Apache ist ein quelloffener Webserver. Auf einen Umstieg auf NginX wird geraten. Siehe auch [[htaccess]], [[coding:php|PHP]] und [[mysql|MySQL]]. =====Installation===== ====Linux==== // apache apt-get install apache2 // php und apache mod for php apt-get install php7.0 libapache2-mod-php // mysql server apt-get install mysql-server // secure install mysql_secure_installation change file mime type: https://stackoverflow.com/questions/3100956/enable-php-to-read-css-and-js-files-while-keeping-their-original-content-type mod log files: https://httpd.apache.org/docs/current/mod/mod_log_config.html =====Pretty URLs===== Options +FollowSymLinks RewriteEngine On RewriteRule ^user/([0-9]*)/([a-z]*)$ ./index.php?user=$1&action=$2 =====Restrict direct file access===== https://stackoverflow.com/questions/10236717/how-to-prevent-a-file-from-direct-url-access RewriteEngine on Options -Indexes // disable directory listing RewriteCond %{HTTP_REFERER} !^http://(www\.)? [NC] RewriteCond %{HTTP_REFERER} !^http://(www\.)?.*$ [NC] RewriteRule \.(gif|jpg|jpeg|png)$ - [F] =====SSL Zertifikat===== In der vHost Konfig oder der globalen Apache Konfig (für localhost) Todo Siehe [[certbot|Certbot]] =====Virtuelle Hosts===== In den Ordnern ''/etc/apache2/sites-available/'' und ''/etc/apache2/sites-enabled'' liegen die Konfigurationen. Mit ''a2ensite'' kann man eine bestimmte Seite aktivieren bzw. mit ''a2dissite'' deaktivieren. Man kann auch einfach einen Softlink setzen/löschen. ServerAdmin admin@localhost DocumentRoot /var/www/html ServerAlias localhost # Redirect permanent / https://localhost/ Options +FollowSymlinks AllowOverride All ErrorLog /var/log/apache2/default-error_log CustomLog /var/log/apache2/default-access_log common ServerAdmin admin@localhost DocumentRoot /var/www/html ServerAlias localhost Options +FollowSymlinks AllowOverride All SSLEngine on SSLCertificateFile /etc/ssl/localhost.crt SSLCertificateKeyFile /etc/ssl/private/localhost.key SSLCertificateChainFile /etc/ssl/ca_bundle.crt ErrorLog /var/log/apache2/default-ssl-error_log CustomLog /var/log/apache2/default-ssl-access_log common =====Proxy===== ProxyPreserveHost On # Servers to proxy the connection, or; # List of application servers: # Usage: # ProxyPass / http://[IP Addr.]:[port]/ # ProxyPassReverse / http://[IP Addr.]:[port]/ # Example: ProxyPass / http://0.0.0.0:8080/ ProxyPassReverse / http://0.0.0.0:8080/ ServerName localhost SSLEngine On # Set the path to SSL certificate # Usage: SSLCertificateFile /path/to/cert.pem SSLCertificateFile /etc/apache2/ssl/file.pem # Servers to proxy the connection, or; # List of application servers: # Usage: # ProxyPass / http://[IP Addr.]:[port]/ # ProxyPassReverse / http://[IP Addr.]:[port]/ # Example: ProxyPass / http://0.0.0.0:8080/ ProxyPassReverse / http://0.0.0.0:8080/ # Or, balance the load: # ProxyPass / balancer://balancer_cluster_name =====Load balancer===== # Define back-end servers: # Server 1 BalancerMember http://0.0.0.0:8080/ # Server 2 BalancerMember http://0.0.0.0:8081/ # Apply VH settings as desired # However, configure ProxyPass argument to # use "mycluster" to balance the load ProxyPass / balancer://mycluster =====Handler===== In apache/conf/httpd.conf add at the end AddHandler cgi-script .jail ScriptInterpreterSource Registry-Strict and in the files add the path to the interpreter and always output content-type at first! #!C:/jail.exe print("Content-Type: text/html\n\n");