Contents Listing

Preface

1. Installation

      1.1 Installing from Red Hat Linux's Packages

      1.2 Installing Apache on Windows

      1.3 Downloading the Apache sources

      1.4 Building Apache from the Sources

      1.5 Installing with ApacheToolbox

      1.6 Starting, Stopping, and Restarting Apache

      1.7 Uninstalling Apache

2. Adding Common Modules

      2.1 Installing a Generic Third-Party Module

      2.2 Installing mod_dav on a Unixish System

      2.3 Installing mod_dav on Windows

      2.4 Installing mod_perl on a Unixish System

      2.5 Installing mod_php on a Unixish System

      2.6 Installing mod_php on Windows

      2.7 Installing the mod_snake Python Module

      2.8 Installing mod_ssl

3. Logging

      3.1 Getting More Details in Your Log Entries

      3.2 Getting More Detailed Errors

      3.3 Logging POST Contents

      3.4 Logging a Proxied Client's IP Address

      3.5 Logging Client MAC Addresses

      3.6 Logging Cookies

      3.7 Not Logging Image Requests from Local Pages

      3.8 Logging Requests by Day or Hour

      3.9 Rotating Logs on the First of the Month

      3.10 Logging Hostnames Instead of IP Addresses

      3.11 Maintaining Separate Logs for Each Virtual Host

      3.12 Logging Proxy Requests

      3.13 Logging Errors for Virtual Hosts to Multiple Files

      3.14 Logging Server IP Addresses

      3.15 Logging the Referring Page

      3.16 Logging the Name of the Browser Software

      3.17 Logging Arbitrary Request Header Fields

      3.18 Logging Arbitrary Response Header Fields

      3.19 Logging Activity to a MySQL Database

      3.20 Logging to syslog

      3.21 Logging User Directories

4. Virtual Hosts

      4.1 Setting Up Name-Based Virtual Hosts

      4.2 Designating One Name-Based Virtual Host as the Default

      4.3 Setting Up Address-Based Virtual Hosts

      4.4 Creating a Default Address-Based Virtual Host

      4.5 Mixing Address-Based and Name-Based Virtual Hosts

      4.6 Mass Virtual Hosting with mod_vhost_alias

      4.7 Mass Virtual Hosting Using Rewrite Rules

      4.8 SSL and Name-Based Virtual Hosts

      4.9 Logging for Each Virtual Host

      4.10 Splitting Up a Log File

      4.11 Port-Based Virtual Hosts

      4.12 Displaying the Same Content on Several Addresses

5. Aliases, Redirecting, and Rewriting

      5.1 Showing Highlighted PHP Source Without Symlinking

      5.2 Mapping a URL to a Directory

      5.3 Creating a New URL for existing content

      5.4 Giving Users Their Own URL

      5.5 Aliasing Several URLs with a Single Directive

      5.6 Mapping Several URLs to the Same CGI Directory

      5.7 Creating a CGI Directory for Each User



      5.9 Redirecting Several URLs to the Same Destination

      5.10 Permitting Case-Insensitive URLs

      5.11 Replacing Text in Requested URLs

      5.12 Rewriting Path Information to CGI Arguments

      5.13 Denying Access to Unreferred Requests

      5.14 Rewriting Based on the Query String

      5.15 Redirecting All-or Part-of Your Server to SSL

      5.16 Turning Directories into Hostnames

      5.17 Redirecting All Requests to a Single Host

      5.18 Turning Document Names into Arguments

6. Security

      6.1 Using System Account Information for Web Authentication

      6.2 Setting Up Single-Use Passwords

      6.3 Expiring Passwords

      6.4 Limiting Upload Size

      6.5 Restricting Images from Being Used Off-Site

      6.6 Requiring Both Weak and Strong Authentication

      6.7 Managing .htpasswd Files

      6.8 Making Password Files for Digest Authentication

      6.9 Relaxing Security in a Subdirectory

      6.10 Lifting Restrictions Selectively

      6.11 Authorizing Using File Ownership

      6.12 Storing User Credentials in an MySQL Database

      6.13 Accessing the Authenticated Username

      6.14 Obtaining the Password Used to Authenticate

      6.15 Preventing Brute-Force Password Attacks

      6.16 Using Digest Versus Basic Authentication

      6.17 Accessing Credentials Embedded in URLs

      6.18 Securing WebDAV

      6.19 Enabling WebDAV Without Making Files Writeable by the Web User

      6.20 Restricting Proxy Access to Certain URLs

      6.21 Protecting Files with a Wrapper

      6.22 Protecting All Files Except the Index

      6.23 Protecting All Files Except a Subset

      6.24 Protecting Server Files from Malicious Scripts

      6.25 Setting Correct File Permissions

      6.26 Running a Minimal Module Set

      6.27 Restricting Access to Files Outside Your Web Root

      6.28 Limiting Methods by User

      6.29 Restricting Range Requests

7. SSL

      7.1 Installing SSL

      7.2 Generating SSL Certificates

      7.3 Generating a Trusted CA

      7.4 Serving a Portion of Your Site via SSL

      7.5 Authenticating with client certificates

8. Dynamic Content

      8.1 Enabling a CGI Directory

      8.2 Enabling CGI Scripts in Non-ScriptAliased Directories

      8.3 Using Windows File Extensions to Launch CGI Programs

      8.4 Using Extensions to Identify CGI Scripts

      8.5 Testing That CGI Is Set Up Correctly

      8.6 Reading Form Parameters

      8.7 Invoking a CGI Program for Certain Content Types

      8.8 Getting SSIs to Work

      8.9 Displaying Last Modified Date

      8.10 Including a Standard Header

      8.11 Including the Output of a CGI Program

      8.12 Running CGI Scripts as a Different User with suexec

      8.13 Installing a mod_perl Handler from CPAN

      8.15 Enabling PHP Script Handling

      8.16 Verifying PHP Installation

9. Error Handling

      9.1 Handling a Missing Host Field

      9.2 Changing the Response Status for CGI Scripts

      9.3 Customized Error Messages

      9.4 Providing Error Documents in Multiple Languages

      9.5 Redirecting Invalid URLs to Some Other Page

      9.6 Making Internet Explorer Display Your Error Page

      9.7 Notification on Error Conditions

10. Proxies

      10.1 Securing Your Proxy Server

      10.2 Preventing Your Proxy Server from Being Used as an Open Mail Relay

      10.3 Forwarding Requests to Another Server

      10.4 Blocking Proxied Requests to Certain Places

      10.5 Proxying mod_perl Content to Another Server

      10.6 Configuring a Caching Proxy Server

      10.7 Filtering Proxied Content

      10.8 Requiring Authentication for a Proxied Server

11. Performance

      11.1 Determining How Much Memory You Need

      11.2 Benchmarking Apache with ab

      11.3 Tuning Keepalive Settings

      11.4 Getting a Snapshot of Your Site's Activity

      11.5 Avoiding DNS Lookups

      11.6 Optimizing Symbolic Links

      11.7 Minimizing the Performance Impact of .htaccess Files

      11.8 Disabling Content Negotiation

      11.9 Optimizing Process Creation

      11.10 Tuning Thread Creation

      11.11 Caching Frequently Viewed Files.

      11.12 Sharing Load Between Servers Using mod_proxy

      11.13 Distributing Load Evenly Between Several Servers

      11.14 Caching Directory Listings

      11.15 Speeding Up Perl CGI Programs with mod_perl

12. Miscellaneous Topics

      12.1 Placing Directives Properly

      12.2 Renaming .htaccess Files

      12.3 Generating Directory/Folder Listings

      12.4 The "Trailing Slash" problem

      12.5 Setting the Content-Type According to Browser Capability

      12.6 Handling Missing Host: Header Fields

      12.7 Alternate Default Document

      12.8 Setting Up a Default "Favicon"

      12.9 Other planned recipes

A. Using Regular Expressions in Apache

B. Troubleshooting

Index