Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 
Advanced search tips 
 
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Mac support 
 » Linux support 
 » Windows PC support 

Using the apache2 collection to set up a web server

SCS Facilities maintains a misc collection that contains the files needed to set up an Apache web server (version 2.2.x) with built-in SSL, PHP5, mod_perl, mod_python, and WebISO/Pubcookie support. The "apache2" misc collection is supported on the following Facilitized Unix/Linux platforms:

  • Fedora 14
  • Fedora 10
  • Solaris 10
For older platforms (Fedora Core 3, Fedora Core 5, Fedora Core 7 and Solaris 9), see the documentation on the httpd misc collection page and for RedHat 9 and Solaris 7, see the documentation on the wwwsrv misc collection page.

Server configuration issues

  • You are responsible for making sure that your web server does not serve any information not intended to be publicly available. In particular, you should not make arbitrary directories in AFS publicly available. Keep in mind that your workstation is probably a member of some AFS special groups (such as "system:friendlyhost") to which the main SCS web servers do not belong.
  • If you will be writing or installing CGI scripts, be aware of the security issues with those scripts. See the CGI security FAQ [offsite link, will open in a new window] for details about some of the security issues with such scripts. Also, it's recommended that you use "IncludesNOEXEC" if you enable server-side includes.

Server installation and setup

To install the apache2 collection, you will need to perform the following steps as root. If you have not used root privileges on a Facilitized Unix/Linux host before, please see our documentation on local administration of Facilitized Unix/Linux hosts before proceeding.

  1. Subscribe to the apache2 collection. To subscribe to the apache2 collection, edit or create the file /etc/quirk.local. Either add a new line:
    services=apache2
    

    to the file, or add " apache2" to the comma-separated list of existing services. Note: there can only be one "services" line. Adding a second line will not work.

  2. Make sure that you are using the right SUP distribution host. In order to use services collections, your SUP host must be dist.fac.cs.cmu.edu. To switch to this SUP host, create (or modify) the file /etc/disthost so that the contents of the file consist of the single line:
    dist.fac.cs.cmu.edu
    
  3. Run dosupdepot. After you modify /etc/quirk.local, run /usr/local/bin/dosupdepot.
  4. Start the server. The web server runs under nanny, a "server babysitter" (run "man nanny" for more information). To start the server, you should run the following two commands:

    /usr/local/etc/nanny -reconfigure /etc/nanny.conf

    to have nanny recognize the new server, and

    /usr/local/etc/nanny -restart apache2

    to have nanny start apache2.

Your web server is now ready to go.

Server configuration

As part of installation process, an entry for a "wwwsrv" user will be added to /etc/passwd if such an entry does not already exist. Some directories and files of note:

/etc/apache2/
This directory contains the configuration files for Apache
/etc/apache2/httpd.conf.example
This file contains a sample default configuration. It will automatically be copied to /etc/apache2/httpd.conf, which is the working configuration file, if that file does not exist. httpd.conf.example also contains extensive comments describing the web server configuration.
/etc/apache2/apache2.opts
This file contains various command-line arguments to be added to the Apache process invocation. Its existance is optional.
/etc/apache2/conf/
This directory contains included configuration files for varius web server features.
/usr/apache2/htdocs/ & /usr/apache2/cgi-bin
Where the served documents and CGI scripts, respectively, are served from by default. The initial configuration script may attempt to symlink /usr/wwwsrv to /usr0/wwwsrv depending on whether or not these directories already exist.
/var/log/apache2/
This directory is where the web server logs are stored by default

If you need to configure your server, you should edit /etc/apache2/httpd.conf to suit your needs. If your server needs to support SSL, you will need a web server certificate. To generate a certificate signing request (CSR) and request a signed certificate, see our instructions for generating a CSR.

Enabling mod_perl

To enable mod_perl, create or edit the file /etc/apache2/apache2.opts. Either add the line:

-DUSE_mod_perl 

to the empty file or add "-DUSE_mod_perl" (sans quotes) to the end of the space-separated list of command-line arguments on the first line of the file. Note: This file should contain only a single line of flags and nothing else.

Enabling PHP 5

The apache2 misc collection includes PHP 5, and all standard extensions have been built-in, including the MySQL extensions which can be used to interface with a MySQL database server.

To enable PHP 5, create or edit the file /etc/apache2/apache2.opts. Add the line:

 -DUSE_mod_php5 

to the empty file or add "-DUSE_mod_php5" (sans quotes) to the end of the space-separated list of command-line arguments on the first line of the file.

Note: This file should contain only a single line of flags and nothing else.

Enabling mod_python

The apache2 misc collection includes mod_python.

To enable mod_python, create or edit the file /etc/apache2/apache2.opts. Add the line:

  -DUSE_mod_python
 

to the empty file or add "-DUSE_mod_python" to the end of the space-separated list of command-line arguments on the first line of the file.

Note: This file should contain only a single line of flags and nothing else.

Additional information

The following offsite links will open in a new browser window:
The Apache HTTP server
Documentation and other information about the Apache server.
WWW security FAQ
General information about World Wide Web security issues.