||Michael Oberg - Freiberuflicher EDV-Berater und Software-Entwickler
For the compilation of the Apache web server see the section httpd-2.0.47 in COMPILE-MYLINUX.
The file /etc/httpd/httpd.conf contains the entire configuration of the web server. In relation to the provided version /etc/httpd/httpd-std.conf the following adjustments were made:
- Integration of the modules mod_auth_pam and mod_auth_sys_group for the authentication against LDAP (see also pam_ldap), php4_module for PHP4 and clamav_module for the proxy virus scanner ClamAV. For compiling the modules see the sections mod_auth_pam and to php-4.3.2 in COMPILE-MYLINUX.
- User and group to run the web server as are named both wwwrun.
- Server name and mail address of the user root are changed.
- The Directory index defines a default file which is used if an URL does not contain a file name. Normally only "index.html" is given here; under myLinux it is "index.html index.php", which allows the execution of a PHP script.
- By using the AddType directive PHP scripts are made executable.
- The section "password secured myLinux web applications" enforces SSL encryption for those web applications, which query passwords.
- The section "Intranet Site example" forces SSL encryption and password inquiry for certain CGI scripts (search function, directory) and Intranet documents.
- The section "Enabling htdig search..." makes it possible for the full text indexing program ht://dig to bypass the Intranet security settings. Thus also Intranet documents are indexed. The search function itself is password-protected (see previous point).
Warning: This directive must not be used together with the proxy directive. A web proxy makes it possible for LAN clients to masquerade themselves as the web server and therefore bypass the Intranet security settings, too.
- The section between ProxyRequests On and SetHandler clamav activates the Apache module mod_proxy exclusively for local IP addresses (the firewall prevents address spoofing from the internet) and configures the virus scanner ClamAV respectively the module mod_clamav, which is the interface between Apache and the virus scanner. Warning: by using this module web access through the proxy will be very slow.