presently the most popular web-server on the internet
and comes with convenient, enhanced functionality not
easily available on other web-servers. This includes a powerful
redirection meta-language as well as fixing up common spelling errors.
Perl can also be compiled inside the server to provide extra increases
in performance for Perl based scripts
There is a large base of on-line, web and newsgroup based help; as well as
technical books (including an "Apache for Dummies" book). This means problems
can generally be solved relatively quickly (unless they are due to nuances with
the SGI IRIX operating system and Apache - which have happened). Linux (or more likely FreeBSD UNIX)
on PC is probably a better system to use than an SGI O2 as it has a wide user base;
but an SGI O2 was chosen as this type of system is supported at the Daresbury Laboratory.
As of writing this (1st August 2003), Apache 1.3.28 was recently announced and mainly
to keep ahead of the script kiddie hackers, it was time to upgrade from 1.3.27.
Thus (based on Apache.org recommendations) 1.3.27 was upgraded to 1.3.28.
This can be done by "mkdir /usr/local/apache/apache-1.3.11.old";
going into the /usr/local/apache directory and using the
command:
tar cf - . | (cd /usr/local/apache/apache-1.3.11.old ; tar xpf - )
Be wary that if you have much in the way of log files, this could be
a GIG or so extra on your hard-disk.
On entering the website, it is possible to go to a close mirror site, of which
there are many all over the place. You can find a closer mirror site
automatically using the Apache "find a closer mirror site" CGI script at
http://www.apache.org/dyn/closer.cgi.
Mod_throttle (was written for 1.2.6 not installed but good to know about) -
controls/even outs speed of downloads in case part of site is saturating the rest.
(http://www.bigrock.com/~mlovell/throttle/)
Background from the Mod_Throttle homepage. (Being a specialist scientific site, overloading
of the CCP14 server is not presently an issue. Conjested international links
is the main problem on getting programs to users.)
"Mod_Throttle User specific throttling for Apache 1.2.x
Cut to the chase
I'll admit it - I've been web master for a number of adult sites, some
professional and some personal. One thing you can be certain of with
sites with adult content is that you're going to have traffic. The first
site I set up on a personal basis sat behind a 28.8kbps modem link, what
a mistake. As soon as the site was discovered, it was saturated. I upgraded
to 128kbps frame relay link and swamped it within a week or so as well. After
a bit, I had to upgrade to 384kbps, but no joy. At that point I had to grit
my teeth and go all the way to T1. One thing about T1 links is that they
are expensive, and I started selling web hosting to support my habit.
Unfortunately, on the first night at T1 speeds, I got a rather irate
phone call from my up stream provider. It seemed I was maxing out the link
and was all my my lonesome swamping the Cisco 2500 that I was attached to.
...stuff deleted...
In the end I wrote mod_throttle. Mod_throttle started as a series of
hacks on mod_limit, but there's very little code left from it at this point.
Mod_throttle's main function is to set average Bps limits for individual
customers. It also supports a greatly enhanced version of mod_limit's
status display, so you can actually see who's pushing the envelope.
Mod_throttle works by inserting increasingly long delays in service
when a user is over their limit.
How well does it work? For me it works marvelously. It's reduced the
memory/cpu loads on my server by two-thirds and keeps the users
exactly in their limits with as little pain as possible."
The stages for compiling and installing the apache 1.3.28 web server are:
(Note: You will need root mode to install the executable. While you can get
around this with a /usr/local set to a user who administers this area but
apache can only be start to listen to the default port 80 as "superuser/root".)
- Extract the tar.gz or tar.Z file:
- Manually configure the Configuration file and tell it you want to use (if not already enabled)
mod_spelling, mod_rewrite, (src/Configuration.tmpl)
- Run the ./configure program (it should detect your system and set things up OK)
- Run make to compile apache.
- Run make install to install the program into the /usr/local/apache directory
with all the configuration directories where you need them. (If you compile in user
mode, you can tell apache to be installed in any directory you want
To extract the apache distribution file type either
- gzip -d < apache_1.3.28.tar.gz | tar xvof -
- gzip -d < apache_1.3.28.tar.Z | tar xvof - or uncompress -c < apache_1.3.28.tar.gz | tar xvof -
This creates an apache_1.3.28 subdirectory. Go into this directory and
then go into the src subdirectory (cd apache_1.3.28/src).
Configuring the Configuration file
- Go into the src directory and copy the Configuration.tmpl file to Configuration.
- Using your favourite UNIX editor, edit the Configuration file
and
- un rem (delete the #) for AddModule modules/standard/mod_mime_magic.o to enable the option of mime magic
there the web server tries to detect unknown file type formats (ASCII or Binary, or MIME type)
- un rem (delete the #) for AddModule modules/standard/mod_speling.o to enable spell checking which is
somewhat enhanced over Apache 1.2.6
- un rem (delete the #) for AddModule modules/standard/mod_rewrite.o to enable the user of the powerful
web-page redirection facility.
- un rem (delete the #) the following to allow authentification to be setup; required for RIB
(Repository in a Box software repository software) administration.
- AddModule modules/standard/mod_access.o
- AddModule modules/standard/mod_auth.o
- AddModule modules/standard/mod_auth_anon.o
- un rem (delete the #) for AddModule modules/standard/mod_cern_meta.o for mimicing
the behavior of the CERN web server with regards to metainformation files. As CCP14 does mirroring
of other people's files, who knows what meta data exist in the hearts of men.
- Save the file and exit the editor.
Run Configure script in the src directory (type ./Configure) and
this will setup the makefile ready compiling. It may give you a warning saying
this is not what you want. Yes it is, unless you want to install the software somewhere
else where you would use the command specified in the INSTALL file. Be wary than
when upgrading from previous versions of Apache, the latest Apache by
default installs the binaries into /usr/local/apache/bin and the configuration
files into /usr/local/apache/conf. These can be over-ridden.
Run make to compile the apache server and create the executables.
The following may have to be done in "superuser/root" mode.
Assuming everything when nicely, run make install to copy a lot of
files into the /usr/local/apache/ area. This includes:
- copy the executables into the /usr/local/apache/bin directory
- copy the starting configuration files into /usr/local/apache/conf directory.
The 5 httpd config/control files are:
- access.conf (now obsolscent - but maintained for backward compatibility)
- httpd.conf (main config file)
- mime.types
- magic (The 1.3.3 version of Mime_Magic had problems on an SGI running IRIX)
- srm.conf (now obsolscent - but maintained for backward compatibility)
You have finished creating an executable ready for configuring - YAY! :-)
Before configuring and starting apache, you have to decide where your
web pages are going to exist. (/usr/local/etc/httpd/htdocs is a common
default for Apache 1.2.6 and other web servers, /usr/local/apache/htdocs for Apache 1.3.x)
But the CCP14 web-pages are on a dedicated external 50 GIG
hard-disk directly connected to the web-server. Do not
use NFS links to a remote hard-disk as this can create a lot of pain,
and slow things down. At worst, keep this as a backup in case the
primary web_data hard disk fails. A backup (and a test for
trying out regional mirror scripts) is kept on a central Daresbury
lab computer. The following is just an example, adapt it to your
directory structure.
Example Config Files
- access.conf (now obsolscent - but maintained for backward compatibility)
- httpd.conf (main config file)
- mime.types
- magic (may have problems on an SGI running IRIX)
- srm.conf (now obsolscent - but maintained for backward compatibility)
The CCP14 root web page area starts from a directory called:
/web_disc/ccp14/web_area
One thing to note is that this directory is not the root area
for http://www.ccp14.ac.uk. Because the CCP14 server uses
virtual domains, it is best to have a fall back directory where
very old web browsers will go that do not recognise the
virtual domain name protocol. This is the equivalent of
going to the sv1.ccp14.ac.uk webserver (the real name of the O2 computer)
where you are encouraged to upgrade to a relatively modern web browser
but also have the possibility of browsing around from this area
into the CCP14 web area using your old browser.
Other decisions are how to setup virtual domains, of which the domain
names have to be inserted into the DNS. The network administrator
would normally implement this. The virtual
domains have been devided in such a way that people who would only
want to mirror the roughly crystallographic part of the webserver
could do so.
The main configuration stages for apache 1.3.28 are:
Unlike previous versions of Apache, most of the config is now in
the httpd.conf file.
- Setting up httpd.conf (/usr/local/apache/conf/httpd.conf)
- This file contains all the information on timeouts, virtual domains, permissions, etc.
- Setting up mime.types (/usr/local/apache/etc/mime.types)
- Defining default file types that the web server will recognise
- Tricks" to get Perl scripts to execute
- Download of gz, Z and some other
file types correctly (default is they display as garbage on the screen).
- Make sure the web server will also recognise the htm as html
- Setting redirects on any old web pages. There should be no need for dead
links as automatic redirects are a trivial thing to implement. This is done
on the old web-server (http://www.dl.ac.uk/CCP/CCP14/)
- (Please note that when you change a configuration item in /usr/local/apache/conf,
you have to restart the apache web server so that it takes effect).
This is normally done (as root) using the command /usr/local/apache/bin/apachectl restart
Setting up http.conf (/usr/local/apache/conf/access.conf)
An example httpd.conf file for the CCP14 can be obtained by
clicking here
Generally most of the Apache options are safe but options
and information has to be set before the server will run correctly:
NB: If the variable is not mentioned, it is most likely the default is being used
though most of the following is using the default.
Section 1: Global Environment
- ServerType standalone
- ServerRoot "/usr/local/apache"
This is the "starting directory" from which other configuration options (log files) will start
from. (i.e., a value of logs/access_log is thus /usr/local/apache/logs/access_log)
- PidFile logs/httpd.pid
Get this wrong and Apache won't be able to a "restart" as it cannot find the PID file.
- Timeout 1800
As this is a dedicated academic web-server and people may be coming over slow links, I am
a bit more generous on the timeouts.
- KeepAlive On
- MaxKeepAliveRequests 100
As the bandwidth for this academic server is not expected to be very high, be generous.
- KeepAliveTimeout 60
- MinSpareServers 15
MaxSpareServers 30
- StartServers 20
- MaxClients 250
(Again, as this is a dedicated server, keep it that as many people can get on as possible)
- MaxRequestsPerChild 1000
A good compromise between performance and safety of run-away-child processes.
- Add the following:
#Mod_Speling
#Mod_Spelling
#MOD SPELLING MODULE
CheckSpelling On
(Mod_Speling is not predefined in the configuration file)
- ExtendedStatus On
Get the full status information)
Section 2: 'Main' server configuration
- Something to detail properly in the next apache upgrade:
- Refer:http://www.apache.org/docs/sections.html
From: amitai.schlair@usa.net (Amitai Schlair)
Newsgroups: comp.infosystems.www.servers.unix
Subject: Re: Apache and FTP Server. Help needed.
Date: Mon, 29 Nov 1999 18:57:39 -0500
Joshua Slive <slive+news@finance.commerce.ubc.ca> wrote:
> root wrote:
>
> > I would like to reach my ftp site by going in
> > http://eth1.dyndns.org/pub.
> >
> > How could I do that?
>
> Alias /pub/ /path/to/pub/
As distributed, the Apache configuration defaults to a MIME type of
text/plain if it can't determine a file's type. For an FTP archive, you
might also want to configure something like the following:
<Location /pub>
DefaultType application/octet-stream
</Location>
- (Please note that much of the following may have to be tweaked depending on your computer power
and amount of available RAM. The following has been setup and run on an SGI O2 MIPS R5000, Rev 2.1
200 MHZ with IRIX 6.3 (no running IRIX 6.5)
and 128 Meg of RAM. In IRIX 6.3 (or IRIX 6.5), toolchest gives you access via menu options to
most diagnostics and installation options. The X-Windows
based gr_osview tell you the CPU usage
and gmemusage gives you the physical memory break down. For instance, gmemusage shows
that by default, near idle there is 70,020K of memory free, and the 25 apache httpd deamons
are taking up 4825K of memory. Thus if the number of child apache processes goes up to
the maximum of 250, (~49 Meg of RAM) there should be plenty of room for the 48 Meg RAMs worth
of processes to sit in ream memory.)
- Port 80
(You will normally be starting the web-server as super-user/root and using Port 80. it is possible to have
this in user mode providing you use a Port greater than 1024(?) (8001 is sort of common) however,
in the case of the CCP14 site, the web address then becomes http://www.ccp14.ac.uk:8001/)
- User lzc
Group dlccp14a
(Change this to what is relevant for the individual setup)
- ServerAdmin ccp14@dl.ac.uk
(Who you going to email when you see things going wrong!)
- ServerName sv1.ccp14.ac.uk
(Because we have www as a virtual domain, the default for
very old browsers is to go to the "real" name of the web server)
- DocumentRoot "/web_disc/ccp14/web_area"
(This is where the web-server looks for the documents for the sv1 area.
This is normally redefined for each virtual domain area)
<Directory />
Options FollowSymLinks
order deny,allow
AllowOverride None
</Directory>
(The defaults tend to be a set of restrictive permissions so you have to
explicitely enable the permissions below)
- <Directory "/web_disc/ccp14/web_area">
(Set to where your document area/root is)
- Options Indexes FollowSymLinks
(I like people to be able to get indexes of files as all the files
in the document area are publically available.)
- AllowOverride None
- Order allow,deny
Allow from all
- </Directory>
- UserDir public_html
<Directory /*/public_html>
AllowOverride FileInfo AuthConfig Limit
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
<Limit GET POST OPTIONS PROPFIND>
Order allow,deny
Allow from all
</Limit>
<Limit PUT DELETE PATCH PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
Order deny,allow
Deny from all
</Limit>
</Directory>
(Permissions set to be quite restrictive on user directories)
- This is the spot to set up the CGI security and try and keep it tight.
Following is also how this was done, and also setting up for
the RIB system which gives an example of how to restrict
access by domain and/or password.
<Directory /usr/local/apache/share/cgi-bin>
AllowOverride None
Options +ExecCGI -Indexes #means people cannot browse directories
#but can run the CGI scripts
</Directory>
<Directory /usr/local/rib>
AllowOverride None
Options +ExecCGI -Indexes #means people cannot browse directories
#but can run the CGI scripts
order allow,deny
allow from all
</Directory>
<Directory /usr/local/rib/cgi-bin/admin>
AllowOverride All #Means you can define a .htaccess file
#that only people who supply a username and password
#can do things in the admin area
Options +ExecCGI +Indexes #means directories can be browsed
#and can also run the CGI scripts
order deny,allow
deny from all
allow from .dl.ac.uk #In theory, only people from these
allow from .ccp14.ac.uk #domains can work in the RIB admin area
</Directory>
Then in the /usr/local/rib/cgi-bin/admin directory
have a .htaccess file with the following contents. (thanks to
RIB people at http://www.nhse.org
for help with this .htaccess file.
AuthUserFile /usr/local/apache/doobry-twang/doobry/.htpasswd #not real directory
AuthGroupFile /dev/null
AuthName doobryribusername #not real username - use something you can remember (6 to 8 characters is good)
AuthType Basic
</Limit GET>
require user doobryribusername #not real username - use something you can remember (6 to 8 characters is good)
</Limit>
<Limit POST>
require user doobryribusername #not real username - use something you can remember (6 to 8 characters is good)
</Limit>
</Directory>
Then in the /usr/local/apache/etc/doobry-twang/doobry directory (give it a name you know of)
have a .htpasswd file with the following contents. (again, thanks to
RIB people at http://www.nhse.org
for help with this .htaccess file.
doobryribusername:kdinsldkldfk
Leave the encrypted password blank if you just want to enter a username and no password.
(not recommended) Otherwise, just use the UNIX crypt command to generate your
encrypted password to insert into the .htpasswd file.
Then, providing you have access permissions (and the username and password), you
can go into
http://www.ccp14.ac.uk/rib/cgi-bin/admin/RIB.pl
to administer the RIB system. (but not yet as you have not
added the following into mime.types, application/x-httpd-cgi pl
Setting up server-status and server-info
- Enable the following which allows you to look at problems with the
web-server in real time via a web-interface. However, in theory, this
would only work from within the computers/domains defined.
- http://www.ccp14.ac.uk/server-status
<Location /server-status>
SetHandler server-status
order deny,allow
deny from all
allow from .dl.ac.uk
allow from .ccp14.ac.uk
</Location>
- http://www.ccp14.ac.uk/server-info
- Server-info not enabled to save a bit of memory and have not been using it. But information
is as follows on how to enable it if the module is compiled in.
<Location /server-status>
SetHandler server-status
order deny,allow
deny from all
allow from .dl.ac.uk
allow from .ccp14.ac.uk
</Location>
<Location /server-info>
SetHandler server-info
order deny,allow
deny from all
allow from .dl.ac.uk
allow from .ccp14.ac.uk
</Location>
Examples of Setting up Virtual Hosts in Apache 1.3.28
Setting up mime.types (/usr/local/apache/conf/mime.types)
An example mime.types file for the CCP14 can be obtained by
clicking here
The mime.types file sets the file extensions that the apache web server
will properly recognise. Normally this is kosher but a few things seem to
be missing that have to be added manually(?).
- Confirm that the web server will also recognise the htm as html
text/html html htm
- In Apache 1.3.3 and Apache 1.3.6, it does not seem to have perl/cgi scripts recognised
as an executable file and consequently, only displays the executable
text. Add the following so the server knows to execute the perl/cgi scripts.
application/x-httpd-cgi pl
- Apache displays UNIZ style gz and Z compressed files as text (yuck) where
it should prompt the web browser to save the file. Make sure the following
lines are as follows (and disable the AddEncoding lines in the httpd.conf file)
application/x-compress Z
application/x-gzip gz
- Little hint. If you know certain file formats are binary or ascii, declare this
in the mime.types file so that people get nice formatting text (for ASCII) and prompted
to save the binary. Examples of this are the Philips RD/SD format and Siemens/Bruker
RAW binary file format. Trying to save these without them being declared as binary
files can cause them to be corrupted as the web server sends them over as ASCII
due to the default in srm.conf being DefaultType text/plain. There could be
a temptation to change this default to DefaultType application/octet-stream except
some web browsers have the habit of putting unwanted extensions (*.exe) on the files.
application/octet-stream bin dms lha lzh exe class rd sd raw
text/plain txt text
Configuring redirects so old links will correctly forward
As http://www.ccp14.ac.uk/ was originally at
http://www.dl.ac.uk/CCP/CCP14/, it is
important that everything redirects. All decent web-servers have a redirect option and it
is just a matter of requesting the web-administrator of that machine to set the
redirects. http://www.dl.ac.uk/CCP/CCP14/ is a Netscape based server and has no problem doing this.
The same goes with an old address on the gserv1.dl.ac.uk machine such this it also
redirects correctly. http://gserv1.dl.ac.uk/CCP/CCP14/
In this particular installation of Apache 1.3.28, the httpd.pid PID file is in /usr/local/apache/logs.
It is the least effort to use the Apache supplied scripts to do any stop/start/restart.
You must be in Super User/root mode to do the following:
To Restart (i.e., stop then quickly start it up again):
/usr/local/apache/bin/apachectl restart
To Stop:
/usr/local/apache/bin/apachectl stop
To Start:
/usr/local/apache/bin/apachectl start
If upgrading to a new version of the webserver, "apachectl restart" may not be good enough
and you may have to do "apachectl stop" the "apachectl start" for the new version to get
put into memory over the old version.
Under Construction - not complete/most likely wrong - and Specific for IRIX 6.3/IRIX 6.5. Consult your OS documentation
(or better yet - local OS guru) to find out how to do this on your system.
What can be said, whatever family that IRIX UNIX comes from, it sucks and it is no wonder Bill Gates
is a billionaire selling Windows. Putting something to automatically start up is not
that trivial and following is a possibly dodgy implementation. Basically, it seems
it is commond just to copy the lpd deamon script the /etc/init.d directory (which then has a link
put to it from the /etc/rc2.d directory). Then edit in Apache, and edit out LPD.
Thus as root go into the /etc/init.d directory and copy the relevant file; In this case on the
CCP14 Server; cp bsdlpr httpd. Make sure it is exectuable (chmod +x httpd).
Change the script so you pretty much get something like the following
(start-script.txt).
Then type ln -s /etc/init.d/httpd /etc/rc2.d/S62httpd (giving the link a number after
the LPR deamon showing the order it will be started up in)
Then (still as root), type cp /etc/config/bsdlpr /etc/config/httpd
Then type ln -s /etc/config/httpd /var/config/httpd
In theory, /etc/chkconfig can then be used to check on the status of things.
If httpd does not appear by typing chkconfig, try chkconfig httpd on
(Summary of all of this, next killer apps for UNIX will be "c:\config.sys" and "c:\autoexec.bat")
From: "Andrew" [grof@home.com]
Newsgroups: comp.infosystems.www.servers.unix
Subject: Re: Do I need Apache after installing Linux6.1 ?
Date: Sat, 16 Oct 1999 23:27:22 GMT
RedHat 6.1 comes with Apache...
Your configuration files are in /etc/httpd/conf
The log files are in /var/log/httpd
The default location for web content is /home/httpd
To start the server, run /etc/rc.d/init.d/httpd start
To stop the server, run /etc/rc.d/init.d/httpd stop
To reset the server do this: kill -HUP `cat /var/run/httpd.pid`
If you don't seem to have it installed, simply use RPM to install it.
>I have just installed RedHat Linux 6.1. It seems that a web server is
>included in Linux6.1. Is that right? Do I need to install Apache 1.3.9
>after installing Linux6.1 ?
>
>Thanks for your help.
>
>--Wu
If you are using a web-browser within the Daresbury (.dl.ac.uk) or CCP14 (.ccp14.ac.uk)
domains, you check the server-status via the web by using the address at
Another method is Telnet to the server and check if it is running that way.
type /usr/bsd/telnet www.ccp14.ac.uk 80 [RETURN](80 stands for port 80)
type HEAD / HTTP/1.0
(type [RETURN] twice)
You should get the output of something akin to the following on
your terminal:
sv1 227% /usr/bsd/telnet www.ccp14.ac.uk 80
Trying 193.62.124.194...
Connected to sv1.ccp14.ac.uk.
Escape character is '^]'.
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Date: Wed, 19 Jun 2002 01:25:22 GMT
Server: Apache/1.3.28 (Unix)
Last-Modified: Fri, 03 Nov 2000 23:57:51 GMT
ETag: "cc469eb-1b14-3a0350ff"
Accept-Ranges: bytes
Content-Length: 6932
Connection: close
Content-Type: text/html
Connection closed by foreign host.
sv1 228%
Or:
- What's that site running - finding out what webserver a site is running.