Synopses & Reviews
Apache is far and away the most widely used web server platform in the world. Both free and rock-solid, it runs more than half of the world's web sites, ranging from huge e-commerce operations to corporate intranets and smaller hobby sites, and it continues to maintain its popularity, drawing new users all the time. If you work with Apache on a regular basis, you have plenty of documentation on installing and configuring your server, but where do you go for help with the day-to-day stuff, like adding common modules or fine-tuning your activity logging?The Apache Cookbook is a collection of problems, solutions, and practical examples for webmasters, web administrators, programmers, and everyone else who works with Apache. For every problem addressed in the book, there's a worked-out solution or "recipe"--short, focused pieces of code that you can use immediately. But this book offers more than cut-and-paste code. You also get explanations of how and why the code works, so you can adapt the problem-solving techniques to similar situations.The recipes in the Apache Cookbook range from simple tasks, such installing the server on Red Hat Linux or Windows, to more complex tasks, such as setting up name-based virtual hosts or securing and managing your proxy server. The two hundred plus recipes in the book cover additional topics such as:
- Aliases, Redirecting, and Rewriting
- CGI Scripts, the suexec Wrapper, and other dynamic content techniques
- Error Handling
The impressive collection of useful code in this book is a guaranteed timesaver for all Apache users, from novices to advanced practitioners. Instead of poking around mailing lists, online documentation, and other sources, you can rely on the Apache Cookbook
for quick solutions to common problems, and then you can spend your time and energy where it matters most.
This is a collection of problems, solutions, and practical examples for webmasters, Web administrators, programmers, and everyone else who works with Apache. For every problem addressed in the book, there's a worked-out solution or "recipe" that you can use immediately.
About the Author
Ken Coar is a member of the Apache Software Foundation, the body that oversees Apache development. He is the author of Apache Server for Dummies (January 1998) and co-author of Apache Server Unleashed (March 2000). Ken has been responsible for fielding email sent to the Apache project, and his experience with that mailing list provided a foundation for this book.
Rich Bowen is a member of the Apache Software Foundation, working primarily on the documentation for the Apache Web Server. He lives in Lexington, Kentucky, where he spends his free time GeoCaching. He also enjoys flying kites and reading stuff by Charles Dickens and his contemporaries. Rich is a coauthor of Apache Administrators Handbook and Apache Cookbook. Rich, or DrBacchus--his handle on IRC--also spends entirely too much time on #apache. You can find him on the web at http://www.drbacchus.com/journal/.
Table of Contents
Preface; What's in This Book; Platform Notes; Other Books; Other Sources; How This Book Is Organized; Conventions Used in This Book; We'd Like to Hear from You; Acknowledgments; Chapter 1: Installation; 1.1 Installing from Red Hat Linux's Packages; 1.2 Installing Apache on Windows; 1.3 Downloading the Apache Sources; 1.4 Building Apache from the Sources; 1.5 Installing with ApacheToolbox; 1.6 Starting, Stopping, and Restarting Apache; 1.7 Uninstalling Apache; Chapter 2: Adding Common Modules; 2.1 Installing a Generic Third-Party Module; 2.2 Installing mod_dav on a Unixish System; 2.3 Installing mod_dav on Windows; 2.4 Installing mod_perl on a Unixish System; 2.5 Installing mod_php on a Unixish System; 2.6 Installing mod_php on Windows; 2.7 Installing the mod_snake Python Module; 2.8 Installing mod_ssl; Chapter 3: Logging; 3.1 Getting More Details in Your Log Entries; 3.2 Getting More Detailed Errors; 3.3 Logging POST Contents; 3.4 Logging a Proxied Client's IP Address; 3.5 Logging Client MAC Addresses; 3.6 Logging Cookies; 3.7 Not Logging Image Requests from Local Pages; 3.8 Logging Requests by Day or Hour; 3.9 Rotating Logs on the First of the Month; 3.10 Logging Hostnames Instead of IP Addresses; 3.11 Maintaining Separate Logs for Each Virtual Host; 3.12 Logging Proxy Requests; 3.13 Logging Errors for Virtual Hosts to Multiple Files; 3.14 Logging Server IP Addresses; 3.15 Logging the Referring Page; 3.16 Logging the Name of the Browser Software; 3.17 Logging Arbitrary Request Header Fields; 3.18 Logging Arbitrary Response Header Fields; 3.19 Logging Activity to a MySQL Database; 3.20 Logging to syslog; 3.21 Logging User Directories; Chapter 4: Virtual Hosts; 4.1 Setting Up Name-Based Virtual Hosts; 4.2 Designating One Name-Based Virtual Host as the Default; 4.3 Setting Up Address-Based Virtual Hosts; 4.4 Creating a Default Address-Based Virtual Host; 4.5 Mixing Address-Based and Name-Based Virtual Hosts; 4.6 Mass Virtual Hosting with mod_vhost_alias; 4.7 Mass Virtual Hosting Using Rewrite Rules; 4.8 SSL and Name-Based Virtual Hosts; 4.9 Logging for Each Virtual Host; 4.10 Splitting Up a LogFile; 4.11 Port-Based Virtual Hosts; 4.12 Displaying the Same Content on Several Addresses; Chapter 5: Aliases, Redirecting, and Rewriting; 5.1 Showing Highlighted PHP Source Without Symlinking; 5.2 Mapping a URL to a Directory; 5.3 Creating a New URL for Existing Content; 5.4 Giving Users Their Own URL; 5.5 Aliasing Several URLs with a Single Directive; 5.6 Mapping Several URLs to the Same CGI Directory; 5.7 Creating a CGI Directory for Each User; 5.8 Redirecting to Another Location; 5.9 Redirecting Several URLs to the Same Destination; 5.10 Permitting Case-Insensitive URLs; 5.11 Replacing Text in Requested URLs; 5.12 Rewriting Path Information to CGI Arguments; 5.13 Denying Access to Unreferred Requests; 5.14 Rewriting Based on the Query String; 5.15 Redirecting All--or Part--of Your Server to SSL; 5.16 Turning Directories into Hostnames; 5.17 Redirecting All Requests to a Single Host; 5.18 Turning Document Names into Arguments; Chapter 6: Security; 6.1 Using System Account Information for Web Authentication; 6.2 Setting Up Single-Use Passwords; 6.3 Expiring Passwords; 6.4 Limiting Upload Size; 6.5 Restricting Images from Being Used Off-Site; 6.6 Requiring Both Weak and Strong Authentication; 6.7 Managing .htpasswd Files; 6.8 Making Password Files for Digest Authentication; 6.9 Relaxing Security in a Subdirectory; 6.10 Lifting Restrictions Selectively; 6.11 Authorizing Using File Ownership; 6.12 Storing User Credentials in a MySQL Database; 6.13 Accessing the Authenticated Username; 6.14 Obtaining the Password Used to Authenticate; 6.15 Preventing Brute-Force Password Attacks; 6.16 Using Digest Versus Basic Authentication; 6.17 Accessing Credentials Embedded in URLs; 6.18 Securing WebDAV; 6.19 Enabling WebDAV Without Making Files Writable by the Web User; 6.20 Restricting Proxy Access to Certain URLs; 6.21 Protecting Files with a Wrapper; 6.22 Protecting All Files Except a Subset; 6.23 Protecting Server Files from Malicious Scripts; 6.24 Setting Correct File Permissions; 6.25 Running a Minimal Module Set; 6.26 Restricting Access to Files Outside Your Web Root; 6.27 Limiting Methods by User; 6.28 Restricting Range Requests; Chapter 7: SSL; 7.1 Installing SSL; 7.2 Generating SSL Certificates; 7.3 Generating a Trusted CA; 7.4 Serving a Portion of Your Site via SSL; 7.5 Authenticating with Client Certificates; Chapter 8: Dynamic Content; 8.1 Enabling a CGI Directory; 8.2 Enabling CGI Scripts in Non-ScriptAliased Directories; 8.3 Using Windows File Extensionsto Launch CGI Programs; 8.4 Using Extensions to Identify CGI Scripts; 8.5 Testing That CGI Is Set Up Correctly; 8.6 Reading Form Parameters; 8.7 Invoking a CGI Program for Certain Content Types; 8.8 Getting SSIs to Work; 8.9 Displaying Last Modified Date; 8.10 Including a Standard Header; 8.11 Including the Output of a CGI Program; 8.12 Running CGI Scripts as a Different User with suexec; 8.13 Installing a mod_perl Handler from CPAN; 8.14 Writing a mod_perl Handler; 8.15 Enabling PHP Script Handling; 8.16 Verifying PHP Installation; Chapter 9: Error Handling; 9.1 Handling a Missing Host Field; 9.2 Changing the Response Status for CGI Scripts; 9.3 Customized Error Messages; 9.4 Providing Error Documents in Multiple Languages; 9.5 Redirecting Invalid URLs to Some Other Page; 9.6 Making Internet Explorer Display Your Error Page; 9.7 Notification on Error Conditions; Chapter 10: Proxies; 10.1 Securing Your Proxy Server; 10.2 Preventing Your Proxy Server from Being Used as an Open Mail Relay; 10.3 Forwarding Requests to Another Server; 10.4 Blocking Proxied Requests to Certain Places; 10.5 Proxying mod_perl Content to Another Server; 10.6 Configuring a Caching Proxy Server; 10.7 Filtering Proxied Content; 10.8 Requiring Authentication for a Proxied Server; Chapter 11: Performance; 11.1 Determining How Much Memory You Need; 11.2 Benchmarking Apache with ab; 11.3 Tuning Keepalive Settings; 11.4 Getting a Snapshot of Your Site's Activity; 11.5 Avoiding DNS Lookups; 11.6 Optimizing Symbolic Links; 11.7 Minimizing the Performance Impact of .htaccess Files; 11.8 Disabling Content Negotiation; 11.9 Optimizing Process Creation; 11.10 Tuning Thread Creation; 11.11 Caching Frequently Viewed Files; 11.12 Sharing Load Between Servers Using mod_proxy; 11.13 Distributing Load Evenly Between Several Servers; 11.14 Caching Directory Listings; 11.15 Speeding Up Perl CGI Programs with mod_perl; Chapter 12: Miscellaneous Topics; 12.1 Placing Directives Properly; 12.2 Renaming .htaccess Files; 12.3 Generating Directory/Folder Listings; 12.4 Solving the "Trailing Slash" Problem; 12.5 Setting the Content-Type According to Browser Capability; 12.6 Handling Missing Host: Header Fields; 12.7 Alternate Default Document; 12.8 Setting Up a Default "Favicon"; Appendix A: Using Regular Expressions in Apache; A.1 What Directives Use Regular Expressions?; Appendix B: Troubleshooting; B.1 Troubleshooting Methodology; B.2 Debugging the Configuration; B.3 Debugging Premature End of Script Headers; B.4 Common Problems on Windows; B.5 Fixing Build-Time Error Messages; B.6 Getting Server-Side Includes to Work; B.7 Debugging Rewrites That Result in "Not Found" Errors; B.8 .htaccess Files Having No Effect; B.9 Address Already in Use; Colophon;