Apache ist ein quelloffener Webserver. Auf einen Umstieg auf NginX wird geraten. Siehe auch [[htaccess]], [[coding:php|PHP]] und [[mysql|MySQL]].
=====Installation=====
====Linux====
// apache
apt-get install apache2
// php und apache mod for php
apt-get install php7.0 libapache2-mod-php
// mysql server
apt-get install mysql-server
// secure install
mysql_secure_installation
change file mime type: https://stackoverflow.com/questions/3100956/enable-php-to-read-css-and-js-files-while-keeping-their-original-content-type
mod log files: https://httpd.apache.org/docs/current/mod/mod_log_config.html
=====Pretty URLs=====
Options +FollowSymLinks
RewriteEngine On
RewriteRule ^user/([0-9]*)/([a-z]*)$ ./index.php?user=$1&action=$2
=====Restrict direct file access=====
https://stackoverflow.com/questions/10236717/how-to-prevent-a-file-from-direct-url-access
RewriteEngine on
Options -Indexes // disable directory listing
RewriteCond %{HTTP_REFERER} !^http://(www\.)? [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|png)$ - [F]
=====SSL Zertifikat=====
In der vHost Konfig oder der globalen Apache Konfig (für localhost) Todo
Siehe [[certbot|Certbot]]
=====Virtuelle Hosts=====
In den Ordnern ''/etc/apache2/sites-available/'' und ''/etc/apache2/sites-enabled'' liegen die Konfigurationen.
Mit ''a2ensite'' kann man eine bestimmte Seite aktivieren bzw. mit ''a2dissite'' deaktivieren. Man kann auch einfach einen Softlink setzen/löschen.
ServerAdmin admin@localhost
DocumentRoot /var/www/html
ServerAlias localhost
# Redirect permanent / https://localhost/
Options +FollowSymlinks
AllowOverride All
ErrorLog /var/log/apache2/default-error_log
CustomLog /var/log/apache2/default-access_log common
ServerAdmin admin@localhost
DocumentRoot /var/www/html
ServerAlias localhost
Options +FollowSymlinks
AllowOverride All
SSLEngine on
SSLCertificateFile /etc/ssl/localhost.crt
SSLCertificateKeyFile /etc/ssl/private/localhost.key
SSLCertificateChainFile /etc/ssl/ca_bundle.crt
ErrorLog /var/log/apache2/default-ssl-error_log
CustomLog /var/log/apache2/default-ssl-access_log common
=====Proxy=====
ProxyPreserveHost On
# Servers to proxy the connection, or;
# List of application servers:
# Usage:
# ProxyPass / http://[IP Addr.]:[port]/
# ProxyPassReverse / http://[IP Addr.]:[port]/
# Example:
ProxyPass / http://0.0.0.0:8080/
ProxyPassReverse / http://0.0.0.0:8080/
ServerName localhost
SSLEngine On
# Set the path to SSL certificate
# Usage: SSLCertificateFile /path/to/cert.pem
SSLCertificateFile /etc/apache2/ssl/file.pem
# Servers to proxy the connection, or;
# List of application servers:
# Usage:
# ProxyPass / http://[IP Addr.]:[port]/
# ProxyPassReverse / http://[IP Addr.]:[port]/
# Example:
ProxyPass / http://0.0.0.0:8080/
ProxyPassReverse / http://0.0.0.0:8080/
# Or, balance the load:
# ProxyPass / balancer://balancer_cluster_name
=====Load balancer=====
# Define back-end servers:
# Server 1
BalancerMember http://0.0.0.0:8080/
# Server 2
BalancerMember http://0.0.0.0:8081/
# Apply VH settings as desired
# However, configure ProxyPass argument to
# use "mycluster" to balance the load
ProxyPass / balancer://mycluster
=====Handler=====
In apache/conf/httpd.conf add at the end
AddHandler cgi-script .jail
ScriptInterpreterSource Registry-Strict
and in the files add the path to the interpreter and always output content-type at first!
#!C:/jail.exe
print("Content-Type: text/html\n\n");