Sunday, March 16, 2014

How httpd.conf configuration file works (including access controls examples)


-----
How httpd.conf configuration file works (including access controls examples)

Configuration Files Backup:

As you progress with your development activities, you may have changed the httpd.conf and php.ini and wish to restore them. Download the original files here:
1) httpd.conf
2) php.ini

Introduction

httpd.conf is a configuration file which is used by the Apache HTTP Server. It stores information on various functions of the server, which can be edited by removing or adding a number sign "#" at the beginning of the line, thus setting values for each directive.
The httpd.conf file can be located on any Unix-based system that complies with the Filesystem Hierarchy Standard under the following path: /etc/httpd/httpd.conf.
This file, httpd.conf was once used in Microsoft's Internet Information Services (IIS).
In addition, other configuration files may be added using the Include directive, and wildcards can be used to include many configuration files. Any directive may be placed in any of these configuration files. Changes to the main configuration files are only recognized by Apache when it is started or restarted.
The server also reads a file containing mime document types; the filename is set by the TypesConfig directive, and is mime.types by default.

Steps

1) The official documentation page at http://httpd.apache.org/docs/2.2/configuring.html provide important guides on using httpd.conf.
2) Open c:\xampp15\apache\conf\httpd.conf file. The details should look like here. Delete/Add the symbol # at the beginning of each of the lines to Activate/Deactivate the command.
3) Below are some examples:
  • #ScriptAlias /php/ "/xampp/php/" (What is ScriptAlias?)
  • #Action application/x-httpd-php "/php/php-cgi.exe"
  • LoadModule php5_module "/xampp/apache/bin/php5apache2.dll"
  • AddType application/x-httpd-php-source .phps
  • AddType application/x-httpd-php .php .php5 .php4 .php3 .phtml
  • 255 - 259
  • 318 - ServerName localhost:80
  • 334 - DocumentRoot "/xampp/htdocs"
  • 344-347
  • 359 - 392
  • <Directory "/xampp/htdocs">
  • #
  • # Possible values for the Options directive are "None", "All",
  • # or any combination of:
  • #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI Multiviews
  • #
  • # Note that "MultiViews" must be named *explicitly* --- "Options All"
  • # doesn't give it to you.
  • #
  • # The Options directive is both complicated and important.  Please see
  • # http://httpd.apache.org/docs-2.0/mod/core.html#options
  • # for more information.
  • #
  •     Options Indexes FollowSymLinks Includes ExecCGI
  •     AddType text/html .shtml
  •     AddHandler server-parsed .shtml
  •     AddHandler cgi-script .cgi .pl
  • # ReadmeName footer.html
  • #
  • # AllowOverride controls what directives may be placed in .htaccess files.
  • # It can be "All", "None", or any combination of the keywords:
  • #   Options FileInfo AuthConfig Limit
  • #
  •     AllowOverride All
  • #
  • # Controls who can get stuff from this server.
  • #
  •     Order allow,deny
  •     Allow from all
  • </Directory>
  • 490 - ErrorLog logs/error.log
  • 497 - LogLevel warn
4) PHP Configuration in httpd.conf
4.1) Refer line no. 249 - 253. These lines defines the PHP methods, processor location and associated file extension. Further discussion can be found at http://secure-steps.blogspot.com/2014/03/how-apache-and-php-works.html 
5) Scope of Directives.
5.1) Directives placed in the main configuration files apply to the entire server. If you wish to change the configuration for only a part of the server, you can scope your directives by placing them in <Directory><DirectoryMatch><Files><FilesMatch><Location>, and <LocationMatch> sections. (Readhttp://httpd.apache.org/docs/2.2/configuring.html#scope  )
5.2) In the above examples, there are three directories specified.
  • phpmyadmin
  • root
  • htdocs
6) Learning the httpd.conf items.
Reading and Editing httpd.conf is sometimes tricky because the file content is very long. In windows you can use ApacheConfLite program to learn httd.conf in a friendlier way.
6.1) Download ApacheConfLite from http://www.apache-gui.com/cgi-bin/go.cgi?4 . Install the program.
6.2) Run the program.
6.3) Click New Project.
6.4) Click Add Server.
6.5) Type the name xampp15.
Click Next.
6.6) In Server options, specify path to httpd.conf file.
Click Next.
6.7) In Server options, accept default computer name.
Click Next.
6.8) In Server options, enter URL for the server eg http://localhost .
Click Next.
6.9) In Server options, accept default log path.
6.10) Once the server name is displayed in the main panel, click the server name to select it.
- The server tree structure is displayed in the Project Tree.
- The server status is displayed in Summary section.
6.11) Click Directories to view the specified directory in the httpd.conf.
6.12) Click the directory C:/xampp15/phpMyAdmin
6.13) We are going to comment the existing directives.
Tick the check boxes.
6.14) Add new directive “Deny”.
Press Enter or Click Ok.
6.15) Type all in the box besides “Deny from” item.
6.16) Save the project file.
Click the save button.
Save as “Project1” in My Documents folder.
6.17) The program displays Update finished.
6.18) Close ApacheConfLite.
6.19) Restart Apache using XAMPP Control Panel.
Click Stop.
Click Start.
6.20) Test URL http://localhost/phpmyadmin 
6.21) Run ApacheConfLite to reverse the directives. Restart your server to see that access to phpmyadmin is restored.
6.22) Replace your modified httpd.conf with this original httpd.conf file.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)