Apache Http Web Server

Posted on  by admin

1. Introduction of Web Server (Apache Web Server)

A web server generally hosts the web content, and responds to requests for this content from web browsers such as Internet explorer, Google chrome and Firefox. The example of web server are apache web server, IIS web server, Nginx webserver and litespeed web server.

Technically, a web server is a daemon that speaks the https(s) protocol, a text-based protocol for sending and receiving object over a network connection. The http protocol is sent over the wire in clear text, using port 80/TCP by default (though other ports can be used).

  1. To communicate with FortiSIEM over HTTPS, you must configure the modstatus module in your Apache web server. Log in to your web server as an administrator. Open the configuration file /etc/Httpd.conf. Modify the file as shown in these code blocks, depending on whether you are connecting over HTTP without authentication, or over HTTPS with.
  2. Apache is the most widely used Web Server application in Unix-like operating systems but can be used on almost all platforms such as Windows, OS X, OS/2, etc. The word, Apache, has been taken from the name of the Native American tribe ‘ Apache’, famous for its skills in warfare and strategy making.

Learn to host your own website with Apache, a solid, well-known, and easy-to-configure web server. The Apache HTTP Server is the top choice of users looking for an easy-to-use yet powerful Web server on Softpedia as well as worldwide. Started back in 1995, the project has quickly escalated into.

Apache Http Web Server

There is also a TLS/SSL encrypted version of the protocol called https that uses port 443/TCP by default.

This article will discuss more on the most popular web server, Apache httpd server.

2. What is apache web server (Apache HTTPD) ?

Apache web server or Apache http server is one of the most widely used on the Internet. It is developed and maintained by Apache Software Foundation, Apache is an open source software available for free.

Beside Apache, IIS and Nginx also among the most common web servers in use today.

Based on survey by [news.netcraft.com] in June 2016, Apache Web server regained the lead from Microsoft IIS with a large increase.

Apache http web server

Meanwhile, the portal [trends.builtwith.com/web-server] reported (July 18, 2016) the web server statistics shows that from the entire internet web, there are 46% web server running in Apache, 29% in Microsoft IIS and 19% in Nginx.

3. Apache Web Server packages in RHEL and CentOS Linux

In Red Hat Enterprise Linux 7 and CentOS 7, there is a group of package called “Web Server”. It includes the following software :

A default dependency of the httpd package is the httpd-tools package. This package includes tools to manipulate password maps and databases, tools to resolve IP address in log files to hostnames, and apache benchmark tool (ab). ab tool is very useful to perform a stress-test to the apache web server.

If you use Apache for your development server or Linux administrator who manages the corporate website in the apache web server, know how to setup and configure Apache will be important.

4. Install Apache Web Server Linux

This article explains the steps to install and configure Apache web server in RHEL 7 / CentOS 7 linux.

Please login to your CentOS 7 server to run below command :

a. How to install Apache web server only :

b. Apache web server installation from apache group packages :

c. How to start, stop and restart Apache Linux web server :
The following steps shows how to start, stop and restart the apache is for RHEL 7 and CentOS 7 operating system. The command will differ slightly in other linux distributions.

d. To start Apache service:

e. To stop Apache service:

f. To restart Apache service :

g. How to enable Apache web server at boot :

5. Configure Apache http Server In Linux

5.1. Overview of apache httpd conf file :

The httpd.conf is the primary configuration file in Apache Web Server in RHEL and CentOS. It is located at /etc/httpd/conf folder. It is a text file and consist of directives, containers and comments.

Example of directives in httpd.conf :

Example of containers :

Containers enclose one or more directives.

Example of comments :

5.2 Configure Apache httpd.conf configuration file

There are a few apache configuration need to alter before you can start running the apache web server. All the main configuration file is in httpd.conf file :

Modify below directives and matches the value to your web server environment :

ServerAdmin email address
This is where your problem with the server should be e-mailed. This address appears on some server-generated pages, such as error documents.

For example:

DocumentRoot directory-path
The top level directory for Apache server content. The apache user requires read access to any files and read and execute access to the directory and any of its sub-directories. Do not place a slash at the end of the directory path.

For example:

ServerName FQDN[:port]
Specifies the fully qualified domain name or IP address of the httpd server and an optional port on which the server listens. The FQDN must be resolvable to an IP address.

If you do not specify a FQDN, the server performs a reverse-name lookup on the IP address. If you do not specify a port, the server uses the port corresponding to the incoming request.

For example:

Apache http web server vs tomcat

AllowOverride Directive
In Apache 2.4, AllowOverride is set to None by default. When AllowOverride is set to None , then .htaccess files are completely ignored. In this case, the server will not even attempt to read .htaccess files in the filesystem.

When AllowOverride directive is set to All, then any directive which has the .htaccess Context is allowed in .htaccess files.

htaccess is short for Hypertext Access, is a configuration file for use on web servers running the Apache Web Server software. Most of the developers today use htaccess to configure the details of the blog or website without needed to alter the server config files.

For Example :

If you run a single web site, above configuration is sufficient for your apache web server.

To apply the new configuration, restart or reload the Apache web service :

or

Access the web server ip address :

If you run multiple websites, you can configure Apache virtual Host as mentioned on 5.3 below :

5.3 Configure Apache Virtual Hosts

Apache virtual hosts allow a single httpd web server to serve content for multiple domains or websites. Virtual host is defined in a Virtual Host container. The multiple virtual containers for multiple domains is specify in the VirtualHost directive.

Where to specify VirtualHost directive ?
Virtual hosts are configured using the <virtualhost> block inside the main configuration.

For ease of administration, i would recommend this virtual host blocks are not defined inside /etc/httpd/conf/httpd.conf. Instead, please create new separate configuration files in /etc/httpd/conf.d/.

Create separate configuration file to specify <virtualhost> block:

For Example :

The document root specifies in each containers or virtualhost blocks is applicable to this virtual host and overrides any DocumentRoot directive elsewhere in the configuration.

Upload sample index.html or index.php into both document root (/var/www/html/website1 and /var/www/html/website2).

To apply the new configuration, restart or reload the Apache web service :

or

6. Configure Firewalld to allow access to Apache http Server In Linux

By default, port 80 is blocked. Allow HTTP service in firewalld (host-based firewall for centOS 7). HTTP uses 80/TCP and HTTPS uses 443/TCP.

Finally, you can access both virtual URL will return you different contain :

Related Posts

  • How to Install Apache Httpd Web Server on Linux

    Apache Httpd is a common web server that was used in World Wide Web. It…

  • How to Install Apache Httpd Server on RHEL 6

    In this post, i will show on how to install Apache Httpd server on Redhat…

  • How to Install Nginx Web Server on CentOS 6.3

    Nginx or “engine x” is a free, open-source HTTP server and one of the alternative…

  • How to Install FTP Server Linux using ProFTPd

    Proftpd is one of the most popular FTP server, secure and reliable for the Linux…

  • How to List Available Apache httpd Web Server Package and Info on CentOS 6.2

    In this post, i will show on how to list available Apache httpd web server…

Home

Apache Web Server

What is Discovered and Monitored

Protocol

Information discovered

Metrics collected

Used for

SNMP

Application type

Process level metrics: CPU utilization, Memory utilization

Performance Monitoring

HTTP(S) via the mod-status module

Apachemetrics: Uptime, CPU load, Total Accesses, Total Bytes Connections, Requests/sec, Bytes/sec, Bytes/req, Busy Workers, Idle Workers

Performance Monitoring

Syslog

Application type

W3C access logs: attributes include Client IP, URL, User Agent, Referrer, HTTP Version, HTTP Method, HTTP Status Code, Sent Bytes, Received Bytes, Connection Duration

Security Monitoring and compliance

Event Types

In ADMIN > Device Support > Event, search for 'apache' in the Device Type and Description column to see the event types associated with this device.

Reports

InRESOURCE > Reports , search for 'apache' in the Name column to see the reports associated with this device.

Configuration

SNMP

FortiSIEM uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation. For more information, refer to sections 'Discovery Settings' and 'Setting Credentials' in the User Guide.

HTTPS

Configure Apache For Https

To communicate with FortiSIEM over HTTPS, you must configure the mod_status module in your Apache web server.

  1. Log in to your web server as an administrator.
  2. Open the configuration file /etc/Httpd.conf.
  3. Modify the file as shown in these code blocks, depending on whether you are connecting over HTTP without authentication, or over HTTPS with authentication.
    Without AuthenticationWith Authentication
  4. If you are using authentication, you will have to add user authentication credentials.
    1. Go to /etc/httpd, and if necessary, create an account directory.
    2. In the account directory, create two files, users and groups.
    3. In the groups file, enter admin:admin.
    4. Create a password for the admin user.

  5. Reload Apache.

You can now configure FortiSIEM to communicate with your device. For more information, refer to sections 'Discovery Settings' and 'Setting Credentials' in the User Guide.

What Is Apache Server

Syslog

Install and configure Epilog application to send syslog to FortiSIEM

  1. Download Epilog from Epilog download site and install it on your Windows Server.
  2. For Windows, launch Epilog from Start→All Programs→InterSect Alliance→Epilog for windows
  3. For Linux, type http://<yourApacheServerIp>:6162
  4. Configure Epilog application as follows
    1. Go to Log Configuration. Click Add button and add the following log files to be sent to FortiSIEM
      • /etc/httpd/logs/access_log
      • /etc/httpd/logs/ssl_access_log
    2. Go to Network Configuration
      1. Set AO System IP(all-in-1 or collector) in Destination Server address (10.1.2.20 here);
      2. Set 514 in Destination Port text area
      3. Click Change Configuration to save the configuration
    3. Apply the Latest Audit Configuration. Apache logs will now sent to FortiSIEM in real time.

Define the Apache Log Format

You must define the format of the logs that Apache will send to FortiSIEM.

Web
  1. Open the file /etc/httpd/conf.d/ssl.conf for editing.
  2. Add this line to the file.
  3. Uncomment this line in the file.
  4. Add this line to the file.
  5. Reload Apache.

Apache Syslog Log Format

Server

Settings for Access Credentials

SNMP Access Credentials for All Devices

Use these Access Method Definition settings to allow FortiSIEM to communicate with your device over SNMP. Set the Name and Community String.

SettingValue
Name<set name>
Device TypeGeneric
Access ProtocolSNMP
Community String<your own>

Settings for Apache Web Server HTTPS Access Credentials

Use these Access Method Definition settings to allow FortiSIEM to communicate with your Apache web server over https.

SettingValue
NameApache-https
Device Typegeneric
Access ProtocolHTTP or HTTPS
Port80 (HTTP) or 443 (HTTPS)
URLserver-status?auto
User NameThe admin account you created when configuring HTTPS
PasswordThe password associated with the admin account

Copyright © 2020 Fortinet, Inc. All Rights Reserved. Terms of Service Privacy Policy