Difference between revisions of "Apache HTTP Server"

From ArchWiki
Jump to: navigation, search
m (PHP)
m (deny from all changing notification)
Line 91: Line 91:
 
   
 
   
 
  <Directory "/srv/http">
 
  <Directory "/srv/http">
to whatever you changed your DocumentRoot to, or you will likely get a 403 error (lack of privileges) when you try to access the new document root.
+
to whatever you changed your DocumentRoot to, or you will likely get a 403 error (lack of privileges) when you try to access the new document root. Don't forget to change the Deny from all line, otherwise you will get 403 error too.
  
 
=== PHP ===
 
=== PHP ===

Revision as of 07:23, 3 October 2009

Template:I18n links start Template:I18n entry Template:I18n entry Template:I18n entry Template:I18n entry Template:I18n entry Template:I18n entry Template:I18n entry Template:I18n links end

Introduction

This document describes how to set up the Apache web server on an Arch Linux system. It also tells how to optionally install PHP and MySQL and integrate these in the Apache server. This combination is commonly referred to as LAMP (Linux Apache MySQL PHP).

If you only need a web server for development and testing, Xampp might be a better and easier option.

Installation

# pacman -S apache php php-apache mysql

This document assumes you will install Apache, PHP and MySQL together. If desired however, you may install Apache, PHP, and MySQL separately and simply refer to the relevant sections below. Template:Box Note

Configuration

Apache

  • Create the user http (this account may already exist):
# useradd http
127.0.0.1  localhost.localdomain   localhost

Note: If you want a different hostname, append it to the end:

127.0.0.1  localhost.localdomain   localhost myhostname
#
# Networking
#
HOSTNAME="localhost"
  • Make sure the hostname appears in /etc/hosts or apache will fail to start. Alternatively, you can

edit Template:Filename as root and comment the following module:

LoadModule unique_id_module        modules/mod_unique_id.so

It should now appear as:

#LoadModule unique_id_module        modules/mod_unique_id.so


  • Run the following in a terminal as root to start the HTTP server:
# /etc/rc.d/httpd start
  • Apache should now be running. Test by visiting http://localhost/ in a web browser. It should display a simple Apache test page.
  • To start Apache automatically at boot, edit Template:Filename as root and add the httpd daemon:
DAEMONS=(... httpd ...)

Or add this line to Template:Filename:

/etc/rc.d/httpd start
UserDir public_html

and

<Directory /home/*/public_html>
  AllowOverride FileInfo AuthConfig Limit Indexes
  Options MultiViews Indexes SymLinksIfOwnerMatch ExecCGI
  <Limit GET POST OPTIONS PROPFIND>
    Order allow,deny
    Allow from all
  </Limit>
  <LimitExcept GET POST OPTIONS PROPFIND>
    Order deny,allow
    Deny from all
  </LimitExcept>
</Directory>

You must make sure that your home directory permissions are set properly so that Apache can get there. Your home directory and ~/public_html/ must be executable for others ("rest of the world"). This seems to be enough:

$ chmod o+x ~
$ chmod o+x ~/public_html

There may be some other, more-secure ways of setting the permissions by creating a special group and allowing only Apache and you to enter there... You know how paranoid you are.

Advanced Options

These options in Template:Filename might be interesting for you:

 # Listen 80

This is the port Apache will listen to. For Internet-access with router, you have to forward the port.

 # ServerAdmin sample@sample.com

This is the admin's email-address which can be found on error-pages e.g.

 # DocumentRoot "/srv/http"

This is the directory where you should put your web pages. Change it, if you want to, but don't forget to change the

<Directory "/srv/http">

to whatever you changed your DocumentRoot to, or you will likely get a 403 error (lack of privileges) when you try to access the new document root. Don't forget to change the Deny from all line, otherwise you will get 403 error too.

PHP

PHP is practically available out of the box now.

NOTE: Place them at the end of "LoadModule" list or bottom of the file.

LoadModule php5_module modules/libphp5.so
Include conf/extra/php5_module.conf
open_basedir = /home/:/tmp/:/usr/share/pear/:/path/to/documentroot

NOTE Should not be necessary anymore (18.08.2009) Suggestion - Add your document root as follows: this is the default

open_basedir = /srv/http:/home/:/tmp/:/usr/share/pear/
  • Restart the Apache service to make changes take effect (as root):
# /etc/rc.d/httpd restart
  • Test PHP with a simple, but very informative script:
<?php
  phpinfo();
?>

Save this file as Template:Filename and copy to /srv/http/ or to ~/public_html if you permitted such a configuration.

NOTE: If the php instruction is not executed (you see : <html>...</html>), add this to your Template:Filename:

 AddType application/x-httpd-php .php
 AddType application/x-httpd-php-source .phps

Advanced options

DirectoryIndex index.php index.phtml index.html
  • If you want the libGD module, install php-gb package and uncomment in Template:Filename:
;extension=gd.so

to

extension=gd.so

Pay attention to which extension you uncomment, as this extension is sometimes mentioned in an explanatory comment before the actual line you want to uncomment.

Note: PHP-gd requires libpng, libjpeg, and freetype2
  • If you want to display errors to debug your php code, change this line of Template:Filename:
display_errors = Off

to

display_errors = On
  • If you want the mcrypt module, install php-mcrypt package and uncomment in Template:Filename:
;extension=mcrypt.so

to

extension=mcrypt.so

MySQL

  • Configure MySQL as described at the MySQL wiki.
;extension=mysql.so
  • You can add minor privileged users for your web scripts by editing the tables found in the mysql database. You have to restart MySQL for changes to take effect. Don't forget to check the Template:Codeline table. If there's a second entry for root and your hostname is left with no password set, everybody from your host probably could gain full access. Perhaps see next section for these jobs.
  • Run in terminal (as root):
# /etc/rc.d/mysqld start
  • You may also need to restart Apache. Run in terminal (as root):
# /etc/rc.d/httpd restart
  • MySQL should now be running. Set the root password and test it by running
# mysqladmin -uroot password password
# mysql -uroot -ppassword

Type exit to exit from the CLI MySQL client

DAEMONS=(... mysqld ...)

Or add this line to Template:Filename:

/etc/rc.d/mysqld start
  • You can get the Template:Codeline message instantly whenever you try to connect to the MySQL daemon by TCP/IP. This is the TCP wrappers system (tcpd), which uses the hosts_access(5) system to allow or disallow connections.
  • If you're running into this problem, be sure to add this to your Template:Filename file:
 # mysqld : ALL : ALLOW
 # mysqld-max : ALL : ALLOW
 # and similar for the other MySQL daemons.
  • Notes: The examples above are the simplest case, telling tcpd to allow connections from anywhere. You may wish to use a more-appropriate choice of permissible sources instead of ALL. Just make sure that localhost and the IP address (numeric or DNS) of the interface by which you connect are specified.
skip-networking

to

#skip-networking

More Resources