Presentation is loading. Please wait.

Presentation is loading. Please wait.

Apache web server Quick overview.

Published byDiana Quinn Modified over 6 years ago

Similar presentations

Presentation on theme: "Apache web server Quick overview."— Presentation transcript:

1 Apache web server Quick overview

2 About An open source web server. Mostly for Unix, Linux and Solaris platforms Apache is the most popular web server on the net. It is very secure, fast, and reliable. Created by Apache foundation Apache foundation started to support the web server project, but now extends to a multitude of other projects. (tomcat, hadoop, ant etc. etc)

3 Features Modern, secure, multi-threaded server.
Multiple protocols: HTTP and HTTPS (FTP, proxy etc.) It provides a full range of Web server features, including CGI, SSL, and virtual hosts. Modular design: most features implemented thorough loadable modules, Including (but not exhaustive): dynamic content via interpreting languages (PHP) authentication via lots of different back-ends (database, LDAP, pam etc.) database support proxying etc. Full list: To put it another way: if Apache can't do it, it's not wort doing.

4 Features II Virtual hosting is one of the most important features
Virtual hosting is a method for hosting multiple domain names (with separate handling of each name) on a single server (or pool of servers). This allows one server to share its resources, such as memory and processor cycles, without requiring all services provided to use the same host name. Apache Provides multiple options of virtual hosting and scales Name Based virtual hosts IP Based Virtual Hosts Aliases Its recommended to use an IP address over hostnames in virtual hosting configuration

5 IP vs. Name? In the „good old days“ HTTP ruled, name based virtual hosting was common One could not do HTTPS name based virtual hosting, because TLS handshake must be completed BEFORE http request. Problem IP adresses are more and more scarse Solution: SNI Server Name Indication (SNI) is an extension to the TLS computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. This allows a server to present multiple certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites (or any other Service over TLS) to be served off the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 name-based virtual hosting, but for HTTPS. The desired hostname is not encrypted, so an eavesdropper can see which site is being requested.

6 Apache and TLS Lets review some key points Default TLS port is 443
HTTPS is important to protect communication between browser and web-server Implenetation requires the creation of SSL certificates and Certificate Signing Requests (CSR) For integrity SSL certificates are signed by a Certificate Authority’s (CA) such as Verisign Self signed Certificates will also work but your browser will not trust it and will give a warning to users (which most don’t read) To use a HTTPS feature a module must be loaded first

7 SSL Certificate Each SSL certificate has a Public and Private key
The Public Key is used to encrypt the information The Public Key is accessible to everyone The private Key is used to decipher the information The private should be not be disclosed

8 Role of CA There are a number of CA that certify certificates
Most browsers have pre-included public Keys from the CA’s A CA certified certificate will have validation information signed by the CA’s private key The browser will decrypt the validation information using the public key and verify that the certificate is certified by the CA If this fails a warning is given Security tip: it's actually very easy and cheap to obtain an „simple“ certificate. Only domain ownership validation are done. most users do not notice nor understand the problem. Due to limitation of our environment only self-signed certs are used in labs :(

9 Tips: Apache configuration files
Example configuration tree /etc/apache2/ (sometimes httpd) ├── apache2.conf (general conf, not many actual directives here) ├── conf.d (here goes real configuration) │   ├── charset │   ├── localized-error-pages │   ├── other-vhosts-access-log │   └── security ├── envvars ├── magic ├── mods-available │   ├── actions.conf /../ │   ├── php5.conf │   └── vhost_alias.load ├── mods-enabled │   ├── php5.conf -> ../mods-available/php5.conf │   ├── php5.load -> ../mods-available/php5.load │   └── status.load -> ../mods-available/status.load ├── ports.conf (here goes your Listen directive) ├── sites-available │   ├── default │   ├── default-ssl │   └── portal.conf └── sites-enabled └── 000-quake -> ../sites-available/portal.conf

10 Some more tips to help you
To use a feature, appropriate module must be loaded Good practice is to use <IfModule> Modules can be enabled via manual symlinking or use utility a2enmod sometimes you need to install module first with apt Sites can be enabled via manual symlinking or use utility a2enmod As usual to services of UNIX-like systems Apache will not re-read the .conf files after the Web server starts running. usually „service apache2 reload“ is enough to re-read and activate new configuration but not always. Restart always works. apachectl is another useful utility for admin, check it out Use official documentation from that corresponds your server version. DO NOT trust any crap you can google out. Wish you success with your lab

Download ppt "Apache web server Quick overview."

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Module 5: Configuring Access to Internal Resources.

Module 5: Configuring Access to Internal Resources.
Apache Web Server Quick and Dirty Steve Gibbard for SANOG 16 (Originally by Joel Jaeggli for AfNOG 2007) ‏

Apache Web Server Quick and Dirty Steve Gibbard for SANOG 16 (Originally by Joel Jaeggli for AfNOG 2007) ‏
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
CP476 Internet Computing Browser and Web Server 1 Web Browsers A client software program that allows you to access and view Web pages on the Internet –Examples.

CP476 Internet Computing Browser and Web Server 1 Web Browsers A client software program that allows you to access and view Web pages on the Internet –Examples.
Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.

Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.
Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
IST346:  Web Services. Today’s Agenda  Learn the basics of how the Web works  Understand various web service architectures  Address scaling, security,

IST346:  Web Services. Today’s Agenda  Learn the basics of how the Web works  Understand various web service architectures  Address scaling, security,
APACHE SERVER By Innovationframes.com »

APACHE SERVER By Innovationframes.com »
Chapter 22 Web Hosting and Internet Servers Xuanxuan Su.

Chapter 22 Web Hosting and Internet Servers Xuanxuan Su.
Linux Operations and Administration

Linux Operations and Administration
TOPIC 1 – SERVER SIDE APPLICATIONS IFS 234 – SERVER SIDE APPLICATION DEVELOPMENT.

TOPIC 1 – SERVER SIDE APPLICATIONS IFS 234 – SERVER SIDE APPLICATION DEVELOPMENT.
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN
Hosted Exchange 2007. The purpose of this Startup Guide is to familiarize you with ExchangeDefender's Exchange and SharePoint Hosting. ExchangeDefender.

Hosted Exchange The purpose of this Startup Guide is to familiarize you with ExchangeDefender's Exchange and SharePoint Hosting. ExchangeDefender.
Web Server Configuration Alokes Chattopadhyay Computer & Informatics Centre IIT Kharagpur.

Web Server Configuration Alokes Chattopadhyay Computer & Informatics Centre IIT Kharagpur.
Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as e-mail.

Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as .

Similar presentations

Ads by Google