Apache 2 installation
Prerequisites
Before you begin, it is highly recommended (though not inevitable) to create a system user and user group under which your Apache server will be running.
What is it good for? All actions performed by Apache (for instance your PHP scripts execution) will be restricted by this user’s privileges. Thus you can explicitly rule which directories your PHP scripts may read or change. Also all files created by Apache (e.g. as a result of executing your PHP scripts) will be owned by this user (apache2 in my case), and affiliated with this user group (www in my case).
Download source
Unpack, configure, compile
Go to the directory with the downloaded file and enter:
1 | tar -xzf httpd-2.2.17.tar.gz |
3 | ./configure --prefix=/usr/local/apache2 --enable-so --with-included-apr |
The configure options deserve a little bit more of detail here. The most important
--prefix option specifies the location where Apache is to be installed. Another commonly used option
--enable-soturns on the
DSO support, i.e. available modules compiled as shared objects can be loaded or unloaded at runtime. Very handy.
To compile some modules statically (they are always loaded, faster execution times), use --enable-module option. To compile a module as a shared object, use --enable-module=shared option.
For all available configuration options and their default values check the
Apache documentation or type
./configure --help.
SSL support
To support secure connections, you need to specify
--enable-ssl option when you run ./configure. In addition to that, you will also have to
configure your httpd.conf file later.
Note: Make sure that openssl is installed on your system before you run ./configure with --enable-ssl. If not, download the latest version from http://www.openssl.org/source/ , unpack, configure, make, make install. You will also need to generate server certificate. Place server.crt and server.keyinto /etc/ssl/apache2/ directory and make them readable by Apache2. Configuration example
1 | ./configure --prefix=/usr/local/apache2 --enable-so --enable-rewrite --enable-auth-digest=shared --enable-ssl |
Tip: If you are upgrading from older Apache version, you may want to copy config.nice from the directory to which the previous version was unpacked (if available) to where you unpacked the new Apache tarball file. Run ./config.nice instead of ./configure. This way all the previously used configure options will be applied to the new installation effortlessly.
Once you configured everything as you like, compile and install the software:
Edit httpd.conf
Before you start Apache server, edit the httpd.conf file according to your needs (the file is generously commented).
1 | vi /usr/local/apache2/conf/httpd.conf |
I suggest the following changes (some of them may have already been set automatically) at the appropriate places inside httpd.conf (ignore “...“):
01 | ServerRoot "/usr/local/apache2" |
03 | <IfModule !mpm_netware.c> |
08 | DocumentRoot "/<em>foo/path_to_your_www_documents_root</em>" |
11 | Options FollowSymLinks |
15 | DirectoryIndex index.php index.html index.htm index.html.var |
“apache2″ and “www” are the user and user group I have previously created (see
Prerequisites)
SSL support
If you wish to enable SSL for secure connections (assuming that you have configured Apache with
--enable-ssl option –
see above), add the following in the appropriate sections inside
httpd.conf(ignore “
...“; replace “
laffers.net” with your own, and set the actual path to your server certificate and key file):
05 | ServerName laffers.net:443 |
07 | SSLCertificateFile /etc/ssl/apache2/server.crt |
08 | SSLCertificateKeyFile /etc/ssl/apache2/server.key |
09 | ErrorLog /usr/local/apache2/logs/error_log_laffers.net |
10 | TransferLog /usr/local/apache2/logs/access_log_laffers.net |
11 | SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL |
12 | SetEnvIf User-Agent ".*MSIE.*" \ |
13 | nokeepalive ssl-unclean-shutdown \ |
14 | downgrade-1.0 force-response-1.0 |
Note: In some newer distributions, httpd.conf is dissected into many additional files located inconf/extra. In that case, you may want to do the SSL settings from above inside the conf/extra/httpd-ssl.conf file. Don’t forget to uncomment “Include conf/extra/httpd-ssl.conf” in the httpd.conffile.
Setup access privileges
Don’t forget to setup Apache access privileges to your www directories:
1 | chown -R apache2:www <em>/foo/path_to_your_www_documents_root</em> |
2 | chmod -R 750 <em>/foo/path_to_your_www_documents_root</em> |
“apache2″ and “www” are the user and user group I have previously created (see
Prerequisites)
Start and stop apache server
After everything is set up, start Apache:
1 | /usr/local/apache2/bin/apachectl start |
Similarly, if you wish to stop Apache, type:
1 | /usr/local/apache2/bin/apachectl stop |
Automatic startup
It’s a good idea to let your Apache server start automatically after each system reboot. To setup Apache automatic startup, do:
1 | cp /usr/local/apache2/bin/apachectl /etc/init.d |
2 | chmod 755 /etc/init.d/apachectl |
3 | chkconfig --add apachectl |
4 | chkconfig --level 35 apachectl on |
Không có nhận xét nào:
Đăng nhận xét