Apache Web Server Quick and Dirty for AfNOG 2015 (Originally by Joel Jaeggli for AfNOG 2007) ‏

Slides:



Advertisements
Similar presentations
SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
Advertisements

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
Module 5: Configuring Access to Internal Resources.
 2003 Prentice Hall, Inc. All rights reserved. Chapter 21 – Web Servers (IIS and Apache) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3 System.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Apache Web Server Quick and Dirty Steve Gibbard for SANOG 16 (Originally by Joel Jaeggli for AfNOG 2007) ‏
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.
IST346:  Web Services. Today’s Agenda  Learn the basics of how the Web works  Understand various web service architectures  Address scaling, security,
TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.
SquirrelMail for Webmail AfNOG 2012 Scalable Internet Services (SS-E) Presented by Michuki Mwangi Serrekunda, Gambia (Original Materials by Joelja)
APACHE SERVER By Innovationframes.com »
SquirrelMail for Webmail AfNOG 2013 Scalable Internet Services (SS-E) Presented by Michuki Mwangi Lusaka, Zambia (Original Materials by Joelja)
Apache Security with SSL Using FreeBSD SANOG VI IP Services Workshop July 18, 2005 Hervey Allen Network Startup Resource Center.
Linux Operations and Administration
By Jeerarat Boonyanit. As you can see I have chosen Cpanel for my server management tool. cPanel is a Linux based web hosting control panel that provides.
TOPIC 1 – SERVER SIDE APPLICATIONS IFS 234 – SERVER SIDE APPLICATION DEVELOPMENT.
CSCI 6962: Server-side Design and Programming
Course 201 – Administration, Content Inspection and SSL VPN
Additional SugarCRM details for complete, functional, and portable deployment.
OPeNDAP Hyrax Back-End Server (BES) Authentication and Authorization Patrick West
Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as .
Web Servers1-1 Web Servers Xingquan (Hill) Zhu
Session 10 Windows Platform Eng. Dina Alkhoudari.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Remote Administration Remote Desktop Remote Assistance Remote Server Administration Tools.
SUSE Linux Enterprise Desktop Administration Chapter 12 Administer Printing.
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.
1 Apache and Virtual Sites and SSL Dorcas Muthoni.
Apache and... Virtual Hosts ---- aliases mod_rewrite ---- htaccess AFNOG 11 Kigali, Rwanda May 2010 Dorcas Muthoni Courtesy: Hervey Allen.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
Hands On Networking Network Applications Ram P Rustagi, ISE Dept Kundan Kumar, MCA Dept Manini Sahoor, MCA Dept Ravi Teja, MCA Dept Sourav.
Module 9: Fundamentals of Securing Network Communication.
Using Encryption with Microsoft SQL Server 2000 Kevin McDonnell Technical Lead SQL Server Support Microsoft Corporation.
Building Security into Your System Bill Major Gregory Ponto.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
Data Encryption using SSL Topic 5, Chapter 15 Network Programming Kansas State University at Salina.
CS 7: Introduction to Computer Programming Java and the Internet Sections ,2.1.
Apache Web Server Quick and Dirty Evelyn NAMARA for AfNOG 2014 (Originally by Joel Jaeggli for AfNOG 2007) ‏
Apache Web Server Quick and Dirty Ayitey Bulley for AfNOG 2011 (Originally by Joel Jaeggli for AfNOG 2007) ‏
Shibboleth: Installation and Deployment Scott Cantor July 29, 2002 Scott Cantor July 29, 2002.
1 Apache and... Virtual Hosts ---- aliases mod_rewrite ---- htaccess AFNOG X Cairo, Egypt May 2009 Hervey Allen.
Apache Web Server Quick and Dirty Kevin G. Chege for AfNOG 2013 (Originally by Joel Jaeggli for AfNOG 2007) ‏
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
1 Chapter Overview Creating Web Sites and FTP Sites Creating Virtual Directories Managing Site Security Troubleshooting IIS.
Web Server Administration Chapter 6 Configuring a Web Server.
(ITI310) By Eng. BASSEM ALSAID SESSIONS 10: Internet Information Services (IIS)
SquirrelMail for Webmail Quick and Dirty Michuki Mwangi for AfNOG 2010.
Web Server Administration Chapter 6 Configuring a Web Server.
APACHE Apache is generally recognized as the world's most popular Web server (HTTP server). Originally designed for Unix servers, the Apache Web server.
Communication protocols 2. HTTP Hypertext Transfer Protocol, is the protocol of World Wide Web (www) Client web browser Web server Request files Respond.
Linux, Apache, MySQL, PHP/Python/PERL ● a.k.a. LAMP ● Standard set of tools for configuring a Linux-based web server with database & interfacing capabilities.
Setting and Upload Products
Data Virtualization Tutorial… SSL with CIS Web Data Sources
Apache web server Quick overview.
Apache Security with SSL Using FreeBSD
SquirrelMail for Webmail
Unix System Administration
(Originally by Joel Jaeggli for AfNOG 2007)‏
How to Check if a site's connection is secure ?
IBM Certified WAS 8.5 Administrator
Module 3 Building a web app.
IIS.
APACHE WEB SERVER.
Building Security into Your System
Presentation transcript:

Apache Web Server Quick and Dirty for AfNOG 2015 (Originally by Joel Jaeggli for AfNOG 2007) ‏

About Apache Apache http server project Apache foundation started to support the web server project, but now extends to a multitude of other projects.

No. of websites

Top Server Market share from

Apache features Server Side Programming Language Support Apache supports some common language interfaces which include Perl, Python, Tcl, and PHP. It also supports a variety of popular authentication modules like mod_auth, mod_access, mod_digest and many others. IPv6 Support On systems where IPv6 is supported by the underlying Apache Portable Runtime library, Apache gets IPv6 listening sockets by default. Virtual Hosting Apache will allow one installation instance to serve multiple websites. For instance one Apache installation can serve sse.afnog.org, ws.afnog.org etc Simplified configuration Native Windows NT Unicode Support More at:

Virtual Hosting Apache Provides multiple options of virtual hosting and scales Name Based virtual hosts IP Based Virtual Hosts Aliases Its recommended to use name based virtual hosting over IP based hosting in virtual hosting configuration Refer to virtual hosting Exercise section

Installing PHP & Mysql PHP and Mysql implementations have increased driven mainly by development requests LAMP and WAMP are the most common implementations Installation via “dkpg” and “apt-get” and relatively straight forward See PHP & Mysql installation exercise section

Apache and IPv6 Apache supports IPv4 and IPv6 by default Set the listen option to port 80 will listen for both IPv4 and IPv6 listen option with IPv4 and IPv6 specific addresses will invoke different sockets for each protocol Listen xx:80 Listen [2001:43f8:0:219:196:200:219:xx]:80 Refer to IPv6 & php test exercise

Apache SSL Secure Socket Layer (SSL) port is 443 SSL is important to protect communication between client browser and web-server Requires the creation of SSL certificates and Certificate Signing Requests (CSR) For integrity, SSL certificates are signed by a Certificate Authority’s (CA) such as Verisign Self signed Certificates will also work but your browser will not trust it and will give a warning to users (which most don’t read) Refer to the Creating SSL Certificate Exercise Section

How SSL Works Each SSL certificate has a Public and Private key The Public Key is used to encrypt the information The Public Key is accessible to everyone The private Key is used to decipher the information The private should be not be disclosed

Role of Certificate Authority There are a number of CA that certify certificates Most browsers have pre-included public Keys from the CA’s A CA certified certificate will have validation information signed by the CA’s private key The browser will decrypt the validation information using the public key and verify that the certificate is certified by the CA If this fails a warning is given

Apache Installation on Debian Apache can be installed from APT- GET apt-get install apache2 Can be installed from dpkg Or from source if one requires a more recent version than what's on Debian source list

File System Layout /etc/apache2/ |-- apache2.conf | `-- ports.conf |-- mods-enabled | |-- *.load | `-- *.conf |-- conf-enabled | `-- *.conf |-- sites-enabled | `-- *.conf

Starting Apache Startup scripts are located at /etc/init.d/ Take a look in startup script /etc/init.d/apache2 Add Apache to startup update-rc.d apache2 enable Run $ /etc/init.d/apache2 restart $ sudo service apache2 start Restart $ sudo service apache2 restart

Start Apache! /etc/init.d/apache2 start Check that you can access in your browser Check that you can access in your browser, and that you get a certificate warning Click on the padlock icon in your browser and check that the certificate details are correct

Apache use cases Apache is widely used to serve many content applications Webmail, Blogs, Wiki’s, CMS etc

Start Exercises