46.3. Configuration

SUSE LINUX Documentation Chapter 46. The Apache Web Server / 46.3. Configuration
	46.2. Installation		46.4. Virtual Hosts

Apache in SUSE Linux can be configured in two different ways: with YaST or manually. Manual configuration offers a higher level of detail, but lacks the convenience of the YaST GUI.

	Configuration Changes
Changes to some configuration values for Apache only take effect after Apache is restarted. This happens automatically when finishing the configuration using YaST with ‘Enabled’ checked for the ‘HTTP Service’. Manual restart is described in Section 46.3.3, “Activating, Starting, and Stopping Apache”. Most configuration changes only require a reload with rcapache2 reload.

46.3.1. Configuring Apache with YaST

With YaST, you can turn a host in your network into a Web server. To configure such a server, start YaST and select ‘Network Services’+‘HTTP Server’. When starting the module for the first time, the HTTP Server Wizard starts, prompting you to make just a few basic decisions concerning administration of the server.

46.3.1.1. HTTP Server Wizard

The HTTP Server Wizard consists of five steps or dialogs. In the last step of the dialog, you are given the opportunity to enter the expert configuration mode to make even more specific settings.

Network Device Selection

Here, specify the network interfaces and ports Apache uses to listen for incoming requests. You can select any combination of existing network interfaces and their respective IP addresses. Ports from all three ranges (well-known ports, registered ports, and dynamic or private ports) that are not reserved by other services can be used.

The default setting is to listen on all network interfaces (IP addresses) on port 80. When the firewall is enabled, you can check whether to enable Apache ports on the firewell.

Check ‘Open Firewall for Selected Ports’ to open the ports in the firewall that the Web server listens on. This is necessary to make the Web server available on the network, which can be a LAN, WAN, or the public Internet. Keeping the Listen port closed is useful in test situations where no external access to the Web server is necessary. If you are satisfied with the default settings or if you have made any changes, click ‘Next’ to continue with configuration.

Figure 46.1. HTTP Server Wizard: Network Device Selection

Modules

The SUSE Linux Apache package comes with a wide variety of Apache modules. Modules extend Apache's functionality and are available for a wide range of tasks. The ‘Modules’ configuration option allows for the loading and unloading of various Apache modules at when the server is started. For a more detailed explanation of modules, refer to Section 46.5, “Apache Modules”. Click ‘Next’ to continue.

Figure 46.2. HTTP Server Wizard: Modules

Default Host

This option pertains to the default Web server. As explained in Section 46.4, “Virtual Hosts”, Apache can serve multiple domains from a single physical machine. The first declared domain (or VirtualHost) in the configuraton file is commonly referred to as the Default Host. To edit the host settings, choose the appropriate entry in the table then click ‘Edit’. To add a new host, click ‘Add’. To delete a host, select it and click ‘Delete’.

In this step, you can decide to add an SSL (secure sockets layer) option and value to the host settings. You can read more about this in Section 46.3.1.3, “Adding SSL Support”.

Figure 46.3. HTTP Server Wizard: Default Host

Here is list of the default settings of the server:

Document Root

As described in Section 46.2.3.4, “Document Root”, /srv/www/htdocs is the default location from which Apache serves Web pages.

Directory

/srv/www/htdocs is the location of the Web pages.

Alias

With the help of Alias directives, URLs can be mapped to physical file system locations. This means that a certain path even outside the Document Root in the file system can be accessed via a URL aliasing that path.

The default SUSE Linux Alias /icons points to /usr/share/apache2/icons for the Apache icons displayed in the directory index view.

Directory

/usr/shareapache2/icons is the location of the Alias directory.

Script Alias

Similar to the Alias directive, the ScriptAlias directive maps a URL to a file system location. The difference is that ScriptAlias designates the target directory as a CGI location, meaning that CGI scripts should be executed in that location.

Directory

/srv/www/cgi-bin is the location of the ScriptAlias directory.

Include

/etc/apache2/conf.d/*.conf is the directory containing the configuration files that come with certain packages. /etc/apache2/conf.d/apache2-manual?conf is the directory containing all apache2-manual configuration files.

Server Resolution

This option refers to Section 46.4, “Virtual Hosts”.

‘Determine Request Server by HTTP Headers’ lets a VirtualHost answer on a request to its server name (see Section 46.4.1, “Name-Based Virtual Hosts”).

‘Determine Request Server by Server IP Address’ makes Apache select the requested host by the HTTP header information the client sends. See Section 46.4.2, “IP-Based Virtual Hosts” for more details on IP-based virtual hosts.

Server Name

This specifies the default URL used by clients to contact the Web server. Usa a FQDN (see Domain) to reach the Web server at http://FQDN or its IP address.

Server Administrator E-Mail

Provide the Web server administrator's e-mail address for ‘Server Administrator E-Mail’.

After finishing with the ‘Default Host’ step, click ‘Next’ to continue with the configuration dialog.

Virtual Hosts

In this step, the wizard displays a list of already configured virtual hosts (see Section 46.4, “Virtual Hosts”). One of the hosts is marked as default (with an asterisk next to the server name). To set a default host, select the server and click ‘Set as Default’.

To add a host, click ‘Add’ and a dialog appears in which to enter basic information about the host. ‘Server Indentification’ includes the server name, server contents root, and administrator e-mail. The help text in the left frame of the window explains each of these items in detail. ‘Server Resolution’ is used to determine how a host is identified. You can specify whether to determine a request server from HTTP headers or by server IP address by selecting the respective option. The other possibility is to determine the virtual host by the IP address used by the client when connecting to the server. You can also choose to enable SSL support by checking that option. The certificate file path can also be specified. By clicking ‘Browse’, the default directory /etc/apache2/ssl.crt is displayed. After all information has been entered, click ‘Next’ to continue to the final step of configuration.

Figure 46.4. HTTP Server Wizard: Virtual Hosts

Summary

This is the final step of the wizard. Here, determine how and when the Apache server is started: when booting or manually. The port selected earlier is also displayed along with the default and virtual hosts. If you are satisfied with your settings, click ‘Finish’ to complete configuration.

Figure 46.5. HTTP Server Wizard: Summary

46.3.1.2. HTTP Server Expert Configuration

The HTTP Server module also lets you make even more adjustments to the configuration. Click ‘HTTP Server Expert Configuration’ to see more configuration options. The following changes can then be made:

Listen On: Selecting the ‘Listen on’ setting and clicking ‘Edit’ opens a new window in which you can add, delete, or edit entries.
Modules: By selecting the ‘Modules’ settings and clicking ‘Edit’, you can change the status of Apache2 modules by clicking ‘Toggle Status’. Click ‘Add Module’ to add a new module.
Default Host: Selecting ‘Default Host’ and clicking ‘Edit’ lets you edit host settings. You can also add, edit, or delete options.
Hosts: By selecting ‘Hosts’ and clicking ‘Edit’, you can add, delete, edit, or select a host as the default.

In all of the preceding dialogs, you can click ‘Log Files’ to view the error log and access log. Click ‘OK’ to complete configuration and return to the YaST Control Center.

46.3.1.3. Adding SSL Support

To add an SSL option to the host, click ‘Add’ from step three (default host) of the HTTP Server Wizard. If your server has already been set up and you no longer have access to the wizard, you can set up an SSL option by selecting ‘Default Hosts’ from the HTTP Server Configuration dialog or clicking ‘Edit’, and ‘Add’. In both cases, a pop-up window appears in which you scroll to an ‘SSL’ option and confirm with ‘OK’. You are then asked to enter a value for the option selected. This may be as simple as setting the value to on or off, however, the dialog may require that you enter an appropriate value. If uncertain, refer to documentation for value parameters when configuring SSL. After you click ‘OK’, the option and value appear in the host configuration list. Clicking ‘Next’ takes you to the next step in the configuration dialog.

If ‘SSL’ appears in the host configuration list, click ‘Edit’ to open the SSL configuration dialog. If it is not displayed, click ‘Add’, select‘SSL’, and ‘OK’ and the dialog opens automatically. Here, add, delete, or edit SSL options. Click ‘OK’ to return to the HTTP Server Wizard.

46.3.2. Configuring Apache Manually

Configuring Apache manually involves editing the plain text configuration files as the user root.

	No SuSEconfig Module for Apache2
The SuSEconfig module for Apache2 has been removed from SUSE Linux. It is no longer necessary to run `SuSEconfig` after changing `/etc/sysconfig/apache2`.

46.3.2.1. `/etc/sysconfig/apache2`

/etc/sysconfig/apache2 controls some global settings of Apache, like modules to load, additional configuration files to include, flags with which the server should be started, and flags that should be added to the command line. Every configuration option in this file is extensively documented and therefore not mentioned here. For a general-purpose Web server, /etc/sysconfig/apache2 should be sufficient for any configuration needs. If a specific configuration is needed, refer to Section 46.3.2.2, “Apache Directives in /etc/apache2/httpd.conf: Global Environment ”.

Files Created Automatically on Server Start

	Files Created Automatically on Server Start
`/etc/sysconfig/apache2` creates or edits the following files automatically when the Web server is started or restarted. `/etc/apache2/sysconfig.d/loadmodule.conf`—modules that are loaded at runtime `/etc/apache2/sysconfig.d/global.conf`—serverwide general settings `/etc/apache2/sysconfig.d/include.conf`—list of included configuration files Do not edit these files manually. Instead, edit the corresponding settings in `/etc/sysconfig/apache2`.

/etc/sysconfig/apache2 creates or edits the following files automatically when the Web server is started or restarted.

/etc/apache2/sysconfig.d/loadmodule.conf—modules that are loaded at runtime
/etc/apache2/sysconfig.d/global.conf—serverwide general settings
/etc/apache2/sysconfig.d/include.conf—list of included configuration files

Do not edit these files manually. Instead, edit the corresponding settings in /etc/sysconfig/apache2.

For fine-grained configuration tweaks, look at the files in /etc/apache2/*, specifically for changes on manual configuration of virtual hosts, the global environment, or the main server.

46.3.2.2. Apache Directives in /etc/apache2/httpd.conf: Global Environment

SUSE Linux uses /etc/apache2/httpd.conf as a central point of reference for other configuration files. Edit the file only to enable features that are not available in /etc/sysconfig/apache2. The directives in the Global Environment section of httpd.conf affect the overall operation of Apache.

The following sections describe some of the directives that are not available in YaST. Core directives like Document Root (Document Root) are essential and required both in Global Environment and for VirtualHost.

The following parameters and directives are ordered by logical affiliation and configuration scope. All of these should be set in /etc/apache2/httpd.conf.

46.3.2.2.1. `LoadModule` `module_identifier` `/path/to/module`

The LoadModule directive specifies an Apache module to load at runtime. module_identifier is the name of the module according to its documentation. /path/to/module can be an absolute or relative path pointing to the file.

Example 46.1. LoadModule Directive

LoadModule rewrite_module /usr/lib/apache2-prefork/mod_rewrite.so

On SUSE Linux, it is not necessary to use LoadModule statements directly. Instead, APACHE_MODULE is used in /etc/sysconfig/apache2.

46.3.2.2.2. `MaxClients` `number`

The maximum number of clients Apache can handle concurrently. MaxClients must be large enough to handle as many simultaneous requests as the Web site expects to receive, but small enough to assure that there is enough physical RAM for all processes.

46.3.2.2.3. `Timeout` `seconds`

Specifies the time period Apache waits before reporting a time-out for a request.

46.3.2.3. Apache Directives in /etc/apache2/httpd.conf: Main Server

The directives in the Main Server section apply when client requests are not handled by any VirtualHost and therefore need to be processed by a default or main server. Additionally, the parameters defined in this context are the defaults for all configured virtual hosts. As a consequence, all of the directives in the Main Server can also be set in the VirtualHost context, overwriting the defaults.

46.3.2.3.1. `DirectoryIndex` `filenames`

Set which files Apache should search to complete a URL lacking a file specification. The default setting is index.html. For example, if the client requests the URL http://www.example.com/foo/ and the directory foo contains a file called index.html, Apache delivers this page to the client. Declare multiple files by separating them with spaces.

Example 46.2. DirectoryIndex Directive

DirectoryIndex index.html index.shtml start.php begin.pl

46.3.2.3.2. `AllowOverride` `All | None |` `option`

This directive can only be used inside a <Directory></Directory> declaration. See Directory.

AllowOverride specifies what access and display options a .htaccess file (or other files specified by AccessFileName as described in Section 46.3.2.3.3, “AccessFileName filenames ”) can override.

Possible values are:

All: All options can be overridden by a .htaccess file.
None: No option can be overridden by a .htaccess file.
AuthConfig: Directories can be password protected with the help of a .htaccess file.
FileInfo: Allows the use of directives controlling document types within a .htaccess file. A typical example for this is to configure custom error pages with ErrorDocument (see http://httpd.apache.org/docs-2.0/mod/core.html#errordocument).
Indexes: In the event that no DirectoryIndex document is found, this parameter allows Apache to control the display of directory contents.
Limit: Controls access to a directory or to certain files for clients. The directives Allow, Deny, and Order are used within a .htaccess file for this purpose. For usage of these directives, see the access module documentation (http://httpd.apache.org/docs-2.0/mod/mod_access.html).
Options: Allow the usage of the Options and XBitHack directives within a .htaccess file. The Options directive (http://httpd.apache.org/docs-2.0/mod/core.html#options) controls which server features are available in a particular directory. The XBitHack directive (http://httpd.apache.org/docs-2.0/mod/mod_include.html#xbithack) allows files with the execute bit set to be parsed as SSI (see Section 46.5.1.1, “Server-Side Includes with mod_include ”).

	Important
These settings are applied recursively to the current directory and its subdirectories. These options, except `All` and `None`, can be combined, separated by spaces.

Example 46.3. AllowOverride Directive

<Directory /srv/www/htdocs>
    AllowOverride None
</Directory>
<Directory /srv/www/htdocs/project>
    AllowOverride All
</Directory>
<Directory /srv/www/htdocs/project/webapp>
    AllowOverride Indexes Limit AuthConfig
</Directory>

46.3.2.3.3. `AccessFileName` `filenames`

AccessFileName sets the name for the files that can override the global access permissions and other settings for directories (see Directory).

The default setting is .htaccess. Declare multiple files by separating them with spaces.

Example 46.4. AccessFileName Directive

AccessFileName .htaccess .acl permission.txt

46.3.2.3.4. `ErrorLog` `file | "|command"`

Specifies the name of the file to which Apache logs error messages. Alternatively, Apache can also log to a command or script. The default setting is /var/log/apache2/error_log.

Example 46.5. ErrorLog Directive

ErrorLog /var/log/apache2/error_log
ErrorLog "|/path/to/script"

46.3.2.3.5. `LogLevel` `level`

This sets the verbosity of the log messages to record. In ascending order of level of verbosity (and descending severity of messages), level can be

emerg
alert
crit
error
warn
notice
info
debug

The default setting is warn, which is recommended for everyday operation. For debugging purposes, info and debug provide helpful information.

Example 46.6. LogLevel Directive

LogLevel debug

46.3.2.4. Apache Directives in /etc/apache2/httpd.conf: Virtual Hosts Section

To maintain multiple domains or hostnames on one physical machine, VirtualHost containers are needed. They are declared in Virtual Hosts sections of the configuration. For more details on the syntax for and functionality of virtual hosts, refer to Section 46.4, “Virtual Hosts”.

46.3.3. Activating, Starting, and Stopping Apache

To activate the Apache Web server at boot time, use YaST's runlevel editor. To start it, select ‘System’+‘System Services (Runlevel)’ in YaST. Then navigate to the ‘apache2’ entry. Choose ‘Enable’ to have Apache start automatically when the machine is booted. Experienced users may want to use the chkconfig tool to achieve the same on the command line: /sbin/chkconfig -a apache2.

To start or stop Apache, use the /usr/sbin/rcapache2 script as the root user. /usr/sbin/rcapache2 takes the following parameters for starting and stopping the Apache Web server:

start

Starts the Apache Web Server.

startssl

Starts the Apache Web Server with SSL support. For information about configuring Apache with SSL, refer to Section 46.3.1.3, “Adding SSL Support” and Section 46.5.2.2, “Secure Sockets Layer and Apache: mod_ssl”.

stop

Stops the Apache Web server.

configtest

Tests the Apache configuration without actually stopping, starting, or restarting the Web server. Because this test is forced everytime the server is started, reloaded, or restarted, it is usually not necessary to run the test explicitly.

restart

First stops then starts the Web server again.

try-restart

Restarts the Web server if it is running.

restart-hup

Restarts the Apache Web server by sending it a SIGHUP signal. This is normally not used.

graceful and reload

Stops the Web server by advising all forked Apache processes to first finish their request before shutting down. As each process dies, it is replaced by a newly started one, resulting in complete "restart" of Apache.

	Tip
rcapache2 `reload` is the preferred method of restarting Apache in production environments, because it allows all clients to be served without causing connection break-offs.

status

Checks the runtime status of the Apache Web server.

Example 46.7. Example Output When Starting and Stopping Apache

tux@sun # rcapache2 status
Checking for httpd2:                                  unused

tux@sun # rcapache2 configtest
Syntax OK

tux@sun # rcapache2 start
Starting httpd2 (prefork)                             done

tux@sun # rcapache2 status
Checking for httpd2:                                  running

tux@sun # rcapache2 graceful
Reload httpd2 (graceful restart)                      done

tux@sun # rcapache2 status
Checking for httpd2:                                  running

A malformed configuration file can result in Apache not starting correctly or not starting at all. When not starting at all, there might not even be any message displayed. Always check the main error log for every start and restart.