Difference between revisions of "Talk:Apache HTTP Server"

From ArchWiki
Jump to: navigation, search
m (Removal of Create a key and (self-signed) certificate section: unsigned)
m (Signed the comment)
 
Line 61: Line 61:
 
At first, I tried following the suggested [[OpenSSL#Certificates]] section instead (as per recommendation in the banner), but found it confusing, at least in the context of setting up an Apache server. After reading [[OpenSSL#Certificates]] I still wasn't sure which output is which, had to go and check with the man pages, Apache docs and search on the internet to be certain (which defeats the purpose of having it on the wiki).  
 
At first, I tried following the suggested [[OpenSSL#Certificates]] section instead (as per recommendation in the banner), but found it confusing, at least in the context of setting up an Apache server. After reading [[OpenSSL#Certificates]] I still wasn't sure which output is which, had to go and check with the man pages, Apache docs and search on the internet to be certain (which defeats the purpose of having it on the wiki).  
  
On the other hand, examples provided in current [[Apache HTTP Server#Create a key and (self-signed) certificate]] are short and to the point, relevant to Apache server configuration. '''server.key''' and '''server.crt''' output names are self-explanatory.  My vote is for this section to stay as it is and provide a link to [[OpenSSL#Certificates]] for further information.
+
On the other hand, examples provided in current [[Apache HTTP Server#Create a key and (self-signed) certificate]] are short and to the point, relevant to Apache server configuration. '''server.key''' and '''server.crt''' output names are self-explanatory.  My vote is for this section to stay as it is and provide a link to [[OpenSSL#Certificates]] for further information. [[User:Romstor|Romstor]] ([[User talk:Romstor|talk]]) 13:04, 25 September 2018 (UTC)
 
 
{{Unsigned|19:32, 24 September 2018‎ (UTC)|Romstor}}
 

Latest revision as of 13:04, 25 September 2018

PID-errors

Keep getting PID-errors: systemd[1]: PID file /run/httpd/httpd.pid not readable (yet?) after start. (even when modules/mod_unique_id.so is disabled)

About the PHP Installation, mod_mpm_prefork seems not the best choice: https://serverfault.com/questions/383526/how-do-i-select-which-apache-mpm-to-use/383634#383634 I would vote for mod_proxy_handler

Beta990 (talk) 15:14, 16 March 2014 (UTC)

unique_id_module

If the service httpd don't start, take a look at /var/log/httpd/error_log. If appears this line: -[alert] (EAI 2)Name or service not known: mod_unique_id: unable to find IPv4 address of "myhost" you must uncomment the line: LoadModule unique_id_module. Restart httpd and now it should work. --Nak 17:22, 22 April 2007 (GMT+1)

Using SSL

Could the SSL section be expanded to include how to use .htaccess and mod_rewrite to redirect traffic for certain sections or the whole site? I found apache2-forcing-all-inbound-traffic-to-ssl to be a useful resource in this respect. Corburn 13:58, 23 March 2012 (EDT)

User Directories

Continuing discussion from the main page, you do not have to make your home directory world-readable in order to make your public_html directory available to the web server. To minimize home directory exposure, I generally set the permission for both /home/$USER and /home/$USER/public_html to 0750 and change the group ownership to http. E.g.:

mkdir -p $HOME/public_html
chmod 0750 $HOME $HOME/public_html
chown $USER:http $HOME $HOME/public_html

That way you have given only read (descend into) permission to the web server user for both your home directory and your userdir. David C. Rankin, J.D.,P.E. -- Rankin Law Firm, PLLC (talk) 07:22, 25 August 2015 (UTC)

userdir disable

I think that section need add:

#LoadModule userdir_module modules/mod_userdir.so

to fully disable userdir.

Jabalv (talk) 18:48, 25 December 2013 (UTC)

According to [1]:
"User directory substitution is not active by default in versions 2.1.4 and later. In earlier versions, UserDir public_html was assumed if no UserDir directive was present."
So I think it is safe to just not include the conf. --Lonaowna (talk) 18:20, 23 August 2014 (UTC)

Which MPM to use with php-fpm and mod_proxy_fcgi?

The section about php-fpm and mod_proxy_fcgi does not say which MPM (event, prefork, worker) is optimal for this configuration. If I understand correctly (but I'm not an expert), the default mpm_event_module would be the best choice. It would be good to document this, because users coming from a mod_php / mpm_prefork_module configuration would need to actively switch back to mpm_event_module. --Marcvangend (talk) 09:24, 23 November 2015 (UTC)

The best MPM to use is to be determined by individual benchmarks. But event MPM should be good as a default.


A good start would be to, at least, describe what MPMs are and what their main use is, since the term is used multiple times in the article. Something like:
Apache can be configured to use _one_ of several Multi-Processing Modules (MPMs), which affect performance and the way it allocates resources in response to requests. mpm-prefork: ... mpm-worker: ... mpm-event: ...
https://tweaked.io/guide/apache2/ has a short summary of MPM specifics; but we should put up something more informative. :--Nodiscc (talk) 02:54, 18 November 2017 (UTC)

Removal of Create a key and (self-signed) certificate section

At first, I tried following the suggested OpenSSL#Certificates section instead (as per recommendation in the banner), but found it confusing, at least in the context of setting up an Apache server. After reading OpenSSL#Certificates I still wasn't sure which output is which, had to go and check with the man pages, Apache docs and search on the internet to be certain (which defeats the purpose of having it on the wiki).

On the other hand, examples provided in current Apache HTTP Server#Create a key and (self-signed) certificate are short and to the point, relevant to Apache server configuration. server.key and server.crt output names are self-explanatory. My vote is for this section to stay as it is and provide a link to OpenSSL#Certificates for further information. Romstor (talk) 13:04, 25 September 2018 (UTC)