SCS Computing
 Services and Solutions
  links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 » How to… 
 » Accounts & passwords 
 » AFS 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Support lifecycle 
 » Web publishing 
 » Mac support 
 » Linux support 
 » Windows PC support 

Using the httpd collection to set up a web server

SCS Facilities maintains an "httpd" misc collection that contains the files needed to set up an Apache web server (version 1.3.x) with built-in PHP4, PHP5, mod_perl, and SSL on a Facilitized Unix/Linux host.
Note: This misc collection is now deprecated and supported only on older platforms, most notably Fedora Core 3, Fedora Core 5, Fedora 7 and Solaris 9. For newer platforms (Fedora 10, Fedora 14 and Solaris 10), see the apache2 misc collection page.

Server configuration issues

  • You are responsible for making sure that your web server does not serve any information not intended to be publicly available. In particular, you should not make arbitrary directories in AFS publicly available. Keep in mind that your workstation is probably a member of some AFS special groups (such as "system:friendlyhost") to which the main SCS web servers do not belong.
  • If you will be writing or installing CGI scripts, be aware of the security issues with those scripts. See the CGI security FAQ [offsite link, will open in a new window] for details about some of the security issues with such scripts. Also, it's recommended that you use "IncludesNOEXEC" if you enable server-side includes.

Server installation and setup

To install the httpd collection, you will need to perform the following steps as root. If you have not used root privileges on a Facilitized Unix/Linux host before, please see our documentation on local administration of Facilitized Unix/Linux hosts before proceeding.
  1. Subscribe to the httpd collection. To subscribe to the httpd collection, edit or create the file /etc/quirk.local. Either add a new line:
    to the file, or add "httpd" to the comma-separated list of existing services. Note: there can only be one "services" line. Adding a second line will not work.
  2. Make sure that you are using the right SUP distribution host. In order to use services collections, your SUP host must be To switch to this SUP host, create (or modify) the file /etc/disthost so that the contents of the file consist of the single line:
  3. Run dosupdepot. After you modify /etc/quirk.local, run /usr/local/bin/dosupdepot.
  4. Start the server. The web server runs under nanny, a "server babysitter" (run "man nanny" for more information). To start the server, you should run the following two commands:
    /usr/local/etc/nanny -reconfigure /etc/nanny.conf
    to have nanny recognize the new server, and
    /usr/local/etc/nanny -restart httpd
    to have nanny start httpd.

Your web server is now ready to go.

Server configuration

As part of installation process, an entry for a "wwwsrv" user will be added to /etc/passwd if such an entry does not already exist. Some directories and files of note:

This directory contains the configuration files for httpd
This file contains a sample default configuration. It will automatically be copied to /etc/httpd/httpd.conf, which is the working configuration file, if that file does not exist. httpd.conf.example also contains extensive comments describing the web server configuration.
This file contains various command-line arguments to be added to the httpd process invocation. Its existance is optional.
This directory contains included configuration files for varius web server features.
/usr/wwwsrv/htdocs/ & /usr/wwwsrv/cgi-bin
Where the served documents and CGI scripts, respectively, are served from by default. The initial configuration script may attempt to symlink /usr/wwwsrv to /usr0/wwwsrv depending on whether or not these directories already exist.
This directory is where the web server logs are stored by default

If you need to configure your server, you should edit /etc/httpd/httpd.conf to suit your needs. If your server needs to support SSL, you will need a web server certificate. To generate a certificate signing request (CSR) and request a signed certificate, see our instructions for generating a CSR.

Enabling mod_perl

To enable mod_perl, create or edit the file /etc/httpd/httpd.opts. Either add the line:

to the empty file or add "-DUSE_mod_perl" to the end of the space-separated list of command-line arguments on the first line of the file. Note: This file should contain only a single line of flags and nothing else.

Enabling PHP 4 or 5

The httpd misc collection includes both PHP 4 and PHP 5, but only one of them may be enabled at a time. All standard extensions have been built-in, including the MySQL extensions which can be used to interface with a MySQL database server.

To enable PHP 4 or PHP 5, create or edit the file /etc/httpd/httpd.opts. Either add the line:

to the empty file or add "-DUSE_mod_php4" or "-DUSE_mod_php5" to the end of the space-separated list of command-line arguments on the first line of the file. Note: This file should contain only a single line of flags and nothing else.

Additional information

The following offsite links will open in a new browser window:
The Apache HTTP server
Documentation and other information about the Apache server.
WWW security FAQ
General information about World Wide Web security issues.