Kuo Lab Wiki

User Tools

Site Tools

You are here: start » computers » apache_server_configuration
computers:apache_server_configuration

This is an old revision of the document!

Table of Contents

Apache server configuration

Packages

To install Apache and PHP on Ubuntu: 

sudo apt-get install apache2
sudo apt-get install php5 libapache2-mod-php5

Apache

To start/stop/restart the service: 

sudo /etc/init.d/apache2 start
sudo /etc/init.d/apache2 stop
sudo /etc/init.d/apache2 restart

the configuration file is: /etc/apache2/sites-available/000-default.conf 

<VirtualHost *:80>
	# The ServerName directive sets the request scheme, hostname and port that
	# the server uses to identify itself. This is used when creating
	# redirection URLs. In the context of virtual hosts, the ServerName
	# specifies what hostname must appear in the request's Host: header to
	# match this virtual host. For the default virtual host (this file) this
	# value is not decisive as it is used as a last resort host regardless.
	# However, you must set it for any further virtual host explicitly.
	#ServerName www.example.com
 
	ServerAdmin webmaster@localhost
 
	DocumentRoot /var/www
	<Directory />
		Options -Indexes +FollowSymLinks
		AllowOverride all
	</Directory>
	<Directory /var/www/>
		Options -Indexes +FollowSymLinks +MultiViews
		AllowOverride all
		Order allow,deny
		allow from all
	</Directory>
 
	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
	<Directory "/usr/lib/cgi-bin">
		AllowOverride None
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		Order allow,deny
		Allow from all
	</Directory>
 
	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
	# error, crit, alert, emerg.
	# It is also possible to configure the loglevel for particular
	# modules, e.g.
	#LogLevel info ssl:warn
 
	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined
 
	# For most configuration files from conf-available/, which are
	# enabled or disabled at a global level, it is possible to
	# include a line for only one particular virtual host. For example the
	# following line enables the CGI configuration for this host only
	# after it has been globally disabled with "a2disconf".
	#Include conf-available/serve-cgi-bin.conf
 
	Alias /webdav /var/www/webdav/web
	<Location /webdav>
		DAV On
		AuthType Basic
		AuthName "webdav"
		AuthUserFile /var/www/webdav/passwd.dav
		Require valid-user
	</Location>
 
</VirtualHost>
 
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

directory listing

  • disable directory listing by specifying Options -Indexes in the global configuration file /etc/apache2/sites-available/000-default.conf
  • to enable directory listing in a specific directory, add a .htaccess file inside the directory. Within the .htaccess file, specify Options +Indexes

PHP

Info

To find out the uid and gid, execute the following script: 

<?php
 
if(function_exists('posix_geteuid')){
    // use posix to get current uid and gid
    $uid   = posix_geteuid();
    $usr   = posix_getpwuid($uid);
    $user  = $usr['name'];
    $gid   = posix_getegid();
    $grp   = posix_getgrgid($gid);
    $group = $grp['name'];
}else{
    // try to create a file and read it's ids
    $tmp = tempnam ('/tmp', 'check');
    $uid = fileowner($tmp);
    $gid = filegroup($tmp);
 
    // try to run ls on it
    $out = `ls -l $tmp`;
    $lst = explode(' ',$out);
    $user  = $lst[2];
    $group = $lst[3];
    unlink($tmp);
}
 
echo "Your PHP process seems to run with the UID $uid ($user) and the GID $gid ($group)\n"; ?>

Under a standard installation, both the uid and the gid are www-data

Problems and solutions

If the browser asks to download the php files (instead of parsing them), comment all lines from <IfModule mod_userdir.c> to the next </IfModule> in /etc/apache2/mods-available/php5.conf and restart apache2.

Dokuwiki Installation

Permissions

Make the permissions more restrictive for security reasons. Assuming the wiki is installed in /var/www/wiki 

# change the ownership
sudo chown -R www-data:admin /var/www/wiki
# restrict access by other
sudo chmod -R o-rwx /var/www/wiki

WebDAV

Enable the WebDAV modules

# Enable the WebDAV modules
sudo a2enmod dav_fs
sudo a2enmod dav
# Restart Apache:
sudo /etc/init.d/apache2 restart

Creating a virtual host

The following example uses the directory /var/www/webdav/web for the virtual host. 

# create the directory
sudo mkdir -p /var/www/webdav/web
# change ownership
sudo chown -R www-data:admin /var/www/webdav
# configure the virtual host For WebDAV
# create the WebDAV password file with the user test
# the -c switch creates the file if it does not exist
sudo htpasswd -c /var/www/webdav/passwd.dav test
# change the ownership and permissions
sudo chown www-data:admin /var/www/webdav/passwd.dav
sudo chmod 640 /var/www/webdav/passwd.dav
# backup the vhost configuration
sudo cp -p /etc/apache2/sites-available/default /etc/apache2/sites-available/default.bak
# modify the vhost configuration
sudo emacs /etc/apache2/sites-available/default

Add the following part: 

        Alias /webdav /var/www/webdav/web
        <Location /webdav>
           DAV On
           AuthType Basic
           AuthName "webdav"
           AuthUserFile /var/www/webdav/passwd.dav
           Require valid-user
       </Location>

The Alias directive makes (together with <Location>) that when you call /webdav, WebDAV is invoked, but you can still access the whole document root of the vhost. All other URLs of that vhost are still “normal” HTTP. 

# Reload apache afterwards:
sudo /etc/init.d/apache2 reload

Testing WebDAV

# install cadaver, a command-line WebDAV client
sudo aptitude install cadaver
# To test if WebDAV works, type
cadaver http://localhost/webdav/

References

computers/apache_server_configuration.1452072857.txt.gz · Last modified: 2016/01/06 17:34 by chkuo