|
Home
>Workshop Wisdom > Full Story
Configuring
Apache Web Server-II
By
Anurag Phadke
Want
to WAP-enable your websites, monitor those big log files or
manage FTP/Telnet access? We guide you through all these tasks
on Apache Web server
Fast
access speeds, minimum downtime, easy upgradability and protection
from malicious hackers are the necessary elements any Web
server must adhere to. Apache supports all these features.
What's more, these features are fairly plain and simple to
implement. Be it enabling your server to provide WAP-enabled
websites, keeping a close watch on those logs files, using
latest modules from CPAN.org, you can do all this without
much of a problem. In this article, we shall first check on
how to WAP-enable your Apache server, move on to analyzing
log files, and finally have a look at FTP/Telnet access.
WAP-enable
apache
The
/etc/mime.types file contains detailed information about the
various extensions supported by Apache. If you wish to add,
some more extensions, such as XML or WML it's fairly simple.
Edit
the /etc/mime.types file and enter the following code in the
proper section shown below:
Mime
Type Extension
text/vnd.wap.wml
wml
Save
the file and restart Apache. Addition of this line enables the
server to recognize the wml extension as text, thus allowing
WAP based content from your server.
Analysing
log files
On
a server with a sizeable amount of traffic, log files grow considerably
large and analyzing them manually is a Herculean task. Here's
where an external log analyzer comes in handy. With efficiency,
speed and accuracy forming the basic parameters for a good log
analyzer, 'analog' from http://www.analog.cx offers a good solution.
Download
the latest source archive and create a directory to hold it.
Untar
and compile the analog-4_1_tar.gz file to generate a report.
#tar
zxvf /home/addons/analog-4_1_tar.gz
#make
#ls
-al /home/addons/analog-4.1/analog
Before
Analog makes it debut on your server, it's better that you customize
it to your own requirements. Edit the analog.cfg file and make
the following changes:
HOSTNAME
"My own Server"
HOSTURL
"http://www.bahbah.com"
The
name "My own Server" just provides a hyperlink to
the bahbah.com URL and on clicking it directs the browser to
the above site.
ANALOGDIR
"/home/addons/analog-4.1/"
Directory
over where analog
shall
look for its support files and configuration.
LOGFILE
"/usr/local/apache/logs/access_log"
The
location of your Apache log file from where analog shall lift
the values.
OUTFILE
"/home/addons/analog-4.1/analog.html"
Analog
shall output it's content into the above-mentioned file.
LOGFORMAT
"%h %l %u %t \ "%r\ " %>s %b \"%{Referer}i\"
\"%User-Agent}i\" "
This
string is on norms to the
one
in the httpd.conf file for logging user activity.
Save
the file and now run your Analog so as to generate the report
from your Apache logs.
#
/home/addons/analog-4.1
The
results are generated and can be viewed by viewing http://www.bahbah.com/analog.html
A
sample report shall contain the following output.
Successful
requests: 2,313
Average
successful requests/day: 121
Failed
request: 32
and
so on.....
Allowing
FTP/Telnet access
After
configuring the server, you may wish to sell your server space
to someone planning to have a face on the Web. For this you
shall first have to make an account for the user
using
"linuxconf" or an equivalent utility. Make sure that
you have
prepared
a separate group for your users and allotted a working
directory,
Web space and proper priviliges with Read/Write/Execute access
only to the cgi-bin directory. Any mistake at this end can cost
you dearly in terms of crucial data or other security issues.
If
you don't have a FTP (server side) software installed then we
suggest that you go in for wu-ftpd or ftpd as they have good
support and are fairly simple to use and configure.
Plan
to be one of the ambitious hosting service provider by allowing
the IRC Bots? Telnet shall pave in the path for you. A telnet
allows a person to remotely connect and run script files on
your server. Just make sure that you provide him the necessary
amount of privileges only. Access to commands such as "rm"
can pose a potential security threat. It's a nice idea to impose
all restrictions and then remove them one by one as the user
demands it. In this way you come to know the intent of the user
and ensure that he is not a malicious hacker waiting to attack
your server.
Many
a times, the server is located remotely, mostly in a datacenter
or with your ISP. Under such circumstances it might not be physically
possible to go their every time and add users. A better way
is to create another user and 'su' it to root (su=super user).
An
overview of Apache modules
The
Apache server consists of a number of small modules or small
programs that on combining together add functionality and
a host of features to the server. These modules incorporate
a function named 'callback' which is called by Apache during
various stages of request processing cycle. The callbacks
are registered as handlers used for processing specific events.
Every
Apache server comes with a set of 36 modules, which provide
adequate number of options to configure the server.
The scope of these modules range from allowing access from a
particular host, user tracking, handling various types to storing
log files.
A
basic "mod_access" module is explained below just
to give a rough idea as to the functionality of modules.
mod_access
module: Used for providing host based or domain level access
security options. Allows flexibility in allowing or denying
access to certain IP/Host.
The
module includes three basic directives: allow from, deny from
and order.
Though
the availability of modules suffices the task for the server,
there might be a distinct possibility of the need to add your
own customized one.
Add
On modules can be obtained from
http://modules.apache.org
or http://www.cpan.org.
Over
here, we are installing a module named mod_random that performs
the task of redirecting the client to a random URL from a list
included in the Apache directives.
Make
sure that you are having a Perl script named apxs (Apache Extension)
that comes bundled with ver. 1.3 and later. An important benefit
of this script is modules with more than one source file can
be compiled. Download the module from http://www.tangent.org/mod_random
#
tar zxvf /home/addons/mod_random-0_9_tar.gz untars the file
to a directory named /home/addons/mod_random-0.9
#
/usr/local/apache/bin/apxs -c -i -a -n random mod_random.c
The
/usr/local/apache/bin/apxs is location where apxs is found.
"random" is the name assigned to the module and mod_random.c
is the "c" source file of the module.
#
grep mod_random /usr/local/apache/conf/httpd.conf
Makes
sure that the mod_random has been added into your httpd.conf
file
Edit
the httpd.conf file to enjoy the module features.
<Location
/randomize>
SetHandler
random
RandomURL
http://www.yahoo.com
RandomURL
http://www.linux.com
RandomFile
/usr/local/apache/conf/random.conf
</Location>
The
/randomize is the URL that should be given as address by the
user if he wants to be redirected to a particular site.
Using
the RandomURL you can add a handful of sites. But if you have
an endless list of sites, use the random.conf file located in
/usr/local/apache/conf/random.conf directory. Restart Apache.
On
typing the URL http://www.bahbah.com/randomize, you shall be
immediately directed to one of the sites specified by you for
random selection in httpd.conf .
Anurag
Phadke can be reached at cbca@mantraonline.com
|
