아파치 핵심 가이

ApacheThe Definitive Guide

HANBIT Midea, Inc., 1999. Authorized translation of the English edition, 1999OReilly & Associates, Inc. This translation is published and sold by permission ofOReilly & Associates, Inc., the owner of all rights to publish and sell the same.

OReilly () . .

Apache: The Definitive Guide

Ben Laurie & Peter LaurieBen Laurie 1978 . Ben Peter Laurie Practical Computing . Optical Character Recognition(OCR) Intelligent MarkRecognition(IMR) .

, 1996 (KLDP: Korean Linux DocumentationProject) . (), () KLDP KLDP . http://kldp.org .

5 , FreeBSD . . .

, . .

, FreeBSD Perl, PHP . , .

, . 14, 15 , 5, 7,13 , . .

, , (?) (?) . .

1999 12

................................................................................................................. 5

................................................................................................................. 11

1.

? ................................................................ 22

TCP/IP ....................................................... 24

TCP/IP ? ............................................... 27

...................................................................... 29

? ................................ 31

? ....................................................... 33

? ....................................................... 33

.............................................................. 34

.............................................................. 45

BS2000/OSD AS/400 ...................................... 48

2.

? ............................................................................ 49

................................................................................. 51

site.toddle ............................................................................................ 52

............................................................................. 53

Win32 ............................................................................ 65

3. !

: site.simple ...................................................... 71

Butterthlies, Inc. ................................................................. 75

(Block) ............................................................................... 78

........................................................................................ 82

6

......................................................... 90

.......................................................... 90

Win32 ................................................. 93

......................................................................................... 94

............................................................................ 98

HTTP .................................................................................... 102

(Options) ....................................................................................... 102

(Restart) .................................................................................... 105

.htaccess ............................................................................................. 106

CERN .................................................................................... 107

(Expirations) ........................................................................ 108

4. Common Gateway Interface (CGI)

(form) .......................................................... 111

...................................................................... 116

...................................................................................... 120

...................................................................................... 123

............................................................................... 127

................................................................................. 129

suEXEC ........................................................................... 132

(Handlers) ................................................................................. 139

(Actions) ....................................................................................... 141

5. (Authentication)

......................................................................................... 145

............................................................................................ 147

........................................................................... 151

Win32 ............................................................... 152

........................................................................................ 153

Order, Allow, Deny ................................................................. 158

...................................................................................... 162

(Anonymous Access) ......................................................... 166

......................................................................................... 169

7

.............................................................. 170

.htaccess ...................................................................... 173

(Overrides; ) ........................................................ 177

6. MIME,

MIME ............................................................................................. 181

............................................................................................ 184

................................................................................................ 185

(Type Maps) ............................................................................ 187

HTTP/1.1 ........................................................................... 190

7. (Indexing)

....................................................... 193

...................................................................... 204

(Image Maps) ...................................................................... 208

8. (Redirection)

(Rewrite) .................................................................................... 220

Speling .................................................................................................. 228

9.

......................................................................................... 229

(Caching) ...................................................................................... 232

Setup ..................................................................................................... 236

10. (SSI; Server Side Include)

................................................................................................ 243

........................................................................................ 243

................................................................................................ 244

CGI ......................................................................................... 245

(echo) ............................................................................................ 246

8

XBitHack ............................................................................................... 246

XSSI ....................................................................................................... 247

11. ?

(Status) ......................................................................................... 250

................................................................................................ 250

................................................................................................ 252

............................................................................. 252

12.

(Authentication) ........................................................................... 268

................................................................................................ 269

(Counter) ................................................................................... 269

CGI ......................................................................... 270

................................................................. 270

......................................................................................... 270

............................................................................. 271

................................................................................................ 271

URL (Rewriting) ....................................................................... 271

................................................................................................ 272

MIME Magic ......................................................................................... 272

(DSO) ............................................................................ 272

13. (Security)

..................................................................... 275

................................................................................. 277

, ....................................................................... 278

..................................................................................................... 284

............................................................................................ 288

SSL : .................................................................................... 292

-SSL ................................................................................ 305

............................................................................................ 310

SSL CGI ............................................................................................ 312

9

14. API

(Pools) .............................................................................................. 313

........................................................................................ 314

................................................................................. 316

........................................................................................ 316

........................................................................ 319

(Functions) ................................................................................... 320

15.

....................................................................................................... 372

................................................................................................ 373

............................................................................................ 375

............................................................................................ 402

......................................................................................... 418

A. echo .......................................................................................... 419

B. .................................................................... 425

................................................................................................................. 453

10

(Apache: The Definitive Guide) . . (WWW) . .

, . ( ) . . . .

. . . .

HTML , .

11

. ...

.

HTML

,

Java, Perl

.

. . . .

. 1.3 . 1998 (feature freeze) .

, ( ) .

, ? (patch) . FAQ

. .

12

Frequently Asked Questions.

. . .

CERN(European Center for Nuclear Research) (Tim Berners-Lee) . NCSA(National Center for Supercomputing Agencies) , . www.ncsa.uiuc.edu C .

NCSA . FAQ NCSA 1.3 (1995 ) .

, 1700 1900 .

. Ben Laurie .

? ? .

.

. .

. .

, 10 . .

13

CD-ROM CD-ROM Win32 .

README . Win32 . .

distributions/ Cygwin .

apache_1.3.x.tar.gz 1.3.x

apache_1_3_x.exe 1.3.x Win32

cygwin-b20/

install/

install

install.conf

installwin.conf Win32

sites/

unpacked/

apache_1.3.x 1.3.x

, , .

(Times) , , , , .

) command_rec http_config.h .

14

(Courier) , , .

) `mail [email protected] < /etc/passwd`

(Bold)

.

) % ssleay c509 -in new3cert.csr -out new3.cert.cert -req -signkey privkey.pem

#

.

) # My test document root DocumentRoot /usr/www/site.ssl/htdocs

UNIX

.

WIN32

.

.../ . . , /usr/www /usr/www/site.simple /usr/www . .../site.simple .

.../ .

15U

NIX

WIN

32

150 . .

. .

ServerAdminServerAdmin email addressServer config, virtual host

ServerAdmin . .

. .

.

1.

, , TCP/IP, HTTP, , , , , Win32

2.

, , , , site.simple

3. !

Butterthlies, Inc : HTML, ,

16

4. Common Gateway Interface (CGI)(aliases), , HTML , , CGI, C, ,

5. (Authentication) , , , DBM ,

6. MIME, , (expiration)

7. (Indexing) , ,

8. (Redirection)Alias, ScriptAlias, Rewrite

9.

10. (SSI; Server Side Include)HTML XSSI( SSI)

11. ? ,

12. , , , CGI, , URL

13. (Security) , , , , , , , (SSL), , -SSL

14. API(pool) , , , (request) ,

15. , , , , , , ID , ,

17

A. echo

echo.c

B.

API Robert S. Thau .

SSLey Eric Young, Tim Hudson .

Bryan Blank, Aram Mirzadeh,Chuck Murcko, Randy Terbush . 2 John Ackermann, GeoffMeek, Shane Owenby . OReilly Robert Denn . . Camilla von Massenbach Barbara Laurie .

18

URL , http://www.butterthlies.com . .

URL Universal Resource Locator . http://www.butterthlies.com URL .

:///

http HTTP(Hypertext Transfer Protocol) . www.butterthlies.com / . HTTP/1.1 (request) .

GET / HTTP/1.1Host: www.butterthlies.com

www.butterthlies.com 80 (HTTP ) . (URL HTTP ) GET PUT POST, DELETE CONNECT . Uniform Resource Identifier(URI)/,

19

1

. .

URL , . . . .

PC . .

?

.

(multitasking) .

. . (Unix) Win32, OS/2 .

. . . (13. ) .

. ,

. HTTP 404 .

. , . , . , ,

20

.

. GIF JPEG TIFF . PostScript dvi ...

(Proxy) . . .

- (13 )

-

. . . . , .

. , - . .

. 2.0 . 2.0 (multi-threading) / API .

1. 21

Bad Guy (hacker) . (Cracker) .

http://www.apache.org/bug_report.html . news:comp.infosystems.www.servers.unix news:comp.infosystems.www.servers.ms-windows .

? .

Win32 95/98/NT . httpd, apache.exe (background) . . , CD-ROM site.toddle . .

conf httpd.conf . .

htdocs HTML . . .

logs .

cgi-binCGI . . htdocs .

22

. httpd apache .

TCP IP . HTTP . .

. 150 (Directive) . 5~6 . (freeware). http://www.apache.org ( ) ( ) . CD . , 20 .

. . .

. (DLL) ..../apache/modules DLL .

APACHE~1 DLL 5,120 19/07/98 11:47ApacheModuleAuthAnon.dllAPACHE~2 DLL 5,632 19/07/98 11:48ApacheModuleCERNMeta.dll

1. 23W

IN3

2U

NIX

perl,python(script) CGI CGI .

.

APACHE~3 DLL 6,656 19/07/98 11:47 ApacheModuleDigest.dllAPACHE~4 DLL 6,144 19/07/98 11:48 ApacheModuleExpires.dllAPACHE~5 DLL 5,120 19/07/98 11:48 ApacheModuleHeaders.dllAPACHE~6 DLL 46,080 19/07/98 11:48 ApacheModuleProxy.dllAPACHE~7 DLL 35,328 19/07/98 11:48 ApacheModuleRewrite.dllAPACHE~8 DLL 6,656 19/07/98 11:48 ApacheModuleSpeling.dllAPACHE~9 DLL 10,752 19/07/98 11:47 ApacheModuleStatus.dllAPACH~10 DLL 6,144 19/07/98 11:48 ApacheModuleUserTrack.dll

. DLL . .

C++ 5.0 . . . 15. .

TCP/IP TCP/IP ,

. Crag Hunt, Robert BruceThompson . .

TCP/IP(Transmission Control Protocol/Internet Protocol) . (TCP, IP) . . TCP/IP , .

TCP/IP . TCP/IP 192.168.123.1 IP .

24

OReilly TCP/IP Network Administration Windows NT TCP/IP Network Administration , (Crab Book) .

WIN

32

. . 1 4 . 0-255 .

. LAN(Local Area Network) TCP/IP .

? .

0-127( 0xxxxxxx ) . A . A . 125 . A 16,777,214 .

128-191( 10xxxxxx ) . B 16,382 B 65,534 .

192-223( 110xxxxx ) C . C 2,097,150 254 .

224-255 , 0 1 .

0.x.x.x

127.x.x.x

128.0.x.x

191.255.x.x

1. 25

0 this network . RFC 791 .

1 broadcast . RFC 922 . 127.0.0.1 this machine .

192.0.0.x

223.255.255.x

(Subnet Mask) . . .

. IP . TCP/IP . (3. ! ) .

IP X Y . X Y TCP/IP .

TCP/IP . . (WAN) .

TCP/IP .

UDP(User Datagram Protocol) . . UDP .

TCP(Transmission Control Protocol) . . TCP .

26

TCP/IP ? . , ,

. (interface) IP . IP . IP (3 ).

(request) .

Network News Transfer Protocol(NNTP) :

Simple Mail Transfer Protocol(SMTP) :

Domain Name Service(DNS)

HTTP : World Wide Web

4 IP 2 . .

NNTP : 119

SMTP : 25

DNS : 53

HTTP : 80

( ) . . WWW . WWW 80 .

1024 ( root) . .

Win32 ( ) .

1. 27W

IN3

2U

NIX

. , . HTTP/1.0 . ( ). IP-intensive . HTTP/1.1 IP Host .

:

ifconfig IP IP .

IP ifconfig . (, ) . 95 FreeBSD .

IP . ( ) www.butterthlies.com, sales.butterthlies.com

28

. FreeBSD lan_setup ifconfig .

ifconfig ep0 192.168.123.2ifconfig ep0 192.168.123.3 alias netmask 0xFFFFFFFFifconfig ep0 192.168.123.4 alias

192.168.123.2 ep0 192.168.123.3 FreeBSD TCP/IP netmask 0xFFFFFFFF . 192.168.123.1 . 192.168.123.1 . . 192.168.123.2 192.168.123.3 . . .

. 192.168.123.2 IP .

: Win32

95 IP . NT TCP/IP ... IP Address . 95 IP-intensive .

.

http://www.apache.org URL . ?

http: URL HTTP . // URL (absolute) . URL . www.apache.org. IP . 204.152.144.38. ping . .

> ping -c 5 www.apache.org

% ping -c 5 www.apache.org

.

PING www.apache.org (204.152.144.38): 56 data bytes

1. 29

RFC 1808(Relative URLs), 1738(URLs).

. Win32> % . % ping% ping .

64 bytes from taz.apache.org (204.152.144.38): icmp_seq=0 ttl=247 time=1380 ms64 bytes from taz.apache.org (204.152.144.38): icmp_seq=1 ttl=247 time=1930 ms64 bytes from taz.apache.org (204.152.144.38): icmp_seq=2 ttl=247 time=1380 ms64 bytes from taz.apache.org (204.152.144.38): icmp_seq=3 ttl=247 time=1230 ms64 bytes from taz.apache.org (204.152.144.38): icmp_seq=4 ttl=247 time=1360 ms--- www.apache.org ping statistics ---5 packets transmitted,5 packets received,0% packet loss round-trip min/avg/

max = 1230/1456/1930 ms

http://www.apache.org . 80 . URL . , http://www.apache.org:8000/ URL (path) . / . /some/where/foo.html URL http://www.apache.org:8000/some/where/foo.html.

TCP IP 204.152.144.38 8000 .

GET /some/where/foo.html HTTP/1.0

(CRLF) . HTML . POST . . .

% telnet www.apache.org 80> telnet www.apache.org 80

(telnet) . .

GET /announcelist.html HTTP/1.0

CRLF . . .

30

HTTP/1.0 1.1 HTTP/1.0 .

GET /announcelist.html HTTP/1.0HTTP/1.1 200 OKDate: Sun, 15 Dec 1996 13:45:40 GMTServer: Apache/1.3Connection: closeContent-Type: text/htmlSet-Cookie: Apache=arachnet784985065755545; path=/

Join the Apache-Users Mailing List

Join the Apache-Announce Mailing List

The apache-announce mailing list has been set up toinformpeople of new code releases, bug fixes, security fixes, and generalnews and information about the Apache server. Most of thisinformation will also be posted tocomp.infosystems.www.servers.unix,but this provides a more timely way of accessing that information.The mailing list is one-way, announcements only.

To subscribe, send a message [email protected] with the words subscribeapache-announce in the body of the message. Nope, we dont have awebform for this because frankly we dont trust people to put therightaddress.

Connection closed by foreign host.

? .

? URL ( )

1. 31

URL .

. !

.

IP ( 80 ) . (standalone mode) .

inted . /etc/inted.conf . . .

. . 64 . . . 2.0 .

. . . IP . .

.

32 U

NIX

WIN

32

(thread) : .

? FreeBSD SCO

QNX . FreeBSD http://www.freebsd.org 69.95 Walnut Creek(http://www.cdrom.com) 1750 , CD-ROM . FreeBSD 69.95 .

FreeBSD CD-ROM , . (perl), (Emacs), sh ( bash ksh ) . .

. /etc .

? 1.3 1998 7 .

.

Win32 . 95 NT . , , .

1. 33

FreeBSD http://www.kr.freebsd.org .

, .

Win32 . Win32 .

1.3.1 Win32 .

.

http://www.apache.org/ . CD-ROM . gz gzip, Z compress . ( ) gzip(GNU ) . gzip CD-ROM .

.

uncompress .tar.Z

gzip -d .tar.gz

.tar . tar .

mv .tar

.

% tar xvf .tar

apache_1.3.1 . .tar . SSL . .src

34

.

GNU tar tar xzvf .tar.gz .

. README . KEYS PGP .

1.3 . configure Makefile.tmpl . GNU Autoconf . , . .

./configurecd srcmake

apache/INSTALL . . INSTALL . . . httpd . , /usr/local/apache/conf/httpd.conf /usr/local/apache/etc/httpd.conf . .

./configure --compat

.

README . . src INSTALL .

1. 35

.

ANSI C . C++ .

.../src/Configuration.tmpl Configuration Configuration .Configure Configuration Makefile Makefile.tmpl (Makefile . Configure ).

Configuration . . , , . FreeBSD .

Configuration .

# .

(Rule) Rule .

Makefile .

AddModule .

%Module .

# . .

. Configuration . .

36

httpd.conf .

Configuration . Win32 W Win32DLL WD . .

AddModule modules/standard/mod_env.oCGI .

AddModule modules/standard/mod_log_config.o(logging) .

AddModule modules/standard/mod_mime_magic.o .

AddModule modules/standard/mod_mime.o .

AddModule modules/standard/mod_negotiation.oAccept .

AddModule modules/standard/mod_status.o(WD) .

AddModule modules/standard/mod_info.o .

AddModule modules/standard/mod_include.oCGI (Server Side Include) .

AddModule modules/standard/mod_autoindex.o .

AddModule modules/standard/mod_dir.o .

AddModule modules/standard/mod_cgi.oCGI .

1. 37

.

AddModule modules/standard/mod_asis.o.asis .

AddModule modules/standard/mod_imap.o(imagemap) .

AddModule modules/standard/mod_actions.o CGI .

AddModule modules/standard/mod_speling.o .

AddModule modules/standard/mod_userdir.oV .

AddModule modules/proxy/libproxy.o . .

AddModule modules/standard/mod_alias.o URL (redirection)

AddModule modules/standard/mod_rewrite.o(WD) URI .

AddModule modules/standard/mod_access.o (Access Control) .

AddModule modules/standard/mod_auth.o .

AddModule modules/standard/mod_auth_anon.o(WD)FTP / .

AddModule modules/standard/mod_auth_db.o mod_auth_dbm.o .

AddModule modules/standard/mod_cern_meta.o(WD)CERN .

AddModule modules/standard/mod_digest.o(WD)HTTP .

38

AddModule modules/standard/mod_expires.o(WD) Expire .

AddModule modules/standard/mod_headers.o(WD)HTTP .

AddModule modules/standard/mod_usertrack.o(WD) .

AddModule modules/standard/mod_unique_id.o ID .

AddModule modules/standard/mod_so.o . .

AddModule modules/standard/mod_setenvif.o .

.

# AddModule modules/standard/mod_log_agent.oCERN . .

# AddModule modules/standard/mod_log_referer.oCERN . .

# AddModule modules/standard/mod_auth_dbm.o mod_auth_db.o . Win32 .

# AddModule modules/example/mod_example.oAPI . 14 .

. (12 ).

mod_auth_db.o mod_auth_dbm.o .

. -h .

1. 39

IfModule . . .

...

LogFormat customers: host %h, logname %l, user %u, time %t,request %r, status %s, bytes %b

...

( , ).

ClearModuleListClearModuleListServer Config

. AddModule . .

AddModuleAddModule module module ...Server Config

. Configuration AddModule .

. ( ) .

EXTRA_CFLAGS=EXTRA_LDFLAGS=

40

EXTRA_LIBS=EXTRA_INCLUDES=

Configure . .

#CC=#OPTIM=-02#RANLIB=

Configuration .Configuration .

Rule RULE=value

value .

yesConfigure .

defaultConfigure .

value .

.

STATUS yes Configure (status) . yes . yes .

SOCKS4SOCKS .http://ftp.nec.com/pub/security/socks.cstc . yes SOCKS5 EXTRA_LIBS Configure L/usr/local/lib-lsocks . , SOCKS . SOCKS SOCKS5SOCKS4 . no.

1. 41

SOCKS5SOCKS5 SOCKS4 . no .

IRIXNIS Configure SGI IRIX , NIS yes . no.

IRIXN32IRIX o32 n32 . yes.

PARANOIDConfigure . PARANOID yes . no.

Configure . http://www.apache.org/bugdb.cgi [email protected] . .

WANTHSREGEX: (regular expression) POSIX . WANTHSREGEX=no . no.

Rule WANTHSREGEX=default

src INSTALL .

% ./Configure

( FreeBSD ).

42

Using config file: ConfigurationCreating Makefile+ configured for FreeBSD platform+ setting C compiler to gcc+ Adding selected modules

o status_module uses ConfigStart/End:o dbm_auth_module uses ConfigStart/End:o db_auth_module uses ConfigStart/End:o so_module uses ConfigStart/End:

+ doing sanity check on compiler and optionsCreating Makefile in supportCreating Makefile in mainCreating Makefile in apCreating Makefile in regexCreating Makefile in os/unixCreating Makefile in modules/standardCreating Makefile in modules/proxy

.

% make

make . . , SCO .

Cannot open include file sys/socket.h

TCP/IP TCP/IP . . . Bug Report . . , .

make httpd .

% ./httpd

1. 43

.

could not open document config file/usr/local/etc/httpd/conf/httpd.conf

. . . (Configure) . .

http://www.apache.org/dist/binaries/ , .

alpha-dec-osf3.0

hppa1.1-hp-hpux

i386-slackware-linux(a.out)

i386-sun-solaris2.5

i386-unixware-svr4

i386-unknown-bsdi2.0

i386-unknown-freebsd2.1

i386-unknown-linux(ELF)

i386-unknown-netBSD

i386-unknown-sco3

i386-unknown-sco5

m68k-apple-aux3.1.1

m88k-dg-dgux5.4R2.01

m88k-next-next

mips-sgi-irix5.3

mips-sni-svr4

rs6000-ibm-aix3.2.5

sparc-sun-solaris2.4

44

sparc-sun-solaris2.5

sparc-sun-sunos4.1.4

sparc-sun-sunos4.1.3_U1

mips-dec-ultirx4.4

.

httpd /usr/local/bin .

Win32 95/98 NT .

NT . Win32 .

Win32 , make DLL . http://www.apache.org/dist .exe . c:\temp .

C:\Program Files\Apache . Win32 MS-DOS .

> cd c:\

1. 45

98 .

> dir

.

Volume in drive C has no labelVolume Serial Number is 294C-14EEDirectory of C:\apache

. 21/05/98 7:27 .

.. 21/05/98 7:27 ..DEISL1 ISU 12,818 29/07/98 15:12 DeIsL1.isuHTDOCS 29/07/98 15:12 htdocsMODULES 29/07/98 15:12 modulesICONS 29/07/98 15:12 iconsLOGS 29/07/98 15:12 logsCONF 29/07/98 15:12 confCGI-BIN 29/07/98 15:12 cgi-binABOUT_~1 12,921 15/07/98 13:31 ABOUT_APACHEANNOUN~1 3,090 18/07/98 23:50 AnnouncementKEYS 22,763 15/07/98 13:31 KEYSLICENSE 2,907 31/03/98 13:52 LICENSEAPACHE EXE 3,072 19/07/98 11:47 Apache.exeAPACHE~1 DLL 247,808 19/07/98 12:11 ApacheCore.dllMAKEFI~1 TMP 21,025 15/07/98 18:03 Makefile.tmplREADME 2,109 01/04/98 13:59 READMEREADME~1 TXT 2,985 30/05/98 13:57 README-NT.TXTINSTALL DLL 54,784 19/07/98 11:44 install.dll_DEISREG ISR 147 29/07/98 15:12 _DEISREG.ISR_ISREG32 DLL 40,960 23/04/97 1:16 _ISREG32.DLL

13 file(s) 427,389 bytes8 dir(s) 520,835,072 bytes free

Apache.exe ApacheCore.dll . .

conf .

logs .

htdocs . .

modules

46

DLL .

1.3b6 . .

Win32 README-NT.TXT .

Win32

(15 ) . Win32 (Custom Installation) .tar gz Winzip . C++ 5.0 . src . \Apache .

> nmake /f Makefile.nt _apached> nmake /f Makefile.nt installd

.

> nmake /f Makefile.nt _apacher> nmake /f Makefile.nt installr

\Apache\ .

Apache.exe

ApacheCore.dll

Modules\ApacheModule*.dll

\conf

\logs

Win32 DLL

1. 47

Win32 . LoadModule . , .

LoadModule status_module modules/ApacheModuleStatus.dll

Win32 (\) , (/) . / .

Win32 ISAPI .

BS2000/OSD AS/400 IBM 390

BS2000/OSD (Siemens Nixdorf) IBM AS 400 .

.

48

php, perl . DB / , MySQL( DB ), php, perl . HTML php . RPM, DEB , . . .

apache/httpd . .

?

. /usr/www/site.for_instance . .

conf .

htdocs, , .

logs .

150 .

49

2

. conf ( ) .

httpd -d /usr/www/site.for_instance

apache -d c:/usr/www/site.for_instance

Win32 . httpd , . Win32 .

Win32 (\) (/) . . .

. .

(site) , . .

(kill)( ) .

. . . . , .

50 U

NIX

WIN

32

httpd ( apache) .

-D name (directive) .

-d directory ServerRoot .

-f filenameServerConfig .

-C (directive) (directive) .

-c (directive) (directive) .

-v .

-V .

-h (directive) .

-l .

-S ( vhost ).

-t .

-X .

. .

2. 51U

NIX

-i NT .

-uNT .

-sNT NT . 95 . . ( 30 ).

-k shutdown|restart apache -k shutdown apache -k restart .

. apache -?( httpd -?) .

site.toddle .

site.toddle /usr/www/site.toddle . . .../site.toddle .

.../site.toddle (conf, logs,htdocs) . README .

. conf . srm.conf-dist,access.conf-dist, httpd.conf-dist .

NCSA . httpd.conf .

52 W

IN3

2

. 1.3.4 . .

README . . .

httpd , -d (

) .

% httpd -d /usr/www/site.toddle

go . /usr/local/bin .

% cat > /usr/local/bin/gohttpd -d `pwd`^d

d^ CTRL-D. . go .

go ( go .../site.toddle ).

% chmod +x /usr/local/bin/go% go

2. 53

NCSA .

. .

% ps -aux

. httpd ?

. ps -aux PID(Process IDentity) .

% kill PID

PID .../logs/httpd.pid( . PidFile ) , .

kill `cat /usr/www/site.toddle/logs/httpd.pid`

. .

httpd -d `pwd`

stop .

pwd | read pathkill `cat $path/logs/httpd.pid`

.../src/support/apachect1 . . /usr/local/bin (path) .

usage: ./apachectl(start|stop|restart|fullstatus|status|graceful|configtest|help)

starthttpd

54

ps . system V ( ) ps -aux ps -ef .

stophttpd

restartSIGHUP httpd . .

fullstatus . lynx mod_status .

status . lynx mod_status .

gracefulSIGUSR1 httpd . .

configtest .

help .

./go . logs error_log .

[]: mod_unique_id: unable to get hostbyname(myname.my.domain)

DNS . /etc/hosts .

10.0.0.2 myname.my.domain myname

10.0.0.2 IP .

. httpd .

[] - couldnt determine user name from uid

2. 55

. root . root 80 root UID -1 . nobody . FreeBSD .

Webuser Webgroup

webuser webgroup . . .FreeBSD adduser .

Enter username [a-z0-9]: webuserEnter full name[]: webuserEnter shell bash csh date no sh tcsh [csh]: noUid [some number]:Login group webuser [webuser]: webgroupLogin group is webgroup.q. Invite webuser into other

groups: guest no [no]: Enter password []: password

.

Name:webuserPassword: passwordFullname: webuserUid: some numberGroups:webgroupHOME:/home/webusershell/nonexistentOK? (y/n) [y]:

send message to webuserand: no route second_mail_address [no]:

56

.

. . /etc/passwd * .

Add anything to default message (y/n) [n]:Send message (y/n) [y]: nAdd another user? (y/n) [y]: n

OK . FreeBSD . . httpd.conf .

User webuserGroup webgroup

.

UserUser unix-useridDefault: User #-1Server config, virtual host

User UID . root . unix-userid .

Username .

#usernumber .

. httpd . . nobody . , mod_proxy (9. CacheRoot ).

2. 57

root . root root .

User Group root !

GroupGroup unix-groupDefault: Group #-1Server config, virtual host

Group GID . root . unix-gruop .

Groupname .

#groupnumber .

. nobody 100% .

httpd PID root webuser . root .

.

httpd: cannot determine local hostnameUse ServerName to set it manually.

httpd.conf .

ServerName yourmachinename

58

root .

. .../httpd/htdocs. /usr/www/site.toddle . .../site.toddle/htdocs 1.txt hullo world . httpd.conf .

DocumentRoot /usr/www/site.toddle/htdocs

.../site.toddle/conf/httpd.conf .

User webuserGroup webgroupServerName yourmachinenameDocumentRoot /usr/www/site.toddle/htdocs

httpd . . ? http://yourmachinename/ !

http HTTP /httpd.conf DocumentRoot .

DocumentRootDocumentRoot directory-filenameDefault: /usr/local/apache/htdocsServer config, virtual host

. Alias URL . ,

DocumentRoot /usr/web

http://www.my.host.com/index.html , /usr/web/index.html .

mod_dir DocumentRoot / ( , DocumentRoot /usr/web/ )

2. 59

http://127.0.0.1 http://localhost . .

. DocumentRoot (/) . DocumentRoot . KISS(Keep It Simple, Stupid!) .

Lynx FreeBSD . .

% lynx http://yourmachinename/

.

INDEX OF /* Parent Directory* 1.txt

1.txt , .

hullo world

lynx (telnet) .

% telnet yourmachinename 80

.

GET / HTTP/1.0

.

HTTP/1.0 200 OKSat, 24 Aug 1996 23:49:02 GMTServer: Apache/1.3Connection: closeContent-Type: text/html

Index of /Index of Parent Directory 1.txt

Connection closed by foreign host.

60

telnet .

HTML.

.

% ps -aux

root httpd , httpd webuser . .

root 80 , 80 . root . root . 1024 root . root . , ... ( MinSpareServers httpd.conf ) root . ( MaxSpareServers httpd.conf ) . root , PID ,

% kill PID

stop .

(Permissions)

. . read(), write(), excute(), .user(), group(), other( ). CD-ROM .../site.cgi/htdocs .

2. 61

% ls -l

-rw-rw-r-- 5 root bin 1575 Aug 15 07:45 form_summer.html

- . .

User(root) , ,

Group(bin) , ,

Other , ,

(excute) .

(other). webuser , webgroup . root bin other . .

. root, wheel . . CD-ROM root, wheel UID, GID 0 , .

root . root .

root webuser .

62

webuser , , , . webuser . , (x) . .

% chmod o+x

, . .

% chmod o+r

.

% chmod o-w

.

% chmod o+r

.

% chmod o-w

.

% chmod o+x

.

% chmod o+rx

site.toddle . . GUI . .

. .

2. 63

, 95/98/NT, (Ethernet) .

. . .

FreeBSD . FreeBSD , . 3Com .

...

1 3C5x9 board(s) on ISA found at 0x300ep0 at 0x300-0x30f irq 10 on isaep0: aui/bnc/utp[*BNC*] address 00:a0:24:4b:48:23 irq 10...

ep0 . FreeBSD (ScrollLock) / .

ep0 .

ifconfig ep0 192.168.123.2ifconfig ep0 192.168.123.3 alias netmask 0xFFFFFFFFifconfig ep0 192.168.124.1 alias

alias ifconfig IP . netmask FreeBSD (netmask OReilly TCP/IP Network Administration ).

. . FreeBSD /etc/rc.local ( ).

64

FreeBSD IP /etc/hosts .

192.168.123.2 www.butterthlies.com192.168.123.2 sales.butterthlies.com192.168.123.3 sales-not-vh.butterthlies.com192.168.124.1 www.faraway.com

www.butterthlies.com sales.butterthlies.com IP . NameVirtualHosts . site.twocopy sales-not-vh.butterthlies.com . , DNS .

Win32 TCP/IP .

95 . TCP/IP ping . ping .

>ping 127.0.0.1

TCP/IP .

Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time

>cd \Program Files\apache

NT .

>apache -i

.

>apache -u

. . .

>net start apache>net stop apache

.

95 . ,

>cd \Program Files\apache

apache.exe .

>apache -s

go.bat .

go[RETURN]

, go .

.

Apache/Syntax error on line 44 of /apache/conf/httpd.confServerRoot must be a valid directory

\Program Files\apache\conf\httpd.conf . .

66

. .

>ren httpd.conf *.cnk

srm.conf, access.conf .

>del srm.conf>del access.conf

.

Apache/fopen: No such file or directoryhttpd: could not open document config file apache/conf/httpd.conf

. .

>edit httpd.conf

.

# new config file

# . .

...

httpd: cannot determine local host nameuse ServerName to set it manually

.

ServerName your_host_name

.

>apache -sApache/_

_ .

2. 67

.

...

User webuserGroup webgroup...

, Win32 .

. It Worked! . \apache\htdocs\index.htm .

CTRL-C .

95, 1.3.3 .

apache -k shutdown

, .

apache -k restart

.

Win32

NT . Win32 NT . NT . 1.3.1 README .

1.3.1 Win32 Win32 . .

- . . .

68

- ( , ...)... . .

. Win32 . , .

Win32 .

2. 69

: site.simple . CD-ROM

. Butterthlies.Inc . . \windows\hosts /etc/hosts .

127.0.0.1 localhost192.168.123.2 www.butterthlies.com192.168.123.2 sales.butterthlies.com192.168.123.3 sales-IP.butterthlies.com192.168.124.1 www.faraway.com

localhost . localhost .

71

3

!

IP . 192.168 IP .

.

site.simple site.toddle , go .../site.toddle/conf/httpd.conf .../site.simple/conf/httpd.conf .

:

% httpd -d /usr/www/site.simple

Win32:

>apache -d c:/usr/www/site.simple

. .

. 1 ...site.simple/logs access_log . . TransferLog .

.../conf/httpd.conf .

User webuserGroup webgroupServerName localhostDocumentRoot /usr/www/site.simple/htdocsTransferLog logs/access_log

.../htdocs 1.txt .

hullo world from site.simple!

go http://www.butterthlies.com .

72

IP 127.0.0.1 .

Index of /. Parent Directory. 1.txt

1.txt .

. http://sales.butterthlies.com . ? site.simple URL IP .

IP .

192.168.123.2192.168.123.3

IP . IP IP IP . BindAddress, Listen, . .

. 100% (Reload) (Ctrl) . . Edit Preference Advanced Cache 0 . . . .

3. ! 73

IP . IP AliasingHOWTO . http://kldp.org .

? ^C . .../logs/access_log .

192.168.123.1 - - [] GET / HTTP/1.1200 177

200OK, . 177 177 . .../logs/error_log . . .

. ErrorDocument.

ErrorDocumentErrorDocument error-code documentServer config, virtual host, directory, .htaccess

.

1. .

2. .

3. URL .

4. URL .

, , ErrorDocument HTTP URL . () ( ). .

URL (/) URL . .

ErrorDocument 500 http://foo.example.com/cgi-bin/testerErrorDocument 404 /cgi-bin/bad_urls.plErrorDocument 401 /subscription_info.htmlErrorDocument 403 Sorry cant allow you access today

URL(http URL) ErrorDocument

74

. ErrorDucument 401 . HTTP .

Butterthlies, Inc. httpd.conf (.../site.first ) .

User webuserGroup webgroupServerName localhostDocumentRoot /usr/www/site.first/htdocsTransferLog logs/access_log

1 AccessConfig ResourceConfig . /dev/null( NUL) srm.conf access.conf .

User Group .

. , HTML .

Creating Net Sites , ABeginners Guide to HTML HTML .

Welcome to Butterthlies IncSummer Catalog All our cards are available in packs of 20 at $2 a pack.There is a 10% discount if you order more than 100.

3. ! 75W

IN3

2

OreillyHTML: The Definitive Guide .

Style 2315

Be BOLD on the bench

Style 2316

Get SCRAMBLED in the henhouse

Style 2317

Get HIGH in the treehouse

Style 2318

Get DIRTY in the bath

Postcards designed by [email protected]

Butterthlies Inc, Hopeful City, Nevada 99999

Rough . HTML . .

76

.../site.first/htdocs (ln) . /usr/www/main_docs catalog_summer.html .

% ln /usr/www/main_docs/catalog_summer.html .% ln /usr/www/main_docs/bench.jpg .

.../site.first/htdocs .

. .

./go http://www.butterthlies.com .

INDEX of /*Parent Directory*bath.jpg*bench.jpg*catalog_summer.html*hen.jpg*tree.jpg

index.html

. .../htdocs/index.html .

Index to Butterthlies Catalogs

Summer catalogAutumn catalog

3. ! 77U

NIX

WIN

32


catalog_autumn.html catalog_summer.htmlcatalog_autum.html .

index.html URL . DirectoryIndex . .

INDEX TO BUTTERTHLIES CATALOGS*Summer Catalog*Autumn Catalog--------------------------------------------


! (.../logs/access_log ). !

(Block) .

, , . , . . .

.

78

...

Server config

HTML . . .

....

ServerAdmin [email protected] /usr/www/site.virtual/htdocs/customersServerName www.butterthlies.comErrorLog /usr/www/site.virtual/name-based/logs/error_logTransferLog /usr/www/site.virtual/name-based/logs/access_log

...

IP HTTP 80 Port . host _default_ .

. .

. .

1. ( ) .htaccess ..htaccess .

3. ! 79

.

2. ( ).

3. .

4. .

, , . .

...

. . DocumentRoot . (wildcard) . ? (character) * , [ ] . , [a-d] a, b, c, d . ~ .

. . ,

80

OreillyMastering Regular Expressions .

(regular expressions) / . OreillyMastering Regular Expressions .

* / / .

a, b, c d .

...

. DocumentRoot . ~ . .

catalog. .

.htaccess .

...

URL . . ~ .

3. ! 81

. AllowOverride .

...

-Dname . . .

...

. ! . .

.

ServerNameServerName hostname Server config, virtual host

82

ServerName .

UseCanonicalNameUseCanonicalName on|offDefault: on Server config, virtual host, directory, .htaccess

URL . , http://www.domain.com/some/directory http://www.domain.com/some/directory/ (/ ). UseCanonicalName on ( on ) ServerName Port , off .

. http://www/somedir ( / ) UseCanonicalName on http://www.domain.com/somedir/ . UseCanonicalName off http://www/somedir/ . . (firewall) .

ServerAdminServerAdmin Server config, virtual host

. [email protected] .

3. ! 83

ServerSignatureServerSignature [off|on|email]Default: offDirectory, .htaccess

. ServerSignature ServerName .ServerSignature email ServerAdmin mailto: .

ServerTokensServerTokens [min(imal)|OS|full]Default: fullServer config

.

min(imal) . , Apache v1.3

OS . , Apache v1.3 (Linux)

full . , Apache v1.3 (Linux) PHP/3.0MyMod/1.2

ServerAliasServerAlias name1 name2 name3 ...Virtual host

ServerAlias . HTTP 1.1 Host: server ServerName, ServerAlias, VirtualHost .

84

ServerPathServerPath Virtual host

HTTP 1.1 IP Host . HTTP 1.1 Host ServerPath .

HTML . Host HTTP 1.0 .

, site1.somewhere.com site2.somewhere.com IP httpd.conf .

ServerName site1.somewhere.comDocumentRoot /usr/www/site1ServerPath /site1

ServerName site2.somewhere.comDocumentRoot /usr/www/site2ServerPath /site2

HTTP 1.1 http://site1.somewhere.comhttp://site2.somewhere.com HTTP 1.0 IP URL . ServerPath http://site1.somewhere.com/site1 http://site1.somewhere.com http://site1.somewhere.com/site2 http://site2.somewhere.com .

3. ! 85

HTTP/1.1 . HTTP/1.0 Host . .

ServerRootServerRoot Default directory: /usr/local/etc/httpdServer config

ServerRoot conf logs . -f(file) ServerRoot . -d(directory) .

PidFilePidFile Default file: logs/httpd.pidServer config

/ PID(Process ID) . PidFile PID . .../logs/httpd.pid . PID . , (kill).

ScoreBoardFileScoreBoardFile filenameDefault: ScoreBoardFile logs/apache_status Server config

ScoreBoardFile . . .

ScoreBoardFile . .

86

CoreDumpDirectoryCoreDumpDirectory directoryDefault: Server config

(core) (dump) . ServerRoot nobody ServerRoot . . .

SendBufferSizeSendBufferSize Default: set by OSServer config

TCP . .

LockFileLockFile directoryDefault: logs/accept.lockServer config

USE_FCNTL_SERIALIZED_ACCEPT USE_FLOCK_SERIALIZED_ACCEPT (lock file) . NFS .

3. ! 87U

NIX

UN

IX

/ . gdb .

. . accept() . accept() . NFS .

KeepAliveKeepAlive : 5Server config

, . (connection) . . . 2.x . 1.2 . BrowserMatch(4 ) .

KeepAliveTimeoutKeepAliveTimeout (): 15 Server config

KeepAlive ( ) . TimeOut .

88 U

NIX

TimeOutTimeOut (): 1200Server config

. . , . .

HostNameLookupsHostNameLookups [on|off|double]: off

Server config, virtual host

on IP . IP . . off IP . IP . off . IP . HostNameLookups on .

double (reverse) DNS . IP IP mod_access DNS DNS .

3. ! 89

1.3 on . .

IP IP . .

IncludeInclude Server config

.

. , . .

1. . .

2. . .

-X

. . .

MaxClientsMaxClients : 150Server config

90

. .

MaxRequestsPerChildMaxRequestsPerChild : 30Server config

( 0 ). . 100% 0 .

MaxSpareServersMaxSpareServers : 10Server config

. . . . ps top .

MinSpareServersMinSpareServers : 5Server config

. MAX_SPAWN

3. ! 91

_RATE . MAX_SPAWN_RATE 32 . (MinSpareServers) 1 . , .

StartServersStartServers : 5Server config

(MaxSpareServers ) .

1 1.3 StartServers, MinSpareServers, MaxSpareServers . . 100 MaxSpareServers 64, MinSpareServers 32 . StartServers MinSpareServers MaxSpareServers . MaxRequestPerChild . , .

. 64 (File Descriptor) . , ,

92

32 . (forking) unable to fork . .

Win32 Win32

.

ThreadsPerChildThreadsPerChild : 50Server config

Win32 . 50 . ThreadsPerChild Win32 .

3. ! 93

. . , tcsh .

: Win32 . Win32 .

site.twocopy , URL

. . IP URL .

1.2, HTTP/1.0 . , HTTP/1.0 . NameVirtualHost . IP (Name) . http://www.apache.org/docs/vhost .

HTTP/1.1 . .../site.virtual/Name-based www.butterthlies.com sales.butterthlies.com 192.168.123.2 /etc/hosts . .


NameVirtualHost 192.168.123.2

ServerAdmin [email protected] /usr/www/site.virtual/htdocs/customersServerName www.butterthlies.comErrorLog /usr/www/site.virtual/name-based/logs/error_logTransferLog /usr/www/site.virtual/name-based/logs/access_log

ServerAdmin [email protected] /usr/www/site.virtual/htdocs/salesmenServerName sales.butterthlies.comErrorLog /usr/www/site.virtual/name-based/logs/error_logTransferLog /usr/www/site.virtual/name-based/logs/access_log

94

IP NameVirtualHost. ServerName . www.butterthlies.com sales.butterthlies.com ( IP ) NameVirtualHost .

.

NameVirtual HostNameVirtualHost IP [:]Server config

NameVirtualHost IP . . IP ServerName . NameVirtualHost . NameVirtualHost IP ServerName . , IP .

IP

IP . HTTP/1.1 . ? .

3. ! 95

IP .

IP .


ServerName www.butterthlies.comServerAdmin [email protected] /usr/www/site.virtual/htdocs/customersErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log

ServerName sales.butterthlies-IP.comServerAdmin [email protected] /usr/www/site.virtual/htdocs/salesmenServerName sales.butterthlies.comErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log

http://www.butterthlies.com http://sales-IP.butterthlies.com . ( IP ) www.sales.com .

/IP

NameVirtualHost IP .


NameVirtualHost 192.168.123.2

ServerAdmin [email protected] /usr/www/site.virtual/htdocs/customersErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log

96

ServerAdmin [email protected] /usr/www/site.virtual/htdocs/salesmenServerName sales.butterthlies.comErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log

ServerAdmin [email protected] /usr/www/site.virtual/htdocs/salesmenServerName sales.butterthlies.comErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log

NameVirtualHost 192.168.123.3 .

IP . IP , , IP . 80 .

User webuserGroup webgroupListen 80Listen 8080

ServerName www.butterthlies.comServerAdmin [email protected] /usr/www/site.virtual/htdocs/customersErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log

ServerName sales-IP.butterthlies.comServerAdmin [email protected] /usr/www/site.virtual/htdocs/salesmen

3. ! 97

ServerName sales.butterthlies.comErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log

Listen 80 8080 . http://www.butterthlies.com 80 . http://www.butterthlies.com:8080 .

IP

. . , ServerType, User,TypesConfig, ServerRoot ( ) . . .

. .../site.twocopy . customerssales .

.../customers .

User webuserGroup webgroupServerName www.butterthlies.comDocumentRoot /usr/www/site.twocopy/customers/htdocsBindAddress www.butterthlies.comTransferLog logs/access_log

.../sales .

User webuserGroup webgroupServerName sales.butterthlies.com

98

DocumentRoot /usr/www/site.twocopy/sales/htdocsListen sales-not-vh.butterthlies.com:80TransferLog logs/access_log

sales-not-vh.butterthlies.com . URL . .

BindAddressBindAddress : anyServer config

IP IP .

PortPort : 80Server config

BindAddress Listen Port . BindAddress Listen .

URL (ServerName, UseCanonicalName ) . .

ListenListen : Server config

Listen IP . IP Port

3. ! 99

. IP .

Listen . BindAddress 80 Port . Listen BindAddress .

.

ListenBacklogListenBacklog : 511Server config

(queue) . TCP SYN . ListenBacklog . . listen(2) backlog .

DocumentRoot , ErrorLog , TransferLog . 11 .

ServerTypeServerType [inetd|standalone]: standaloneServer config

ServerType . inetd standalone.

inetd .

100

. . . inetd /etc/inetd.conf .

http stream tcp nowait root /usr/local/bin/httpd httpd -d directory

standalone .

, . DocumentRoot . , ( ).

go . http://www.butterthlies.com sales.butterthlies.com .

.../sales/htdocs .../customers/htdocs . index.html .

SALESMEN Index to Butterthlies Catalogs

catalog_summer.html .

Welcome to the great rip-off of 97: Butterthlies IncAll our worthless cards are available in packs of 20 at $1.95 apack. WHAT A FANTASTIC DISCOUNT! There is an amazing FURTHER 10%discount if you order more than 100. ...

(FreeBSD ALT-F1 ) .../customers .

% ./go

. .../sales .

% ./go

3. ! 101

X- Ctrl-ALT-F1 . .

http://www.butterthlies.com http://sales.butterthlies.com . (?) !

HTTP HTTP

. . .

HeaderNameHeaderName [set|add|unset|append] HTTPHeaderName remove HTTPAnywhere

HeaderName . set, add, unset append . , , .

(Options)Options ...Default: AllServer config, virtual host, directory, .htaccess

Options . . .

102

AllMultiViews, IncludesNOEXEC, SymLinksIfOwnerMatch(All FollowSymLinks SymLinksIfOwnerMatch ) .

ExecCGICGI .

( ln -s ) (SSI) (10 ).

FollowSymLinks .

Includes (SSI) SSI .

IncludesNOEXEC #exec, #include CGI .

Indexes URL index.html (, ) (7 ).

MultiViews . AddLanguage (6 ).

SymLinksIfOwnerMatch ( )

+- . , Indexes ExecCGI .

Options +Indexes -ExecCGI

All . MultiViews . All .

3. ! 103

.../htdocs index.html .../htdocs .

User WebuserGroup WebgroupServerName www.butterthlies.comDocumentRoot /usr/www/site.ownindex/htdocs

,

Options ExecCGI

.

FORBIDDENYou dont have permission to access / on this server

Options All . ExecCGI Indexes . .

Options +ExecCGI

+- . ,

Options ExecCGIOptions Indexes

Indexes . .

Options Indexes FollowSymLinks

Options Includes

/web/docs/specs Includes .

104

FollowSymLinks, SymLinksIfOwnerMatch

(hard link) bench.jpg, hen.jpg, bath.jpg,tree.jpg /usr/www/main_docs . (soft link) . ln-s .

. Fred .../fred/public_html . .../cgi-bin fido webuser CGI , webuser . . webuser . Fred . CGI .

Fred fido ? . . Fred fido webuser .

Options All FollowSymLinks . FollowSymLinksIfOwnerMatch . .

(Restart)

. .

3. ! 105

. .

.

.

% kill PID% httpd [flags]

HUP .

% kill -HUP PID

-USR1 . . .

% kill -USR1 PID

.

#!/bin/shkill -USR1 `cat logs/httpd.pid`

Win32 .

apache -k shutdown|restart

2 .

.htaccess .htaccess .

.../htdocs .

106 U

NIX

WIN

32

. . AllowOverride .htaccess .

.htaccess . .

order allow,denydeny from all

CERN (metafile) Refresh

. .

MetaFilesMetaFiles [on|off]: offDirectory

.

MetaDirMetaDir : .webDirectory

. . .

3. ! 107

MetaSuffixMetaSuffix : .metaDirectory

.

DOCUMENT_ROOT/mydir/fred.html DOCUMENT_ROOT/mydir/fred.html.meta .

(Expirations) 1.2 mod_expires expires .

. .

ExpiresActiveExpiresActive [on|off]Anywhere, .htaccess when AllowOverride Indexes

ExpiresActive / .

ExpiresByTypeExpiresByType (MIME) Anywhere, .htaccess when AllowOverride Indexes

ExpiresByType MIME . .

()

108

.

A (now )

M

.

A565656

565656 .

.

[plus] [ ...]

.

Access

nowaccess

Modification

plus .

years

months

weeks

days

hours

minutes

seconds

,

now plus 1 day 4 hours

.

3. ! 109

ExpiresDefaultExpiresDefault Anywhere, .htaccess when AllowOverride Indexes

ExpireByType .

110

butterthlies . .

! . ? . . . .

(form) .

. .

HTTP ?

HTTP(HyperText Transmission Protocol) . HTTP TCP . (

111

4Common Gateway

Interface(CGI)

) ( ) TCP HTTP . . , . HTML , , VRML, Java TCP/IP . MIME mime.types , http://www.isi.edu/in-notes/iana/assignments/media-types/media-types . . text/html HTML text/plain image/jpeg JPEG ... .

HTTP (method) ?

METHOD. . HTTP/1.1 .

GET . GET . , GET .

HEADGET . . .

POST CGI URL ACTION . , . POST .

112

URL .

HTML ACTION .

PUT .

DELETE .

TRACE .

CONNECT . SSL .

. RFC 2068 .

(form)

.

Win32 CGI .

.

chmod +x

Win32 COMMAND.COM .bat . ( ).

4. Common Gateway Interface(CGI) 113U

NIX

WIN

32

Welcome to Butterthlies IncSummer Catalog All our cards are available in packs of 20 at $2 a pack.There is a 10% discount if you order more than 100.

Style 2315

Be BOLD on the bench

How many packs of 20 do you want?

Style 2316

Get SCRAMBLED in the henhouse


Style 2317

Get HIGH in the treehouse


Style 2318

Get DIRTY in the bath


Which Credit Card are you using?Access

114

Amex MasterCard

Your card number?

Postcards designed by [email protected]


>/body>

.

. CGI . mycgi.cgi .

ACTION /cgi-bin/mycgi.cgi(/usr/www/cgi-bin/mycgi.cgi ) URL .

ACTION=/cgi-bin/mycgi.cgi

htdocs CGI .

ACTION=/mycgi.cgi

ACTION /cgi-bin/mycgi.cgi(\usr\www\cgi-bin\mycgi.cgi ) URL .

ACTION=/cgi-bin/mycgi.bat


NIX

WIN

32

, htdocs CGI .

ACTION=/mycgi.bat

CGI .

. , .

You dont have permission to access /cgi-bin/mycgi on this server

.

ScriptAlias . . Security byobscurity .

cgi-script Addhandler Sethandler . CGI htdocs .

ScriptAlias Options ExecCGI . . .

. .../cgi-bin .../site.cgi/htdocs mycgi.cgi C .

mycgi.cgi .

#!/bin/shecho content-type: text/plainechoecho Have a nice day

116 W

IN3

2U

NIX

Win32 COMMAND.COM mycgi.bat , . .

@echo offecho content-type: text/plainecho.echo Have a nice day

@echo off . . echo. , echo

ECHO is off .

bash perl (?) .

#! ...

CGI (header) (body) . ( CRLF CRLF. LF LF ) . LF CRLF . CGI 1.1 .

The CGI header fields have the generic syntax:

generic-header = field-name :[ field-value ] NLfield-name = 1*field-value = *( field-content | LWSP )field-content = *( token | tspecial | quoted-string )

The field-name is not case sensitive; a NULL field value isequivalent to the header field not being sent.

Content-TypeThe Internet Media Type [9] of the entity body, which is to be sent unmodified to the client.

Content-Type = Content-Type:media-type NLThis is actually an HTTP-Header rather than a CGI-headerfield, but it is listed here because of its importance in the

CGI dialogue as a member of the one of these is requiredset of header fields.

LocationThis is used to specify to the server that the script is

4. Common Gateway Interface(CGI) 117W

IN3

2

returning a reference to a document rather than an actualdocument.

Location = Location:( fragment-URI | rel-URL-abs-path ) NL

fragment-URI = URI [ # fragmentid ]URI = scheme :*qcharfragmentid = *qcharrel-URL-abs-path = /[ hpath ] [ ?query-string ]hpath = fpsegment *( /psegment )fpsegment = 1*hcharpsegment = *hcharhchar = alpha | digit | safe | extra

| :| @| & | =

sh Content-Type . .

( mime.types AddType ).

CGI .

Content-Type . text/plain . .

The server encountered an internal error or misconfiguration andwas unable to complete your request

echo .

Butterthlies form_summer.html . .

cgi-bin

cgi-bin .../site.cgi/conf/httpd.conf .

118

User webuserGroup webgroupServerName www.butterthlies.comDocumentRoot /usr/www/site.cgi/htdocsScriptAlias /cgi-bin /usr/www/cgi-bin

.../site.cgi/htdocs/form_summmer.html .

CGI . Butterthlies CGIHave a nice day..

CGI cgi-bin .

DocumentRoot

HTML . CGI 100% . , . . . CGI .

mycgi.cgi .../site.cgi/htdocs .

User webuserGroup webgroupServerName www.butterthlies.comDocumentRoot /usr/www/site.cgi/htdocsAddHandler cgi-script cgi

AddHandler cgi . .

4. Common Gateway Interface(CGI) 119

http://www.butterthlies.com/form_summer.html .

CGI .

ScriptAliasScriptAlias URL Server config, virtual host

ScriptAlias URL CGI . , URLpath/fred /directory/fred CGI . . . .

ScriptAlias CGI . URLpath/fred/some/where/else URL directory/fred /some/where/else PATH_INFO . . URL

? CGI (caching) . CGI . CGI ( ).

ScriptAliasMatchScriptAliasMatch Server config, virtual host

120

ScriptAlias . . URL . , /cgi-bin .

ScriptAliasMatch ^/cgi-bin/(.*) /usr/local/apache/cgi-bin/$1

ScriptLogScriptLog : no loggingResource config

CGI CGI . CGI . .

ScriptLogLengthScriptLogLength : 10385760Resource config

. .

ScriptLogBufferScriptLogBuffer : 1024Resource config

POST .


. 10MB 10485760.

. .

RLimitCPURLimitCPU # | max[# | max]: OS Server config, virtual host

RLimitCPU max . () (soft resource limit), (hard resource limit).

RLimitMEMRLimitMEM # | max[# | max]: OS Server config, virtual host

RLimitMEM max . () (soft resource limit), (hard resource limit).

RLimitNPROCRLimitNPROC # | max[# | max]: OS Server config, virtual host

RLimitPROC max . (soft resource limit), (hard resource limit).

122

. rlimit .

UN

IX

Submit Query (?)

.

Have a nice day

ACTION mycgi.cgi mycgi.cgi .

mycgi.cgi CGI . env . Win32 set . Win32 echo . new1 .

#!/bin/shecho content-type: text/plainechoenv

echo content-type: text/plaintype newlechoset

.

GATEWAY_INTERFACE=CGI/1.1CONTENT_TYPE=application/x-www-form-urlencodedREMOTE_HOST=192.168.123.1REMOTE_ADDR=192.168.123.1QUERY_STRING=DOCUMENT_ROOT=/usr/www/site.cgi/htdocsHTTP_USER_AGENT=Mozilla/3.0b7 (Win95; I)HTTP_ACCEPT=image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,*/*HTTP_ACCEPT_LANGUAGE=CONTENT_LENGTH=74SCRIPT_FILENAME=/usr/www/cgi-bin/mycgiHTTP_HOST=www.butterthlies.comSERVER_SOFTWARE=Apache/1.3HTTP_PRAGMA=no-cache


NIX

UN

IXW

IN3

2

HTTP_CONNECTION=Keep-AliveHTTP_COOKIE=Apache=192257840095649803

PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/binHTTP_REFERER=http://www.butterthlies.com/form_summer.htmlSERVER_PROTOCOL=HTTP/1.0REQUEST_METHOD=POSTSERVER_ADMIN=[no address given]SERVER_PORT=80SCRIPT_NAME=/cgi-bin/mycgiSERVER_NAME=www.butterthlies.com

mod_unique_id UNIQUE_ID .

UNIQUE_ID==NWG7@QoAAAIBkwAADYY

mycgi.cgi .

CGI . Location . URL . .../cgi-bin/location.cgi .

#!/bin/shecho content-type: text/plain# run some program to gather informationecho Location: http://192.168.123.2echo

mycgi.cgi location.cgi Submit .

mycgi C . . . , . HTML . OK , . HTML .

124

.

. echo2.c echo.c , . A. echo .

echo.c

echo HTML HTML . echo myecho . myecho.c .

#include #include #define MAX_ENTRIES 10000typedef struct

{char *name;char *val;} entry;

char *makeword(char *line, char stop);char *fmakeword(FILE *f, char stop, int *len);char x2c(char *what);void unescape_url(char *url);void plustospace(char *str);

int main(int argc, char *argv[]){entry entries[MAX_ENTRIES];register int x,m=0;int cl;char mbuf[200];

.

printf(Content-type: text/html\n\n);

HTML . MIME . . \n\n .

if(strcmp(getenv(REQUEST_METHOD),POST))


. CGI GET PUT , .

1=1&2=2&...

GET QUERY_STRING . POST fgetc() ( A echo2.c ).

.

{printf(This script should be referenced with a METHOD of

POST.\n);exit(1);}

if(strcmp(getenv(CONTENT_TYPE),application/x-www-form-urlencoded)){printf(This script can only be used to decode form results.

\n);exit(1);}

cl = atoi(getenv(CONTENT_LENGTH));

& .

for(x=0;cl && (!feof(stdin));x++) {m=x;

entries[x].val = fmakeword(stdin,&,&cl);plustospace(entries[x].val);unescape_url(entries[x].val);entries[x].name = makeword(entries[x].val,=);}

HTML .

printf(Query Results);

.

printf(You submitted the following name/value pairs:%c,10);printf(%c,10);

for(x=0; x

printf( %s = %s%c,entries[x].name,entries[x].val,10);

printf(%c,10);}

myecho.c mycgi . .

QUERY RESULTSYou submitted the following name/value pairs:* 2315_order=20* 2316_order=10* 2317_order=* 2318_order=* card_type=Amex* card_num=1234567

myecho.c , . ? .

CGI

. . .

CGI::Carp . . . .


myecho HTML .

(language) . .

. . . CGI QUERY_STRING PATH_INFO . mycgi debug.cgi .

#!/bin/shQUERY_STRING=2315_order=20&2316_order=10&card_type=Amexexport QUERY_STRINGgdb myecho

.

chmod +x debug.cgi./debug.cgi

gdb r .

POST , REQUEST_METHOD POST QUERY_STRING . (query string) . REQUEST_METHOD GET . POST .

#!/bin/shREQUEST_METHOD=POSTexport REQUEST_METHODmyecho

(query) . & . & POST .

.

. SetEnv PassEnv .

SetEnvSetEnv Server config, virtual hosts

CGI . . VHOST .

SetEnv VHOST customers...

SetEnv VHOST salesmen...

UnsetEnv UnsetEnv ...Server config, virtual hosts

.

PassEnvPassEnv


CGI . .

PassEnv OSTYPE

OSTYPE , .

. . .

( ) . . .

SetEnvIf SetEnvIfNoCaseSetEnvIf [=] [..] SetEnvIfNoCase [=] [..]

Host, User-Agent, Referer HTTP .

Remote_Host

Remote_Addr IP

130

.

Remote_User

Request_MethodGET, POST

Request_URIURL

NoCase .

BrowserMatch BrowserMatchNoCaseBrowserMatch 1[=1] 2[=2] ...BrowserMatchNoCase 1[=1] 2[=2] ...

User-Agent . .

BrowserMatch ^Mozilla/[23] tables=3 java

^ Mozilla/2 Mozilla/3 . .

tables=3java

CGI .

BrowserMatchNoCase BrowserMatch . mOZILLA MoZiLlA .

BrowserMatch SetEnvIf User-Agent .BrowserMatch .

. . .


nokeepalive 3 KeepAlive .

( ) KeepAlive .

BrowserMatch Mozilla/2nokeepalive

force-response-1.0HTTP/1.0 HTTP/1.0 .

HTTP/1.1 . .

BrowserMatch RealPlayer4\.0force-response-1.0BrowserMatch Java/1\.0force-response-1.0BrowserMatch JDK/1\.0force-response-1.0

downgrade-1.0 HTTP/1.1 HTTP/1.0 . MS

4.02b2 downgrade-1.0 .

BrowserMatch MSIE 4\.0b2; nokeepalive downgrade-1.0 force-response-1.0

suEXECCGI

. (wrapper) CGI . .

132

.

. . . CGI .

suEXEC . suEXEC , , . suEXEC .

suEXEC suEXEC . . suEXEC . . suEXEC . http://www2.idiscover.co.uk/apache/docs/suexec.html .

site.suexec suEXEC support suexec.h . /**CHANGED**/ .

/** HTTPD_USER -- Define as the username under which Apache normally* runs. This is the only user allowed to execute* this program.*/#ifndef HTTPD_USER#define HTTPD_USER webuser /**CHANGED**/#endif/** UID_MIN -- Define this as the lowest UID allowed to be a target user* for suEXEC. For most systems, 500 or 100 is common.*/#ifndef UID_MIN#define UID_MIN 100#endif

root, daemon, lp UID . 100 UID100 .


/** GID_MIN -- Define this as the lowest GID allowed to be a target

group* for suEXEC. For most systems, 100 is common.*/#ifndef GID_MIN#define GID_MIN 100 // see UID above#endif

.

/* * USERDIR_SUFFIX -- Define to be the subdirectory under users

* home directories where suEXEC access should* be allowed. All executables under this directory* will be executable by suEXEC as the user so * they should be safeprograms. If you are * using a simpleUserDir directive (ie. one * without a *in it) this should be set to * the same value. suEXEC will not work properly* in cases where the UserDir directive points to * a location that is not the same as the users* home directory as referenced in the passwd file.*

* If you have VirtualHosts with a different* UserDir for each, you will need to define them to* all reside in one parent directory; then name that* parent directory here. IF THIS IS NOT DEFINED* PROPERLY, ~USERDIR CGI REQUESTS WILL NOT WORK!* See the suEXEC documentation for more detailed* information.*/#ifndef USERDIR_SUFFIX#define USERDIR_SUFFIX /usr/www/cgi-bin /**CHANGED**/#endif/** LOG_EXEC -- Define this as a filename if you want all suEXEC* transactions and errors logged for auditing and* debugging purposes.*/#ifndef LOG_EXEC#define LOG_EXEC /usr/www/suexec.log /**CHANGED**/#endif/** DOC_ROOT -- Define as the DocumentRoot set for Apache. This* will be the only hierarchy (aside from UserDirs)* that can be used for suEXEC behavior.

134

*/#ifndef DOC_ROOT#define DOC_ROOT /usr/www/site.suexec/htdocs /**CHANGED**/#endif/** SAFE_PATH -- Define a safe PATH environment to pass to CGI

executables.*

*/#ifndef SAFE_PATH#define SAFE_PATH /usr/local/bin:/usr/bin:/bin#endif

.

make suexec

( /usr/local/bin ).

cp suexec /usr/local/bin suexec .

.

chown root /usr/local/bin/suexecchmod 4711 /usr/local/bin/suexec

suEXEC root setUID .

suexec .../src/include/httpd.h.

/* The path to the suExec wrapper; can be overridden in Configuration*/#ifndef SUEXEC_BIN#define SUEXEC_BIN /usr/local/bin/suexec /**CHANGED**/#endif

.

#define SUEXEC_BIN HTTPD_ROOT /sbin/suexec

HTTPD_ROOT . , /usr/local/apache . .../src .


makecp httpd /usr/local/bin

. .../logs/error_log .

suEXEC mechanism enabled (wrapper: /usr/local/bin/suexec)

suEXEC .

suEXEC suexec.root .

suEXEC CGI (SSI) , suexec.log (suexecx.h , LOG_EXEC ) . suEXEC suEXEC . . . .

/.. ? .

? UID tar cpio UID .

? UID .

root ? suEXEC root CGI .

suexec.h UID ? UID root . , lpd UID .

136

1.3.1 LogLevel debug .

? suEXEC .

UID GID ?

DocumentRoot UserDir ?

?

?

?

setuid setgid ?

?

. .

suEXEC . PATH suexec.h SAFE_PATH . .../src/support/suexec.c safe_env_list . CGI . SetEnv PassEnv suEXEC suexec.c .

suEXEC

root . suEXEC Peter , badcgi.cgi . badcgi.cgi /usr/victim/victim1 . badcgi.cgi webuser webgroup . Peterwebuser webgroup badcgi.cgi . (suEXEC ) .

Peter /home/peter .

conf


logspublic_html

go .

httpd -d /home/peter

.

User webuserGroup webgroupServerName www.butterthlies.comServerAdmin [email protected] public_htmlAddHandler cgi-script cgi

, . webuser webgroup webuser webgroup . Peter http://www.butterthlies.com/~peter . UserDir public_html .

Peter form_summer.html public_html . ! ACTION=mycgi.cgi badcgi.cgi .

#!/bin/shecho content-type: text/plainechorm -f /usr/victim/victim1

victim1 . root .

chown webuser:webgroup /usr/victimchown webuser:webgroup /usr/victim/victim1

Peter badcgi.cgi .

./badcgi.cgirm: /usr/victim/victim1: Permission denied

138

. ,

/home/peter/go

http://www.butterthlies.com/~peter form_summer.html Submit , .

Document contains no data

. badcgi.cgi webuser webgroup /usr/victim (victim1 ) .

suEXEC . victim1 . suEXEC.not suEXEC (.../logs/error_log suEXEC ) Submit .

Internal Server ErrorThe server encountered an internal error or misconfiguration andwas unable to complete your request.Please contact the server administrator, [email protected] andinform them of the time the error occurred, and anythingyou might have done that may have caused the error.

!

[Tue Sep 15 13:42:53 1998] [error] malformed header from script.Bad header=suexec running: /home/peter/public_html/badcgi.cgi

(Handlers) MIME .

, cgi-script CGI . .../site.filter .

Actions . .


send-as-isHTTP (mod_asis).

cgi-script (mod_cgi). Options ExecCGI .

imap-file (imagemap) (mod_imap).

server-info (mod_info).

server-status (mod_status).

server-parsed (SSI) (mod_include). Options Includes .

type-map type map (6 ) (mod_negotiation).

isapi-isa ( Win32 only) URL ISA DLL . OptionsExecCGI ISA .

.

AddHandlerAddHandler ...Server config, virtual host, directory, .htaccess

AddHandler . , cgi bzq CGI .

AddHandler cgi-script cgi bzq

140 W

IN3

2

SetHandlerSetHandler Directory, .htaccess

AddHandler , ,.htaccess . , 11 .

order deny, allowallow from 192.168.123.1deny from all

SetHandler server-status

(Actions) . CGI

.

A

아파치 핵심 가이

Documents