Apache : Installation, Configuration, Basic Security

Slides:



Advertisements
Similar presentations
February 2003slideset 1 Introduction to the DNS system Olaf M. Kolkman
Advertisements

The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for computers –IP address includes information used for.
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.
CP476 Internet Computing Browser and Web Server 1 Web Browsers A client software program that allows you to access and view Web pages on the Internet –Examples.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.
Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.
Domain Name Services Oakton Community College CIS 238.
Chapter 22 Web Hosting and Internet Servers Xuanxuan Su.
11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
Linux Operations and Administration
Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as .
Chapter 16 – DNS. DNS Domain Name Service This service allows client machines to resolve computer names (domain names) to IP addresses DNS works at the.
Domain Names System The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 7: Domain Name System.
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Network Protocols Chapter 25 (Data Communication & Networking Book): Domain Name System (DNS) 1.
Chapter 17 Domain Name System
5 Chapter Five Web Servers. 5 Chapter Objectives Learn about the Microsoft Personal Web Server Software Learn how to improve Web site performance Learn.
Microsoft Internet Information Services 5.0 (IIS) By: Edik Magardomyan Fozi Abdurhman Bassem Albaiady Vince Serobyan.
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.
October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.
1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.
Application Layer Khondaker Abdullah-Al-Mamun Lecturer, CSE Instructor, CNAP AUST.
1 Kyung Hee University Chapter 18 Domain Name System.
Configuring Name Resolution and Additional Services Lesson 12.
1 Internet Network Services. 2 Module - Internet Network Services ♦ Overview This module focuses on configuring and customizing the servers on the network.
DNS DNS overview DNS operation DNS zones. DNS Overview Name to IP address lookup service based on Domain Names Some DNS servers hold name and address.
1 Chapter Overview Creating Web Sites and FTP Sites Creating Virtual Directories Managing Site Security Troubleshooting IIS.
Linux Operations and Administration
BZUPAGES.COM. Presented to: Sir. Muizuddin sb Presented by: M.Sheraz Anjum Roll NO Atif Aneaq Roll NO Khurram Shehzad Roll NO Wasif.
Domain Name System (DNS)
Web Server Administration Chapter 6 Configuring a Web Server.
Introduction to Active Directory
Web Server Administration Chapter 4 Name Resolution.
Internet Naming Service: DNS* Chapter 5. The Name Space The name space is the structure of the DNS database –An inverted tree with the root node at the.
Basics of the Domain Name System (DNS) By : AMMY- DRISS Mohamed Amine KADDARI Zakaria MAHMOUDI Soufiane Oujda Med I University National College of Applied.
Web Server Administration Chapter 6 Configuring a Web Server.
System Administration(SAD622S) Name of Presenter: Shadreck Chitauro Lecturer 18 July 2016 Faculty of Computing and Informatics.
Understand Names Resolution
SmartCenter for Pointsec - MI
Networking Applications
CS 372 COMPUTER COMMUNICATION AND NETWORKS
Chapter 25 Domain Name System.
Module 5: Resolving Host Names by Using Domain Name System (DNS)
Web Development Web Servers.
Domain Name System (DNS)
Principles of Computer Security
IMPLEMENTING NAME RESOLUTION USING DNS
Network Load Balancing
DNS.
Configuring and Managing the DNS Server Role
SUBMITTED BY: NAIMISHYA ATRI(7TH SEM) IT BRANCH
Working at a Small-to-Medium Business or ISP – Chapter 7
Net 323 D: Networks Protocols
Chapter 19 Domain Name System (DNS)
Traditional Internet Applications
Working at a Small-to-Medium Business or ISP – Chapter 7
Application layer Lecture 7.
Working at a Small-to-Medium Business or ISP – Chapter 7
Configuring Internet-related services
Introduction to the DNS system
Chapter 25 Domain Name System
Domain Name System Refs: Chapter 9 RFC 1034 RFC 1035.
Chapter 25 Domain Name System
Introduction to the DNS system
Domain Name System: DNS
APACHE WEB SERVER.
Computer Networks Primary, Secondary and Root Servers
Presentation transcript:

Apache : Installation, Configuration, Basic Security Presented by, Mr. Rahul Sharma Associate Professor ACEIT

Outline Introduction Why Apache ? Installation Configuration Running Apache Basic Security

Introduction A basic web server works as follows : It is a program that runs on a host computer . It waits for a request from web browser/client for objects it has in its possession Upon receiving the request (GET command from client), it retrieves the requested information and sends it to the client. The objects it can serve include HTML documents, plain text, images, sounds, video and other data.

Introduction Apache is the most popular web server on the internet, running approximately 60% of all web servers. This is the default web server on Red Hat, SuSE, and Debian systems and is well known in industry for its flexibility and performance.

Introduction Installing and maintaining is easy and ranks far below email and DNS in complexity & difficulty of administration. Its free and open source and full source code is available from Apache group site at www.apache.org

Why Apache ? Apache’s popularity is due to : Apache is highly configurable . It is extensible (for e.g. mod_perl and mod_php3 can be added) . Supports virtual hosts or multi homed servers . It is free and open source .

Installation Apache is included with most Linux distributions. On a machine installed with recent version of Linux, chances are Apache is already installed and running. Processor status can be checked to see if its running by using the command machine1$ ps –ef | grep httpd

Installation If one wishes to download the source code and compile it then, Execute the configure script included with the distribution to detect type of system used and set up appropriate makefiles. use --prefix option to specify where in ones directory tree the Apache server should live.

Installation For example : % ./configure --prefix=/etc/httpd Default modules can be used or some features may be included or removed by invoking -enable-module= and -disable-module= options to configure .

Installation Some modules like asis, autoindex, env may be disabled for security reasons. After executing configure run make and make install to actually compile and install the appropriate files .

Configuration All configuration files are in conf directory ( /etc/httpd/conf). The files that are to be examined and customized are httpd.conf, srm.conf and access.conf . httpd.conf is used to set the TCP port (usually port 80), location of log files, and various network and performance parameters

Running Apache Apache can be started from machine’s rc scripts or initiated by hand with % /usr/sbin/httpd –f /etc/httpd/conf/httpd.conf It can be started automatically at boot time by making a link in rc directory that points to /etc/init.d/httpd .

Security Modifying the Default Header : A hacker can exploit a web server by the information it sends in its header ( version, machine type, its built-up etc) . Its always better to modify the default header by changing the lines that reveals this information in src/include/httpd.h file .

Security Upgrading old software when necessary. Protecting Web Data with IP Restrictions : Apache can be configured to allow restricted IP addresses only. This can be done by adding following lines in .htaccess : Order Deny, Allow Deny from All Allow from 192.168.1.100 Allow from 192.168.1.101

Security Using HTTP Authentication : HTTP user authentication restricts access to a particular directory and subdirectories of the web server . A browser implements authentication by prompting a dialog box for the user to type his username/password.

Security Using Secure HTTP Connections : The Secure Socket Layer (SSL) should be used to minimize the likelihood that a hacker can snoop a username/password. SSL not only encrypts the data before it is transferred to the web site, but also it decrypts the data received from the web site, thus securing the data transfers.

Internet Naming Service: DNS*

Overview Introduction to the DNS DNS Components DNS Structure and Hierarchy The DNS in Context

The DNS is… The “Domain Name System” What Internet users use to reference anything by name on the Internet The mechanism by which Internet software translates names to attributes such as addresses

The DNS is also… A globally distributed, scalable, reliable database Comprised of three components A “name space” Servers making that name space available Resolvers (clients) which query the servers about the name space

DNS as a Lookup Mechanism Users generally prefer names to numbers Computers prefer numbers to names DNS provides the mapping between the two I have “x”, give me “y”

DNS as a Database Keys to the database are “domain names” www.foo.com, 18.in-addr.arpa, 6.4.e164.arpa Over 200,000,000 domain names stored Each domain name contains one or more attributes Known as “resource records” Each attribute individually retrievable

Global Distribution Data is maintained locally, but retrievable globally No single computer has all DNS data DNS lookups can be performed by any device Remote DNS data is locally cachable to improve performance

Loose Coherency Each version of a subset of the database (a zone) has a serial number The serial number is incremented on each database change Changes to the master copy of the database are propagated to replicas according to timing set by the zone administrator Cached data expires according to timeout set by zone administrator

Scalability No limit to the size of the database No limit to the number of queries Tens of thousands of queries handled easily every second Queries distributed among masters, slaves, and caches

Reliability Data is replicated Clients can query Data from master is copied to multiple slaves Clients can query Master server Any of the copies at slave servers Clients will typically query local caches DNS protocols can use either UDP or TCP If UDP, DNS protocol handles retransmission, sequencing, etc.

Dynamicity Database can be updated dynamically Add/delete/modify of any record Only master can be dynamically updated Modification of the master database triggers replication

Overview Introduction to the DNS DNS Components The name space The servers The resolvers DNS Structure and Hierarchy The DNS in Context

The Name Space The name space is the structure of the DNS database An inverted tree with the root node at the top Each node has a label The root node has a null label, written as “”

Domain Names A domain name is the sequence of labels from a node to the root, separated by dots (“.”s), read left to right The name space has a maximum depth of 127 levels Domain names are limited to 255 characters in length A node’s domain name identifies its position in the name space

Subdomains One domain is a subdomain of another if its domain name ends in the other’s domain name So sales.nominum.com is a subdomain of nominum.com & com nominum.com is a subdomain of com

Delegation Administrators can create subdomains to group hosts According to geography, organizational affiliation etc. An administrator of a domain can delegate responsibility for managing a subdomain to someone else The parent domain retains links to the delegated subdomains

Delegation Creates Zones Each time an administrator delegates a subdomain, a new unit of administration is created The subdomain and its parent domain can now be administered independently These units are called zones The boundary between zones is a point of delegation in the name space Delegation is good: it is the key to scalability

Dividing a Domain into Zones nominum.com domain nominum.com zone ams.nominum.com zone rwc.nominum.com zone

Overview Introduction to the DNS DNS Components The name space The servers The resolvers DNS Structure and Hierarchy The DNS in Context

Name Servers Name servers store information about the name space in units called “zones” The name servers that load a complete zone are said to “have authority for” or “be authoritative for” the zone Usually, more than one name server are authoritative for the same zone This ensures redundancy and spreads the load Also, a single name server may be authoritative for many zones

Name Servers and Zones Name Servers Zones nominum.com isc.org 128.8.10.5 serves data for both nominum.com and isc.org zones Name Servers Zones 128.8.10.5 nominum.com 202.12.28.129 serves data for nominum.com zone only 202.12.28.129 isc.org 204.152.187.11 serves data for isc.org zone only 204.152.187.11

Types of Name Servers Two main types of servers Authoritative – maintains the data Master – where the data is edited Slave – where data is replicated to Caching – stores data obtained from an authoritative server No special hardware necessary BIND: Berkeley Internet Name Domain

Name Server Architecture You can think of a name server as part of: database server, answering queries about the parts of the name space it knows about (i.e., is authoritative for), cache, temporarily storing data it learns from other name servers, and agent, helping resolvers and other name servers find data Also, the caching resolver can insert data into the cache, and can "query" the cache and the database server.

Name Server Architecture Zone data file From disk Authoritative Data (primary master and slave zones) Agent (looks up queries on behalf of resolvers) Cache Data (responses from other name servers) Name Server Process Master server Zone transfer

on behalf of resolvers) Authoritative Data Authoritative Data (primary master and slave zones) Agent (looks up queries on behalf of resolvers) Cache Data (responses from other name servers) Name Server Process Response Resolver Query

Using Other Name Servers Authoritative Data (primary master and slave zones) Agent (looks up queries on behalf of resolvers) Cache Data (responses from other name servers) Name Server Process Response Response Another name server Resolver Query Query

on behalf of resolvers) Cached Data Authoritative Data (primary master and slave zones) Agent (looks up queries on behalf of resolvers) Cache Data (responses from other name servers) Name Server Process Response Resolver Query

Overview Introduction to the DNS DNS Components The name space The servers The resolvers DNS Structure and Hierarchy The DNS in Context

Name Resolution Name resolution is the process by which resolvers and name servers cooperate to find data in the name space Closure mechanism for DNS? Starting point: the names and IP addresses of the name servers for the root zone (the “root name servers”) The root name servers know about the top-level zones and can tell name servers whom to contact for all TLDs

Name Resolution A DNS query has three parameters: A domain name (e.g., www.nominum.com), Remember, every node has a domain name! A class (e.g., IN), and A type (e.g., A) Upon receiving a query from a resolver, a name server 1) looks for the answer in its authoritative data and its cache 2) If step 1 fails, the answer must be looked up

The Resolution Process Let’s look at the resolution process step-by-step: annie.west.sprockets.com ping www.nominum.com.

The Resolution Process The workstation annie asks its configured name server, dakota, for www.nominum.com’s address dakota.west.sprockets.com What’s the IP address of www.nominum.com? annie.west.sprockets.com ping www.nominum.com.

The Resolution Process The name server dakota asks a root name server, m, for www.nominum.com’s address m.root-servers.net dakota.west.sprockets.com What’s the IP address of www.nominum.com? annie.west.sprockets.com ping www.nominum.com.

The Resolution Process The root server m refers dakota to the com name servers This type of response is called a “referral” m.root-servers.net Here’s a list of the com name servers. Ask one of them. dakota.west.sprockets.com annie.west.sprockets.com ping www.nominum.com.

The Resolution Process The name server dakota asks a com name server, f, for www.nominum.com’s address What’s the IP address of www.nominum.com? m.root-servers.net dakota.west.sprockets.com f.gtld-servers.net annie.west.sprockets.com ping www.nominum.com.

The Resolution Process The com name server f refers dakota to the nominum.com name servers Here’s a list of the nominum.com name servers. Ask one of them. m.root-servers.net dakota.west.sprockets.com f.gtld-servers.net annie.west.sprockets.com ping www.nominum.com.

The Resolution Process The name server dakota asks a nominum.com name server, ns1.sanjose, for www.nominum.com’s address What’s the IP address of www.nominum.com? m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net f.gtld-servers.net annie.west.sprockets.com ping www.nominum.com.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.