3. Getting, build and install Apache with its basic modules

3.1. Get and untar the Apache Source

3.1.1. What is Apache

Quoting www.apache.org

The Apache Project is a collaborative software development effort aimed at creating a robust, commercial-grade, featureful, and freely-available source code implementation of an HTTP (Web) server. The project is jointly managed by a group of volunteers located around the world, using the Internet and the Web to communicate, plan, and develop the server and its related documentation. These volunteers are known as the Apache Group. In addition, hundreds of users have contributed ideas, code, and documentation to the project. This file is intended to briefly describe the history of the Apache Group and recognize the many contributors.

From the authors point of view:

Its simply the best Webserver-Software, its very flexible to configure to match your needs, and its E-X-T-R-E-M-E stable! I personally never experianced a crash in a productive (=non-experimental stuff) enviroment

Anybody experianced a crash please mail me, your crash-report will be published right here...

3.1.2. Download the source

Origin-Site http://www.apache.org/dist/httpd/

cd /usr/local/

tar -xvzf apache_1.3.22.tar.gz

3.1.3. Patch for largescale sites

Download the patch from: http://www.delouw.ch/linux/apache-patch_HARD_SERVER_LIMIT.txt

--- httpd.h-old Wed Jan 31 00:58:19 2001 
+++ httpd.h Wed Jan 31 01:09:25 2001 
@@ -314,7 +314,7 @@ 
#ifdef WIN32 
#define HARD_SERVER_LIMIT 1024 
-#define HARD_SERVER_LIMIT 256 
+#define HARD_SERVER_LIMIT 512 

This patch does increase the maximum concurrent accessing clients to 512. Feel free to increase it further, if you hacked your kernel and edited your /etc/security/limits.conf (this is ONLY for experianced users! With wrong conditions this could be a “self-Denial-of-service-attack”!! Be sure you have enought processes left for root)

Kernel-hack patch will follow as soon as possible

Apply the patch using:

cd /usr/local/apache_1.3.22/src/include

patch -p0 < apache-patch_HARD_SERVER_LIMIT.txt

3.2. mod_ssl

3.2.1. What is mod_ssl

Quoting www.modssl.org

This module provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols by the help of the Open Source SSL/TLS toolkit OpenSSL, which is based on SSLeay from Eric A. Young and Tim J. Hudson.

From the authors point of view:

This module is needed to make enable Apache for SSL-Requests (https) It applies a patch to the Apache source-code and extends its API

Make sure Any other module for your Apache-Server is compiled with the compiler-flag -DEAPI or your Webserver maybee crashes or could not be started

Allmost all modules I know do that by themself execpt mod_jserv and mod_jk

3.2.2. Download the source


3.2.3. Applying the patch to the apache source

cd /usr/local/

tar -xvzf mod_ssl-2.8.5-1.3.22.tar.gz
cd mod_ssl-2.8.5-1.3.22/

./configure \
--with-apache=/usr/local/apache_1.3.22 \
--with-ssl=/usr/local/ssl \
--enable-shared=ssl \

3.3. mod_perl

3.3.1. What is mod_perl

Quoting perl.apache.org

With mod_perl it is possible to write Apache modules entirely in Perl. In addition, the persistent interpreter embedded in the server avoids the overhead of starting an external interpreter and the penalty of Perl start-up time.

From the authors point of view:

mod_perl is some kind of substitute for cgi-bin's. cgi's typically forks for each request a new process, and produces a lot of overhead, with mod_perl the perl-interpreter is loaded persistant in the apache-server and does not need to fork any processes for each request

3.3.2. Download the source

Origin-Site: http://www.apache.org/dist/perl

3.3.3. Building and installing

cd /usr/local

tar -xvzf mod_perl-1.26.tar.gz

cd mod_perl-1.26

perl Makefile.PL \
APACHE_SRC=../apache_1.3.22/src \

make install

Notice: Do not compile mod_perl as dso! According to info's I have, apache will crash (I never tried)

3.4. Configure and build Apache

Now the two static modules mod_ssl and mod_perl are configured and the Apache Source has been patched

3.4.1. Building and installing

EAPI_MM="/usr/local/mm-1.1.3" SSL_BASE="/usr/local/ssl" \
./configure \
--enable-module=unique_id \
--enable-module=rewrite \
--enable-module=speling \
--enable-module=expires \
--enable-module=info \
--enable-module=log_agent \
--enable-module=log_referer \
--enable-module=usertrack \
--enable-module=proxy \
--enable-module=userdir \
--enable-module=so \
--enable-shared=ssl \
--enable-module=ssl \
--activate-module=src/modules/perl/libperl.a \

make install

3.4.2. Create self-signed SSL-certificate

cd /usr/local/ssl/bin

./openssl req -new > new.cert.csr
./openssl rsa -in privkey.pem -out new.cert.key
./openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 999

cp new.cert.key /usr/local/apache/conf/ssl.key/server.key
cp new.cert.cert /usr/local/apache/conf/ssl.crt/server.crt

Notice: OpenSSL asks you different things, an error often done is enter a wrong "common name". This is the fully qualified hostname of your Server i.e www.foo.org

3.5. mod_dav

3.5.1. What is mod_dav

Quoting www.webdav.org

mod_dav is an Apache module to provide DAV capabilities (RFC 2518) for your Apache web server. It is an Open Source module, provided under an Apache-style license.

mod_dav is maintained by gstein@lyra.org

From the authors point of view:

DAV means: "Distributed authoring and Versioning" It allows you to manage your Website similar to a filesystem. Its meant to replace ftp-uploads to your Webserver.

DAV is supported by all major Web-developpment-Tools (newer Version) and is going to be a widly accepted standart for Web-publishing

3.5.2. Download the source

Origin-Site: http://www.webdav.org/mod_dav/

3.5.3. Building and installing

cd /usr/local

tar -xvzf mod_dav-1.0.3-1.3.6.tar.gz
cd mod_dav-1.0.3-1.3.6

./configure --with-apxs=/usr/local/apache/bin/apxs

make install

Notice: the filename mod_dav-1.0.3-1.3.6 suggests that it will only run with apache 1.3.6 but it means it will run with all apaches >= 1.3.6

3.6. auth_ldap

3.6.1. What is auth_ldap

Quoting www.rudedog.org

auth_ldap is an LDAP authentication module for Apache, the world's most popular web server. auth_ldap has excellent performance, and supports Apache on both Unix and Windows NT. It also has support for LDAP over SSL, and a mode that lets Micros˜1 Frontpage clients manage their web permissions while still using LDAP for authentication.

From the authors point of view:

If you like to consolidate your login-facilities to a common user/passwd base, LDAP is the right way. LDAP is an open standart and widly supported.

Login-facilities for LDAP:

Unix-Logins for Linux, Solaris (others?) FTP-Logins (some ftp-daemons) http Basic Authentication Tarantella Authentication and Role-Management Samba Authentication (2.2.x should support this, the author is currently leading a project to try that pls standby) Others I forgot to mention :-) LDAP is role based, that means, you can define a role "manager" assign a user as member and that user can login wherever a manager is allowed to login

3.6.2. Download the source

Origin-Site: http://www.rudedog.org/auth_ldap/

3.6.3. Building and installing

cd /usr/local

tar -xvzf auth_ldap-1.6.0.tar.gz

cd auth_ldap-1.6.0

./configure --with-apxs=/usr/local/apache/bin/apxs \

make install

3.7. mod_auth_mysql

3.7.1. What is mod_auth_mysql

Its an http-Basic Authentication Module. It allows you to maintain your user comfortable in a MySQL-Database

3.7.3. Building and installing

gunzip mod_auth_mysql.c.gz

/usr/local/apache/bin/apxs \
-c -I/usr/local/mysql/include \
-L/usr/local/mysql/lib/mysql \
-lmysqlclient -lm mod_auth_mysql.c

cp mod_auth_mysql.so /usr/local/apache/libexec/

Add this line in your httpd.conf:

LoadModule mysql_auth_module libexec/mod_auth_mysql.so

And where the other modules were added:

AddModule mod_auth_mysql.c

Take care that the path of Mysql libs and includes are correct!

Notice: Be sure that /usr/local/mysql/lib/mysql is in /etc/ld.so.conf befor compiling

Use AuthMySQLCryptedPasswords Off or it does not work! (under investigation why not)

3.7.4. Sample configuration /usr/local/apache/conf/httpd.conf

<location /manual/>
  AuthType Basic
  AuthUserfile /dev/null
  AuthName Testing
  AuthGroupFile /dev/null
  AuthMySQLHost localhost
  AuthMySQLCryptedPasswords Off
  AuthMySQLUser root
  AuthMySQLDB users
  AuthMySQLUserTable user_info
  <Limit GET POST>
    require valid-user
</location> Script for creating the MySQL-Database

just type:

mysql < authmysql.sql

The File authmysql.sql contents:

  create database http_users;
  connect http_users;

  CREATE TABLE user_info (
  user_name CHAR(30) NOT NULL,
  user_passwd CHAR(20) NOT NULL,
  user_group CHAR(10),
  PRIMARY KEY (user_name);

3.8. mod_dynvhost

3.8.1. What is mod_dynvhost

Its a small module that allows you to define new Vritual Host "on-the-fly" just create a new Directoy in your vhost-path, thats it. You dont need to restart your Webserver

Its maybe a good solution for Mass-Virtual-hosting for ISP's

3.8.2. Download the source

Origin-Site: http://funkcity.com/0101/projects/dynvhost/mod_dynvhost.tar.gz

3.8.3. Builing and installing

cd /usr/local

tar -xvzf mod_dynvhost.tar.gz

cd dynvhost/

/usr/local/apache/bin/apxs -i -a -c mod_dynvhost.c

Notice: Take a look in httpd.conf if mod_dynvhost.so is loaded at startup:

LoadModule dynvhost_module libexec/mod_dynvhost.so

3.8.4. Sample configuration /usr/local/apache/conf/httpd.conf

<DynamicVirtualHost /usr/local/apache/htdocs/vhosts/> 
  HomeDir / 

Now create a Directory for each virtualhost in /usr/local/apache/htdocs/vhosts/



You dont need to restart your Webserver

3.9. mod_roaming

3.9.1. What is mod_roaming

Quoting www.klomp.org/mod_roaming/

With mod_roaming you can use your Apache webserver as a Netscape Roaming Access server. This allows you to store your Netscape Communicator 4.5 preferences, bookmarks, address books, cookies etc. on the server so that you can use (and update) the same settings from any Netscape Communicator 4.5 that can access the server.

From the authors point of view:

Its really cool stuff! Unfortunatly it does not work over proxy-connection. You kan keep your Netscape 4.x bookmarks etc. synchronized on different machines

3.9.2. Download the source

Origin-Site: http://www.klomp.org/mod_roaming/

3.9.3. Building and installing

cd /usr/local 

tar -xvzf mod_roaming-1.0.2.tar.gz

cd mod_roaming-1.0.2

/usr/local/apache/bin/apxs -i -a -c mod_roaming.c

Notice: Check httpd.conf if mod_roaming is loaded at startup:

LoadModule roaming_module libexec/mod_roaming.so

Should be installed automatically

3.9.4. Sample configuration /usr/local/apache/conf/httpd.conf

RoamingAlias /roaming /usr/local/apache/roaming
<Directory /usr/local/apache/roaming>
  AuthUserFile /usr/local/apache/conf/roaming-htpasswd
  AuthType Basic
  AuthName "Roaming Access"
    require valid-user