Tuesday, August 5, 2008

aPaChe ApAcHe

########
# Apache
########
error log
-----------

/usr/local/apache/logs/error-log


daemon
-----------
/etc/init.d/httpd (start/stop/restart)

or

/usr/local/apache/bin/apachectl (start/stop/restart)

Note:- apache http port is 80 and https port is 443



##############
# Optimization
##############
Apache optimization
Timeout 150
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 16
MaxSpareServers 64
StartServers 15
MaxClients 150
MaxRequestsPerChild 0

-----------------------------------
Timeout 300
KeepAlive On
MaxKeepAliveRequests 0
KeepAliveTimeout 16
MinSpareServers 16
MaxSpareServers 64
StartServers 16
MaxClients 512
MaxRequestsPerChild 0
--------------

Timeout 200
KeepAlive On
maxKeepAliveRequests 100
KeepAliveTimeout 3
MinSpareServers 10
MaxSpareServers 20
StartServers 15
MaxClients 250
MaxRequestsPerChild 0
HostnameLookups Off



#######################################
# redirect domain.com to www.domain.com
#######################################

redirect domain.com to www.domain.com
--------------------------------------------------------------------------------
place following code in httpd.conf vhost section or in .htaccess
file.

$ vi .htaccess
Append following config code:

RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain.com
RewriteRule ^(.*)$ http://www.domain.com/$1 [R=permanent,L]

Save and close the file. Above code will redirect users to
www.domain.com


--------------------------------------------------------------------------------

NB:- path of .htaccess => /home/username/public_html

################
# rebuild Apache
################

rebuild Apache for Cpanel Server?

----------------------------------------------------------
Login as the root using ssh

/scripts/easyapache

you should see a menu on screen asking you which options you would like
built into your apache install. Select options as per your
requirements. Once it has completed it will automatically restart Apache for you
and you will then be able to use the new features.

----------------------------------------------------------

NB:-you can also use EasyApache by logging into the WHM interface,
going to the “Software” section then clicking on “Apache Update.”
Note that you may want to “Load Previous Config” as your first step
to load your server’s existing configuration so you have a good idea
of what is currently on the server as you customize Apache and PHP.
####################################
# enable file and directory indexing
####################################
Q. How do I enable apache file and directory indexing? Currently it is
disabled and I would like to enable the same for /pdfs/ directory
(http://domain.com/pdfs).

---------------------------------------------------------------------------------------------------------------

A. Under Apache web server automatic index generation is enabled with
using Options +Indexes or Options Indexes directive.

If a URL which maps to a directory is requested, and there is no
DirectoryIndex (e.g., index.html) in that directory, then mod_autoindex will
return a formatted listing of the directory.

Option # 1: Using Apache config file
----------------------------------------------

Add directory option to Apache configuration file /etc/httpd/httpd.conf
or /etc/apache2/apache2.conf:
# vi /etc/apache2/apache2.conf
Add following code:

Options Indexes FollowSymLinks


Save and close the file. Restart Apache:
# /etc/init.d/httpd restart
OR
# /etc/init.d/apache2 restart


Option #2: Using .htaccess Files with Apache
----------------------------------------------------------

You can place config line Options Indexes in .htaccess file. Make sure
.htaccess file support is enabled.
Change directory to pdfs
$ cd pdfs
Open .htaccess file
$ vi .htaccess
Append following apache directive:
Options Indexes
Save and close the file.
---------------------------------------------------------------------------------------------------------------

##############################################################################
# Forbidden - You don’t have permission to access this page error and
solution
##############################################################################
Q. Why I am getting this error message? I am using Apache web server
and my directory is located at /home/myname/public_html.

-------------------------------------------------------------------------------
A. The permissions on your Web page are not correct. Login over ssh
session and use chmod command to setup correct permission. Go to directory
(for example public_html or /var/www/sitename.com/dir/) and type the
following command

$ chmod 755 *.*

OR

$ chmod o+x ./

If you have more subdirectories use -R option:
$ chmod -R 755 *.*

If you have access to Apache configuration file check out for these
tips to get rid of Apache 403 forbidden error.

-------------------------------------------------------------------------------
###############
# 403 forbidden
###############
Sounds like the permissions or ownership on public_html may be set
wrong.

They should be set like this:
Code:

chown YOUR_USER_NAME:nobody /home/public_html
chmod 750 /home/YOUR_USER_NAME/public_html

-------------------------------------------------
That could possible be caused by mod_dosevasive/mod_evasive. If you're
using it in httpd.conf try disabling the module load lines (2) and
restart httpd.
#############################################################
# prevent hot linking or leeching of images using mod_rewrite
#############################################################
Q. My site hosts lots of good images and other site hot links to my
images from their own site. Hot linking is eating lots of my bandwidth.
How do I stop leechers?

---------------------------------------------------------------------------------------------------

A. This is problem you may encounter, particularly if your site hosts
unique images. However solution is quite simple ban image hot linking
using Apache mod_rewrite to check the referral information the browser
provides.
How do I prevent hot linking of images?

There are many ways to block hot linking of images.

You can add any one of the following code to .htaccess file or to your
own httpd.conf file to prevent.

Make sure Apache mod_rewrite is enabled.
Solution # 1 : Prevent “hot linking” of images

Open httpd.conf or .htaccess file using vi text editor
# vi httpd.conf
Append following config directive:

SetEnvIfNoCase Referer "^http://www.cyberciti.biz/" banimages=1
SetEnvIfNoCase Referer "^http://cyberciti.biz/" banimages=1
SetEnvIfNoCase Referer "^$" banimages=1

Order Allow,Deny
Allow from env=banimages=1


Or you can use following simple code:

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?cyberciti.biz/.*$ [NC]
RewriteRule ^.*.(bmp|tif|gif|jpg|jpeg|jpe|png)$ - [F]

Solution # 2 : Prevent “hot linking” of images and redirect to new
image

This method stop hotlinking and displays alternate image to endusers

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?cyberciti.biz/.*$ [NC]
RewriteRule .*.(gif|jpe?g|png)$ http://www.cyberciti.biz/noop.jpg
[R,NC,L]

Unless the image is displayed on cyberciti.biz, browers would see the
image noop.jpg. Replace domain cyberciti.biz and upload noop.jpg to
webroot.

If you made changes to httpd.conf file; restart Apache:
# /etc/init.d/httpd restart

---------------------------------------------------------------------------------------------------
################################
# name based VirtualHost example
################################
Q. Can you give or specify an example for Apache name based VirtualHost
feature?

A. The term Virtual Host refers to the practice of maintaining more
than one web site on one Apache machine or server.

The NameVirtualHost directive is a required directive if you want to
configure name-based virtual hosts.

With the NameVirtualHost directive you specify the IP address on which
the server will receive requests for the name-based virtual hosts. This
will usually be the address to which your name-based virtual host
names resolve.

For example if your IP address is 203.54.2.5. Set it as follows in
httpd.conf file:
# vi /etc/httpd/conf/httpd.conf
Set NameVirtualHost as follows:
NameVirtualHost 203.54.2.5:80
Let us see how your virtual host entry looks for two domains called
theos.in and nixcraft.com . Code for theos.in domain:

ServerAdmin webmaster@theos.in
DocumentRoot /var/www/theos.in
ServerName theos.in
ServerAlias www.theos.in
ErrorLog /var/logs/httpd/theos.in/error_log
CustomLog /var/logs/httpd/theos.in/access_log common


Code for nixcraft.com domain:

ServerAdmin webmaster@nixcraft.com
DocumentRoot /var/www/nixcraft.com
ServerName nixcraft.com
ServerAlias www.nixcraft.com
ErrorLog /var/logs/httpd/nixcraft.com/error_log
CustomLog /var/logs/httpd/nixcraft.com/access_log common


Save and close the file. Restart Apache:
# /etc/init.d/httpd restart

Make sure both domains theos.in and nixcraft.com points to (A address)
203.54.2.5. Also make sure you create /var/logs/httpd/domain-name
directories and point ftp user directory to appropriate /var/www/domain-name
directory.
########################################################################################
# Address already in use: make_sock: could not bind to port 80 or 443
error and solution
########################################################################################
Q. How do I fix an error, while restarting Apache ~ Address already in
use: make_sock: could not bind to port 80?

A. If you are running SELinux disable temporary for port 80.
Apache Address already in use: make_sock: could not bind to port 80
error and solution

First make sure port 80/443 is not used by any other service or
application with netstat command:

# netstat -tulpn| grep :80

If port 80 is bind to httpd, kill all process:
# killall -9 httpd

Now start the httpd:
# /etc/init.d/httpd start

Also make sure you are root while starting the httpd.
#############################################
# change a default page other than index.html
#############################################
Q. How do I display or change a default page other than index.html or
index.php under Apache web server?

A. You need to use DirectoryIndex directive under Apache to set a
default page other than index.html or index.php.

The DirectoryIndex directive sets the list of resources or file to look
for, when the client requests an index of the directory by specifying
a / at the end of a directory name.

Open your Apache configuration file httpd.conf
# vi httpd.conf

Find out line that read as follows:
DirectoryIndex

Now set it as per your requirements:
DirectoryIndex index.html index.htm default.htm index.php index.pl

Save and close the file. Restart the Apache webs server:
# /etc/init.d/httpd restart

Please note that if you donĂ¢€™t have access to Apache
configuration file. Add DirectoryIndex to .htaccess file.

You can also specify php or pl dynamic script. Also note that the
documents do not need to be relative to the directory. Consider following
example
DirectoryIndex index.html index.pl /nav/index.php

Above would cause the php script /nav/index.php to be executed if
neither index.html or index.pl existed in a directory.
###########################################
# Server Side Include (SSI) is not working?
###########################################
Q. I would like to use Server Side Include (SSI) from my html pages.
But it is not working for VirtualHost. How do I configure Apache Server
Side Include?

A. From Aapache site, “SSI (Server Side Includes) are directives that
are placed in HTML pages, and evaluated on the server while the pages
are being served. They let you add dynamically generated content to an
existing HTML page, without having to serve the entire page via a CGI
program, or other dynamic technology”.

Make sure you have following configuration directive/line in your
.htaccess or httpd.conf file:

vi /etc/httpd/httpd.conf

OR

vi .htaccess

Add following directive:

Options +Includes

Above directive (Options +Includes) tells Apache that you want to
permit files to be parsed for SSI directives.

Next, make sure Apache knows which files should be parsed using SSI.

AddType text/html .shtml
AddHandler server-parsed .shtml

Now test your configuration by adding any one of the following SSI
directive:

$ vi test.shtml

Append any one of the following SSI directive:



OR



Save the file. Restart Apache and test your configuration.
###################
# htaccess redirect
###################

The .htaccess file needs to be placed in the root directory of your old
website (i.e the same directory where your index file is placed)


****Redirect to www (htaccess redirect)****

Create a .htaccess file with the below code, it will ensure that all
requests coming in to domain.com will get redirected to www.domain.com

Options +FollowSymlinks
RewriteEngine on
rewritecond %{http_host} ^domain.com [nc]
rewriterule ^(.*)$ http://www.domain.com/$1 [r=301,nc]

Please REPLACE domain.com and www.newdomain.com with your actual domain
name.

Note* This .htaccess method of redirection works ONLY on Linux servers
having the Apache Mod-Rewrite moduled enabled.

-----------Other rules------------
ErrorDocument 404 http://www.partypantygirl.com

# Spam Protection
SetEnvIfNoCase Via pinappleproxy spammer=yes
SetEnvIfNoCase X-AAAAAAAAAAAA 1 spammer=yes
SetEnvIfNoCase Referer tramadol spammer=yes

----------mod_security off-------------
SecFilterEngine Off
SecFilterScanPOST Off
-------------------------------
############################################################################
# Using Find to change permissions. Fixing php suexec internal server
errors
############################################################################
Make sure this is only done in the public_html directory or a directory
inside the public_html. If this is done above this, it will cause
problems.

*Change permissions to 644 for EVERY file
find -type f -exec chmod 644 ‘{}’ \;

*Change permissions to 755 for EVERY folder
find -type d -exec chmod 755 ‘{}’ \;

*Change permissions to 755 for EVERY folder
find -iname “*.pl” -exec chmod 755 ‘{}’ \; -o -iname
“*.cgi” -exec chmod 755 ‘{}’ \;

*Change the ownership of the files so that the are set correctly.
chown `pwd|cut -d/ -f3`.`pwd|cut -d/ -f3` -R .
#########################################
# php parsing for HTML files on phpsuexec
#########################################
php parsing for HTML files on phpsuexec
--------------------------------------------------
The .htaccess code :

“AddType application/x-httpd-php .html”

no longer works on phpsuexec’d servers. You need to use the following
code instead of that one :

AddHandler application/x-httpd-php .php .php3 .phtml .html .htm .php4

##############
# Fixing https
##############
Make sure Apache is running in SSL mode. Issue these commands:

service httpd stop

killall -9 httpd (run this a few times until you see 'no process
found')

service httpd startssl
####################################
# to see if mod_rewrite is turned on
####################################
Put this in .htaccess

RewriteEngine On
RewriteRule ^test.html$ /test2.html [R=301]

This will redirect to test2.html if mod_rewrite is working.

test.html put text: not working
test2.html put text: working
#####################
# disablemod_security
#####################
Create or edit the .htaccess file and add this to it:

SecFilterEngine off
Disable mod_security through httpd.conf Apache

Go to the virtualhost entry for the users domain and add this in
# Turn off mod_security filtering.
SecFilterEngine Off

# The below probably isn’t needed, but better safe than sorry.
SecFilterScanPOST Off
Save the httpd.conf and restart apache.
##############################################
# password protect a directory using .htaccess
##############################################
1. Login to your server via SSH and “su -” to root (do not forget
the - after su).

2. Create the .htpasswd file. We are going to create it above your web
root to make sure noone has the ability to download it from the web.

**note: only use -c for adding the first user**

# htpasswd -c /home/testuser/.htpasswd testuser
New password:
Re-type new password:
Adding password for user testuser

3. Open /etc/httpd/conf/httpd.conf in your favorite editor and find the
VirtualHost section for your domain. You will need to add the
following lines to your VirtualHost section:


AuthType Basic
AuthName ” Protected Area ”
AuthUserFile /home/testuser/.htpasswd
require valid-user

4. Restart Apache with:

# service httpd restart
####################################
# Manually adding a domain to apache
####################################
In this HowTo I’m going to be using “testdomain.com” as the
example.

1. Log into your server with an SSH client, then “su -” to root (do
not forget the “-” after su).

2. If you do not have a user account created for this site, you must
create one at this time:

# adduser testuser
# passwd testuser
Changing password for user testuser.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
#

3. Now you must create the directories where the web site files will be
located:

# cd /home/testuser
# mkdir -p testdomain.com/{cgi-bin,htdocs,logs}
# chown -R testuser: testdomain.com

4. The next step is to add the domain to the Apache configuration. You
can use any text editor that you are familiar with to open
/etc/httpd/conf/httpd.conf and add the following section at the end:

# Replace 1.2.3.4 with the IP address of your server
DocumentRoot /home/testuser/testdomain.com/htdocs
ServerName testdomain.com
ServerAlias www.testdomain.com
ScriptAlias /cgi-bin/ /home/testuser/testdomain.com/cgi-bin/
CustomLog /home/testuser/testdomain.com/logs/access.log
ErrorLog /home/testuser/testdomain.com/logs/error.log
** If you do not have DNS set up for this domain, or DNS is pointing to
another server, add the following to your httpd.conf before your
VirtualHost. This will allow you to view the new site at
http://1.2.3.4/testdomain.com/ before DNS is working **
ServerName 1_2_3_4
DocumentRoot /var/www/html
Alias /testdomain.com/ /home/testuser/testdomain.com/
5. After you add the VirtualHost section and save the httpd.conf, you
must restart httpd in order for your changes to take effect:

# /sbin/service httpd restart # RedHat
or
# /etc/init.d/apache restart # Debian

6. Check if your new site is working. You can use
http://www.testdomain.com if the DNS is pointing to your server or
http://1.2.3.4/testdomain.com/ if DNS is not setup yet.

#######################
# Modify suspended page
#######################
Modify the suspended page
------------------------------------
If you need to suspend an account at any time, you may want to change
the default suspended page offered through cPanel. You may want to brand
it or change the page to something which will say something other than
account suspended. To modify the suspended page, please do the
following:

1. Create an HTML page that appears exactly how you would like it to
be.
2. Click on Modify Suspended Account Page in the Account Functions
menu.
3. Copy and paste the HTML code of your modified page over the content
of the default Suspended Account page
4. Click on the Save button.

You have just modified the suspended page of your server.

No comments: