Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Services CSCI N321 – System and Network Administration Copyright © 2007,2008 by Scott Orr and the Trustees of Indiana University.

Published byEthan Malone Modified over 8 years ago

Similar presentations

Presentation on theme: "Web Services CSCI N321 – System and Network Administration Copyright © 2007,2008 by Scott Orr and the Trustees of Indiana University."— Presentation transcript:

1 Web Services CSCI N321 – System and Network Administration Copyright © 2007,2008 by Scott Orr and the Trustees of Indiana University

2 Section Overview HTTP Protocol Apache Configuration HTTPS/SSL Virtual Hosts

3 References Apache Site – http://www.apache.orghttp://www.apache.org RedHat Deployment Guide Chapter 22 – Apache HTTP Server

4 World Wide Web Components WidgetWebServer UserWorkstation Widget 2.0 ------------------------------ Download Demo Buy it Now Name: CC #: Submit Reset Browser

5 Hypertext Transfer Protocol GET /index.html HTTP/1.1 Host: tempest.cs.iupui.edu HTTP/1.1 200 OK Date: Sun, 25 Nov 2007 20:43:31 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Thu, 16 Aug 2007 01:48:43 GMT ETag: "50602ec-71-4638f4c0" Accept-Ranges: bytes Content-Length: 113 Connection: close Content-Type: text/html; charset=UTF-8 File Content…

6 HTTP Status Codes 1xx – Informational 2xx – Success 3xx – Redirection 4xx – Client Error 5xx – Server Error

7 Common Gateway Interface (CGI) Allowed for dynamic web content Relies on external programs Form processing Parameters passed as part of URL Outputs valid context Header/Content Coding problems create security issues!

8 Web Server Market Share Source: www.netcraft.com

9 Web Server – Active Sites Source: www.netcraft.com

10 Apache Web Server Runs on multiple platforms Modules define capabilities SSL Support Web Hosting Multiple IP/Posts Virtual Hosts Proxies /etc/http/conf/httpd.conf & /etc/httpd/conf.d

11 Basic Apache Configuration ServerRoot – Where to find configuration Listen – Which port(s) to bind Daemon Ownership User Group ServerAdmin – Email address for Administrator ServerName – FQDN for server DocumentRoot – Web content directory DirectoryIndex – Files to load if only directory specified LoadModule – Feature module code to include Many included by default LoadModule

12 Basic Performance Settings Persistent Connections KeepAlive Off MaxKeepAliveRequests 100 KeepAliveTimeout 15 Concurrent Daemons (prefork module) StartServers 8 MinSpareServers 5 MaxSpareServers 20 ServerLimit 256 MaxClients 256 MaxRequestsPerChild 4000

13 Web Request Logging Remote Address (%h) Client ID (%l) Authenticated User (%u) Date/Time of Request (%t) Request Line (\"%r\" ) Request Status (%s) Size of data sent to client (%b) Referrer and Client info can also be included

14 Log Files access_log - All web page requests error_log – Problems & Failed requests agent_log – Client info (browser/OS) referrer_log – Site that directed to URL Combined logs – Merge access_log, agent_log and referrer_log into one file

15 Directory Specific Settings Override system defaults Enclosed in Options – Features to allow/disallow Indexes Includes/IncludesNOEXEC FollowSymLinks/SymLinksIfOwnerMatch Multiviews All Multiple Options not merged, ‘+’ and ‘-’ to merge Limit - Access Control Allow/Deny Order

16 User Personal Sites URL: http:// /~ / Activation # UserDir Disabled UserDir public_html

17 .htaccess If present in directory, modifies settings AllowOverride Must be in directive for tree Can be all All or list specific settings Password Authentication Require directive in limit htpasswd - create users/passwords

18 .htaccess Example AuthUserFile /etc/httpd/.htpasswd AuthGroupFile /dev/null AuthName "HTAccess Demo" AuthType Basic require valid-user

19 Secure Socket Layer Used to encrypt web traffic SSL Directives SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite HIGH:MEDIUM SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key

20 Generating a Self-Signed Cert openssl req -new > new.cert.csr openssl rsa -in privkey.pem -out new.cert.key openssl x509 -in new.cert.csr -out new.cert.cert \ -req -signkey new.cert.key -days 3650 cp new.cert.key \ /etc/httpd/conf/ssl.key/server.key cp new.cert.cert \ /etc/http/conf/ssl.crt/server.crt service httpd restart

21 Virtual Hosts Multiple sites using the same server IP Based Port Based Name Based (No SSL support) Example (Name) DocumentRoot /var/www/webmail/ ServerName webmail.cs.iupui.edu

22 Security Notes Remove unneeded CGI Scripts Minimize use of external executables If needed, limit scope suexec Options –IncludeNOEXEC AllowOverride None/AuthConfig Options –Indexes -FollowSymLinks Prevent Fingerprinting ServerSignature Off ServerTokens Prod

Download ppt "Web Services CSCI N321 – System and Network Administration Copyright © 2007,2008 by Scott Orr and the Trustees of Indiana University."

Similar presentations

What all is there Inside the Apache web server. These slides are part of study material of LAMP course. Course conducted by Prof Rocky Jagtiani – Technical.

What all is there Inside the Apache web server. These slides are part of study material of LAMP course. Course conducted by Prof Rocky Jagtiani – Technical.
Apache2 HTTPS. 1. Install webserver Apache # apt-get install apache2 2. Buat direktori untuk menyimpan file https # mkdir /var/www/secure 3. Instalasi.

Apache2 HTTPS. 1. Install webserver Apache # apt-get install apache2 2. Buat direktori untuk menyimpan file https # mkdir /var/www/secure 3. Instalasi.
Web Server Onno W. Purbo Web server.

Web Server Onno W. Purbo Web server.
HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.

HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.
Apache Configuration Setting up a web server. Basic Server Facts Runs on port 80 Server application -> httpd Richly configurable Many defaults will let.

Apache Configuration Setting up a web server. Basic Server Facts Runs on port 80 Server application -> httpd Richly configurable Many defaults will let.
How the web works: HTTP and CGI explained

How the web works: HTTP and CGI explained
CSE 190: Internet Commerce Lecture 4: Web Servers.

CSE 190: Internet Commerce Lecture 4: Web Servers.
The World Wide Web and the Internet Dr Jim Briggs 1WUCM1.

The World Wide Web and the Internet Dr Jim Briggs 1WUCM1.
Configuring a Web Server. Overview  Understand how a Web server works  Install IIS (Internet Information Services) and Apache Web servers  Examine.

Configuring a Web Server. Overview  Understand how a Web server works  Install IIS (Internet Information Services) and Apache Web servers  Examine.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
CP476 Internet Computing Browser and Web Server 1 Web Browsers A client software program that allows you to access and view Web pages on the Internet –Examples.

CP476 Internet Computing Browser and Web Server 1 Web Browsers A client software program that allows you to access and view Web pages on the Internet –Examples.
Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.

Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.
1 Web Servers Web Protocols and Practice Chapter 4.

1 Web Servers Web Protocols and Practice Chapter 4.
APACHE SERVER By Innovationframes.com »

APACHE SERVER By Innovationframes.com »
Virtual Hosts The apache server can handle multiple “web sites” at a time – a web service provider company may have multiple different sites to offer (see.

Virtual Hosts The apache server can handle multiple “web sites” at a time – a web service provider company may have multiple different sites to offer (see.
Linux Operations and Administration

Linux Operations and Administration
Appendix: Installing AMP (Apache + MySQL + PHP). Training Course, CS, NCTU 2 AMP  AMP A – Apache Web Server M – MySQL Database Server P – PHP Language.

Appendix: Installing AMP (Apache + MySQL + PHP). Training Course, CS, NCTU 2 AMP  AMP A – Apache Web Server M – MySQL Database Server P – PHP Language.
CSN11121 System Administration and Forensics Week 5: Essential Apache and Log Analysis Module Leader: Dr Gordon Russell Lecturers: G. Russell, R.Ludwiniak.

CSN11121 System Administration and Forensics Week 5: Essential Apache and Log Analysis Module Leader: Dr Gordon Russell Lecturers: G. Russell, R.Ludwiniak.
Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as e-mail.

Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as .
Apache Setting up a Web (httpd) server. Apache Apache is the utility used by Linux servers to provide Web services (http services). It is the most popular.

Apache Setting up a Web (httpd) server. Apache Apache is the utility used by Linux servers to provide Web services (http services). It is the most popular.

Similar presentations

Ads by Google