Customizing Apache HTTP Server

Here we will learn some common ways to customize the Apache HTTP Server.

Customizing Apache HTTP Server involves the following steps.
1) Changing the IP Address(es) and/or Port(s) used to bind
2) Changing the DocumentRoot directory
3) Changing the MPM module
4) Enabling the use of www in URL always
5) Disabling the use of www in URL always
6) Redirecting plain-text webpages to SSL encrypted webpages
7) Setting up VirtualHosts
8) Setting up per-user web directories

1) Changing the IP Address(es) and/or Port(s) used to bind
Apache HTTP Server by default is configured to bind on all IP addresses and Port 80 on a given system. We had changed this default behavior during the Post Installation procedures by making Apache HTTP Server to bind only on a dedicated IP and localhost IP 127.0.0.1, both on Port 80.

Suppose, we want Apache HTTP Server to listen on the IP address 192.0.2.1 on port 80. Also we want Apache HTTP Server to listen on IP address 192.0.2.5 on port 8000.
Open Apache HTTP Server Server’s main configuration file httpd.conf. Look for the line containing Listen directive that defines the IP address and port number. Below this line add the following content.

Listen 192.0.2.1:80
Listen 192.0.2.5:8000

Save and close the file.

OR

Suppose we already have set the IP addresses for Apache HTTP Server to listen to. Now we want Apache HTTP Server to listen on ports 800 and 8000.
Open Apache HTTP Server‘s main configuration file httpd.conf. Look for the line containing Listen directive that defines the IP address and port number. Below this line add the following content.

Listen 800
Listen 8000

Save and close the file.

Restart the apache service.

# service apache restart

2) Changing the DocumentRoot directory
A DocumentRoot is the directory that forms the main document tree visible from the web. It is the directory where all the website files are stored. The default DocumentRoot directory for Apache HTTP Server is set to /usr/local/apache2/htdocs/. To change this, follow the below steps.

Suppose we want to to change the DocumentRoot directory to /var/www/htdocs/. Open Apache HTTP Server‘s main configuration file httpd.conf. Look for the line DocumentRoot “/usr/local/apache2/htdocs”. Below there will be another line <Directory “/var/www/htdocs”>. Change the value of directives DocumentRoot and Directory from /usr/local/apache2/htdocs to /var/www/htdocs. Now the lines must look as shown below.

DocumentRoot "/var/www/htdocs"
<Directory "/var/www/htdocs">

Create the new DocumentRoot directory /var/www/htdocs/.

# mkdir /var/www/htdocs

Set proper permissions for the newly created DocumentRoot. See Post Installation procedure for additional information. Change the Owner and Group of htdocs directory to apache.

# chown -R apache:apache /var/www/htdocs

OPTIONS EXPLAINED

-R
operate on files and directories recursively

Now there is a problem. /var/www/htdocs is the system DocumentRoot directory. The contents of this directory are usually modified by the standard user from a local machine. But the standard user does not have access to this directory. So everytime we have to modify the contents of this directory, we will have to do it as root user and set proper permissions afterwards. This is an inconvenience. Performing the following steps will solve this issue.

We have already added the group apache as a supplementary group to the standard user’s group during the Post Installation procedure.

Provide write permission to members of apache group, so that the standard user will have write access to the DocumentRoot directory.

# chmod -R g+w /var/www/htdocs

OPTIONS EXPLAINED

-R
operate on files and directories recursively

g+w
Set write permission for users who are members of the file's group

Still, there is a problem. If the standard user creates a file/directory inside the htdocs directory, the owner will be set to standard user and group will be set to primary group of standard user. As a result, Apache HTTP Server will not have write access to those files/directories unless we set proper permissions as root.

This can be overcome by setting SGID bit on the htdocs directory. This makes the created file/directory to retain the group ownership of directory with SGID under which it was created. Thus Apache HTTP Server will have read&write access to these file/directories. For this, execute the below command in terminal.

# find /var/www/htdocs -type d -exec chmod g+s {} ;

OPTIONS EXPLAINED


find
search for files in a directory hierarchy

-type
File is of type:
b      block (buffered) special
c      character (unbuffered) special
d      directory
p      named pipe (FIFO)
f      regular file
l      symbolic link; this is never true if the -L option or the -follow option is in effect, unless the symbolic link is broken. If you want to search for symbolic links when -L is in effect, use -xtype.
s      socket
D      door (Solaris)

-exec command ;
Execute command; true if 0 status is returned. All following arguments to find are taken to be arguments to the command until an argument consisting of ‘;’ is encountered. The string ‘{}’ is replaced by the current file name being processed everywhere it occurs in the arguments to the command, not just in arguments where it is alone, as in some versions of find. Both of these constructions might need to be escaped (with a ‘’) or quoted to protect them from expansion by the shell. See the EXAMPLES section for examples of the use of the -exec option. The specified command is run once for each matched file. The command is executed in the starting directory. There are unavoidable security problems surrounding use of the -exec action; you should use the -execdir option instead.



chmod
change file mode bits

g+s
Set SetGID bit for users who are members of the file's group

Restart the apache service gracefully.

# service apache graceful

3) Changing the MPM module
MPM or Multi Processing Module allow Apache HTTP Server to work on a wide variety of platforms in a different range of environments. Apache HTTP Server for Linux ships with three MPM modules; mod_mpm_prefork.so, mod_mpm_worker.so and mod_mpm_event.so.

TIP: Read about MPM or Multi Processing Module.

If we do not make a choice at compile-time, the default MPMs for the corresponding Platform/OS will be selected. In the case of Unix like systems, the decision as to which MPM is installed is based on two questions.
1. Does the system support threads?
2. Does the system support thread-safe polling (Specifically, the kqueue and epoll functions)?

If,
1=Yes & 2=Yes => MPM is event

1=Yes & 2=No => MPM is worker

1=No & 2=No => MPM is prefork

In practical terms, this means that the default will almost always be event, as all modern operating systems support these two features.

Apache HTTP Server will automatically select the best MPM module suited for our system. But sometimes we may want to switch MPMs as a personal preference or for a specific requirement. In that case, we have to follow the below steps.

Let us check the MPM modules installed by Apache HTTP Server.

# ls /usr/local/apache2/modules | grep mpm

All or any of the modules mod_mpm_prefork.so, mod_mpm_worker.so, mod_mpm_event.so will be listed.

We can check the MPM chosen by Apache HTTP Server by issuing the following command in terminal.

# httpd -V

OPTIONS EXPLAINED

-V
Print the version and build parameters of httpd, and then exit.

Open Apache HTTP Server‘s main configuration file httpd.conf.
Let us disable our current MPM. Look for the line containing mod_mpm. Comment out that line.
I had mod_mpm_event.so MPM selected by Apache HTTP Server.
So the line in my configuration file now looks as shown below.

#LoadModule mpm_event_module modules/mod_mpm_event.so

Suppose,
We have to use the mod_mpm_worker.so MPM. Below the commented out line, add the following entry.

LoadModule mpm_worker_module modules/mod_mpm_worker.so

OR
If we have to use the mod_mpm_prefork.so MPM. Below the commented out line, add the following entry.

LoadModule mpm_prefork_module modules/mod_mpm_prefork.so

Save and close the file.

There is an extra configuration file httpd-mpm.conf, that contains the MPM related settings.
We have already enabled this file during the Post Installation procedures.

Restart the Apache service.

# service apache restart

We can always verify if the chosen MPM is loaded by Apache HTTP Server. Issue the following command in terminal.

# httpd -V

OPTIONS EXPLAINED

-V
Print the version and build parameters of httpd, and then exit.

4) Enabling the use of www in URL always
Suppose we want our website URL to always have a www prepended to the domain name. That is if someone typed in http://example.com, the URL should always redirect to http://www.example.com. Perform the following steps for this.

The configuration provided below should be placed inside the <VirtualHost> or <Directory> or <Location> block of Apache HTTP Server‘s configuration files or inside .htaccess files.
NOTE:
• Read about htaccess directives.
• Read about enabling mod_rewrite.so module.
• Replace example and .com to match your domain name.

RewriteEngine on
RewriteCond %{HTTP_HOST} ^([a-z.]+)?example.com$ [NC]
RewriteCond %{HTTP_HOST} !^www. [NC]
RewriteRule .? http://www.%1example.com%{REQUEST_URI} [R=301,L]

OPTIONS EXPLAINED


RewriteEngine on
Enables the runtime rewriting engine


RewriteCond %{HTTP_HOST} ^([a-z.]+)?example.com$ [NC]
Ist Condition under which rewriting takes place.
Proceed to next line only if this condition is true.

%{HTTP_HOST}	- Server variable that returns the value of requested host

^		- Match point starts here

[a-z.]		- Match characters in range a-z and character '.'
[a-z.]+		- Match this range atleast 1 or more times
([a-z.]+)	- Remember the match

example		- Include string 'example'
.		- Include character '.'
com		- Include string 'com'
?example.com	- Match 0 or 1 time the expression that preceeds '?'

$		- Match point ends here

[NC]		- Condition is case insensitive


RewriteCond %{HTTP_HOST} !^www. [NC]
IInd condition under which rewriting takes place.
Proceed to next line only if this condition is true.

%{HTTP_HOST}	- Server variable that returns the value of requested host

^		- Match point starts here

www		- Include string 'www'
.		- Include character '.'
!^www.		- Do not match the expression that preceeds '!'

[NC]		- Condition is case insensitive


RewriteRule .? http://www.%1example.com%{REQUEST_URI} [R=301,L]
Defines rules for the rewriting engine.
Rewriting happens only if any of the 2 conditions are true.

.?		- Match any character 0 or 1 time

http://www.	- Include string 'http://www.'

%1		- Backreference to Ist matched Rewrite condition

example.com	- Include string 'example.com'

%{REQUEST_URI}	- Server variable that returns the value of path component of the requested URI(eg: "/index.html"), excluding the query string which is available as its own variable named QUERY_STRING

R=301		- Permanent redirection

L		- Last rule

5) Disabling the use of www in URL always
Suppose we want our website URL to never have a www prepended to the domain name. That is if someone typed in http://www.example.com, the URL should always redirect to http://example.com. Perform the below steps for this.

RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.(([a-z0-9_]+.)?example.com)$ [NC]
RewriteRule .? http://%1%{REQUEST_URI} [R=301,L]

OPTIONS EXPLAINED


RewriteEngine on
Enables the runtime rewriting engine


RewriteCond %{HTTP_HOST} ^www.(([a-z0-9_]+.)?example.com)$ [NC]
Ist Condition under which rewriting takes place.
Proceed to next line only if this condition is true.

%{HTTP_HOST}	- Server variable that returns the value of requested host
    
^		- Match point starts here
    
www		- Include string 'www'
.		- Include character '.'
    
[a-z0-9_]	- Match characters in range a-z, numbers in range 0-9 and character '_'
[a-z0-9_]+	- Match this range atleast 1 or more times
.		- Include character '.'
([a-z0-9_]+.)	- Remember the match
    
example		- Include string 'example'
.		- Include character '.'
com		- Include string 'com' 
?example.com	- Match 0 or 1 time the expression that preceeds '?'
    
(([a-z0-9_]+.)?example.com)	- Remember the match
    
$		- Match point ends here
    
[NC]		- Condition is case insensitive


RewriteRule .? http://%1%{REQUEST_URI} [R=301,L]
Defines rules for the rewriting engine.
Rewriting happens only if the above rewrite condition is true.

.?		- Match any character 0 or 1 time
    
http://		- Include string 'http:'
    
%1		- Backreference to Ist matched Rewrite condition
    
%{REQUEST_URI}	- Server variable that returns the value of path component of the requested URI(eg: "/index.html"), excluding the query string which is available as its own variable named QUERY_STRING

R=301		- Permanent redirection

L		- Last rule

6) Redirecting plain-text webpages to SSL encrypted webpages
NOTE: First, make sure you have configured Apache HTTP Server for SSL as explained here.
Suppose we want our website to always communicate over SSL/TLS. That is if someone typed in the URL with http://, it should always redirect to https://. Perform the following steps for this.

Place the below line inside the <VirtualHost> or <Directory> or <Location> block of Apache HTTP Server‘s configuration file or inside .htaccess file.
NOTE:
• This requires the module mod_alias.so. mod_alias.so is compiled and enabled by default on an Apache HTTP Server installation unless we explicitly disable it using the configure option --disable-alias.
• Read more about htaccess directives.
• Replace example.com to match your domain name.

Redirect / https://example.com

7) Setting up VirtualHosts
Virtual hosting is the practice of running more than one website on a single server. Virtual Hosting can be classified into two types.
1) Name based Virtual Hosting
2) IP based Virtual Hosting

8) Setting up per-user web directories
Apache HTTP Server allows each user to have a web site in their home directory.
The procedure is explained here.

After customizing Apache HTTP Server, you may go to the following section.
Installing PHP

Customizing Apache HTTP Server

LAMP