Apache HTTP Server

From ArchWiki
Revision as of 20:13, 8 September 2008 by Rasat (Talk | contribs) (Configure PHP)

Jump to: navigation, search

Template:I18n links start Template:I18n entry Template:I18n entry Template:I18n entry Template:I18n entry Template:I18n entry Template:I18n entry Template:I18n links end

Apache, PHP, and MySQL

This document describes how to set up the Apache web server on an Arch Linux system. It also tells how to optionally install PHP and MySQL and integrate these in the Apache server.

Install Packages

# pacman -Sy apache php mysql

If you'd like, you can install Apache/PHP/MySQL separately. This document assumes you will install Apache, PHP and MySQL. But if you wish, you may only read the sections below that apply to the software you installed. Template:Box Note

Configure Apache

  • Create the user http
useradd http
  • Add this line to /etc/hosts (if the file doesn't exist, create it):
127.0.0.1  localhost.localdomain   localhost

Note: If you want a different hostname, append it to the end:

127.0.0.1  localhost.localdomain   localhost myhostname
  • Edit /etc/rc.conf: If you set a hostname in Step One, the HOSTNAME variable should be the same; otherwise, use "localhost":
#
# Networking
#
HOSTNAME="localhost"
  • Comment one module in Apache configuration
# nano /etc/httpd/conf/httpd.conf
LoadModule unique_id_module        modules/mod_unique_id.so

to

#LoadModule unique_id_module        modules/mod_unique_id.so
  • Run in terminal (as root):
# /etc/rc.d/httpd start
  • Apache should now be running. Test by visiting http://localhost/ in a web browser. It should display a simple Apache test page.
  • Edit /etc/rc.conf (to start Apache at boot):
DAEMONS=(... some daemons ... httpd)

Or add this line to rc.local:

/etc/rc.d/httpd start
  • If you want to use user directories (i.e. ~/public_html on the machine is accessed as http://localhost/~user/) to be available on the web, uncomment the following lines in /etc/httpd/conf/extra/httpd-userdir.conf:
UserDir public_html

and

<Directory /home/*/public_html>
  AllowOverride FileInfo AuthConfig Limit Indexes
  Options MultiViews Indexes SymLinksIfOwnerMatch ExecCGI
  <Limit GET POST OPTIONS PROPFIND>
    Order allow,deny
    Allow from all
  </Limit>
  <LimitExcept GET POST OPTIONS PROPFIND>
    Order deny,allow
    Deny from all
  </LimitExcept>
</Directory>

You must make sure that your home directory permissions are set properly so that Apache can get there. Your home directory and ~/public_html/ must be executable for others ("rest of the world"). This seems to be enough:

$ chmod o+x ~
$ chmod o+x ~/public_html

There may be some other, more-secure ways of setting the permissions by creating a special group and allowing only Apache and you to enter there... You know how paranoid you are.

Additional options

This options in /etc/httpd/conf/httpd.conf might be interesting for you:

 # Listen 80

This is the port Apache will listen to. For Internet-access with router, you have to forward the port.

 # ServerAdmin sample@sample.com

This is the admin's email-address which can be found on error-pages e.g.

 # DocumentRoot "/srv/http"

This is the directory where you should put your web pages. Change it, if you want to, but don't forget to change the

<Directory "/srv/http">

to whatever you changed your DocumentRoot to.

Configure PHP

PHP is practically available out of the box now.

  • Add these line in /etc/httpd/conf/httpd.conf
LoadModule php5_module modules/libphp5.so
Include conf/extra/php5_module.conf

Apache2:

LoadModule php5_module  /usr/lib/httpd/modules/libphp5.so
AddHandler php5-script php

http://dan.drydog.com/apache2php.html

  • Remember to add a file handler for .phtml if you need it in /etc/httpd/conf/extra/php5_module.conf:
DirectoryIndex index.php index.phtml index.html
  • If you want the libGD module, uncomment in /etc/php/php.ini:
;extension=gd.so

to

extension=gd.so
  • If your DocumentRoot is outside of /home/, add it to open_basedir in /etc/php/php.ini as such:
open_basedir = /home/:/tmp/:/usr/share/pear/:/path/to/documentroot
suggestion - Add your document root as follows:
open_basedir = /home/:/tmp/:/usr/share/pear/:/srv/http
  • Restart the Apache service to make changes take effect (as root):
# /etc/rc.d/httpd restart
  • Test PHP with a simple, but very informative script:
<html>
<head>
<title>PHP Test Page</title>
</head>

<body>
This is Arch Linux, running PHP.

<?php
  phpinfo();
?>
</p>
</body>
</html>

Save this file as test.php and copy to /srv/http/ or to ~/public_html if you permitted such a configuration.

If you continue to have problems, edit your /etc/httpd/conf/httpd.conf file with the following information

  • Edit your httpd.conf file
nano /etc/httpd/conf/httpd.conf
  • Under <IfModule mime_module>
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
  • Restart Apache
# /etc/rc.d/httpd restart

Be sure to test the page again to verify it's working properly (as stated above)

Setup MySQL support

Do these steps only if you want MySQL support. Configure MySQL as described here: MySQL

  • Edit /etc/php/php.ini (this is in /usr/etc on older systems) to uncomment the following line (By removing ;):
;extension=mysql.so
  • You can add minor privileged users for your web scripts by editing the tables found in the mysql database. You have to restart MySQL for changes to take effect. Don't forget to check the mysql/users table. If there's a second entry for root and your hostname is left with no password set, everybody from your host probably could gain full access. Perhaps see next section for these jobs.
  • You can get the "error no. 2013: Lost Connection to mysql server during query" message instantly whenever you try to connect to the MySQL daemon by TCP/IP. This is the TCP wrappers system (tcpd), which uses the hosts_access(5) system to allow or disallow connections.
  • If you're running into this problem, be sure to add this to your /etc/hosts.allow file:
 # mysqld : ALL : ALLOW
 # mysqld-max : ALL : ALLOW
 # and similar for the other MySQL daemons.
  • Notes: The examples above are the simplest case, telling tcpd to allow connections from anywhere. You may wish to use a more-appropriate choice of permissible sources instead of ALL. Just make sure that localhost and the IP address (numeric or DNS) of the interface by which you connect are specified.
  • You might also need to edit /etc/my.cnf and comment out the skip-networking line as such:
skip-networking

to

#skip-networking