Apache

Creating Your Own Webserver and Hosting A Website from Your Linux Box

Creating Your Own Webserver and Hosting A Website from Your Linux Box &-8211; this Article or News was published on this date:2019-05-28 19:49:16 kindly share it with friends if you find it helpful

Many of you would be web programmer. Some of you might be owing a website and would certainly be editing and updating it frequently. While a few having no adequate knowledge of web technologies would still be planning to have one. Through this article I will make know how you could develop a working website with a very little knowledge and could even host it using your Linux box. Things could be as simple as that.

Requirements:

Linux Box (However, You can use Windows but things surely won’t be as much simple and perfect as it will be on Linux Machine, Debian has been used here for example citing). If you don’t have an operating system installed, or you don’t know how to install a Linux operating system, then here are few guides that shows you how to install a operating system.

  1. Debian 7 “Wheezy” Installation Guide
  2. Ubuntu 13.04 Code Name “Raring Ringtail” Installation Guide
  3. Linux Mint 15 Codename (Olivia) Installation Guide
  4. CentOS 6.4 Step by Step Installation Guide
  5. Fedora 18 (Spherical Cow) Basic Installation Guide

Apache, PHP and MySQL (having a prompt knowledge of any other SQL, you can use it but examples in the article will be using MySQL.

  1. Installation of Apache, PHP and MySQL Guide

Content Management Framework – Drupal with KompoZer, or you can use WordPress or Joomla.(But here I used Drupal as my Content Management System (CMS)).

  1. Installation Guide of WordPress 3.5

An Internet Connection with static IP (Preferred) connected through a modem having virtual hosting facility (In Reality it is not as much complex as it sounds here).

What is Apache?

Apache is a web server program. It comes installed and configured on most of the System. Check if it is installed on your system or not.

- apt-cache policy apache2 (On Debian based OS)
Sample Output
apache2: 
 Installed: 2.2.22-13 
 Candidate: 2.2.22-13 
 Version table: 
 *** 2.2.22-13 0 
 500 http://ftp.iitm.ac.in/debian/ wheezy/main i386 Packages 
 500 http://ftp.debian.org/debian/ wheezy/main i386 Packages 
 100 /var/lib/dpkg/status
- yum search httpd (On Red Hat based OS)
Sample Output
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
 * base: ftp.iitm.ac.in
 * epel: mirror.smartmedia.net.id
 * extras: ftp.iitm.ac.in
 * updates: ftp.iitm.ac.in
Installed Packages
httpd.i686	2.2.15-28.el6.centos	@updates

From the above output it is clear that Apache is installed on the box, if it is not in your case you can ‘apt‘ or ‘yum‘ the required package. Once the Apache is installed start it as.

- apt-get install apache2 (On Debian based OS)
- service apache2 start
- yum install httpd (On Red Hat based OS)
- service httpd start

Note: You might have to type ‘httpd‘ and not ‘apache‘ on some server Viz., RHEL. Once the ‘apache2‘ or ‘http‘ aka ‘httpd‘ server is started you could check it in your browser by going to any of following link.

http://127.0.0.1
http://localhost
http://your-ip-address

This link will open into a hosted page which means Apache has been successfully installed and started.

What is MySQL?

MySQL is a database server program. It comes packed with a number of distros. Check if it installed on your system or not and where it is installed.

- whereis mysql
Sample Output
mysql: /usr/bin/mysql /etc/mysql /usr/lib/mysql /usr/bin/X11/mysql /usr/share/mysql 
/usr/share/man/man1/mysql.1.gz

From the above output it is clear that MySQL is installed along with the location of binary files. If in case it’s not installed, do ‘apt‘ or ‘yum‘ to install it and start it.

- apt-get install mysql mysql-server mysql-client (On Debian based OS)
- service mysql start
- yum install mysql mysql-server mysql-client (On Red Hat based OS)
- service mysqld start

Note: You might have to type “mysqld” in place of mysql, obviously without quotes, in some distro viz., RHEL. Check the status of MySQL, run.

- service mysql status (On Debian based OS)
Sample Output
[info] /usr/bin/mysqladmin Ver 8.42 Distrib 5.5.31, for debian-linux-gnu on i686
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Server version 5.5.31-0+wheezy1
Protocol version 10
Connection Localhost via UNIX socket
UNIX socket /var/run/mysqld/mysqld.sock
Uptime: 11 min 58 sec
Threads: 1 Questions: 106 Slow queries: 0 Opens: 467 Flush tables: 1 Open tables: 115 Queries per second avg: 0.147.

The above output shows that MySQL is running for 11 min 58 sec.

What is PHP?

PHP is the server-side scripting language designed for web development and is commonly used as general purpose programming language. You have to just deploy the php script after installing php. As I said above use ‘apt‘ or ‘yum‘ to install the required package for your box.

- apt-get install php5 libapache2-mod-auth-mysql php5-mysql (On Debian based OS)
- yum install php php-mysql (On Red Hat based OS)

If you successfully installed the php in your system, you could check if it is working correctly or not by creating a file “info.php” in your ‘/var/www/html‘ or ‘/var/www‘ directory (which is your Apache directory) with the content given below.

?php

     phpinfo ();
?>

Now navigate to your browser and type any of the following link.

http://127.0.0.1/info.php
http://localhost/info.php
http://your-ip-address/info.php
PHP InfoPHP Info

PHP Info

Which means php is installed and working correctly. Now you can build your website in your Apache directory, however it is not always a good idea to reinvent a wheel again and again. For this, there exists Content Management Framework (CMF), viz., Drupal, Joomla, WordPress. You could download the latest framework from the link provided below and can use any of these framework, however we will be using Drupal in our examples.

  1. Drupal : https://drupal.org/project/drupal
  2. Joomla: http://www.joomla.org/download.html
  3. WordPress: http://wordpress.org/download/

Download Drupal from the above link which would be a tar archive. Move the tar archive to your Apache directory ‘/var/www/html‘ or ‘/var/www‘. Extract it to the root of apache directory. Where ‘x.xx‘ would be version number.

- mv drupal-x.xx.tar.gz /var/www/ (mv to Apache root directory)
- cd /var/www/ (change working directory)
- tar -zxvf drupal-7.22.tar.gz (extract the archieve)
- cd drupal-7.22 (Move to the extracted folder)
- cp * -R /var/www/ (Copy the extracted archieve to apache directory)

If everything goes OK, again open your browse and navigate to below links and you will be greeted with.

http://127.0.0.1
http://localhost
http://your-ip-address
PHP InfoDrupal Installation

Drupal Installation

Choose Your language settings.

PHP InfoDrupal Language Selection

Language Selection

Checking for requirements and file permission. Provide proper permission to the required files and folders. You may need to create certain files manually, which is not a big deal.

PHP InfoDrupal File Permission Checking

File Permission Checking

Setup Database, the backend process.

PHP InfoDrupal Database Configuration

Database Configuration

If Database setting goes perfect profiles are installed automatically.

PHP InfoDrupal Database Installation

Database Installation

PHP InfoInstalling Drupal

Installing Drupal

Configuring means setting ‘Site Name‘, ‘Email‘, ‘User Name‘, ‘Password‘, ‘Time Zone‘, etc.

PHP InfoEnter User Details

Enter User Details

And if everything goes smooth, you will get a screen something like this.

PHP InfoDrupal Installation Completed

Installation Completed

Open Your page by referring to the address http://127.0.0.1.

PHP InfoWelcome to Drupal

Welcome to Drupal

Hurrah!!!

What is Kompozer?

Kompozer is a tool that lets you work in GUI for designing a website in html and you can insert a php script anywhere you want. Kompozer made it too easy to create a web page.

  1. Kompozer: http://www.kompozer.net/download.php

well you don’t need to install it on most of the Linux system. Just download, extract and run Kompozer.

PHP InfoKompozer

Kompozer

If are creative, kompozer is right there for you.

What is IP?

A Few Words about Internet Protocol (IP) Addresses.

http://127.0.0.1

It is generally called loopback IP address or localhost, and it always point to the machine on which it is browsed. All the machine on a network referring to above address will loop back to its own machine.

Ipconfig/ifconfig : Run this in your terminal to know yours machine local address.

- ifconfig
Sample Output
eth0      Link encap:Ethernet  HWaddr **:**:**:**:**:**  
          inet addr:192.168.1.2  Bcast:192.168.1.255  Mask:255.255.255.0 
          inet6 addr: ****::****:****:****:****/** Scope:Link 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1 
          RX packets:107991 errors:0 dropped:0 overruns:0 frame:0 
          TX packets:95076 errors:0 dropped:0 overruns:0 carrier:0 
          collisions:0 txqueuelen:1000 
          RX bytes:76328395 (72.7 MiB)  TX bytes:20797849 (19.8 MiB) 
          Interrupt:20 Memory:f7100000-f7120000

Search for the inet addr:192.168.1.2 here 192.168.1.2 is my local IP. Any computer on your LAN including you could refer to your hosted web page using this address.

However a computer outside of your LAN won’t be able to access your web page using this IP address. You will have to ask your Internet service provide to provide you with an static IP (That doesn’t change with time). Once you got your static IP address, the easiest way to find your IP is to type “My ip is” at google and note-down the result.

You won’t be able to access this IP from your own machine nor any other machine on your LAN. However you can use a proxy server (www.kproxy.com) to access your hosted page using your static IP. But before that you need to setup virtual server and your service provider will surely be helpful in this regard.

How to Setup Virtual Server

Hmmm! That’s not difficult at all. First you need to know the port apache is using, which in most of the case is 80.

- netstat -tulpn

output would be something like:

tcp6       0      0 :::80                   :::*                    LISTEN      6169/apache2

Now go to your router which generally is http://192.168.1.1 and user name/password would be admin-admin, however it could be different in your case based on service provider and area.

Next go to Virtual server tab. Fill the port number, service name and local IP address, in form and save. Ask for assistance from your ISP.

PHP InfoSetup Virtual Server

Setup Virtual Server

Remember You will only be able to access this web server from your machine, any other machine on your LAN or a computer on Internet when your machine is UP and running MySQL and Apache simultaneously.

With great power, comes big responsibility. And now its your responsibility to safeguard your machine. Never give your IP address to any unknown person till you know your ways in and out.

We surely will try to cover the issues related to security and how to safeguard it. Feel free to give your valuable comments and share it with your friends. You know ‘Sharing is Caring‘. Your Positive comment encourages and motivates us.

13 Apache Web Server Security and Hardening Tips

13 Apache Web Server Security and Hardening Tips &-8211; this Article or News was published on this date:2019-05-28 19:41:55 kindly share it with friends if you find it helpful

We all are very familiar with Apache web server, it is a very popular web server to host your web files or your website on the web. Here are some links which can help you to configure Apache web server on your Linux box.

Apache Security TipsApache Security Tips

Apache Security and Hardening Tips

  1. Install Apache Web Server
  2. Setup Your Website in Your Linux Box

Here in this tutorial, I’ll cover some main tips to secure your web server. Before you apply these changes in your web server, you should have some basics of the Apache server.

  1. Document root Directory: /var/www/html or /var/www
  2. Main Configuration file: /etc/httpd/conf/httpd.conf (RHEL/CentOS/Fedora) and /etc/apache2/apache2.conf (Debian/Ubuntu).
  3. Default HTTP Port: 80 TCP
  4. Default HTTPS Port: 443 TCP
  5. Test your Configuration file settings and syntax: httpd -t
  6. Access Log files of Web Server: /var/log/httpd/access_log
  7. Error Log files of Web Server: /var/log/httpd/error_log

1. How to hide Apache Version and OS Identity from Errors

When you install Apache with source or any other package installers like yum, it displays the version of your Apache web server installed on your server with the Operating system name of your server in Errors. It also shows the information about Apache modules installed in your server.

Apache Security TipsShow Apache Version

Show Apache Version

In above picture, you can see that Apache is showing its version with the OS installed in your server. This can be a major security threat to your web server as well as your Linux box too. To prevent Apache to not to display these information to the world, we need to make some changes in Apache main configuration file.

Open configuration file with vim editor and search for “ServerSignature“, its by default On. We need to Off these server signature and the second line “ServerTokens Prod” tells Apache to return only Apache as product in the server response header on the every page request, It suppress the OS, major and minor version info.

- vim /etc/httpd/conf/httpd.conf (RHEL/CentOS/Fedora)
- vim /etc/apache2/apache2.conf (Debian/Ubuntu)
ServerSignature Off
ServerTokens Prod
- service httpd restart (RHEL/CentOS/Fedora)
- service apache2 restart (Debian/Ubuntu)
Apache Security TipsHide Apache Version

Hide Apache Version

2. Disable Directory Listing

By default Apache list all the content of Document root directory in the absence of index file. Please see the image below.

Apache Security TipsApache Directory Listing

Apache Directory Listing

We can turn off directory listing by using Options directive in configuration file for a specific directory. For that we need to make an entry in httpd.conf or apache2.conf file.

Directory /var/www/html>
    Options -Indexes
/Directory>
Apache Security TipsHide Apache Directory Listing

Hide Apache Directory Listing

3. Keep updating Apache Regularly

Apache developer community is continuously working on security issues and releasing its updated version with new security options. So It is always recommended to use the latest version of Apache as your web server.

To check Apache version: You can check your current version with httpd -v command.

- httpd -v
Server version: Apache/2.2.15 (Unix)
Server built:   Aug 13 2013 17:29:28

You can update your version with the following command.

- yum update httpd
- apt-get install apache2

It is also recommended to keep your Kernel and OS updated to the latest stable releases if you are not running any specific application which works only on specific OS or Kernel.

4. Disable Unnecessary Modules

It’s always good to minor the chances of being a victim of any web attack. So it’s recommended to disable all those modules that are not in use currently. You can list all the compiled modules of web server, using following command.

- grep LoadModule /etc/httpd/conf/httpd.conf

- have to place corresponding `LoadModule' lines at this location so the
- LoadModule foo_module modules/mod_foo.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
....

Above is the list of modules that are enabled by default but often not needed: mod_imap, mod_include, mod_info, mod_userdir, mod_autoindex. To disable the particular module, you can insert a “&-8211;” at the beginning of that line and restart the service.

5. Run Apache as separate User and Group

With a default installation Apache runs its process with user nobody or daemon. For security reasons it is recommended to run Apache in its own non-privileged account. For example: http-web.

Create Apache User and Group
- groupadd http-web
- useradd -d /var/www/ -g http-web -s /bin/nologin http-web

Now you need to tell Apache to run with this new user and to do so, we need to make an entry in /etc/httpd/conf/httpd.conf and restart the service.

Open /etc/httpd/conf/httpd.conf with vim editor and search for keyword “User” and “Group” and there you will need to specify the username and groupname to use.

User http-web
Group http-web

6. Use Allow and Deny to Restrict access to Directories

We can restrict access to directories with “Allow” and “Deny” options in httpd.conf file. Here in this example, we’ll be securing root directory, for that by setting the following in the httpd.conf file.

Directory />
   Options None
   Order deny,allow
   Deny from all
/Directory>
  1. Options “None” – This option will not allow users to enable any optional features.
  2. Order deny, allow – This is the order in which the “Deny” and “Allow” directives will be processed. Here it will “deny” first and “allow” next.
  3. Deny from all – This will deny request from everybody to the root directory, nobody will be able to access root directory.

7. Use mod_security and mod_evasive Modules to Secure Apache

These two modules “mod_security” and “mod_evasive” are very popular modules of Apache in terms of security.

Mod_security

Where mod_security works as a firewall for our web applications and allows us to monitor traffic on a real time basis. It also helps us to protect our websites or web server from brute force attacks. You can simply install mod_security on your server with the help of your default package installers.

Install mod_security on Ubuntu/Debian
$ sudo apt-get install libapache2-modsecurity
$ sudo a2enmod mod-security
$ sudo /etc/init.d/apache2 force-reload
Install mod_security on RHEL/CentOS/Fedora/
- yum install mod_security
- /etc/init.d/httpd restart
Mod_evasive

mod_evasive works very efficiently, it takes one request to process and processes it very well. It prevents DDOS attacks from doing as much damage. This feature of mod_evasive enables it to handle the HTTP brute force and Dos or DDos attack. This module detects attacks with three methods.

  1. If so many requests come to a same page in a few times per second.
  2. If any child process trying to make more than 50 concurrent requests.
  3. If any IP still trying to make new requests when its temporarily blacklisted.

mod_evasive can be installed directly from the source. Here, we have an Installation and setup guide of these modules which will help you to set up these Apache modules in your Linux box.

  1. Protect Apache using Mod_Security and Mod_evasive

8. Disable Apache’s following of Symbolic Links

By default Apache follows symlinks, we can turn off this feature with FollowSymLinks with Options directive. And to do so we need to make the following entry in main configuration file.

Options -FollowSymLinks

And, if any particular user or website need FollowSymLinks enable, we can simply write a rule in “.htaccess” file from that website.

- Enable symbolic links
Options +FollowSymLinks

Note: To enable rewrite rules inside “.htaccess” file “AllowOverride All” should be present in the main configuration globally.

9. Turn off Server Side Includes and CGI Execution

We can turn off server side includes (mod_include) and CGI execution if not needed and to do so we need to modify main configuration file.

Options -Includes
Options -ExecCGI

We can do this for a particular directory too with Directory tag. Here In this example, we are turning off Includes and Cgi file executions for “/var/www/html/web1” directory.

Directory "/var/www/html/web1">
Options -Includes -ExecCGI
/Directory>

Here are some other values with can be turned On or off with Options directive.

  1. Options All – To enable All options at once. This is the default value, If you don’t want specify any values explicitly in Apache conf file or .htaccess.
  2. Options IncludesNOEXEC – This option allows server side includes without the execute permission to a command or cgi files.
  3. Options MultiViews – Allows content negotiated multiviews with mod_negotiation module.
  4. Options SymLinksIfOwnerMatch – It’s similar to FollowSymLinks. But, this will follow only when the owner is the same between the link and the original directory to which it is linked.

10. Limit Request Size

By default Apache has no limit on the total size of the HTTP request i.e. unlimited and when you allow large requests on a web server its possible that you could be a victim of Denial of service attacks. We can Limit the requests size of an Apache directive “LimitRequestBody” with the directory tag.

You can set the value in bytes from 0 (unlimited) to 2147483647 (2GB) that are allowed in a request body. You can set this limit according to your site needs, Suppose you have a site where you allows uploads and you want to limit the upload size for a particular directory.

Here in this example, user_uploads is a directory which contains files uploaded by users. We are putting a limit of 500K for this.

Directory "/var/www/myweb1/user_uploads">
   LimitRequestBody 512000
/Directory>

11. Protect DDOS attacks and Hardening

Well, it’s true that you cannot completely protect your web site from DDos attacks. Here are some directives which can help you to have a control on it.

  1. TimeOut : This directive allows you to set the amount of time the server will wait for certain events to complete before it fails. Its default value is 300 secs. It’s good to keep this value low on those sites which are subject to DDOS attacks. This value totally depends on kind of request you are getting on your website. Note: It could pose problems with come CGI scripts.
  2. MaxClients : This directive allows you to set the limit on connections that will be served simultaneously. Every new connection will be queued up after this limit. It is available with Prefork and Worker both MPM. The default value of it is 256.
  3. KeepAliveTimeout : Its the amount of time the server will wait for a subsequent request before closing the connection. Default value is 5 secs.
  4. LimitRequestFields : It helps us to set a limit on the number of HTTP request’s header fields that will be accepted from the clients. Its default value is 100. It is recommended to lower this value if DDos attacks are occurring as a result of so many http request headers.
  5. LimitRequestFieldSize : It helps us to set a size limit on the HTTP Request header.

12. Enable Apache Logging

Apache allows you to logging independently of your OS logging. It is wise to enable Apache logging, because it provides more information, such as the commands entered by users that have interacted with your Web server.

To do so you need to include the mod_log_config module. There are three main logging-related directives available with Apache.

  1. TransferLog: Creating a log file.
  2. LogFormat : Specifying a custom format.
  3. CustomLog : Creating and formatting a log file.

You can also use them for a particular website it you are doing Virtual hosting and for that you need to specify it in the virtual host section. For example, here is the my website virtual host configuration with logging enabled.

VirtualHost *:80>
DocumentRoot /var/www/html/example.com/
ServerName www.example.com
DirectoryIndex index.htm index.html index.php
ServerAlias example.com
ErrorDocument 404 /story.php
ErrorLog /var/log/httpd/example.com_error_log
CustomLog /var/log/httpd/example.com_access_log combined
/VirtualHost>

13. Securing Apache with SSL Certificates

Last, but not the least SSL certificates, you can secure your all the communication in an encrypted manner over the Internet with SSL certificate. Suppose you have a website in which people login by proving their Login credentials or you have an E- Commerce website where people provides their bank details or Debit/Credit card details to purchase products, by default your web server send these details in plain – text format but when you use SSL certificates to your websites, Apache sends all this information in encrypted text.

You can purchase SSl certificates from So many different SSL providers like namecheap.com. If you are running a very small web business and do not willing to purchase an SSL certificate you can still assign a Self signed certificate to your website. Apache uses the mod_ssl module to support SSL certificate.

- openssl genrsa -des3 -out example.com.key 1024
- openssl req -new -key example.com.key -out exmaple.csr
- openssl x509 -req -days 365 -in example.com.com.csr -signkey example.com.com.key -out example.com.com.crt

Once your certificate has been created and signed. Now you need to add this in Apache configuration. Open main configuration file with vim editor and add the following lines and restart the service.

VirtualHost 172.16.25.125:443>
        SSLEngine on
        SSLCertificateFile /etc/pki/tls/certs/example.com.crt
        SSLCertificateKeyFile /etc/pki/tls/certs/example.com.key
        SSLCertificateChainFile /etc/pki/tls/certs/sf_bundle.crt
        ServerAdmin [email protected]
        ServerName example.com
        DocumentRoot /var/www/html/example/
        ErrorLog /var/log/httpd/example.com-error_log
        CustomLog /var/log/httpd/example.com-access_log common
/VirtualHost>

Open up your browser, type https://example.com, and you will be able to see the new self-signed certificate.

These are few security tips that you can use to secure your Apache web server installation. For more useful security tips and ideas, see the official online documentation of Apache HTTP Server.

How to Sync Two Apache Web Servers/Websites Using Rsync

How to Sync Two Apache Web Servers/Websites Using Rsync &-8211; this Article or News was published on this date:2019-05-28 19:40:29 kindly share it with friends if you find it helpful

There are so many tutorials available on web to mirror or take a backup of your web files with different methods, here I am creating this article for my future reference and here I’ll be using a very simple and versatile command of Linux to create a backup of your website. This tutorial will help you to sync data between your two web servers with “Rsync“.

Sync Apache Web ServerSync Apache Web Server

Sync Two Apache Web Server

The purpose of creating a mirror of your Web Server with Rsync is if your main web server fails, your backup server can take over to reduce downtime of your website. This way of creating a web server backup is very good and effective for small and medium size web businesses.

Advantages of Syncing Web Servers

The main advantages of creating a web server backup with rsync are as follows:

  1. Rsync syncs only those bytes and blocks of data that have changed.
  2. Rsync has the ability to check and delete those files and directories at backup server that have been deleted from the main web server.
  3. It takes care of permissions, ownerships and special attributes while copying data remotely.
  4. It also supports SSH protocol to transfer data in an encrypted manner so that you will be assured that all data is safe.
  5. Rsync uses compression and decompression method while transferring data which consumes less bandwidth.

How To Sync Two Apache Web Servers

Let’s proceed with setting up rsync to create a mirror of your web server. Here, I’ll be using two servers.

Main Server
  1. IP Address: 192.168.0.100
  2. Hostname: webserver.example.com
Backup Server
  1. IP Address: 192.168.0.101
  2. Hostname: backup.example.com

Step 1: Install Rsync Tool

Here in this case web server data of webserver.example.com will be mirrored on backup.example.com. And to do so first, we need to install Rsync on both the server with the help of following command.

[[email protected]]- yum install rsync        [On Red Hat based systems]
[[email protected]]- apt-get install rsync    [On Debian based systems]

Step 2: Create a User to run Rsync

We can setup rsync with root user, but for security reasons, you can create an unprivileged user on main webserver i.e webserver.example.com to run rsync.

[[email protected]]- useradd sfnews
[[email protected]]- passwd sfnews

Here I have created a user “sfnews” and assigned a password to user.

Step 3: Test Rsync Setup

It’s time to test your rsync setup on your backup server (i.e. backup.example.com) and to do so, please type following command.

[[email protected] www]- rsync -avzhe ssh [email protected]:/var/www/ /var/www
Sample Output
[email protected]'s password:

receiving incremental file list
sent 128 bytes  received 32.67K bytes  5.96K bytes/sec
total size is 12.78M  speedup is 389.70

You can see that your rsync is now working absolutely fine and syncing data. I have used “/var/www” to transfer; you can change the folder location according to your needs.

Step 4: Automate Sync with SSH Passwordless Login

Now, we are done with rsync setups and now its time to setup a cron for rsync. As we are going to use rsync with SSH protocol, ssh will be asking for authentication and if we won’t provide a password to cron it will not work. In order to work cron smoothly, we need to setup passwordless ssh logins for rsync.

Here in this example, I am doing it as root to preserve file ownerships as well, you can do it for alternative users too.

First, we’ll generate a public and private key with following commands on backups server (i.e. backup.example.com).

[[email protected]]- ssh-keygen -t rsa -b 2048

When you enter this command, please don’t provide passphrase and click enter for Empty passphrase so that rsync cron will not need any password for syncing data.

Sample Output
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
9a:33:a9:5d:f4:e1:41:26:57:d0:9a:68:5b:37:9c:23 [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
|          .o.    |
|           ..    |
|        ..++ .   |
|        o=E *    |
|       .Sooo o   |
|       =.o o     |
|      * . o      |
|     o +         |
|    . .          |
+-----------------+

Now, our Public and Private key has been generated and we will have to share it with main server so that main web server will recognize this backup machine and will allow it to login without asking any password while syncing data.

[[email protected] html]- ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]

Now try logging into the machine, with “ssh ‘[email protected]‘”, and check in .ssh/authorized_keys.

[[email protected] html]- [email protected]

Now, we are done with sharing keys. To know more in-depth about SSH password less login, you can read our article on it.

  1. SSH Passwordless Login in in 5 Easy Steps

Step 5: Schedule Cron To Automate Sync

Let’s setup a cron for this. To setup a cron, please open crontab file with the following command.

[[email protected] ~]- crontab –e

It will open up /etc/crontab file to edit with your default editor. Here In this example, I am writing a cron to run it every 5 minutes to sync the data.

*/5        *        *        *        *   rsync -avzhe ssh [email protected]:/var/www/ /var/www/

The above cron and rsync command simply syncing “/var/www/” from the main web server to a backup server in every 5 minutes. You can change the time and folder location configuration according to your needs. To be more creative and customize with Rsync and Cron command, you can check out our more detailed articles at:

  1. 10 Rsync Commands to Sync Files/Folders in Linux
  2. 11 Cron Scheduling Examples in Linux

Apache Virtual Hosting: IP Based and Name Based Virtual Hosts in RHEL/CentOS/Fedora

Apache Virtual Hosting: IP Based and Name Based Virtual Hosts in RHEL/CentOS/Fedora &-8211; this Article or News was published on this date:2019-05-28 19:31:08 kindly share it with friends if you find it helpful

As we all are aware that Apache is a very powerful, highly flexible and configurable Web server for Nix OS. Here in this tutorial, we are going to discuss one more feature of Apache which allows us to host more than one website on a single Linux machine. Implementing virtual hosting with Apache web server can help you to save costs you are investing on your server maintenance and their administration.

Don’t Miss: NGINX Name-based and IP-based Virtual Hosting (Server Blocks)

Apache Virtual Hosting in LinuxApache Virtual Hosting in Linux

Apache Virtual Hosting in Linux

Concept of Shared web hosting and Reseller web hosting is based on this facility of Apache only.

Types of Virtual Host

There are two types of virtual hosting is available with Apache.

Name Based Virtual Hosting

With the name based virtual hosting you can host several domains/websites on a single machine with a single IP. All domains on that server will be sharing a single IP. It’s easier to configure than IP based virtual hosting, you only need to configure DNS of the domain to map it with its correct IP address and then configure Apache to recognize it with the domain names.

Apache Virtual Hosting in LinuxName Based Virtual Hosting

Name Based Virtual Hosting

IP Based Virtual Hosting

With the IP based virtual hosting, you can assign a separate IP for each domain on a single server, these IP’s can be attached to the server with single NIC cards and as well as multiple NICs.

Apache Virtual Hosting in LinuxIP Based Virtual Hosting

IP Based Virtual Hosting

Lets set up Name Based Virtual Hosting and IP based Virtual hosting in RHEL, CentOS and Fedora.

Testing Environment
  1. OSCentOS 6.5
  2. ApplicationApache Web Server
  3. IP Address192.168.0.100
  4. IP Address192.168.0.101
  5. Domainwww.example1.com
  6. Domainwww.example2.com

How to Setup IP Based and Name Based Apache Virtual Hosts

Before setting up virtual hosting with Apache, your system must have Apache Web software installed. if not, install it using default package installer called yum.

[[email protected] ~]- yum install httpd

Setup Name Based Virtual Host

But, before creating a virtual host, you need to create a directory where you will keep all your website’s files. So, create directories for these two virtual hosts under /var/www/html folder. Please remember /var/www/html will be your default Document Root in the Apache virtual configuration.

[[email protected] ~]- mkdir /var/www/html/example1.com/
[[email protected] ~]- mkdir /var/www/html/example2.com/

To set up Name based virtual hosting you must need to tell Apache to which IP you will be using to receive the Apache requests for all the websites or domain names. We can do this with NameVirtualHost directive. Open Apache main configuration file with VI editor.

[[email protected] ~]- vi /etc/httpd/conf/httpd.conf

Search for NameVirtualHost and uncomment this line by removing the &-8211; sign in front of it.

NameVirtualHost

Next add the IP with possible in which you want to receive Apache requests. After the changes, your file should look like this:

NameVirtualHost 192.168.0.100:80

Now, it’s time to setup Virtual host sections for your domains, move to the bottom of the file by pressing Shift + G. Here in this example, We are setting up virtual host sections for two domains

  1. www.example1.com
  2. www.example2.com

Add the following two virtual directives at the bottom of the file. Save and close the file.

VirtualHost 192.168.0.100:80>
    ServerAdmin [email protected]
    DocumentRoot /var/www/html/example1.com
    ServerName www.example1.com
ErrorLog logs/www.example1.com-error_log
CustomLog logs/www.example1.com-access_log common
/VirtualHost>

VirtualHost *:80>
    ServerAdmin [email protected]
    DocumentRoot /var/www/html/example2.com
    ServerName www.example2.com
ErrorLog logs/www.example2.com-error_log
CustomLog logs/www.example2.com-access_log common
/VirtualHost>

You are free to add as many directives you want to add in your domains virtual host section. When you are done with changes in httpd.conf file, please check the syntax of files with following command.

[[email protected] ~]- httpd -t

Syntax OK

It is recommended to check the syntax of the file after making some changes and before restarting the Web server because if any syntax goes wrong Apache will refuse to work with some errors and eventually affect your existing web server go down for a while. If syntax is OK. Please restart your Web server and add it to chkconfig to make your web server start in runlevel 3 and 5 at the boot time only.

[[email protected] ~]- service httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]
[[email protected] ~]- chkconfig --level 35 httpd on

Now it’s time to create a test page called index.html add some content to the file so we will have something to check it, when the IP calls the virtual host.

[[email protected] ~]- vi /var/www/html/example1.com/index.html
html>
  head>
    title>www.example1.com/title>
  /head>
  body>
    h1>Hello, Welcome to www.example1.com./h1>
  /body>
/html>
[[email protected] ~]- vi /var/www/html/example2.com/index.html
html>
  head>
    title>www.example2.com/title>
  /head>
  body>
    h1>Hello, Welcome to www.example2.com./h1>
  /body>
/html>

Once you’re done with it, you can test the setup by accessing both the domains in a browser.

http://www.example1.com
http://www.example2.com
Preview: www.example1.com
Apache Virtual Hosting in LinuxVirtual Hosting: www.example1.com

Virtual Hosting: www.example1.com

Preview: www.example2.com
Apache Virtual Hosting in LinuxVirtual Hosting: www.example2.com

Virtual Hosting: www.example2.com

Setup IP Based Virtual Hosting Linux

To setup IP based virtual hosting, you must have more than one IP address/Port assigned to your server or your Linux machine.

It can be on a single NIC card , For example: eth0:1, eth0:2, eth0:3 … so forth. Multiple NIC cards can also be attached. If you don’t know how to create multiple IP’s on single NIC, follow the below guide, that will help you out in creating.

  1. Create Multiple IP Addresses to One Single Network Interface

Purpose of implementing IP based virtual hosting is to assign implementing for each domain and that particular IP will not be used by any other domain.

This kind of set up required when a website is running with SSL certificate (mod_ssl) or on different ports and IPs. And You can also run multiple instances of Apache on a single machine. To check the IPs attached in your server, please check it using ifconfig command.

[email protected] ~]- ifconfig
Sample Output
 
eth0      Link encap:Ethernet  HWaddr 08:00:27:4C:EB:CE  
          inet addr:192.168.0.100  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe4c:ebce/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:17550 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15120 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:16565983 (15.7 MiB)  TX bytes:2409604 (2.2 MiB)

eth0:1    Link encap:Ethernet  HWaddr 08:00:27:4C:EB:CE  
          inet addr:192.168.0.101  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1775 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1775 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3416104 (3.2 MiB)  TX bytes:3416104 (3.2 MiB)

As you can see in above output, two IPs 192.168.0.100 (eth0) and 192.168.0.101 (eth0:1) is attached to the server, both IPs are assigned to the same physical network device (eth0).

Now, assign a specific IP/Port to receive http requests, you can simply do it by changing Listen directive in httpd.conf file.

[[email protected] ~]- vi /etc/httpd/conf/httpd.conf

Search for word “Listen”, You find a section where the short description about Listen directive is written. In that section, comment the original line and write your own directive below that line.

- Listen 80

Listen 192.168.0.100:80

Now,  create a Virtual host sections for both the domains. Go the bottom of the file and add the following virtual directives.

VirtualHost 192.168.0.100:80>
    ServerAdmin [email protected]
    DocumentRoot /var/www/html/example1
    ServerName www.example1.com
ErrorLog logs/www.example1.com-error_log
TransferLog logs/www.example1.com-access_log
/VirtualHost>

VirtualHost 192.168.0.101:80>
    ServerAdmin [email protected]
    DocumentRoot /var/www/html/example2
    ServerName www.example2.com
ErrorLog logs/www.example2.com-error_log
TransferLog logs/www.example2.com-access_log
/VirtualHost>

Now, since you have modified main Apache conf file, you need to restart the http service like below.

[[email protected] ~]- service httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]

Test your IP based Virtual hosting setup by accessing the URLs on web browser as shown below.

http://www.example1.com
http://www.example2.com

That’s all with Apache virtual host today, If you’re looking to secure and harden your Apache configuration, then read our article that guides.

  1. 13 Apache Web Server Security and Hardening Tips

Reference Links

Apache Virtual Host Documentation

I’ll be again come with some other Apache tips and trick in my future articles, till then Stay Geeky and connected to sfnews.com. Do not forget to leave your suggestions about the article in our comment section below.

25 Apache Interview Questions for Beginners and Intermediates

25 Apache Interview Questions for Beginners and Intermediates &-8211; this Article or News was published on this date:2019-05-28 19:30:59 kindly share it with friends if you find it helpful

We are very thankful to All our readers for the response we are getting for our new Linux Interview section. And now we have started section wise learning for Interview questions and continuing with the same today’s article focuses on Basic to Intermediate Apache interview Questions that will help you to prepare yourself.

Apache Interview QuestionsApache Interview Questions

Apache Job Interview Questions

In this section, we have covered some interesting 25 Apache Job Interview Questions along with their answers so that you can easily understand some new things about Apache that you might never known before.

Before you read this article, We strongly recommend you to don’t try to memorize the answers, always first try to understand the scenarios on a practical basis.

1. What is Apache web server?
Answer : Apache web server HTTP is a most popular, powerful and Open Source to host websites on the web server by serving web files on the networks. It works on HTTP as in Hypertext Transfer protocol, which provides a standard for servers and client side web browsers to communicate. It supports SSL, CGI files, Virtual hosting and many other features.
2. How to check Apache and it’s version?
Answer : First, use the rpm command to check whether Apache installed or not. If it’s installed, then use httpd -v command to check its version.
[[email protected] ~]- rpm -qa | grep httpd

httpd-devel-2.2.15-29.el6.centos.i686
httpd-2.2.15-29.el6.centos.i686
httpd-tools-2.2.15-29.el6.centos.i686
[[email protected] ~]- httpd -v

Server version: Apache/2.2.15 (Unix)
Server built:   Aug 13 2013 17:27:11
3. Apache runs as which user? and location of main config file?.
Answer : Apache runs with the user “nobody” and httpd daemon. Apache main configuration file: /etc/httpd/conf/httpd.conf (CentOS/RHEL/Fedora) and /etc/apache2.conf (Ubuntu/Debian).
4. On which port Apache listens http and https both?
Answer : By default Apache runs on http port 80 and https port 443 (for SSL certificate). You can also use netstat command to check ports.
[[email protected] ~]- netstat -antp | grep http

tcp        0      0 :::80                       :::*                        LISTEN      1076/httpd          
tcp        0      0 :::443                      :::*                        LISTEN      1076/httpd
5. How do you install Apache Server on your Linux machine?
Answer : Simply, you can use any package installer such as yum on (RHEL/CentOS/Fedora) and apt-get on (Debian/Ubuntu) to install Apache server on your Linux machine.
[[email protected] ~]- yum install httpd
[[email protected] ~]- apt-get install apache2
6. Where you can find all configuration directories of Apache Web Server?
Answer : By default Apache configuration directories installed under /etc/httpd/ on (RHEL/CentOS/Fedora) and /etc/apache2 on (Debian/Ubuntu).
[[email protected] ~]- cd /etc/httpd/
[[email protected] httpd]- ls -l
total 8
drwxr-xr-x. 2 root root 4096 Dec 24 21:44 conf
drwxr-xr-x. 2 root root 4096 Dec 25 02:09 conf.d
lrwxrwxrwx  1 root root   19 Oct 13 19:06 logs -> ../../var/log/httpd
lrwxrwxrwx  1 root root   27 Oct 13 19:06 modules -> ../../usr/lib/httpd/modules
lrwxrwxrwx  1 root root   19 Oct 13 19:06 run -> ../../var/run/httpd
[[email protected] ~]- cd /etc/apache2
[[email protected] apache2]- ls -l
total 84
-rw-r--r-- 1 root root  7113 Jul 24 16:15 apache2.conf
drwxr-xr-x 2 root root  4096 Dec 16 11:48 conf-available
drwxr-xr-x 2 root root  4096 Dec 16 11:45 conf.d
drwxr-xr-x 2 root root  4096 Dec 16 11:48 conf-enabled
-rw-r--r-- 1 root root  1782 Jul 21 02:14 envvars
-rw-r--r-- 1 root root 31063 Jul 21 02:14 magic
drwxr-xr-x 2 root root 12288 Dec 16 11:48 mods-available
drwxr-xr-x 2 root root  4096 Dec 16 11:48 mods-enabled
-rw-r--r-- 1 root root   315 Jul 21 02:14 ports.conf
drwxr-xr-x 2 root root  4096 Dec 16 11:48 sites-available
drwxr-xr-x 2 root root  4096 Dec  6 00:04 sites-enabled

7. Can Apache be secured with TCP wrappers?

Answer : No, It can’t be secured with the TCP wrappers since it doesn’t support libwrap.a library of Linux.
8. How to change default Apache Port and How Listen Directive works in Apache?
Answer : There is a directive “Listen” in httpd.conf file which allows us to change the default Apache port. With the help of Listen directive we can make Apache listen on different port as well as different interfaces.

Suppose you have multiple IPs assigned to your Linux machine and want Apache to receive HTTP requests on a special Ethernet port or Interface, even that can be done with Listen directive.

To change the Apache default port, please open your Apache main configuration file httpd.conf or apache2.conf file with VI editor.

[[email protected] ~]- vi /etc/httpd/conf/httpd.conf

[[email protected] ~]- vi /etc/apache2/apache2.conf

Search for the word ”Listen”, comment the original line and write your own directive below that line.

- Listen 80
Listen 8080

OR

Listen 172.16.16.1:8080

Save the file and restart the web server.

[[email protected] ~]- service httpd restart

[[email protected] ~]- service apache2 restart
9. Can we have two Apache Web servers on a single machine?
Answer : Yes, we can run two different Apache servers at one time on a Linux machine, but the condition for that is they should listen on different ports and we can change the ports with Listen directive of Apache.
10. What do you mean by DocumentRoot of Apache?
Answer : DocumentRoot in Apache means, it’s the location of web files are stored in the server, the default DocumentRoot of Apache is /var/www/html or /var/www. This can be changed to anything, by setting up “DocumentRoot” in a virtual host of configuration file of domain.
11. How to host files in different folder and what is Alias directive?
Answer : Yes, this can be achieved by Alias directive in the main Apache configuration file. Alias directive maps resources in File system, it takes a URL path and substitute it with a file or directory path on the system with is set up to redirect.

To use Alias directive, Its the part of mod_alias module of Apache. The default syntax of Alias directive is:

Alias /images /var/data/images/

Here in above example, /images url prefix to the /var/data/images prefix that mean clients will query for “http://www.example.com/images/sample-image.png” and Apache will pick up the “sample-image.png” file from /var/data/images/sample-image.png on the server. It’s also known as URL Mapping.

12. What do you understand by “DirectoryIndex”?
Answer : DirectoryIndex is the name of first file which Apache looks for when a request comes from a domain. For example: www.example.com is requested by the client, so Apache will go the document root of that website and looks for the index file (first file to display).

The default setting of DirectoryIndex is .html index.html index.php, if you have different names of your first file, you need to make the changes in httpd.conf or apache2.conf for DirectoryIndex value to display that to your client browser.

-
- DirectoryIndex: sets the file that Apache will serve if a directory
- is requested.
-
- The index.html.var file (a type-map) is used to deliver content-
- negotiated documents.  The MultiViews Option can be used for the
- same purpose, but it is much slower.
-
DirectoryIndex index.html index.html.var index.cgi .exe
13. How to disable Directory listing when an index file is missing?
Answer : If, the main index file is missing in the website root directory, then the Apache will lists all the contents like files and folder of the website on the browser instead of Main website pages.

To stop Apache directory listing, you can set the following rule in the main configuration file globally or in .htaccess file for a particular website.

Directory /var/www/html>
   Options -Indexes
/Directory>
14. What are different log files of Apache Web Server?
Answer : The default log files of Apache Web Server are access log “/var/log/httpd/access_log” and error log :/var/log/httpd/error_log”.
15. What do you understand by “connection reset by peer” in error logs?
Answer : When the server is serving any ongoing Apache request and end user terminates the connection in between, we see “connection reset by peer” in the Apache error logs.
16. What is Virtual Host in Apache?
Answer : The Virtual Host section contains the information like Website name, Document root, Directory Index, Server Admin Email, ErrorLog File location etc.

You are free to add as many directives you require for your domain, but the two minimal entries for a working website is the ServerName and DocumentRoot. We usually define our Virtual Host section at the bottom of httpd.conf file in Linux machines.

Sample VirtualHost
VirtualHost *:80>
   ServerAdmin [email protected]
   DocumentRoot /www/docs/dummy-host.example.com
   ServerName dummy-host.example.com
   ErrorLog logs/dummy-host.example.com-error_log
   CustomLog logs/dummy-host.example.com-access_log common
/VirtualHost>
  1. ServerAdmin : Its usually the email address of the website owner, where the error or notification can be sent.
  2. DocumentRoot : location where the web files are located in the server(Necessary).
  3. ServerName : Its the domain name which you want to access from your web browser(Necessary).
  4. ErrorLog : Its the location of the log file where all the domain related logs are being recorded.
17. What’s the difference between Location> and Directory>?
Answer :

  1. Location> is used to set element related to the URL / address bar of the web server.
  2. Directory> refers that the location of file system object on the server
18. What is Apache Virtual Hosting?
Answer : Apache Virtual hosting is the concept of hosting multiple website on a single web server. There are two types of Virtual hosts can be setup with Apache are Name Based Virtual hosting and IP based virtual hosting.

For more information, read on How to Create Name/IP based Virtual Hosts in Apache.

19. What do you understand by MPM in Apache?
Answer : MPM stands for Multi Processing Modules, actually Apache follows some mechanism to accept and complete web server requests.
20. What is the difference between Worker and Prefork MPM?
Answer : Both MPMs, Worker and prefork has their own mechanism to work with Apache. It totally depends on you that in which mode you want to start your Apache.
  1. Basic difference between Worker and MPM is in their process of spawning the child process. In the Prefork MPM, a master httpd process is started and this master process starts manages all other child processes to serve client requests. Whereas, In the worker MPM one httpd process is active, and it uses different threads to serve client requests.
  2. Prefork MPM uses multiple child processes with one thread each, where worker MPM uses multiple child processes with many threads each.
  3. Connection handling in the Prefork MPM, each process handles one connection at a time, whereas in the Worker mpm each thread handles one connection at a time.
  4. Memory footprints Prefork MPM Large memory footprints, where Worker has smaller memory footprints.
21. What’s the use of “LimitRequestBody” and how to put limit on your uploads?
Answer : LimitRequestBody directive is used to put a limit on the upload size.

For example: I want to put limits of 100000 Bytes in the folder /var/www/html/tecmin/uploads. So, you need to add following directive in Apache configuration file.

Directory "/var/www/html/sfnews/uploads">
LimitRequestBody 100000
/Directory>
22. What is mod_perl and mod _php?
Answer :

  1. mod_perl is an Apache module which is compiled with Apache for easy integration and to increase the performance of Perl scripts.
  2. mod_php is used for easy integration of PHP scripts by the web server, it embeds the PHP interpreter inside the Apache process. Its forces Apache child process to use more memory and works with Apache only but still very popular.
23. What is Mod_evasive?
Answer : Its a third-party module which helps us to prevent your web server from the web attacks like DDOS because it performs only one task at a time and performs it very well.

For more information, read the article that guides you how to install and configure mod_evasive in Apache.

24. What is Loglevel debug in httpd.conf file?
Answer : With the help of Loglevel Debug option, we can get/log more information in the error logs which helps us to debug a problem.
25. What’s the use of mod_ssl and how SSL works with Apache?
Answer : Mod_ssl package is an Apache module, which allows Apache to establish its connection and transfer all the data in a secure encrypted environment. With the help of SSL certificates, all the Login details and other important secret details get transferred in an encrypted manner over the Internet, which prevents our data from Eavesdropping and IP spoofing.
How SSL works with Apache

Whenever an https requests comes, these three steps Apache follows:

  1. Apache generates its private key and converts that private key to .CSR file (Certificate signing request).
  2. Then Apache sends the .csr file to the CA (Certificate Authority).
  3. CA will take the .csr file and convert it to .crt (certificate) and will send that .crt file back to Apache to secure and complete the https connection request.

These are just most popular 25 questions being asked these days by Interviewers, please provide some more interview questions which you have faced in your recent interview and help others via our Comment section below.

We are also recommend you to read our previous articles on Apache.

  1. 13 Apache Web Server Security and Hardening Tips
  2. How to Sync Two Apache Web Servers/Websites Using Rsync

Also, we are proud to announce that our Beta version of Question/Answer section of TecMint Ask is Already launched. If you have questions on any Linux topics. Please join us and post your questions/queries at https://schoolforum.me/ask/.

I’ll come up with some more Interview question on DNS, Mail servers, PHP etc in our future articles, till then stay Geeky and connected to TecMint.com.