Apache Essentials
How to configure Apache by editing the configuration files?
www.eng.hawaii.edu/Tutor/vi.html
Where to find Apache’s configuration files?
| Operating System | Location of configuration files |
|---|---|
| Linux | /etc/apache/ directory. |
| Windows | /conf/ subfolder (within ‘Apache’ program folder). |
| Mac OS X | /etc/httpd/ directory. |
Where do the files for the website go?
| Operating System | Location of configuration files |
|---|---|
| Linux | /var/www/ |
| Windows | C:Program FilesApache GroupApachehtdocs, C:Program FilesApache GroupApache2htdocs, or C:htdocs |
| Mac OS X | /Library/WebServer/Documents or /Library/WebServer/WebSites/www.domain.com/ |
Configuring Apache:
• Apache’s configuration files
• Server types
• The <Directory> section
• How to configure user directories
• How to change the default index file
• How to rewrite URLs
• How to create custom error messages
• How to authenticate users through Apache
• How to configure access based on an IP address
• How to add new file types
• How to include external configuration files
• How to apply changes to Apache
Server-level configuration
• httpd.conf
• access.conf
• mime.types
• srm.conf
Directory options
| Option | Description | Should I use it? |
|---|---|---|
| All | Enables all options with the exception of MultiViews. This is the default setting. |
If you’re looking for a quick way to configure a directory, and you’re not concerned about performance or security, then yes. Otherwise, specify your options manually. |
| ExecCGI | Allows CGI files to be executed in the directory. This should only be enabled for directories containing scripts, because enabling it for all directories will cause Apache to take a hit on its performance. |
You should use this only for directories that contain CGI files. Note that you do not need to use this setting for PHP files within a directory. |
| FollowSymLinks | If this is enabled, the server will follow symbolic links within a directory. Symbolic links are similar to Windows shortcuts; they’re pointers to other files or directories within a UNIX system. This option is ignored if used within a ‘<‘location’>’ directive. |
Yes. This allows you to set up shortcuts to files and directories, without having to duplicate documents on your system. A side benefit of this is that you only need to edit the original file, and all symbolic links will automatically be updated. |
| Includes | If Server Side Includes (551) are enabled on your Apache server, this option will allow HTML files to use all functions of 551, including the #exec function. |
No-for security reasons, I would suggest using the IncludesNOEXEC option. This option allows you to use 551 to include header and footer files within your HTML documents. |
| IncludesNoEXEC | This option is identical to the Includes option, but doesn’t enable the #exec function. The #exec function allows an HTML document to execute a system command. |
Yes. This option is identical to the Includes option, but removes the #exec function from 551. |
| Indexes | If no documents matching the ones specified in the Documentlndex directive are found (index.html, for example), Apache will return a formatted directory listing of the requested URL. |
This option can be enabled or disabled, depending on the level of security that you want on your Apache server. If this option is enabled, it will show users a listing of the files within a directory. Though this is fine for most applications, you may not want it for others (for example, a directory that contains script files). If this option isn’t enabled, a request for a directory that doesn’t contain a Documentlndex file will return a 403 forbidden error. |
| MultiViews | The MultiViews directive searches for files matching the requested file. For example, if a requested file doesn’t exist on the server, Apache will display the closest match. |
This is definitely recommended so that you can catch any mild typos made by people requesting URls. |
| SymLinksIfOwnerMatch | This is identical to the FollowSymLinks option, but only follows the symbolic link if it’s owned by the same user on the system as the original directory. If the symlink is not owned by the same user, the symbolic link will not be followed. |
It’s a good idea to enable this option if you want to preserve security within your system. For example, if you allow users on your system to have their own websites through user directories, it’s a good idea to enable this option. |