Michael Oberg - Freiberuflicher EDV-Berater und Software-Entwickler
Frame Version
Dienstleistungen
myLinux.de
myLinux.en
History
Tasks
LDAP
schemas
pam_ldap
sendmail
Cyrus IMAPD
Apache
Samba
slapd.conf
LDAP-Explorer
Further Features
Compilation
Changelogs
Downloads
Impressum


HOME

Apache

For the compilation of the Apache web server see the section httpd-2.0.47 in COMPILE-MYLINUX.

The file /etc/httpd/httpd.conf contains the entire configuration of the web server. In relation to the provided version /etc/httpd/httpd-std.conf the following adjustments were made:

  • Integration of the modules mod_auth_pam and mod_auth_sys_group for the authentication against LDAP (see also pam_ldap), php4_module for PHP4 and clamav_module for the proxy virus scanner ClamAV. For compiling the modules see the sections mod_auth_pam and to php-4.3.2 in COMPILE-MYLINUX.
  • User and group to run the web server as are named both wwwrun.
  • Server name and mail address of the user root are changed.
  • The Directory index defines a default file which is used if an URL does not contain a file name. Normally only "index.html" is given here; under myLinux it is "index.html index.php", which allows the execution of a PHP script.
  • By using the AddType directive PHP scripts are made executable.
  • The section "password secured myLinux web applications" enforces SSL encryption for those web applications, which query passwords.
  • The section "Intranet Site example" forces SSL encryption and password inquiry for certain CGI scripts (search function, directory) and Intranet documents.
  • The section "Enabling htdig search..." makes it possible for the full text indexing program ht://dig to bypass the Intranet security settings. Thus also Intranet documents are indexed. The search function itself is password-protected (see previous point).
    Warning: This directive must not be used together with the proxy directive. A web proxy makes it possible for LAN clients to masquerade themselves as the web server and therefore bypass the Intranet security settings, too.
  • The section between ProxyRequests On and SetHandler clamav activates the Apache module mod_proxy exclusively for local IP addresses (the firewall prevents address spoofing from the internet) and configures the virus scanner ClamAV respectively the module mod_clamav, which is the interface between Apache and the virus scanner. Warning: by using this module web access through the proxy will be very slow.