Table Of ContentLinux Apache Web
Server Administration
Charles Aulds
SYBEX®
This page intentionally left blank
This page intentionally left blank
Linux Apache Web Server
Administration
Charles Aulds
San Francisco Paris Düsseldorf Soest London
Associate Publisher: Neil Edde
Contracts and Licensing Manager: Kristine O’Callaghan
Acquisitions and Developmental Editor: Maureen Adams
Editor: James A. Compton
Production Editor: Dennis Fitzgerald
Technical Editor: Will Deutsch
Book Designer: Bill Gibson
Graphic Illustrator: Eric Houts, epic
Electronic Publishing Specialist: Franz Baumhackl
Proofreaders: Erika Donald, Nathan Whiteside
Indexer: Jack Lewis
Cover Designer: Ingalls & Associates
Cover Illustrator/Photographer: Ingalls & Associates
Copyright © 2001 SYBEX Inc., 1151 Marina Village Parkway, Alameda, CA 94501. World rights reserved.
No part of this publication may be stored in a retrieval system, transmitted, or reproduced in any way, includ-
ing but not limited to photocopy, photograph, magnetic, or other record, without the prior agreement and
written permission of the publisher.
Library of Congress Card Number: 00-106196
ISBN: 0-7821-2734-7
SYBEX and the SYBEX logo are either registered trademarks or trademarks of SYBEX Inc. in the United
States and/or other countries.
Screen reproductions produced with FullShot 99. FullShot 99 © 1991-1999 Inbit Incorporated. All rights
reserved.
FullShot is a trademark of Inbit Incorporated.
Netscape Communications, the Netscape Communications logo, Netscape, and Netscape Navigator are
trademarks of Netscape Communications Corporation.
Netscape Communications Corporation has not authorized, sponsored, endorsed, or approved this publica-
tion and is not responsible for its content. Netscape and the Netscape Communications Corporate Logos are
trademarks and trade names of Netscape Communications Corporation. All other product names and/or
logos are trademarks of their respective owners.
TRADEMARKS: SYBEX has attempted throughout this book to distinguish proprietary trademarks from
descriptive terms by following the capitalization style used by the manufacturer.
The author and publisher have made their best efforts to prepare this book, and the content is based upon
final release software whenever possible. Portions of the manuscript may be based upon pre-release versions
supplied by software manufacturer(s). The author and the publisher make no representation or warranties of
any kind with regard to the completeness or accuracy of the contents herein and accept no liability of any kind
including but not limited to performance, merchantability, fitness for any particular purpose, or any losses or
damages of any kind caused or alleged to be caused directly or indirectly from this book.
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1
Foreword
Linux and open-source software are synonymous in the minds of most people. Many cor-
porations fear Linux and reject it for mission-critical applications because it is open
source. They mistakenly believe that it will be less secure or less reliable because the code
is openly available and the system has been developed by a diverse collection of groups
and individuals from around the world. Yet those same organizations depend on open-
source systems every day, often without being aware of it.
The Internet is a system built on open-source software. From the very beginning, when
the U.S. government placed the source code of the Internet Protocol in the public domain,
open-source software has led the way in the development of the Internet. To this day, the
Internet and the applications that run on it depend on open-source software.
One of the greatest success stories of the Internet is the World Wide Web—the Internet’s
killer application. The leading Web server software is Apache, an open source product.
No library of Linux system administration books could be complete without a book on
Apache configuration and administration.
Linux and Apache are a natural combination—two reliable, powerful, open source prod-
ucts that combine to create a great Web server!
Craig Hunt
September 2000
Acknowledgments
If I ever believed that a technical book was the work of a single author, I no longer hold
that belief. In this short section, I would like to personally acknowledge a few of the many
people who participated in writing this book. A lot of credit goes to the Sybex production
and editing team, most of whom I didn’t work with directly and will never know.
Craig Hunt, editor of this series, read all of the material and helped organize the book,
giving it a continuity and structure that brings together all of the many pieces of the
Apache puzzle. Before I met Craig, however, I knew Maureen Adams, the acquisition
editor who recommended me for this book. Her confidence in my ability to accomplish
this gave me the resolve to go further than simply saying, “I believe that some day I might
write a book.” Associate Publisher Neil Edde’s can-do attitude and problem-solving skills
also helped the project over a few bumps in the road.
Also part of the Sybex team, production editor Dennis Fitzgerald kept the project on
schedule. Many times, prioritizing a long list of things that needed to be done is the first
step toward their accomplishment. Jim Compton, editor, provided invaluable editing
assistance, and often surprised me with his keen grasp of the technical material, many
times suggesting changes that went far beyond the merely syntactic or grammatical. Will
Deutsch was the technical editor for this book, and his research background and experi-
ence filled in more than a few gaps in my own store of knowledge.
Electronic publishing specialist Franz Baumhackl handled the typesetting and layout
promptly and skillfully, as usual.
I must thank my employer, Epic Data — Connectware Products Group, for allowing me
the freedom to work on this book. Particular thanks go to Linda Matthews, who was my
supervisor during most of the project.
I also appreciate the time my keen engineering friend, Carl Sewell, spent reviewing all of
the material I’d written, and I thank my Epic colleague Robert Schaap, whose knowledge
of Apache and comments on the use of the mod_rewrite module proved quite valuable.
Last, but certainly most of all, I want to thank my dear wife, Andrea, for her unwavering
support during what turned out to be a much harder endeavor than I anticipated. Finding
time to devote to this project was the biggest challenge I had to overcome, and she found
ways to give me that, taking on many of the household and outdoor chores that had been
my responsibility.
Contents at a Glance
Introduction. . . . . . . . . . . . . . . . . . . . . . . xviii
Part 1 How Things Work 1
Chapter 1 An Overview of the World Wide Web . . . . . . . . . . . . . 3
Chapter 2 Apache and Other Servers . . . . . . . . . . . . . . . . . 29
Part 2 Essential Configuration 43
Chapter 3 Installing Apache . . . . . . . . . . . . . . . . . . . . 45
Chapter 4 The Apache Core Directives . . . . . . . . . . . . . . . . 81
Chapter 5 Apache Modules . . . . . . . . . . . . . . . . . . . .127
Chapter 6 Virtual Hosting . . . . . . . . . . . . . . . . . . . . .145
Part 3 Advanced Configuration Options 171
Chapter 7 Server-Side Includes . . . . . . . . . . . . . . . . . . .173
Chapter 8 Scripting/Programming with CGI and Perl . . . . . . . . . . . .207
Chapter 9 Other Apache Scripting/Programming Tools . . . . . . . . . . .273
Chapter 10 Aliasing and Redirection . . . . . . . . . . . . . . . . .325
Chapter 11 Controlling Apache . . . . . . . . . . . . . . . . . . .363
Part 4 Maintaining a Healthy Server 387
Chapter 12 Apache Logging . . . . . . . . . . . . . . . . . . . .389
Chapter 13 Proxying and Performance Tuning . . . . . . . . . . . . . .421
Chapter 14 Basic Security for Your Web Server . . . . . . . . . . . . . .453
Chapter 15 Secure Sockets Layer . . . . . . . . . . . . . . . . . .481
Chapter 16 Metainformation and Content Negotiation . . . . . . . . . . .509
Appendices 533
Appendix A Apache Directives . . . . . . . . . . . . . . . . . . . .535
Appendix B Online References . . . . . . . . . . . . . . . . . . .549
Appendix C Transferring Files to Apache . . . . . . . . . . . . . . . .565
Appendix D Using Apache Documentation Effectively . . . . . . . . . . . .583
Index . . . . . . . . . . . . . . . . . . . . . . . . . .590
Contents
Introduction . . . . . . . . . . . . . . . . . . . . . . . xviii
Part 1 How Things Work 1
Chapter 1 An Overview of the World Wide Web . . . . . . . . . . 3
A Brief History of the WWW . . . . . . . . . . . . . . 3
How the Web Works . . . . . . . . . . . . . . . . 7
What Is a Web Server? . . . . . . . . . . . . . . 9
The HTTP Protocol . . . . . . . . . . . . . . . . 10
New Features in HTTP/1.1 . . . . . . . . . . . . 12
HTTP Request Methods . . . . . . . . . . . . . 13
Observing the HTTP Protocol in Action . . . . . . . . 14
In Sum . . . . . . . . . . . . . . . . . . . . 27
Chapter 2 Apache and Other Servers . . . . . . . . . . . . . 29
Who Are the Major Players? . . . . . . . . . . . . . 30
Alternatives to Apache . . . . . . . . . . . . . . . 30
The Free Servers . . . . . . . . . . . . . . . 31
The Commercial Variety . . . . . . . . . . . . . 32
The Features of Apache . . . . . . . . . . . . . . 35
Further Benefits . . . . . . . . . . . . . . . 37
The Architecture of Apache . . . . . . . . . . . . . 38
New Features of Apache Version 2.0 . . . . . . . . . 40
In Sum . . . . . . . . . . . . . . . . . . . . 41
Part 2 Essential Configuration 43
Chapter 3 Installing Apache . . . . . . . . . . . . . . . . 45
The Decision to Compile . . . . . . . . . . . . . . 45
Downloading Apache Source . . . . . . . . . . . . . 48
Compiling Apache . . . . . . . . . . . . . . . . 49
Using APACI . . . . . . . . . . . . . . . . 50
The configure Script . . . . . . . . . . . . . . 50
The config.status File . . . . . . . . . . . . . 54
Contents ix
The config.layout File . . . . . . . . . . . . . 56
Making Apache . . . . . . . . . . . . . . . . 62
Installing the Apache Binaries . . . . . . . . . . . . . 64
Which Modules Are Included? . . . . . . . . . . . 64
Red Hat Package Manager . . . . . . . . . . . . 67
Binary Distributions . . . . . . . . . . . . . . 71
Running the Server . . . . . . . . . . . . . . . . 74
Using Apachectl . . . . . . . . . . . . . . . . 78
Running Multiple Apache Servers . . . . . . . . . . 78
In Sum . . . . . . . . . . . . . . . . . . . . 80
Chapter 4 The Apache Core Directives . . . . . . . . . . . . . 81
Using Apache Directives . . . . . . . . . . . . . . . 82
The All-Powerful httpd.conf File . . . . . . . . . . 83
Securing Obsolete Configuration Files . . . . . . . . . 84
Directive Scope and Context . . . . . . . . . . . . . 84
Defining the Main Server Environment . . . . . . . . . . 85
The ServerName Directive . . . . . . . . . . . . . 86
The ServerRoot Directive . . . . . . . . . . . . . 86
The DocumentRoot Directive . . . . . . . . . . . . 87
The ScriptAlias Directive . . . . . . . . . . . . 87
More General-Server Directives . . . . . . . . . . . . 88
The ErrorDocument Directive . . . . . . . . . . . . 88
The DefaultType Directive . . . . . . . . . . . . 89
Controlling Server Processes . . . . . . . . . . . . 89
Defining How the Server Listens for Connections . . . . . . . 92
The BindAddress Directive . . . . . . . . . . . . 93
The Port Directive . . . . . . . . . . . . . . . 93
The Listen Directive . . . . . . . . . . . . . . 94
The Options Directive . . . . . . . . . . . . . . . 95
The Container Directives . . . . . . . . . . . . . . 97
The <VirtualHost> Container . . . . . . . . . . . 97
The <Directory> and <DirectoryMatch> Containers . . . . 98
The <Files> and <FilesMatch> Containers . . . . . . .101
Description:A complete, advanced guide to the Apache Web server, teaching all the standard and advanced techniques needed to administer Apache on a Linux box. Also shows how to extend apache with Perl and other scripting tools, how to easily troubleshoot problems, and how to meet security challenges head-on. So
