TAG: apache

Apache Webserver stuff: Apache 2.2 and 2.4 apache index apache
Apache - force https Force secure connection (for auth) Redirect /etc/apache2/sites-available/default [...] # redirect everything if accessed via http <IfModule mod_rewrite.c> <IfModule mod_ssl.c> RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule (.*) https://host.domain.tld%{REQUEST_URI} [R=301,L] </IfModule> </IfModule> # explicit redirect to avoid multiple auth requests for this location <Location /nagios3> Redirect permanent /nagios3 h…
Apache Basic Authentication The new Apache 2.4 flavour: # Redirect to HTTPS RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L] # Authenticate users only when using HTTPS <If "%{HTTPS} == 'on'"> AuthName Admin AuthType Basic AuthUserFile /etc/apache2/auth/htpasswd AuthGroupFile /etc/apache2/auth/htgroup require group admin </If>
Apache Config Activate compression for output - this requires mod_deflate [...] # Compression Level (1 - 9) DeflateCompressionLevel 5 <Location /> # Insert filter SetOutputFilter DEFLATE # Netscape 4.x has some problems... BrowserMatch ^Mozilla/4 gzip-only-text/html # Netscape 4.06-4.08 have some more problems BrowserMatch ^Mozilla/4\.0[678] no-gzip # MSIE masquerades as Netscape, but it is fine BrowserMatch \bMSI…
Apache Logfiles Some receipes how to tune or rotate Apache logfiles Conditional Logging To exclude something not to be logged in your apache access (or error) log can be achieved like so: SetEnvIf Request_URI "^/favicon\.ico$" special SetEnvIf Request_URI "something.html" special # no logging: CustomLog /var/log/httpd/local-access.log combined env=!special # explicit logging: CustomLog /var/log/httpd/local-special.log combined env=special
Apache Redirect and Rewrite A quick overview with examples of some common ways how you could redirect or rewrite addresses ... mod_rewrite Module Redirect everything to a “maintenance” message RewriteEngine on RewriteRule !maintenance.htm$ http://www.foo.tld/maintenance.htm [R,L]
Apache2 Some infos howto use apache the debian way: * a2enmod - enables available mod * a2dismod - disables mod * a2ensite - enables site * a2dissite - disables site To commit your changes: /etc/init.d/apache2 force-reload debian apache ,
Basic Apache Security Recipes There are some (very basic) tunables that should be modified to improve the overall security of your default apache installation. I only specify parameters I recommend to change. Server Config Don't expose too much information and fix some issues: ,
HTTP status codes Some of the most importand HTTP 1.1 status codes: successful200OKredirection301moved permanently302found, but temporarily movedclient error401unauthorized403forbidden404not foundserver error500internal server error For all the status codes see
Install Apache 2.4 from source with openssl and PFC Quick overview how to install Apache from source on Debian Wheezy, including the latest openssl to achieve perfect forward secrecy with modern browsers. With the Heartbleed incident in mind there's good reason to build Apache with the latest openssl available - from source. This way we are able to implement the best possible Forward Secrecy when it comes to SSL encryption for HTTPS connections. ,
Install mod_geoip from source with Apache 2.4 Here's how to do it: Download the necessary packages: * <https://github.com/maxmind/geoip-api-c/archive/master.zip> * <https://github.com/maxmind/geoip-api-mod_geoip2/archive/master.zip> GeoIP Database: * <http://dev.maxmind.com/geoip/legacy/downloadable/> Because Piwik handles all my GeoIP database stuff I don't have to care about the installation and updates of the database itself. Your mileage may vary.
Maintenance Page - Service Unavailable If you need to shut down your web site for maintenance it will be helpful to be prepared with an informative status page. What we have to setup: * a web site to inform your visitors what is going on * the proper webserver rules to redirect traffic to the maintenanace page
Pimp Your Directory Index I used this to give some additional information about our local Debian mirror. create your .htaccess with the following contents: ReadmeName README HeaderName HEADER <Files ~ "(README|HEADER)$"> ForceType text/html </Files> Options +Indexes IndexIgnore images *.ico
robots.txt Don't allow any search engines (robots) to index anything in /cgi-bin: User-agent: * Disallow: /cgi-bin/ Don't allow any search engines (robots) to index anything: User-agent: * Disallow: / apache
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready