Web Services CSCI N321 – System and Network Administration Copyright © 2007,2008 by Scott Orr and the Trustees of Indiana University.

Slides:



Advertisements
Similar presentations
What all is there Inside the Apache web server. These slides are part of study material of LAMP course. Course conducted by Prof Rocky Jagtiani – Technical.
Advertisements

Apache2 HTTPS. 1. Install webserver Apache # apt-get install apache2 2. Buat direktori untuk menyimpan file https # mkdir /var/www/secure 3. Instalasi.
Web Server Onno W. Purbo Web server.
HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.
Apache Configuration Setting up a web server. Basic Server Facts Runs on port 80 Server application -> httpd Richly configurable Many defaults will let.
How the web works: HTTP and CGI explained
CSE 190: Internet Commerce Lecture 4: Web Servers.
The World Wide Web and the Internet Dr Jim Briggs 1WUCM1.
Configuring a Web Server. Overview  Understand how a Web server works  Install IIS (Internet Information Services) and Apache Web servers  Examine.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
CP476 Internet Computing Browser and Web Server 1 Web Browsers A client software program that allows you to access and view Web pages on the Internet –Examples.
Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.
1 Web Servers Web Protocols and Practice Chapter 4.
APACHE SERVER By Innovationframes.com »
Virtual Hosts The apache server can handle multiple “web sites” at a time – a web service provider company may have multiple different sites to offer (see.
Linux Operations and Administration
Appendix: Installing AMP (Apache + MySQL + PHP). Training Course, CS, NCTU 2 AMP  AMP A – Apache Web Server M – MySQL Database Server P – PHP Language.
CSN11121 System Administration and Forensics Week 5: Essential Apache and Log Analysis Module Leader: Dr Gordon Russell Lecturers: G. Russell, R.Ludwiniak.
Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as .
Apache Setting up a Web (httpd) server. Apache Apache is the utility used by Linux servers to provide Web services (http services). It is the most popular.
Web Servers Installation and Configuration May 24, 2001 CIS System Administration Problem Statement The class topic is setting up a Linux server to support.
Human-Computer Interface Course 5. ISPs and Internet connection.
Web Servers1-1 Web Servers Xingquan (Hill) Zhu
CSN09101 Networked Services Week 8: Essential Apache Module Leader: Dr Gordon Russell Lecturers: G. Russell, J. Jackson.
An introduction to Apache. Different Types of Web Servers Apache is the default web server for may Unix servers. IIS is Microsoft’s default web server.
FTP (File Transfer Protocol) & Telnet
Apache httpd Web Server C. Edward Chow. Advanced Internet & Web Systems chow2 Outline of the Talk Introduction to Apache httpd web server Basic Compilation,
CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.
TCP/IP Protocol Suite 1 Chapter 22 Upon completion you will be able to: World Wide Web: HTTP Understand the components of a browser and a server Understand.
System Administration NFS & Web Servers. NFS SERVER.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
5 Chapter Five Web Servers. 5 Chapter Objectives Learn about the Microsoft Personal Web Server Software Learn how to improve Web site performance Learn.
Copyright 2000 eMation SECURITY - Controlling Data Access with
SUSE Linux Enterprise Desktop Administration Chapter 12 Administer Printing.
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.
1 Apache and Virtual Sites and SSL Dorcas Muthoni.
Apache and... Virtual Hosts ---- aliases mod_rewrite ---- htaccess AFNOG 11 Kigali, Rwanda May 2010 Dorcas Muthoni Courtesy: Hervey Allen.
Apache HTTP mod_ftp William A. Rowe, Jr. ASF Member, httpd and APR projects Sr. Software Engineer, Covalent Technologies.
Hands On Networking Network Applications Ram P Rustagi, ISE Dept Kundan Kumar, MCA Dept Manini Sahoor, MCA Dept Ravi Teja, MCA Dept Sourav.
1 Introductory material. This module illustrates the interactions of the protocols of the TCP/IP protocol suite with the help of an example. The example.
Apache Web Server. Aim of this section –Introduce you to workings of the most common webserver –Give you a little experience in role of webmaster Configuring.
/etc/apache2/apache2.conf # Porneste gazduirea virtuala pe http NameVirtualHost :80 # Porneste gazduirea virtuala pe https NameVirtualHost :443.
Integrating and Troubleshooting Citrix Access Gateway.
1 Apache and... Virtual Hosts ---- aliases mod_rewrite ---- htaccess AFNOG X Cairo, Egypt May 2009 Hervey Allen.
LinuxChix Apache. Serving Webpages The layer 7 protocol (HTTP) is what our browsers talk to get us the websites we can't seem to live without. HTTP is.
Form Data Encoding GET – URL encoded POST – URL encoded
WWW: an Internet application Bill Chu. © Bei-Tseng Chu Aug 2000 WWW Web and HTTP WWW web is an interconnected information servers each server maintains.
Multi-Domain Hosting Hosting multiple domains on one server using Apache John Beckett 1/16/2013.
CITA 310 Section 2 HTTP (Selected Topics from Textbook Chapter 6)
Authentication Names and Passwords Names and Passwords Also can use Groups Also can use Groups Webmaster can “require” authentication Webmaster can “require”
Web Technology – Web Server Setup : Chris Uriarte Meeting 4: Advanced Topics, Continued: Securing the Apache Server and Apache Performance Tuning Rutgers.
Web Server (Apache httpd ) 1. 2 Apache Web Server A PAtCHy server: developed by the Apache group History- First.
More than one site? Use multiple configuration files Use multiple configuration files  httpd –d {path}  Assumes “conf/httpd.conf” Logging transactions.
Web Server Administration Chapter 6 Configuring a Web Server.
CSN09101 Networked Services Week 8: Essential Apache Module Leader: Dr Gordon Russell Lecturers: G. Russell.
LURP Details. LURP Lab Details  1.Given a GET … call a proxy CGI script in the same way you would for a normal CGI request  2.This UDP perl.
IBM Http Server Basic Administration. CONTENTS Web server IHS How does IHS differ from Apache Basic configurations Advanced Configurations Performance.
CITA 310 Section 4 Apache Configuration (Selected Topics from Textbook Chapter 6)
Web Server Administration Chapter 6 Configuring a Web Server.
APACHE Apache is generally recognized as the world's most popular Web server (HTTP server). Originally designed for Unix servers, the Apache Web server.
Web Cacheability of CRLs David Groep, Jan 26 th, 2009.
Web and Proxy Server.
Web Protocols and Practice
Apache and... Virtual Hosts ---- aliases mod_rewrite ---- htaccess
Authentication & .htaccess
Unix System Administration
Unit-5 Chap-1 Configuring Web Server
Public-key Infrastructure
Public-key Infrastructure
APACHE WEB SERVER.
Presentation transcript:

Web Services CSCI N321 – System and Network Administration Copyright © 2007,2008 by Scott Orr and the Trustees of Indiana University

Section Overview HTTP Protocol Apache Configuration HTTPS/SSL Virtual Hosts

References Apache Site – RedHat Deployment Guide Chapter 22 – Apache HTTP Server

World Wide Web Components WidgetWebServer UserWorkstation Widget Download Demo Buy it Now Name: CC #: Submit Reset Browser

Hypertext Transfer Protocol GET /index.html HTTP/1.1 Host: tempest.cs.iupui.edu HTTP/ OK Date: Sun, 25 Nov :43:31 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Thu, 16 Aug :48:43 GMT ETag: "50602ec f4c0" Accept-Ranges: bytes Content-Length: 113 Connection: close Content-Type: text/html; charset=UTF-8 File Content…

HTTP Status Codes 1xx – Informational 2xx – Success 3xx – Redirection 4xx – Client Error 5xx – Server Error

Common Gateway Interface (CGI) Allowed for dynamic web content Relies on external programs Form processing Parameters passed as part of URL Outputs valid context Header/Content Coding problems create security issues!

Web Server Market Share Source:

Web Server – Active Sites Source:

Apache Web Server Runs on multiple platforms Modules define capabilities SSL Support Web Hosting Multiple IP/Posts Virtual Hosts Proxies /etc/http/conf/httpd.conf & /etc/httpd/conf.d

Basic Apache Configuration ServerRoot – Where to find configuration Listen – Which port(s) to bind Daemon Ownership User Group ServerAdmin – address for Administrator ServerName – FQDN for server DocumentRoot – Web content directory DirectoryIndex – Files to load if only directory specified LoadModule – Feature module code to include Many included by default LoadModule

Basic Performance Settings Persistent Connections KeepAlive Off MaxKeepAliveRequests 100 KeepAliveTimeout 15 Concurrent Daemons (prefork module) StartServers 8 MinSpareServers 5 MaxSpareServers 20 ServerLimit 256 MaxClients 256 MaxRequestsPerChild 4000

Web Request Logging Remote Address (%h) Client ID (%l) Authenticated User (%u) Date/Time of Request (%t) Request Line (\"%r\" ) Request Status (%s) Size of data sent to client (%b) Referrer and Client info can also be included

Log Files access_log - All web page requests error_log – Problems & Failed requests agent_log – Client info (browser/OS) referrer_log – Site that directed to URL Combined logs – Merge access_log, agent_log and referrer_log into one file

Directory Specific Settings Override system defaults Enclosed in Options – Features to allow/disallow Indexes Includes/IncludesNOEXEC FollowSymLinks/SymLinksIfOwnerMatch Multiviews All Multiple Options not merged, ‘+’ and ‘-’ to merge Limit - Access Control Allow/Deny Order

User Personal Sites URL: /~ / Activation # UserDir Disabled UserDir public_html

.htaccess If present in directory, modifies settings AllowOverride Must be in directive for tree Can be all All or list specific settings Password Authentication Require directive in limit htpasswd - create users/passwords

.htaccess Example AuthUserFile /etc/httpd/.htpasswd AuthGroupFile /dev/null AuthName "HTAccess Demo" AuthType Basic require valid-user

Secure Socket Layer Used to encrypt web traffic SSL Directives SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite HIGH:MEDIUM SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key

Generating a Self-Signed Cert openssl req -new > new.cert.csr openssl rsa -in privkey.pem -out new.cert.key openssl x509 -in new.cert.csr -out new.cert.cert \ -req -signkey new.cert.key -days 3650 cp new.cert.key \ /etc/httpd/conf/ssl.key/server.key cp new.cert.cert \ /etc/http/conf/ssl.crt/server.crt service httpd restart

Virtual Hosts Multiple sites using the same server IP Based Port Based Name Based (No SSL support) Example (Name) DocumentRoot /var/www/webmail/ ServerName webmail.cs.iupui.edu

Security Notes Remove unneeded CGI Scripts Minimize use of external executables If needed, limit scope suexec Options –IncludeNOEXEC AllowOverride None/AuthConfig Options –Indexes -FollowSymLinks Prevent Fingerprinting ServerSignature Off ServerTokens Prod

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.