아파치 핵심 가이
TRANSCRIPT
-
ApacheThe Definitive Guide
-
HANBIT Midea, Inc., 1999. Authorized translation of the English edition, 1999OReilly & Associates, Inc. This translation is published and sold by permission ofOReilly & Associates, Inc., the owner of all rights to publish and sell the same.
OReilly () . .
-
Apache: The Definitive Guide
-
Ben Laurie & Peter LaurieBen Laurie 1978 . Ben Peter Laurie Practical Computing . Optical Character Recognition(OCR) Intelligent MarkRecognition(IMR) .
, 1996 (KLDP: Korean Linux DocumentationProject) . (), () KLDP KLDP . http://kldp.org .
-
5 , FreeBSD . . .
, . .
, FreeBSD Perl, PHP . , .
, . 14, 15 , 5, 7,13 , . .
, , (?) (?) . .
1999 12
-
................................................................................................................. 5
................................................................................................................. 11
1.
? ................................................................ 22
TCP/IP ....................................................... 24
TCP/IP ? ............................................... 27
...................................................................... 29
? ................................ 31
? ....................................................... 33
? ....................................................... 33
.............................................................. 34
.............................................................. 45
BS2000/OSD AS/400 ...................................... 48
2.
? ............................................................................ 49
................................................................................. 51
site.toddle ............................................................................................ 52
............................................................................. 53
Win32 ............................................................................ 65
3. !
: site.simple ...................................................... 71
Butterthlies, Inc. ................................................................. 75
(Block) ............................................................................... 78
........................................................................................ 82
6
-
......................................................... 90
.......................................................... 90
Win32 ................................................. 93
......................................................................................... 94
............................................................................ 98
HTTP .................................................................................... 102
(Options) ....................................................................................... 102
(Restart) .................................................................................... 105
.htaccess ............................................................................................. 106
CERN .................................................................................... 107
(Expirations) ........................................................................ 108
4. Common Gateway Interface (CGI)
(form) .......................................................... 111
...................................................................... 116
...................................................................................... 120
...................................................................................... 123
............................................................................... 127
................................................................................. 129
suEXEC ........................................................................... 132
(Handlers) ................................................................................. 139
(Actions) ....................................................................................... 141
5. (Authentication)
......................................................................................... 145
............................................................................................ 147
........................................................................... 151
Win32 ............................................................... 152
........................................................................................ 153
Order, Allow, Deny ................................................................. 158
...................................................................................... 162
(Anonymous Access) ......................................................... 166
......................................................................................... 169
7
-
.............................................................. 170
.htaccess ...................................................................... 173
(Overrides; ) ........................................................ 177
6. MIME,
MIME ............................................................................................. 181
............................................................................................ 184
................................................................................................ 185
(Type Maps) ............................................................................ 187
HTTP/1.1 ........................................................................... 190
7. (Indexing)
....................................................... 193
...................................................................... 204
(Image Maps) ...................................................................... 208
8. (Redirection)
(Rewrite) .................................................................................... 220
Speling .................................................................................................. 228
9.
......................................................................................... 229
(Caching) ...................................................................................... 232
Setup ..................................................................................................... 236
10. (SSI; Server Side Include)
................................................................................................ 243
........................................................................................ 243
................................................................................................ 244
CGI ......................................................................................... 245
(echo) ............................................................................................ 246
8
-
XBitHack ............................................................................................... 246
XSSI ....................................................................................................... 247
11. ?
(Status) ......................................................................................... 250
................................................................................................ 250
................................................................................................ 252
............................................................................. 252
12.
(Authentication) ........................................................................... 268
................................................................................................ 269
(Counter) ................................................................................... 269
CGI ......................................................................... 270
................................................................. 270
......................................................................................... 270
............................................................................. 271
................................................................................................ 271
URL (Rewriting) ....................................................................... 271
................................................................................................ 272
MIME Magic ......................................................................................... 272
(DSO) ............................................................................ 272
13. (Security)
..................................................................... 275
................................................................................. 277
, ....................................................................... 278
..................................................................................................... 284
............................................................................................ 288
SSL : .................................................................................... 292
-SSL ................................................................................ 305
............................................................................................ 310
SSL CGI ............................................................................................ 312
9
-
14. API
(Pools) .............................................................................................. 313
........................................................................................ 314
................................................................................. 316
........................................................................................ 316
........................................................................ 319
(Functions) ................................................................................... 320
15.
....................................................................................................... 372
................................................................................................ 373
............................................................................................ 375
............................................................................................ 402
......................................................................................... 418
A. echo .......................................................................................... 419
B. .................................................................... 425
................................................................................................................. 453
10
-
(Apache: The Definitive Guide) . . (WWW) . .
, . ( ) . . . .
. . . .
HTML , .
11
-
. ...
.
HTML
,
Java, Perl
.
. . . .
. 1.3 . 1998 (feature freeze) .
, ( ) .
, ? (patch) . FAQ
. .
12
Frequently Asked Questions.
-
. . .
CERN(European Center for Nuclear Research) (Tim Berners-Lee) . NCSA(National Center for Supercomputing Agencies) , . www.ncsa.uiuc.edu C .
NCSA . FAQ NCSA 1.3 (1995 ) .
, 1700 1900 .
. Ben Laurie .
? ? .
.
. .
. .
, 10 . .
13
-
CD-ROM CD-ROM Win32 .
README . Win32 . .
distributions/ Cygwin .
apache_1.3.x.tar.gz 1.3.x
apache_1_3_x.exe 1.3.x Win32
cygwin-b20/
install/
install
install.conf
installwin.conf Win32
sites/
unpacked/
apache_1.3.x 1.3.x
, , .
(Times) , , , , .
) command_rec http_config.h .
14
-
(Courier) , , .
) `mail [email protected] < /etc/passwd`
(Bold)
.
) % ssleay c509 -in new3cert.csr -out new3.cert.cert -req -signkey privkey.pem
#
.
) # My test document root DocumentRoot /usr/www/site.ssl/htdocs
UNIX
.
WIN32
.
.../ . . , /usr/www /usr/www/site.simple /usr/www . .../site.simple .
.../ .
15U
NIX
WIN
32
-
150 . .
. .
ServerAdminServerAdmin email addressServer config, virtual host
ServerAdmin . .
. .
.
1.
, , TCP/IP, HTTP, , , , , Win32
2.
, , , , site.simple
3. !
Butterthlies, Inc : HTML, ,
16
-
4. Common Gateway Interface (CGI)(aliases), , HTML , , CGI, C, ,
5. (Authentication) , , , DBM ,
6. MIME, , (expiration)
7. (Indexing) , ,
8. (Redirection)Alias, ScriptAlias, Rewrite
9.
10. (SSI; Server Side Include)HTML XSSI( SSI)
11. ? ,
12. , , , CGI, , URL
13. (Security) , , , , , , , (SSL), , -SSL
14. API(pool) , , , (request) ,
15. , , , , , , ID , ,
17
-
A. echo
echo.c
B.
API Robert S. Thau .
SSLey Eric Young, Tim Hudson .
Bryan Blank, Aram Mirzadeh,Chuck Murcko, Randy Terbush . 2 John Ackermann, GeoffMeek, Shane Owenby . OReilly Robert Denn . . Camilla von Massenbach Barbara Laurie .
18
-
URL , http://www.butterthlies.com . .
URL Universal Resource Locator . http://www.butterthlies.com URL .
:///
http HTTP(Hypertext Transfer Protocol) . www.butterthlies.com / . HTTP/1.1 (request) .
GET / HTTP/1.1Host: www.butterthlies.com
www.butterthlies.com 80 (HTTP ) . (URL HTTP ) GET PUT POST, DELETE CONNECT . Uniform Resource Identifier(URI)/,
19
1
-
. .
URL , . . . .
PC . .
?
.
(multitasking) .
. . (Unix) Win32, OS/2 .
. . . (13. ) .
. ,
. HTTP 404 .
. , . , . , ,
20
-
.
. GIF JPEG TIFF . PostScript dvi ...
(Proxy) . . .
- (13 )
-
. . . . , .
. , - . .
. 2.0 . 2.0 (multi-threading) / API .
1. 21
Bad Guy (hacker) . (Cracker) .
-
http://www.apache.org/bug_report.html . news:comp.infosystems.www.servers.unix news:comp.infosystems.www.servers.ms-windows .
? .
Win32 95/98/NT . httpd, apache.exe (background) . . , CD-ROM site.toddle . .
conf httpd.conf . .
htdocs HTML . . .
logs .
cgi-binCGI . . htdocs .
22
. httpd apache .
-
TCP IP . HTTP . .
. 150 (Directive) . 5~6 . (freeware). http://www.apache.org ( ) ( ) . CD . , 20 .
. . .
. (DLL) ..../apache/modules DLL .
APACHE~1 DLL 5,120 19/07/98 11:47ApacheModuleAuthAnon.dllAPACHE~2 DLL 5,632 19/07/98 11:48ApacheModuleCERNMeta.dll
1. 23W
IN3
2U
NIX
perl,python(script) CGI CGI .
.
-
APACHE~3 DLL 6,656 19/07/98 11:47 ApacheModuleDigest.dllAPACHE~4 DLL 6,144 19/07/98 11:48 ApacheModuleExpires.dllAPACHE~5 DLL 5,120 19/07/98 11:48 ApacheModuleHeaders.dllAPACHE~6 DLL 46,080 19/07/98 11:48 ApacheModuleProxy.dllAPACHE~7 DLL 35,328 19/07/98 11:48 ApacheModuleRewrite.dllAPACHE~8 DLL 6,656 19/07/98 11:48 ApacheModuleSpeling.dllAPACHE~9 DLL 10,752 19/07/98 11:47 ApacheModuleStatus.dllAPACH~10 DLL 6,144 19/07/98 11:48 ApacheModuleUserTrack.dll
. DLL . .
C++ 5.0 . . . 15. .
TCP/IP TCP/IP ,
. Crag Hunt, Robert BruceThompson . .
TCP/IP(Transmission Control Protocol/Internet Protocol) . (TCP, IP) . . TCP/IP , .
TCP/IP . TCP/IP 192.168.123.1 IP .
24
OReilly TCP/IP Network Administration Windows NT TCP/IP Network Administration , (Crab Book) .
WIN
32
-
. . 1 4 . 0-255 .
. LAN(Local Area Network) TCP/IP .
? .
0-127( 0xxxxxxx ) . A . A . 125 . A 16,777,214 .
128-191( 10xxxxxx ) . B 16,382 B 65,534 .
192-223( 110xxxxx ) C . C 2,097,150 254 .
224-255 , 0 1 .
0.x.x.x
127.x.x.x
128.0.x.x
191.255.x.x
1. 25
0 this network . RFC 791 .
1 broadcast . RFC 922 . 127.0.0.1 this machine .
-
192.0.0.x
223.255.255.x
(Subnet Mask) . . .
. IP . TCP/IP . (3. ! ) .
IP X Y . X Y TCP/IP .
TCP/IP . . (WAN) .
TCP/IP .
UDP(User Datagram Protocol) . . UDP .
TCP(Transmission Control Protocol) . . TCP .
26
-
TCP/IP ? . , ,
. (interface) IP . IP . IP (3 ).
(request) .
Network News Transfer Protocol(NNTP) :
Simple Mail Transfer Protocol(SMTP) :
Domain Name Service(DNS)
HTTP : World Wide Web
4 IP 2 . .
NNTP : 119
SMTP : 25
DNS : 53
HTTP : 80
( ) . . WWW . WWW 80 .
1024 ( root) . .
Win32 ( ) .
1. 27W
IN3
2U
NIX
-
. , . HTTP/1.0 . ( ). IP-intensive . HTTP/1.1 IP Host .
:
ifconfig IP IP .
IP ifconfig . (, ) . 95 FreeBSD .
IP . ( ) www.butterthlies.com, sales.butterthlies.com
28
. FreeBSD lan_setup ifconfig .
ifconfig ep0 192.168.123.2ifconfig ep0 192.168.123.3 alias netmask 0xFFFFFFFFifconfig ep0 192.168.123.4 alias
192.168.123.2 ep0 192.168.123.3 FreeBSD TCP/IP netmask 0xFFFFFFFF . 192.168.123.1 . 192.168.123.1 . . 192.168.123.2 192.168.123.3 . . .
-
. 192.168.123.2 IP .
: Win32
95 IP . NT TCP/IP ... IP Address . 95 IP-intensive .
.
http://www.apache.org URL . ?
http: URL HTTP . // URL (absolute) . URL . www.apache.org. IP . 204.152.144.38. ping . .
> ping -c 5 www.apache.org
% ping -c 5 www.apache.org
.
PING www.apache.org (204.152.144.38): 56 data bytes
1. 29
RFC 1808(Relative URLs), 1738(URLs).
. Win32> % . % ping% ping .
-
64 bytes from taz.apache.org (204.152.144.38): icmp_seq=0 ttl=247 time=1380 ms64 bytes from taz.apache.org (204.152.144.38): icmp_seq=1 ttl=247 time=1930 ms64 bytes from taz.apache.org (204.152.144.38): icmp_seq=2 ttl=247 time=1380 ms64 bytes from taz.apache.org (204.152.144.38): icmp_seq=3 ttl=247 time=1230 ms64 bytes from taz.apache.org (204.152.144.38): icmp_seq=4 ttl=247 time=1360 ms--- www.apache.org ping statistics ---5 packets transmitted,5 packets received,0% packet loss round-trip min/avg/
max = 1230/1456/1930 ms
http://www.apache.org . 80 . URL . , http://www.apache.org:8000/ URL (path) . / . /some/where/foo.html URL http://www.apache.org:8000/some/where/foo.html.
TCP IP 204.152.144.38 8000 .
GET /some/where/foo.html HTTP/1.0
(CRLF) . HTML . POST . . .
% telnet www.apache.org 80> telnet www.apache.org 80
(telnet) . .
GET /announcelist.html HTTP/1.0
CRLF . . .
30
HTTP/1.0 1.1 HTTP/1.0 .
-
GET /announcelist.html HTTP/1.0HTTP/1.1 200 OKDate: Sun, 15 Dec 1996 13:45:40 GMTServer: Apache/1.3Connection: closeContent-Type: text/htmlSet-Cookie: Apache=arachnet784985065755545; path=/
Join the Apache-Users Mailing List
Join the Apache-Announce Mailing List
The apache-announce mailing list has been set up toinformpeople of new code releases, bug fixes, security fixes, and generalnews and information about the Apache server. Most of thisinformation will also be posted tocomp.infosystems.www.servers.unix,but this provides a more timely way of accessing that information.The mailing list is one-way, announcements only.
To subscribe, send a message [email protected] with the words subscribeapache-announce in the body of the message. Nope, we dont have awebform for this because frankly we dont trust people to put therightaddress.
Connection closed by foreign host.
? .
? URL ( )
1. 31
URL .
-
. !
.
IP ( 80 ) . (standalone mode) .
inted . /etc/inted.conf . . .
. . 64 . . . 2.0 .
. . . IP . .
.
32 U
NIX
WIN
32
(thread) : .
-
? FreeBSD SCO
QNX . FreeBSD http://www.freebsd.org 69.95 Walnut Creek(http://www.cdrom.com) 1750 , CD-ROM . FreeBSD 69.95 .
FreeBSD CD-ROM , . (perl), (Emacs), sh ( bash ksh ) . .
. /etc .
? 1.3 1998 7 .
.
Win32 . 95 NT . , , .
1. 33
FreeBSD http://www.kr.freebsd.org .
, .
-
Win32 . Win32 .
1.3.1 Win32 .
.
http://www.apache.org/ . CD-ROM . gz gzip, Z compress . ( ) gzip(GNU ) . gzip CD-ROM .
.
uncompress .tar.Z
gzip -d .tar.gz
.tar . tar .
mv .tar
.
% tar xvf .tar
apache_1.3.1 . .tar . SSL . .src
34
.
GNU tar tar xzvf .tar.gz .
-
. README . KEYS PGP .
1.3 . configure Makefile.tmpl . GNU Autoconf . , . .
./configurecd srcmake
apache/INSTALL . . INSTALL . . . httpd . , /usr/local/apache/conf/httpd.conf /usr/local/apache/etc/httpd.conf . .
./configure --compat
.
README . . src INSTALL .
1. 35
.
-
ANSI C . C++ .
.../src/Configuration.tmpl Configuration Configuration .Configure Configuration Makefile Makefile.tmpl (Makefile . Configure ).
Configuration . . , , . FreeBSD .
Configuration .
# .
(Rule) Rule .
Makefile .
AddModule .
%Module .
# . .
. Configuration . .
36
httpd.conf .
-
Configuration . Win32 W Win32DLL WD . .
AddModule modules/standard/mod_env.oCGI .
AddModule modules/standard/mod_log_config.o(logging) .
AddModule modules/standard/mod_mime_magic.o .
AddModule modules/standard/mod_mime.o .
AddModule modules/standard/mod_negotiation.oAccept .
AddModule modules/standard/mod_status.o(WD) .
AddModule modules/standard/mod_info.o .
AddModule modules/standard/mod_include.oCGI (Server Side Include) .
AddModule modules/standard/mod_autoindex.o .
AddModule modules/standard/mod_dir.o .
AddModule modules/standard/mod_cgi.oCGI .
1. 37
.
-
AddModule modules/standard/mod_asis.o.asis .
AddModule modules/standard/mod_imap.o(imagemap) .
AddModule modules/standard/mod_actions.o CGI .
AddModule modules/standard/mod_speling.o .
AddModule modules/standard/mod_userdir.oV .
AddModule modules/proxy/libproxy.o . .
AddModule modules/standard/mod_alias.o URL (redirection)
AddModule modules/standard/mod_rewrite.o(WD) URI .
AddModule modules/standard/mod_access.o (Access Control) .
AddModule modules/standard/mod_auth.o .
AddModule modules/standard/mod_auth_anon.o(WD)FTP / .
AddModule modules/standard/mod_auth_db.o mod_auth_dbm.o .
AddModule modules/standard/mod_cern_meta.o(WD)CERN .
AddModule modules/standard/mod_digest.o(WD)HTTP .
38
-
AddModule modules/standard/mod_expires.o(WD) Expire .
AddModule modules/standard/mod_headers.o(WD)HTTP .
AddModule modules/standard/mod_usertrack.o(WD) .
AddModule modules/standard/mod_unique_id.o ID .
AddModule modules/standard/mod_so.o . .
AddModule modules/standard/mod_setenvif.o .
.
# AddModule modules/standard/mod_log_agent.oCERN . .
# AddModule modules/standard/mod_log_referer.oCERN . .
# AddModule modules/standard/mod_auth_dbm.o mod_auth_db.o . Win32 .
# AddModule modules/example/mod_example.oAPI . 14 .
. (12 ).
mod_auth_db.o mod_auth_dbm.o .
. -h .
1. 39
-
IfModule . . .
...
LogFormat customers: host %h, logname %l, user %u, time %t,request %r, status %s, bytes %b
...
( , ).
ClearModuleListClearModuleListServer Config
. AddModule . .
AddModuleAddModule module module ...Server Config
. Configuration AddModule .
. ( ) .
EXTRA_CFLAGS=EXTRA_LDFLAGS=
40
-
EXTRA_LIBS=EXTRA_INCLUDES=
Configure . .
#CC=#OPTIM=-02#RANLIB=
Configuration .Configuration .
Rule RULE=value
value .
yesConfigure .
defaultConfigure .
value .
.
STATUS yes Configure (status) . yes . yes .
SOCKS4SOCKS .http://ftp.nec.com/pub/security/socks.cstc . yes SOCKS5 EXTRA_LIBS Configure L/usr/local/lib-lsocks . , SOCKS . SOCKS SOCKS5SOCKS4 . no.
1. 41
-
SOCKS5SOCKS5 SOCKS4 . no .
IRIXNIS Configure SGI IRIX , NIS yes . no.
IRIXN32IRIX o32 n32 . yes.
PARANOIDConfigure . PARANOID yes . no.
Configure . http://www.apache.org/bugdb.cgi [email protected] . .
WANTHSREGEX: (regular expression) POSIX . WANTHSREGEX=no . no.
Rule WANTHSREGEX=default
src INSTALL .
% ./Configure
( FreeBSD ).
42
-
Using config file: ConfigurationCreating Makefile+ configured for FreeBSD platform+ setting C compiler to gcc+ Adding selected modules
o status_module uses ConfigStart/End:o dbm_auth_module uses ConfigStart/End:o db_auth_module uses ConfigStart/End:o so_module uses ConfigStart/End:
+ doing sanity check on compiler and optionsCreating Makefile in supportCreating Makefile in mainCreating Makefile in apCreating Makefile in regexCreating Makefile in os/unixCreating Makefile in modules/standardCreating Makefile in modules/proxy
.
% make
make . . , SCO .
Cannot open include file sys/socket.h
TCP/IP TCP/IP . . . Bug Report . . , .
make httpd .
% ./httpd
1. 43
-
.
could not open document config file/usr/local/etc/httpd/conf/httpd.conf
. . . (Configure) . .
http://www.apache.org/dist/binaries/ , .
alpha-dec-osf3.0
hppa1.1-hp-hpux
i386-slackware-linux(a.out)
i386-sun-solaris2.5
i386-unixware-svr4
i386-unknown-bsdi2.0
i386-unknown-freebsd2.1
i386-unknown-linux(ELF)
i386-unknown-netBSD
i386-unknown-sco3
i386-unknown-sco5
m68k-apple-aux3.1.1
m88k-dg-dgux5.4R2.01
m88k-next-next
mips-sgi-irix5.3
mips-sni-svr4
rs6000-ibm-aix3.2.5
sparc-sun-solaris2.4
44
-
sparc-sun-solaris2.5
sparc-sun-sunos4.1.4
sparc-sun-sunos4.1.3_U1
mips-dec-ultirx4.4
.
httpd /usr/local/bin .
Win32 95/98 NT .
NT . Win32 .
Win32 , make DLL . http://www.apache.org/dist .exe . c:\temp .
C:\Program Files\Apache . Win32 MS-DOS .
> cd c:\
1. 45
98 .
-
> dir
.
Volume in drive C has no labelVolume Serial Number is 294C-14EEDirectory of C:\apache
. 21/05/98 7:27 .
.. 21/05/98 7:27 ..DEISL1 ISU 12,818 29/07/98 15:12 DeIsL1.isuHTDOCS 29/07/98 15:12 htdocsMODULES 29/07/98 15:12 modulesICONS 29/07/98 15:12 iconsLOGS 29/07/98 15:12 logsCONF 29/07/98 15:12 confCGI-BIN 29/07/98 15:12 cgi-binABOUT_~1 12,921 15/07/98 13:31 ABOUT_APACHEANNOUN~1 3,090 18/07/98 23:50 AnnouncementKEYS 22,763 15/07/98 13:31 KEYSLICENSE 2,907 31/03/98 13:52 LICENSEAPACHE EXE 3,072 19/07/98 11:47 Apache.exeAPACHE~1 DLL 247,808 19/07/98 12:11 ApacheCore.dllMAKEFI~1 TMP 21,025 15/07/98 18:03 Makefile.tmplREADME 2,109 01/04/98 13:59 READMEREADME~1 TXT 2,985 30/05/98 13:57 README-NT.TXTINSTALL DLL 54,784 19/07/98 11:44 install.dll_DEISREG ISR 147 29/07/98 15:12 _DEISREG.ISR_ISREG32 DLL 40,960 23/04/97 1:16 _ISREG32.DLL
13 file(s) 427,389 bytes8 dir(s) 520,835,072 bytes free
Apache.exe ApacheCore.dll . .
conf .
logs .
htdocs . .
modules
46
-
DLL .
1.3b6 . .
Win32 README-NT.TXT .
Win32
(15 ) . Win32 (Custom Installation) .tar gz Winzip . C++ 5.0 . src . \Apache .
> nmake /f Makefile.nt _apached> nmake /f Makefile.nt installd
.
> nmake /f Makefile.nt _apacher> nmake /f Makefile.nt installr
\Apache\ .
Apache.exe
ApacheCore.dll
Modules\ApacheModule*.dll
\conf
\logs
Win32 DLL
1. 47
-
Win32 . LoadModule . , .
LoadModule status_module modules/ApacheModuleStatus.dll
Win32 (\) , (/) . / .
Win32 ISAPI .
BS2000/OSD AS/400 IBM 390
BS2000/OSD (Siemens Nixdorf) IBM AS 400 .
.
48
php, perl . DB / , MySQL( DB ), php, perl . HTML php . RPM, DEB , . . .
-
apache/httpd . .
?
. /usr/www/site.for_instance . .
conf .
htdocs, , .
logs .
150 .
49
2
-
. conf ( ) .
httpd -d /usr/www/site.for_instance
apache -d c:/usr/www/site.for_instance
Win32 . httpd , . Win32 .
Win32 (\) (/) . . .
. .
(site) , . .
(kill)( ) .
. . . . , .
50 U
NIX
WIN
32
-
httpd ( apache) .
-D name (directive) .
-d directory ServerRoot .
-f filenameServerConfig .
-C (directive) (directive) .
-c (directive) (directive) .
-v .
-V .
-h (directive) .
-l .
-S ( vhost ).
-t .
-X .
. .
2. 51U
NIX
-
-i NT .
-uNT .
-sNT NT . 95 . . ( 30 ).
-k shutdown|restart apache -k shutdown apache -k restart .
. apache -?( httpd -?) .
site.toddle .
site.toddle /usr/www/site.toddle . . .../site.toddle .
.../site.toddle (conf, logs,htdocs) . README .
. conf . srm.conf-dist,access.conf-dist, httpd.conf-dist .
NCSA . httpd.conf .
52 W
IN3
2
-
. 1.3.4 . .
README . . .
httpd , -d (
) .
% httpd -d /usr/www/site.toddle
go . /usr/local/bin .
% cat > /usr/local/bin/gohttpd -d `pwd`^d
d^ CTRL-D. . go .
go ( go .../site.toddle ).
% chmod +x /usr/local/bin/go% go
2. 53
NCSA .
-
. .
% ps -aux
. httpd ?
. ps -aux PID(Process IDentity) .
% kill PID
PID .../logs/httpd.pid( . PidFile ) , .
kill `cat /usr/www/site.toddle/logs/httpd.pid`
. .
httpd -d `pwd`
stop .
pwd | read pathkill `cat $path/logs/httpd.pid`
.../src/support/apachect1 . . /usr/local/bin (path) .
usage: ./apachectl(start|stop|restart|fullstatus|status|graceful|configtest|help)
starthttpd
54
ps . system V ( ) ps -aux ps -ef .
-
stophttpd
restartSIGHUP httpd . .
fullstatus . lynx mod_status .
status . lynx mod_status .
gracefulSIGUSR1 httpd . .
configtest .
help .
./go . logs error_log .
[]: mod_unique_id: unable to get hostbyname(myname.my.domain)
DNS . /etc/hosts .
10.0.0.2 myname.my.domain myname
10.0.0.2 IP .
. httpd .
[] - couldnt determine user name from uid
2. 55
-
. root . root 80 root UID -1 . nobody . FreeBSD .
Webuser Webgroup
webuser webgroup . . .FreeBSD adduser .
Enter username [a-z0-9]: webuserEnter full name[]: webuserEnter shell bash csh date no sh tcsh [csh]: noUid [some number]:Login group webuser [webuser]: webgroupLogin group is webgroup.q. Invite webuser into other
groups: guest no [no]: Enter password []: password
.
Name:webuserPassword: passwordFullname: webuserUid: some numberGroups:webgroupHOME:/home/webusershell/nonexistentOK? (y/n) [y]:
send message to webuserand: no route second_mail_address [no]:
56
.
. . /etc/passwd * .
-
Add anything to default message (y/n) [n]:Send message (y/n) [y]: nAdd another user? (y/n) [y]: n
OK . FreeBSD . . httpd.conf .
User webuserGroup webgroup
.
UserUser unix-useridDefault: User #-1Server config, virtual host
User UID . root . unix-userid .
Username .
#usernumber .
. httpd . . nobody . , mod_proxy (9. CacheRoot ).
2. 57
root . root root .
User Group root !
-
GroupGroup unix-groupDefault: Group #-1Server config, virtual host
Group GID . root . unix-gruop .
Groupname .
#groupnumber .
. nobody 100% .
httpd PID root webuser . root .
.
httpd: cannot determine local hostnameUse ServerName to set it manually.
httpd.conf .
ServerName yourmachinename
58
root .
-
. .../httpd/htdocs. /usr/www/site.toddle . .../site.toddle/htdocs 1.txt hullo world . httpd.conf .
DocumentRoot /usr/www/site.toddle/htdocs
.../site.toddle/conf/httpd.conf .
User webuserGroup webgroupServerName yourmachinenameDocumentRoot /usr/www/site.toddle/htdocs
httpd . . ? http://yourmachinename/ !
http HTTP /httpd.conf DocumentRoot .
DocumentRootDocumentRoot directory-filenameDefault: /usr/local/apache/htdocsServer config, virtual host
. Alias URL . ,
DocumentRoot /usr/web
http://www.my.host.com/index.html , /usr/web/index.html .
mod_dir DocumentRoot / ( , DocumentRoot /usr/web/ )
2. 59
http://127.0.0.1 http://localhost . .
-
. DocumentRoot (/) . DocumentRoot . KISS(Keep It Simple, Stupid!) .
Lynx FreeBSD . .
% lynx http://yourmachinename/
.
INDEX OF /* Parent Directory* 1.txt
1.txt , .
hullo world
lynx (telnet) .
% telnet yourmachinename 80
.
GET / HTTP/1.0
.
HTTP/1.0 200 OKSat, 24 Aug 1996 23:49:02 GMTServer: Apache/1.3Connection: closeContent-Type: text/html
Index of /Index of Parent Directory 1.txt
Connection closed by foreign host.
60
telnet .
-
HTML.
.
% ps -aux
root httpd , httpd webuser . .
root 80 , 80 . root . root . 1024 root . root . , ... ( MinSpareServers httpd.conf ) root . ( MaxSpareServers httpd.conf ) . root , PID ,
% kill PID
stop .
(Permissions)
. . read(), write(), excute(), .user(), group(), other( ). CD-ROM .../site.cgi/htdocs .
2. 61
-
% ls -l
-rw-rw-r-- 5 root bin 1575 Aug 15 07:45 form_summer.html
- . .
User(root) , ,
Group(bin) , ,
Other , ,
(excute) .
(other). webuser , webgroup . root bin other . .
. root, wheel . . CD-ROM root, wheel UID, GID 0 , .
root . root .
root webuser .
62
-
webuser , , , . webuser . , (x) . .
% chmod o+x
, . .
% chmod o+r
.
% chmod o-w
.
% chmod o+r
.
% chmod o-w
.
% chmod o+x
.
% chmod o+rx
site.toddle . . GUI . .
. .
2. 63
-
, 95/98/NT, (Ethernet) .
. . .
FreeBSD . FreeBSD , . 3Com .
...
1 3C5x9 board(s) on ISA found at 0x300ep0 at 0x300-0x30f irq 10 on isaep0: aui/bnc/utp[*BNC*] address 00:a0:24:4b:48:23 irq 10...
ep0 . FreeBSD (ScrollLock) / .
ep0 .
ifconfig ep0 192.168.123.2ifconfig ep0 192.168.123.3 alias netmask 0xFFFFFFFFifconfig ep0 192.168.124.1 alias
alias ifconfig IP . netmask FreeBSD (netmask OReilly TCP/IP Network Administration ).
. . FreeBSD /etc/rc.local ( ).
64
-
FreeBSD IP /etc/hosts .
192.168.123.2 www.butterthlies.com192.168.123.2 sales.butterthlies.com192.168.123.3 sales-not-vh.butterthlies.com192.168.124.1 www.faraway.com
www.butterthlies.com sales.butterthlies.com IP . NameVirtualHosts . site.twocopy sales-not-vh.butterthlies.com . , DNS .
Win32 TCP/IP .
95 . TCP/IP ping . ping .
>ping 127.0.0.1
TCP/IP .
Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time
-
>cd \Program Files\apache
NT .
>apache -i
.
>apache -u
. . .
>net start apache>net stop apache
.
95 . ,
>cd \Program Files\apache
apache.exe .
>apache -s
go.bat .
go[RETURN]
, go .
.
Apache/Syntax error on line 44 of /apache/conf/httpd.confServerRoot must be a valid directory
\Program Files\apache\conf\httpd.conf . .
66
-
. .
>ren httpd.conf *.cnk
srm.conf, access.conf .
>del srm.conf>del access.conf
.
Apache/fopen: No such file or directoryhttpd: could not open document config file apache/conf/httpd.conf
. .
>edit httpd.conf
.
# new config file
# . .
...
httpd: cannot determine local host nameuse ServerName to set it manually
.
ServerName your_host_name
.
>apache -sApache/_
_ .
2. 67
-
.
...
User webuserGroup webgroup...
, Win32 .
. It Worked! . \apache\htdocs\index.htm .
CTRL-C .
95, 1.3.3 .
apache -k shutdown
, .
apache -k restart
.
Win32
NT . Win32 NT . NT . 1.3.1 README .
1.3.1 Win32 Win32 . .
- . . .
68
-
- ( , ...)... . .
. Win32 . , .
Win32 .
2. 69
-
: site.simple . CD-ROM
. Butterthlies.Inc . . \windows\hosts /etc/hosts .
127.0.0.1 localhost192.168.123.2 www.butterthlies.com192.168.123.2 sales.butterthlies.com192.168.123.3 sales-IP.butterthlies.com192.168.124.1 www.faraway.com
localhost . localhost .
71
3
!
IP . 192.168 IP .
-
.
site.simple site.toddle , go .../site.toddle/conf/httpd.conf .../site.simple/conf/httpd.conf .
:
% httpd -d /usr/www/site.simple
Win32:
>apache -d c:/usr/www/site.simple
. .
. 1 ...site.simple/logs access_log . . TransferLog .
.../conf/httpd.conf .
User webuserGroup webgroupServerName localhostDocumentRoot /usr/www/site.simple/htdocsTransferLog logs/access_log
.../htdocs 1.txt .
hullo world from site.simple!
go http://www.butterthlies.com .
72
IP 127.0.0.1 .
-
Index of /. Parent Directory. 1.txt
1.txt .
. http://sales.butterthlies.com . ? site.simple URL IP .
IP .
192.168.123.2192.168.123.3
IP . IP IP IP . BindAddress, Listen, . .
. 100% (Reload) (Ctrl) . . Edit Preference Advanced Cache 0 . . . .
3. ! 73
IP . IP AliasingHOWTO . http://kldp.org .
-
? ^C . .../logs/access_log .
192.168.123.1 - - [] GET / HTTP/1.1200 177
200OK, . 177 177 . .../logs/error_log . . .
. ErrorDocument.
ErrorDocumentErrorDocument error-code documentServer config, virtual host, directory, .htaccess
.
1. .
2. .
3. URL .
4. URL .
, , ErrorDocument HTTP URL . () ( ). .
URL (/) URL . .
ErrorDocument 500 http://foo.example.com/cgi-bin/testerErrorDocument 404 /cgi-bin/bad_urls.plErrorDocument 401 /subscription_info.htmlErrorDocument 403 Sorry cant allow you access today
URL(http URL) ErrorDocument
74
-
. ErrorDucument 401 . HTTP .
Butterthlies, Inc. httpd.conf (.../site.first ) .
User webuserGroup webgroupServerName localhostDocumentRoot /usr/www/site.first/htdocsTransferLog logs/access_log
1 AccessConfig ResourceConfig . /dev/null( NUL) srm.conf access.conf .
User Group .
. , HTML .
Creating Net Sites , ABeginners Guide to HTML HTML .
Welcome to Butterthlies IncSummer Catalog All our cards are available in packs of 20 at $2 a pack.There is a 10% discount if you order more than 100.
3. ! 75W
IN3
2
OreillyHTML: The Definitive Guide .
-
Style 2315
Be BOLD on the bench
Style 2316
Get SCRAMBLED in the henhouse
Style 2317
Get HIGH in the treehouse
Style 2318
Get DIRTY in the bath
Postcards designed by [email protected]
Butterthlies Inc, Hopeful City, Nevada 99999
Rough . HTML . .
76
-
.../site.first/htdocs (ln) . /usr/www/main_docs catalog_summer.html .
% ln /usr/www/main_docs/catalog_summer.html .% ln /usr/www/main_docs/bench.jpg .
.../site.first/htdocs .
. .
./go http://www.butterthlies.com .
INDEX of /*Parent Directory*bath.jpg*bench.jpg*catalog_summer.html*hen.jpg*tree.jpg
index.html
. .../htdocs/index.html .
Index to Butterthlies Catalogs
Summer catalogAutumn catalog
3. ! 77U
NIX
WIN
32
-
Butterthlies Inc, Hopeful City, Nevada 99999
catalog_autumn.html catalog_summer.htmlcatalog_autum.html .
index.html URL . DirectoryIndex . .
INDEX TO BUTTERTHLIES CATALOGS*Summer Catalog*Autumn Catalog--------------------------------------------
Butterthlies Inc, Hopeful City, Nevada 99999
! (.../logs/access_log ). !
(Block) .
, , . , . . .
.
78
-
...
Server config
HTML . . .
....
ServerAdmin [email protected] /usr/www/site.virtual/htdocs/customersServerName www.butterthlies.comErrorLog /usr/www/site.virtual/name-based/logs/error_logTransferLog /usr/www/site.virtual/name-based/logs/access_log
...
IP HTTP 80 Port . host _default_ .
. .
. .
1. ( ) .htaccess ..htaccess .
3. ! 79
.
-
2. ( ).
3. .
4. .
, , . .
...
. . DocumentRoot . (wildcard) . ? (character) * , [ ] . , [a-d] a, b, c, d . ~ .
. . ,
80
OreillyMastering Regular Expressions .
(regular expressions) / . OreillyMastering Regular Expressions .
* / / .
-
a, b, c d .
...
. DocumentRoot . ~ . .
catalog. .
.htaccess .
...
URL . . ~ .
3. ! 81
-
. AllowOverride .
...
-Dname . . .
...
. ! . .
.
ServerNameServerName hostname Server config, virtual host
82
-
ServerName .
UseCanonicalNameUseCanonicalName on|offDefault: on Server config, virtual host, directory, .htaccess
URL . , http://www.domain.com/some/directory http://www.domain.com/some/directory/ (/ ). UseCanonicalName on ( on ) ServerName Port , off .
. http://www/somedir ( / ) UseCanonicalName on http://www.domain.com/somedir/ . UseCanonicalName off http://www/somedir/ . . (firewall) .
ServerAdminServerAdmin Server config, virtual host
3. ! 83
-
ServerSignatureServerSignature [off|on|email]Default: offDirectory, .htaccess
. ServerSignature ServerName .ServerSignature email ServerAdmin mailto: .
ServerTokensServerTokens [min(imal)|OS|full]Default: fullServer config
.
min(imal) . , Apache v1.3
OS . , Apache v1.3 (Linux)
full . , Apache v1.3 (Linux) PHP/3.0MyMod/1.2
ServerAliasServerAlias name1 name2 name3 ...Virtual host
ServerAlias . HTTP 1.1 Host: server ServerName, ServerAlias, VirtualHost .
84
-
ServerPathServerPath Virtual host
HTTP 1.1 IP Host . HTTP 1.1 Host ServerPath .
HTML . Host HTTP 1.0 .
, site1.somewhere.com site2.somewhere.com IP httpd.conf .
ServerName site1.somewhere.comDocumentRoot /usr/www/site1ServerPath /site1
ServerName site2.somewhere.comDocumentRoot /usr/www/site2ServerPath /site2
HTTP 1.1 http://site1.somewhere.comhttp://site2.somewhere.com HTTP 1.0 IP URL . ServerPath http://site1.somewhere.com/site1 http://site1.somewhere.com http://site1.somewhere.com/site2 http://site2.somewhere.com .
3. ! 85
HTTP/1.1 . HTTP/1.0 Host . .
-
ServerRootServerRoot Default directory: /usr/local/etc/httpdServer config
ServerRoot conf logs . -f(file) ServerRoot . -d(directory) .
PidFilePidFile Default file: logs/httpd.pidServer config
/ PID(Process ID) . PidFile PID . .../logs/httpd.pid . PID . , (kill).
ScoreBoardFileScoreBoardFile filenameDefault: ScoreBoardFile logs/apache_status Server config
ScoreBoardFile . . .
ScoreBoardFile . .
86
-
CoreDumpDirectoryCoreDumpDirectory directoryDefault: Server config
(core) (dump) . ServerRoot nobody ServerRoot . . .
SendBufferSizeSendBufferSize Default: set by OSServer config
TCP . .
LockFileLockFile directoryDefault: logs/accept.lockServer config
USE_FCNTL_SERIALIZED_ACCEPT USE_FLOCK_SERIALIZED_ACCEPT (lock file) . NFS .
3. ! 87U
NIX
UN
IX
/ . gdb .
-
. . accept() . accept() . NFS .
KeepAliveKeepAlive : 5Server config
, . (connection) . . . 2.x . 1.2 . BrowserMatch(4 ) .
KeepAliveTimeoutKeepAliveTimeout (): 15 Server config
KeepAlive ( ) . TimeOut .
88 U
NIX
-
TimeOutTimeOut (): 1200Server config
. . , . .
HostNameLookupsHostNameLookups [on|off|double]: off
Server config, virtual host
on IP . IP . . off IP . IP . off . IP . HostNameLookups on .
double (reverse) DNS . IP IP mod_access DNS DNS .
3. ! 89
1.3 on . .
IP IP . .
-
IncludeInclude Server config
.
. , . .
1. . .
2. . .
-X
. . .
MaxClientsMaxClients : 150Server config
90
-
. .
MaxRequestsPerChildMaxRequestsPerChild : 30Server config
( 0 ). . 100% 0 .
MaxSpareServersMaxSpareServers : 10Server config
. . . . ps top .
MinSpareServersMinSpareServers : 5Server config
. MAX_SPAWN
3. ! 91
-
_RATE . MAX_SPAWN_RATE 32 . (MinSpareServers) 1 . , .
StartServersStartServers : 5Server config
(MaxSpareServers ) .
1 1.3 StartServers, MinSpareServers, MaxSpareServers . . 100 MaxSpareServers 64, MinSpareServers 32 . StartServers MinSpareServers MaxSpareServers . MaxRequestPerChild . , .
. 64 (File Descriptor) . , ,
92
-
32 . (forking) unable to fork . .
Win32 Win32
.
ThreadsPerChildThreadsPerChild : 50Server config
Win32 . 50 . ThreadsPerChild Win32 .
3. ! 93
. . , tcsh .
: Win32 . Win32 .
-
site.twocopy , URL
. . IP URL .
1.2, HTTP/1.0 . , HTTP/1.0 . NameVirtualHost . IP (Name) . http://www.apache.org/docs/vhost .
HTTP/1.1 . .../site.virtual/Name-based www.butterthlies.com sales.butterthlies.com 192.168.123.2 /etc/hosts . .
User webuserGroup webgroup
NameVirtualHost 192.168.123.2
ServerAdmin [email protected] /usr/www/site.virtual/htdocs/customersServerName www.butterthlies.comErrorLog /usr/www/site.virtual/name-based/logs/error_logTransferLog /usr/www/site.virtual/name-based/logs/access_log
ServerAdmin [email protected] /usr/www/site.virtual/htdocs/salesmenServerName sales.butterthlies.comErrorLog /usr/www/site.virtual/name-based/logs/error_logTransferLog /usr/www/site.virtual/name-based/logs/access_log
94
-
IP NameVirtualHost. ServerName . www.butterthlies.com sales.butterthlies.com ( IP ) NameVirtualHost .
.
NameVirtual HostNameVirtualHost IP [:]Server config
NameVirtualHost IP . . IP ServerName . NameVirtualHost . NameVirtualHost IP ServerName . , IP .
IP
IP . HTTP/1.1 . ? .
3. ! 95
IP .
-
IP .
User webuserGroup webgroup
ServerName www.butterthlies.comServerAdmin [email protected] /usr/www/site.virtual/htdocs/customersErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log
ServerName sales.butterthlies-IP.comServerAdmin [email protected] /usr/www/site.virtual/htdocs/salesmenServerName sales.butterthlies.comErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log
http://www.butterthlies.com http://sales-IP.butterthlies.com . ( IP ) www.sales.com .
/IP
NameVirtualHost IP .
User webuserGroup webgroup
NameVirtualHost 192.168.123.2
ServerAdmin [email protected] /usr/www/site.virtual/htdocs/customersErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log
96
-
ServerAdmin [email protected] /usr/www/site.virtual/htdocs/salesmenServerName sales.butterthlies.comErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log
ServerAdmin [email protected] /usr/www/site.virtual/htdocs/salesmenServerName sales.butterthlies.comErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log
NameVirtualHost 192.168.123.3 .
IP . IP , , IP . 80 .
User webuserGroup webgroupListen 80Listen 8080
ServerName www.butterthlies.comServerAdmin [email protected] /usr/www/site.virtual/htdocs/customersErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log
ServerName sales-IP.butterthlies.comServerAdmin [email protected] /usr/www/site.virtual/htdocs/salesmen
3. ! 97
-
ServerName sales.butterthlies.comErrorLog /usr/www/site.virtual/IP-based/logs/error_logTransferLog /usr/www/site.virtual/IP-based/logs/access_log
Listen 80 8080 . http://www.butterthlies.com 80 . http://www.butterthlies.com:8080 .
IP
. . , ServerType, User,TypesConfig, ServerRoot ( ) . . .
. .../site.twocopy . customerssales .
.../customers .
User webuserGroup webgroupServerName www.butterthlies.comDocumentRoot /usr/www/site.twocopy/customers/htdocsBindAddress www.butterthlies.comTransferLog logs/access_log
.../sales .
User webuserGroup webgroupServerName sales.butterthlies.com
98
-
DocumentRoot /usr/www/site.twocopy/sales/htdocsListen sales-not-vh.butterthlies.com:80TransferLog logs/access_log
sales-not-vh.butterthlies.com . URL . .
BindAddressBindAddress : anyServer config
IP IP .
PortPort : 80Server config
BindAddress Listen Port . BindAddress Listen .
URL (ServerName, UseCanonicalName ) . .
ListenListen : Server config
Listen IP . IP Port
3. ! 99
-
. IP .
Listen . BindAddress 80 Port . Listen BindAddress .
.
ListenBacklogListenBacklog : 511Server config
(queue) . TCP SYN . ListenBacklog . . listen(2) backlog .
DocumentRoot , ErrorLog , TransferLog . 11 .
ServerTypeServerType [inetd|standalone]: standaloneServer config
ServerType . inetd standalone.
inetd .
100
-
. . . inetd /etc/inetd.conf .
http stream tcp nowait root /usr/local/bin/httpd httpd -d directory
standalone .
, . DocumentRoot . , ( ).
go . http://www.butterthlies.com sales.butterthlies.com .
.../sales/htdocs .../customers/htdocs . index.html .
SALESMEN Index to Butterthlies Catalogs
catalog_summer.html .
Welcome to the great rip-off of 97: Butterthlies IncAll our worthless cards are available in packs of 20 at $1.95 apack. WHAT A FANTASTIC DISCOUNT! There is an amazing FURTHER 10%discount if you order more than 100. ...
(FreeBSD ALT-F1 ) .../customers .
% ./go
. .../sales .
% ./go
3. ! 101
X- Ctrl-ALT-F1 . .
-
http://www.butterthlies.com http://sales.butterthlies.com . (?) !
HTTP HTTP
. . .
HeaderNameHeaderName [set|add|unset|append] HTTPHeaderName remove HTTPAnywhere
HeaderName . set, add, unset append . , , .
(Options)Options ...Default: AllServer config, virtual host, directory, .htaccess
Options . . .
102
-
AllMultiViews, IncludesNOEXEC, SymLinksIfOwnerMatch(All FollowSymLinks SymLinksIfOwnerMatch ) .
ExecCGICGI .
( ln -s ) (SSI) (10 ).
FollowSymLinks .
Includes (SSI) SSI .
IncludesNOEXEC #exec, #include CGI .
Indexes URL index.html (, ) (7 ).
MultiViews . AddLanguage (6 ).
SymLinksIfOwnerMatch ( )
+- . , Indexes ExecCGI .
Options +Indexes -ExecCGI
All . MultiViews . All .
3. ! 103
-
.../htdocs index.html .../htdocs .
User WebuserGroup WebgroupServerName www.butterthlies.comDocumentRoot /usr/www/site.ownindex/htdocs
,
Options ExecCGI
.
FORBIDDENYou dont have permission to access / on this server
Options All . ExecCGI Indexes . .
Options +ExecCGI
+- . ,
Options ExecCGIOptions Indexes
Indexes . .
Options Indexes FollowSymLinks
Options Includes
/web/docs/specs Includes .
104
-
FollowSymLinks, SymLinksIfOwnerMatch
(hard link) bench.jpg, hen.jpg, bath.jpg,tree.jpg /usr/www/main_docs . (soft link) . ln-s .
. Fred .../fred/public_html . .../cgi-bin fido webuser CGI , webuser . . webuser . Fred . CGI .
Fred fido ? . . Fred fido webuser .
Options All FollowSymLinks . FollowSymLinksIfOwnerMatch . .
(Restart)
. .
3. ! 105
-
. .
.
.
% kill PID% httpd [flags]
HUP .
% kill -HUP PID
-USR1 . . .
% kill -USR1 PID
.
#!/bin/shkill -USR1 `cat logs/httpd.pid`
Win32 .
apache -k shutdown|restart
2 .
.htaccess .htaccess .
.../htdocs .
106 U
NIX
WIN
32
-
. . AllowOverride .htaccess .
.htaccess . .
order allow,denydeny from all
CERN (metafile) Refresh
. .
MetaFilesMetaFiles [on|off]: offDirectory
.
MetaDirMetaDir : .webDirectory
. . .
3. ! 107
-
MetaSuffixMetaSuffix : .metaDirectory
.
DOCUMENT_ROOT/mydir/fred.html DOCUMENT_ROOT/mydir/fred.html.meta .
(Expirations) 1.2 mod_expires expires .
. .
ExpiresActiveExpiresActive [on|off]Anywhere, .htaccess when AllowOverride Indexes
ExpiresActive / .
ExpiresByTypeExpiresByType (MIME) Anywhere, .htaccess when AllowOverride Indexes
ExpiresByType MIME . .
()
108
-
.
A (now )
M
.
A565656
565656 .
.
[plus] [ ...]
.
Access
nowaccess
Modification
plus .
years
months
weeks
days
hours
minutes
seconds
,
now plus 1 day 4 hours
.
3. ! 109
-
ExpiresDefaultExpiresDefault Anywhere, .htaccess when AllowOverride Indexes
ExpireByType .
110
-
butterthlies . .
! . ? . . . .
(form) .
. .
HTTP ?
HTTP(HyperText Transmission Protocol) . HTTP TCP . (
111
4Common Gateway
Interface(CGI)
-
) ( ) TCP HTTP . . , . HTML , , VRML, Java TCP/IP . MIME mime.types , http://www.isi.edu/in-notes/iana/assignments/media-types/media-types . . text/html HTML text/plain image/jpeg JPEG ... .
HTTP (method) ?
METHOD. . HTTP/1.1 .
GET . GET . , GET .
HEADGET . . .
POST CGI URL ACTION . , . POST .
112
URL .
HTML ACTION .
-
PUT .
DELETE .
TRACE .
CONNECT . SSL .
. RFC 2068 .
(form)
.
Win32 CGI .
.
chmod +x
Win32 COMMAND.COM .bat . ( ).
4. Common Gateway Interface(CGI) 113U
NIX
WIN
32
-
Welcome to Butterthlies IncSummer Catalog All our cards are available in packs of 20 at $2 a pack.There is a 10% discount if you order more than 100.
Style 2315
Be BOLD on the bench
How many packs of 20 do you want?
Style 2316
Get SCRAMBLED in the henhouse
How many packs of 20 do you want?
Style 2317
Get HIGH in the treehouse
How many packs of 20 do you want?
Style 2318
Get DIRTY in the bath
How many packs of 20 do you want?
Which Credit Card are you using?Access
114
-
Amex MasterCard
Your card number?
Postcards designed by [email protected]
Butterthlies Inc, Hopeful City, Nevada 99999
>/body>
.
. CGI . mycgi.cgi .
ACTION /cgi-bin/mycgi.cgi(/usr/www/cgi-bin/mycgi.cgi ) URL .
ACTION=/cgi-bin/mycgi.cgi
htdocs CGI .
ACTION=/mycgi.cgi
ACTION /cgi-bin/mycgi.cgi(\usr\www\cgi-bin\mycgi.cgi ) URL .
ACTION=/cgi-bin/mycgi.bat
4. Common Gateway Interface(CGI) 115U
NIX
WIN
32
-
, htdocs CGI .
ACTION=/mycgi.bat
CGI .
. , .
You dont have permission to access /cgi-bin/mycgi on this server
.
ScriptAlias . . Security byobscurity .
cgi-script Addhandler Sethandler . CGI htdocs .
ScriptAlias Options ExecCGI . . .
. .../cgi-bin .../site.cgi/htdocs mycgi.cgi C .
mycgi.cgi .
#!/bin/shecho content-type: text/plainechoecho Have a nice day
116 W
IN3
2U
NIX
-
Win32 COMMAND.COM mycgi.bat , . .
@echo offecho content-type: text/plainecho.echo Have a nice day
@echo off . . echo. , echo
ECHO is off .
bash perl (?) .
#! ...
CGI (header) (body) . ( CRLF CRLF. LF LF ) . LF CRLF . CGI 1.1 .
The CGI header fields have the generic syntax:
generic-header = field-name :[ field-value ] NLfield-name = 1*field-value = *( field-content | LWSP )field-content = *( token | tspecial | quoted-string )
The field-name is not case sensitive; a NULL field value isequivalent to the header field not being sent.
Content-TypeThe Internet Media Type [9] of the entity body, which is to be sent unmodified to the client.
Content-Type = Content-Type:media-type NLThis is actually an HTTP-Header rather than a CGI-headerfield, but it is listed here because of its importance in the
CGI dialogue as a member of the one of these is requiredset of header fields.
LocationThis is used to specify to the server that the script is
4. Common Gateway Interface(CGI) 117W
IN3
2
-
returning a reference to a document rather than an actualdocument.
Location = Location:( fragment-URI | rel-URL-abs-path ) NL
fragment-URI = URI [ # fragmentid ]URI = scheme :*qcharfragmentid = *qcharrel-URL-abs-path = /[ hpath ] [ ?query-string ]hpath = fpsegment *( /psegment )fpsegment = 1*hcharpsegment = *hcharhchar = alpha | digit | safe | extra
| :| @| & | =
sh Content-Type . .
( mime.types AddType ).
CGI .
Content-Type . text/plain . .
The server encountered an internal error or misconfiguration andwas unable to complete your request
echo .
Butterthlies form_summer.html . .
cgi-bin
cgi-bin .../site.cgi/conf/httpd.conf .
118
-
User webuserGroup webgroupServerName www.butterthlies.comDocumentRoot /usr/www/site.cgi/htdocsScriptAlias /cgi-bin /usr/www/cgi-bin
.../site.cgi/htdocs/form_summmer.html .
CGI . Butterthlies CGIHave a nice day..
CGI cgi-bin .
DocumentRoot
HTML . CGI 100% . , . . . CGI .
mycgi.cgi .../site.cgi/htdocs .
User webuserGroup webgroupServerName www.butterthlies.comDocumentRoot /usr/www/site.cgi/htdocsAddHandler cgi-script cgi
AddHandler cgi . .
4. Common Gateway Interface(CGI) 119
-
http://www.butterthlies.com/form_summer.html .
CGI .
ScriptAliasScriptAlias URL Server config, virtual host
ScriptAlias URL CGI . , URLpath/fred /directory/fred CGI . . . .
ScriptAlias CGI . URLpath/fred/some/where/else URL directory/fred /some/where/else PATH_INFO . . URL
? CGI (caching) . CGI . CGI ( ).
ScriptAliasMatchScriptAliasMatch Server config, virtual host
120
-
ScriptAlias . . URL . , /cgi-bin .
ScriptAliasMatch ^/cgi-bin/(.*) /usr/local/apache/cgi-bin/$1
ScriptLogScriptLog : no loggingResource config
CGI CGI . CGI . .
ScriptLogLengthScriptLogLength : 10385760Resource config
. .
ScriptLogBufferScriptLogBuffer : 1024Resource config
POST .
4. Common Gateway Interface(CGI) 121
. 10MB 10485760.
-
. .
RLimitCPURLimitCPU # | max[# | max]: OS Server config, virtual host
RLimitCPU max . () (soft resource limit), (hard resource limit).
RLimitMEMRLimitMEM # | max[# | max]: OS Server config, virtual host
RLimitMEM max . () (soft resource limit), (hard resource limit).
RLimitNPROCRLimitNPROC # | max[# | max]: OS Server config, virtual host
RLimitPROC max . (soft resource limit), (hard resource limit).
122
. rlimit .
UN
IX
-
Submit Query (?)
.
Have a nice day
ACTION mycgi.cgi mycgi.cgi .
mycgi.cgi CGI . env . Win32 set . Win32 echo . new1 .
#!/bin/shecho content-type: text/plainechoenv
echo content-type: text/plaintype newlechoset
.
GATEWAY_INTERFACE=CGI/1.1CONTENT_TYPE=application/x-www-form-urlencodedREMOTE_HOST=192.168.123.1REMOTE_ADDR=192.168.123.1QUERY_STRING=DOCUMENT_ROOT=/usr/www/site.cgi/htdocsHTTP_USER_AGENT=Mozilla/3.0b7 (Win95; I)HTTP_ACCEPT=image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,*/*HTTP_ACCEPT_LANGUAGE=CONTENT_LENGTH=74SCRIPT_FILENAME=/usr/www/cgi-bin/mycgiHTTP_HOST=www.butterthlies.comSERVER_SOFTWARE=Apache/1.3HTTP_PRAGMA=no-cache
4. Common Gateway Interface(CGI) 123U
NIX
UN
IXW
IN3
2
-
HTTP_CONNECTION=Keep-AliveHTTP_COOKIE=Apache=192257840095649803
PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/binHTTP_REFERER=http://www.butterthlies.com/form_summer.htmlSERVER_PROTOCOL=HTTP/1.0REQUEST_METHOD=POSTSERVER_ADMIN=[no address given]SERVER_PORT=80SCRIPT_NAME=/cgi-bin/mycgiSERVER_NAME=www.butterthlies.com
mod_unique_id UNIQUE_ID .
UNIQUE_ID==NWG7@QoAAAIBkwAADYY
mycgi.cgi .
CGI . Location . URL . .../cgi-bin/location.cgi .
#!/bin/shecho content-type: text/plain# run some program to gather informationecho Location: http://192.168.123.2echo
mycgi.cgi location.cgi Submit .
mycgi C . . . , . HTML . OK , . HTML .
124
.
-
. echo2.c echo.c , . A. echo .
echo.c
echo HTML HTML . echo myecho . myecho.c .
#include #include #define MAX_ENTRIES 10000typedef struct
{char *name;char *val;} entry;
char *makeword(char *line, char stop);char *fmakeword(FILE *f, char stop, int *len);char x2c(char *what);void unescape_url(char *url);void plustospace(char *str);
int main(int argc, char *argv[]){entry entries[MAX_ENTRIES];register int x,m=0;int cl;char mbuf[200];
.
printf(Content-type: text/html\n\n);
HTML . MIME . . \n\n .
if(strcmp(getenv(REQUEST_METHOD),POST))
4. Common Gateway Interface(CGI) 125
-
. CGI GET PUT , .
1=1&2=2&...
GET QUERY_STRING . POST fgetc() ( A echo2.c ).
.
{printf(This script should be referenced with a METHOD of
POST.\n);exit(1);}
if(strcmp(getenv(CONTENT_TYPE),application/x-www-form-urlencoded)){printf(This script can only be used to decode form results.
\n);exit(1);}
cl = atoi(getenv(CONTENT_LENGTH));
& .
for(x=0;cl && (!feof(stdin));x++) {m=x;
entries[x].val = fmakeword(stdin,&,&cl);plustospace(entries[x].val);unescape_url(entries[x].val);entries[x].name = makeword(entries[x].val,=);}
HTML .
printf(Query Results);
.
printf(You submitted the following name/value pairs:%c,10);printf(%c,10);
for(x=0; x
-
printf( %s = %s%c,entries[x].name,entries[x].val,10);
printf(%c,10);}
myecho.c mycgi . .
QUERY RESULTSYou submitted the following name/value pairs:* 2315_order=20* 2316_order=10* 2317_order=* 2318_order=* card_type=Amex* card_num=1234567
myecho.c , . ? .
CGI
. . .
CGI::Carp . . . .
4. Common Gateway Interface(CGI) 127
myecho HTML .
(language) . .
-
. . . CGI QUERY_STRING PATH_INFO . mycgi debug.cgi .
#!/bin/shQUERY_STRING=2315_order=20&2316_order=10&card_type=Amexexport QUERY_STRINGgdb myecho
.
chmod +x debug.cgi./debug.cgi
gdb r .
POST , REQUEST_METHOD POST QUERY_STRING . (query string) . REQUEST_METHOD GET . POST .
#!/bin/shREQUEST_METHOD=POSTexport REQUEST_METHODmyecho
-
(query) . & . & POST .
.
. SetEnv PassEnv .
SetEnvSetEnv Server config, virtual hosts
CGI . . VHOST .
SetEnv VHOST customers...
SetEnv VHOST salesmen...
UnsetEnv UnsetEnv ...Server config, virtual hosts
.
PassEnvPassEnv
4. Common Gateway Interface(CGI) 129
-
CGI . .
PassEnv OSTYPE
OSTYPE , .
. . .
( ) . . .
SetEnvIf SetEnvIfNoCaseSetEnvIf [=] [..] SetEnvIfNoCase [=] [..]
Host, User-Agent, Referer HTTP .
Remote_Host
Remote_Addr IP
130
.
-
Remote_User
Request_MethodGET, POST
Request_URIURL
NoCase .
BrowserMatch BrowserMatchNoCaseBrowserMatch 1[=1] 2[=2] ...BrowserMatchNoCase 1[=1] 2[=2] ...
User-Agent . .
BrowserMatch ^Mozilla/[23] tables=3 java
^ Mozilla/2 Mozilla/3 . .
tables=3java
CGI .
BrowserMatchNoCase BrowserMatch . mOZILLA MoZiLlA .
BrowserMatch SetEnvIf User-Agent .BrowserMatch .
. . .
4. Common Gateway Interface(CGI) 131
-
nokeepalive 3 KeepAlive .
( ) KeepAlive .
BrowserMatch Mozilla/2nokeepalive
force-response-1.0HTTP/1.0 HTTP/1.0 .
HTTP/1.1 . .
BrowserMatch RealPlayer4\.0force-response-1.0BrowserMatch Java/1\.0force-response-1.0BrowserMatch JDK/1\.0force-response-1.0
downgrade-1.0 HTTP/1.1 HTTP/1.0 . MS
4.02b2 downgrade-1.0 .
BrowserMatch MSIE 4\.0b2; nokeepalive downgrade-1.0 force-response-1.0
suEXECCGI
. (wrapper) CGI . .
132
.
-
. . . CGI .
suEXEC . suEXEC , , . suEXEC .
suEXEC suEXEC . . suEXEC . . suEXEC . http://www2.idiscover.co.uk/apache/docs/suexec.html .
site.suexec suEXEC support suexec.h . /**CHANGED**/ .
/** HTTPD_USER -- Define as the username under which Apache normally* runs. This is the only user allowed to execute* this program.*/#ifndef HTTPD_USER#define HTTPD_USER webuser /**CHANGED**/#endif/** UID_MIN -- Define this as the lowest UID allowed to be a target user* for suEXEC. For most systems, 500 or 100 is common.*/#ifndef UID_MIN#define UID_MIN 100#endif
root, daemon, lp UID . 100 UID100 .
4. Common Gateway Interface(CGI) 133
-
/** GID_MIN -- Define this as the lowest GID allowed to be a target
group* for suEXEC. For most systems, 100 is common.*/#ifndef GID_MIN#define GID_MIN 100 // see UID above#endif
.
/* * USERDIR_SUFFIX -- Define to be the subdirectory under users
* home directories where suEXEC access should* be allowed. All executables under this directory* will be executable by suEXEC as the user so * they should be safeprograms. If you are * using a simpleUserDir directive (ie. one * without a *in it) this should be set to * the same value. suEXEC will not work properly* in cases where the UserDir directive points to * a location that is not the same as the users* home directory as referenced in the passwd file.*
* If you have VirtualHosts with a different* UserDir for each, you will need to define them to* all reside in one parent directory; then name that* parent directory here. IF THIS IS NOT DEFINED* PROPERLY, ~USERDIR CGI REQUESTS WILL NOT WORK!* See the suEXEC documentation for more detailed* information.*/#ifndef USERDIR_SUFFIX#define USERDIR_SUFFIX /usr/www/cgi-bin /**CHANGED**/#endif/** LOG_EXEC -- Define this as a filename if you want all suEXEC* transactions and errors logged for auditing and* debugging purposes.*/#ifndef LOG_EXEC#define LOG_EXEC /usr/www/suexec.log /**CHANGED**/#endif/** DOC_ROOT -- Define as the DocumentRoot set for Apache. This* will be the only hierarchy (aside from UserDirs)* that can be used for suEXEC behavior.
134
-
*/#ifndef DOC_ROOT#define DOC_ROOT /usr/www/site.suexec/htdocs /**CHANGED**/#endif/** SAFE_PATH -- Define a safe PATH environment to pass to CGI
executables.*
*/#ifndef SAFE_PATH#define SAFE_PATH /usr/local/bin:/usr/bin:/bin#endif
.
make suexec
( /usr/local/bin ).
cp suexec /usr/local/bin suexec .
.
chown root /usr/local/bin/suexecchmod 4711 /usr/local/bin/suexec
suEXEC root setUID .
suexec .../src/include/httpd.h.
/* The path to the suExec wrapper; can be overridden in Configuration*/#ifndef SUEXEC_BIN#define SUEXEC_BIN /usr/local/bin/suexec /**CHANGED**/#endif
.
#define SUEXEC_BIN HTTPD_ROOT /sbin/suexec
HTTPD_ROOT . , /usr/local/apache . .../src .
4. Common Gateway Interface(CGI) 135
-
makecp httpd /usr/local/bin
. .../logs/error_log .
suEXEC mechanism enabled (wrapper: /usr/local/bin/suexec)
suEXEC .
suEXEC suexec.root .
suEXEC CGI (SSI) , suexec.log (suexecx.h , LOG_EXEC ) . suEXEC suEXEC . . . .
/.. ? .
? UID tar cpio UID .
? UID .
root ? suEXEC root CGI .
suexec.h UID ? UID root . , lpd UID .
136
1.3.1 LogLevel debug .
-
? suEXEC .
UID GID ?
DocumentRoot UserDir ?
?
?
?
setuid setgid ?
?
. .
suEXEC . PATH suexec.h SAFE_PATH . .../src/support/suexec.c safe_env_list . CGI . SetEnv PassEnv suEXEC suexec.c .
suEXEC
root . suEXEC Peter , badcgi.cgi . badcgi.cgi /usr/victim/victim1 . badcgi.cgi webuser webgroup . Peterwebuser webgroup badcgi.cgi . (suEXEC ) .
Peter /home/peter .
conf
4. Common Gateway Interface(CGI) 137
-
logspublic_html
go .
httpd -d /home/peter
.
User webuserGroup webgroupServerName www.butterthlies.comServerAdmin [email protected] public_htmlAddHandler cgi-script cgi
, . webuser webgroup webuser webgroup . Peter http://www.butterthlies.com/~peter . UserDir public_html .
Peter form_summer.html public_html . ! ACTION=mycgi.cgi badcgi.cgi .
#!/bin/shecho content-type: text/plainechorm -f /usr/victim/victim1
victim1 . root .
chown webuser:webgroup /usr/victimchown webuser:webgroup /usr/victim/victim1
Peter badcgi.cgi .
./badcgi.cgirm: /usr/victim/victim1: Permission denied
138
-
. ,
/home/peter/go
http://www.butterthlies.com/~peter form_summer.html Submit , .
Document contains no data
. badcgi.cgi webuser webgroup /usr/victim (victim1 ) .
suEXEC . victim1 . suEXEC.not suEXEC (.../logs/error_log suEXEC ) Submit .
Internal Server ErrorThe server encountered an internal error or misconfiguration andwas unable to complete your request.Please contact the server administrator, [email protected] andinform them of the time the error occurred, and anythingyou might have done that may have caused the error.
!
[Tue Sep 15 13:42:53 1998] [error] malformed header from script.Bad header=suexec running: /home/peter/public_html/badcgi.cgi
(Handlers) MIME .
, cgi-script CGI . .../site.filter .
Actions . .
4. Common Gateway Interface(CGI) 139
-
send-as-isHTTP (mod_asis).
cgi-script (mod_cgi). Options ExecCGI .
imap-file (imagemap) (mod_imap).
server-info (mod_info).
server-status (mod_status).
server-parsed (SSI) (mod_include). Options Includes .
type-map type map (6 ) (mod_negotiation).
isapi-isa ( Win32 only) URL ISA DLL . OptionsExecCGI ISA .
.
AddHandlerAddHandler ...Server config, virtual host, directory, .htaccess
AddHandler . , cgi bzq CGI .
AddHandler cgi-script cgi bzq
140 W
IN3
2
-
SetHandlerSetHandler Directory, .htaccess
AddHandler , ,.htaccess . , 11 .
order deny, allowallow from 192.168.123.1deny from all
SetHandler server-status
(Actions) . CGI
.
A