Apache Server Survival Guide asg02.htm

Previous Page TOC Next Page


Installing and Configuring the Apache Server

This chapter guides you through the installation and configuration of Apache using a basic setup. You will find the latest stable server software, as well as the latest beta releases of the Apache source distribution, on the Apache group's Web server ( http://www.apache.org). A copy of the latest release available at the time this book was written (Apache 1.1.1) is included on the CD-ROM that accompanies this book.

If you don't have access to a compiler, you can still install Apache provided that you can find a precompiled version of the server that works with your hardware and operating system. I have included the precompiled servers I found at the Apache group's Web server, including AUX 3.1, BSDI 1.1 and 2.0, FREEBSD 2.1, HPUX 9.07, IRIX 5.3, Linux, NETBSD 1.1, SOLARIS 2.4, SunOS 4.1.3, and UNIXWARE 1.1.2., and others.

Fig. 2.1 The Apache home page. Notice this site is mirrored around the world.

The Apache site provides links to various mirror sites from which you can download the software. Choose the one that is geographically closest to you from the various sites listed on the Apache home page.

To install Apache in its default location at /usr/local/etc/httpd, you may need to be the superuser. You'll need to know the root password of the machine in which you are installing Apache. If you don't know how to become root, please contact your local system administrator. Put the distribution archive in the /tmp directory. A sequence of commands to do the installation from /tmp might look like this:

mkdirs /usr/local/etc (your system may use 'mkdir -p /usr/local/etc' instead)

cd /usr/local/etc

mv /tmp/apache_1.1.1.tar.gz /usr/local/etc

gzcat apache_1.1.1.tar.gz | tar -xf -

mv apache_1.1.1 httpd

If your system does not support gzcat, you may need to do a gunzip -c instead.

Note that depending on the version you are installing, you will be left with a directory called apache_x.x.x. Now you should have a tree under httpd that contains the complete distribution of Apache. This directory tree contains configuration templates and other resources that the server needs for its operation. Be sure not to move or rename any of the files and directories, unless you know what you are doing.

Installing a Precompiled Server

Apache has been compiled for many platforms, and chances are that a prebuilt copy of the server exists for your setup. If you are interested in compiling the source, you might want to skip to the section in this chapter titled, "Installing from the Source" because it offers information on how to build the Apache HTTP server.

Installing a precompiled server is very similar to installing a source-only distribution. The only difference is that a compiled httpd binary already exists in the server's src directory. The compiled binary of the Apache server is called httpd. On binary distributions, the binary is usually labeled httpd-architecture, where architecture is the name of the OS you are installing. For Linux, the httpd binary is called httpd-linux.

Although it is perfectly fine to keep the binary in the src directory, I like to install the binary at the top of the distribution tree. In this example, that is /usr/local/etc/httpd/httpd. Sometimes, the binary distribution has not been stripped. Stripping removes extra symbol information that the linker left from the compilation linking process. Removing this extra information using strip usually makes the binary about 30 to 40 percent smaller. I also like to protect the executable from any user trying to alter it. An easy way to do this is by changing the owner and group of the executable to root and the group to wheel. Then remove all write privileges to the binary from everyone but the owner. To chown and chmod a file (change owner and change mode) to root, you need to do this as the superuser. The following installation steps might look something like this:

  1. 1. cd /usr/local/etc/httpd

  2. 2. cp src/httpd-linux httpd

  3. 3. strip httpd

  4. 4. chown root.wheel httpd

  5. 5. chmod 755 httpd

If you are installing a precompiled server, you can skip to the section titled, "Runtime Server Configuration Settings."

Installing from the Source

Installing from the source is a little more time-consuming, but it will force you to get familiar with the source distribution of the Apache server. It will also give you the opportunity to customize the modules that are built into Apache. Many of these modules provide functionality that will make your server more powerful. All the files you will need to edit to build the binary are in the src directory. Building from the source is a three-step process:

  1. 1. Edit the one-time configuration file, src/Configuration.

  2. 2. Run the Configure script.

  3. 3. Run make.

Editing the Configuration File

Before you can compile the software, you need to edit the configuration file and set some compile-time options that address the peculiarities of your operating system (and, in some cases, the hardware on which you are going to be running the server). Apache supports the concept of modules that extend and enhance the functionality of the server. However, in order for some of these modules to work, they have to be enabled in the configuration file. The configuration file can be found in /usr/local/etc/httpd/src. To make a copy of the configuration file, type in the following:

cd /usr/local/etc/httpd/src

cp Configuration.tmpl Configuration

Using your favorite editor, read and edit the configuration file you just created. A listing of the default configuration files is included at the end of this chapter for your reading enjoyment.

I kept all the default settings with the exception of changing the compiler and compilation options to match my hardware and operating system. This is executed by removing the comments (the # signs) from the AUX_CFLAGS and AUX_LIBS defines found on the configuration file. Remember to comment out (put in a #) in front of other settings that may not apply to your system configuration.

Running the Configure Script

After you edit the configuration file, you need to run the Configure script. The Configure script is a Bourne shell script that uses the configuration file you edited (src/Configuration) to generate a new Makefile and modules.c to match the options you set in the compilation configuration file. To do this, type the following into your terminal program:

cd /usr/local/etc/httpd/src


Configure allows you to specify a configuration file on the command line by using the -file flag:
Configure -file NEXTSTEP.configuration
Using alternate config file NEXTSTEP.configuration
This feature is useful if you need to maintain various different configurations for several different machines.

Running make

If Configure proceeded normally, you should be able to build the server binary at this point. To build the binary, type this on your terminal:


After a few minutes, depending on the speed of your hardware, you will have a compiled version of the Web server. It is called httpd and is on the /usr/local/etc/apache/src directory. The current version of the Apache source code does not have an install target for make, so you'll have to copy and strip the executable by hand:

cp httpd ../httpd

cd ..

strip httpd

chown root.wheel httpd

chmod 755 httpd

Runtime Server Configuration Settings

Apache reads its configuration settings from three files: access.conf, httpd.conf, and srm.conf. Primarily, this has been done to maintain backward compatibility with the NCSA server, but the reasoning behind this organization makes good sense. The configuration files reside in the conf subdirectory of the server distribution. Sample configuration files are included in the software distribution; they are named access.conf-dist, httpd.conf-dist, and srm.conf-dist, respectively. You will need to create copies of these files without the -dist portion:

cd /usr/local/etc/httpd/conf

cp httpd.conf-dist httpd.conf

cp access.conf-dist access.conf

cp srm.conf-dist srm.conf

After you've made your local copies, you are ready to configure a basic server.

Runtime configuration of your server is done by way of configuration directives. Directives are commands that set some option; use them to tell the server about various options that you want to enable, such as the location of files important to the server configuration and operation. Configuration directives follow this syntax:

Directive option option

Directives are specified one per line. Some directives only set a value such as a filename; others let you specify various options. There are special directives, called sections, that look like HTML tags. Section directives are surrounded by angle brackets, such as <directive>. Sections usually enclose a group of directives that apply only to the directory specified in the section:

<Directory somedir/in/your/tree>

 Directive option option

 Directive option option


All sections are closed with a matching section tag that looks like </directive>. You will see some of these constructs in the conf/access.conf and in your conf/httpd.conf files. Note that section tags, like any other directive, are specified one per line.

Editing httpd.conf

httpd.conf contains configuration directives that control how the server runs, where its logfiles are found, the user ID (UID) it runs under, the port that it listens to, and so on. You will need to edit some of the default configuration values to settings that make sense in your site. I kept most of the defaults found on my httpd.conf, with the exception of the following:

Figure 2.2. One of the error messages the server returns if there's an error. Note that the ServerAdmin was set to alberto@accesslink.com.
ServerAdmim The ServerAdmin directive should be set to the address of the webmaster managing the server. It should be a valid e-mail address or alias, such as webmaster@your.domain. Setting this to a valid address is important because this address will be returned to a visitor when there's a problem.
User and Group The User and Group directives set the UID and group ID (GID) that the server will use to process requests. I kept these to the defaults: nobody and nogroup. Please verify that the names nobody and nogroup exist in your /etc/passwd and /etc/group files, respectively. If you want to use a different UID or GID, go ahead; however, be aware that the server will run with the permissions you define here. The permissions for the specified UID and GID should be very low because, in case of a security hole, whether on the server or (more likely) on your own CGI programs, those programs will run with the assigned UID. If the server runs as root or some other privileged user, someone may exploit the security holes and do nasty things to your site. Instead of specifying the User and Group directives using a name, you can specify them by using the UID and GID numbers. If you use numbers, be sure that the numbers you specify correspond to the user and group you want, and that they are preceded by the pound (#) symbol.

Here's how these directives would look if specified by name:

Here's the same specification, but by UID and GID: