apache web server: architeura, installazione ... · apache: la storia • in february of 1995, the...

CorsodiProge+azionediRe0eSistemiInforma0ci

[email protected]

31Marzo2011 EmilianoCasalicchio(C)

Apachewebserver:archite+ura,installazione,configurazione

(Lezione1)

Agenda

•  IlWebServer•  Apachewebserver– Archite+ura–  Installazione– Configurazione


IlWebServer

•  Iden0ficaquelservizioa+oarisponderearichiesteh+p– èprincipalmentecompostodaunsoPware(ildemoneh+pdinambien0Unix/Linux)edallamacchinacheloospita

– è0picamenteraggiungibilemedianteunaconnessionedirete(TCP/IP)

– èingradodirisponderearichiesteh+p,h+ps


Perchèapache


TotalSitesAcrossAllDomainsAugust1995‐March2011

MarketShareforTopServersAcrossAllDomainsAugust1995‐March2011

From:h+p://news.netcraP.com/archives/category/web‐server‐survey/

Apache:lastoria

•  InFebruaryof1995,themostpopularserversoPwareontheWebwasthepublicdomainHTTPdaemondevelopedbyRobMcCoolattheNa0onalCenterforSupercompu0ngApplica0ons,UniversityofIllinois,Urbana‐Champaign.–  However,developmentofthath+pdhadstalledaPerRoblePNCSAin

mid‐1994,andmanywebmastershaddevelopedtheirownextensionsandbugfixesthatwereinneedofacommondistribu0on.

•  BytheendofFebruary,eightcorecontributorsformedthefounda0onoftheoriginalApacheGroup:–  BrianBehlendorf RoyT.FieldingRobHar0ll DavidRobinson Cliff

Skolnick RandyTerbushRobertS.Thau AndrewWilson –  withaddi0onalcontribu0onsfromEricHagberg FrankPeters Nicolas

Pioch •  thefirstofficialpublicrelease(0.6.2)oftheApacheserverinApril1995•  Apache1.0wasreleasedonDecember1,1995.•  LessthanayearaPerthegroupwasformed,theApacheserverpassed

NCSA'sh+pdasthe#1serverontheInternet


h+p://h+pd.apache.org/ABOUT_APACHE.html

APAtCHyServer

Apachearchitecture

•  ConceptualArchitecture(Le-uraobbligatoria)– h+p://www.voneicken.com/courses/ucsb‐cs290i‐wi02/papers/Concept_Apache_Arch.htm

•  ConcreteArchitecture(Le-urafacolta7va)– h+p://www.voneicken.com/courses/ucsb‐cs290i‐wi02/papers/Concrete_Apache_Arch.htm


Archite+uraconce+ualedialtolivello


Interazionetracomponen0

•  Componen0delmodulocorediapache


Thecorecomponents•  h+p_protocol.c:containsrou0nesthatdirectlycommunicateswiththeclient

(throughthesocketconnec0on),followingtheHTTPprotocol.Alldatatransferstotheclientaredoneusingthiscomponent.

•  h+p_main.c:thecomponentthatstartuptheserverandcontainsthemainserverloopthatwaitsforandacceptsconnec0ons.Itisalsoinchargeofmanaging0meouts.

•  h+p_request.cthecomponentthathandlestheflowoftherequestprocessing,dispatchingcontroltothemodulesintheappropriateorder.Itisalsoinchargewitherrorhandling.

•  h+p_core.c:thecomponentimplemen0ngthemostbasicfunc0onality,whichisdescribedinacommentfromasourcefileasbeing"just'barely'func0onalenoughtoservedocuments,thoughnotterriblywell".Anotherinteres0ngquotefromasourcefilecommentillustratesverywellthefunc0onofthiscomponent:"thisfilecouldalmostbemod_core.c".Meaningthatthecomponentbehaveslikeamodulebuthastoaccesssomeglobalsdirectly(whichisnotcharacteris0cforamodule).

•  thecomponentthattakecareofalloca0ngresourcepools,andkeepingtrackofthem.(alloc.c)

•  otheru0li0es,includingreadingconfigura0onfilesandmanagingtheinforma0ongatheredfromthosefiles(h+p_config.c),aswellassupportforvirtualhosts.Animportantfunc0onofh+p_configisthatformthelistofmodulesthatwillbecalledtoservicedifferentphasesoftherequests.


Fasidiunarichiesta•  Amoduleimplementsonlypor0onofthefunc0onalityforservicing

aclientrequest.–  Morethanonemodulearenecessarytocompletelyrespondtoa

request–  moduledoesnotknowoneabouttheother.–  Thecontrolistransferedbackandforthbetweenthecoreand

differentmodules.Thisishandledbydividingthehandlingoftherequestintoasetofdis0nctphases.

•  phasesofhandlingarequestfortheApacheserver:–  URItofilenametransla0on;–  Checkaccessbasedonhostaddress,andotheravailableinforma0on;–  GetanuseridfromtheHTTPrequestandvalidateit;–  Authorizetheuser;–  DeterminetheMIMEtypeoftherequestedobject(thecontenttype,

theencodingandthelanguage);–  Fix‐ups(forexamplereplacealiasesbytheactualpath);–  Sendtheactualdatabacktotheclient;–  Logtherequest;


GliHandlers•  AhandlerisforApachetheac0onthat

mustbeperformedinsomephaseofservicingarequest.Forexamplewhentherequestedobjectisafile,thehandlerthatreturnsthefilemust–  openthefile,readthecontentofthefile

andhandthecontentofthefiletotheclient(throughapachecore).

•  Handlersaredefinedbymodules,andamodulemightspecifyhandlersforone,manyornoneofthephasesofarequest.–  Handlersarethepartofthemodulethatis

calledwhentheprocessingoftherequestentersthephaseforwhichthehandlerisdefined.

•  Thera0onalebehindhavingmodulesdefininghandlersformorethanonephaseisthatamodulemightsaveinternallydataontherequestbeingprocessed,andwhenitshandlersforasubsequentphaseoftherequestarecalledtheymightmakeuseofthosethedata.


Archite+uraeflu

ssodi

unarichiesta


Laconcorrenza


InstallazioneeConfigurazione

•  Libtool,autoconf,apr•  DownloadeverificaPGPsignature–  Esempiogenerale

•  Configurazione–  Leprincipaliopzioni–  (Imodulilivediamodopo)


h+p://h+pd.apache.org/docs/2.2/install.html

h+p://h+pd.apache.org/docs/2.2/programs/configure.html

h+p://h+pd.apache.org/download.cgih+p://h+pd.apache.org/dev/verifica0on.html

GNULibtooleAutoconf

•  ApacheHTTPduseslibtoolandautoconftocreateabuildenvironmentthatlookslikemanyotherOpenSourceprojects.

•  GNUlibtool(h+p://www.gnu.org/soPware/libtool/)–  isagenericlibrarysupportscript.Libtoolhidesthecomplexityofusing

sharedlibrariesbehindaconsistent,portableinterface–  isaGNUprogrammingtoolfromtheGNUbuildsystemusedfor

crea0ngportablecompiledlibraries

•  GNUautoconf(h+p://www.gnu.org/soPware/autoconf/)–  isanextensiblepackageofM4macrosthatproduceshellscriptsto

automa0callyconfiguresoPwaresourcecodepackages.ThesescriptscanadaptthepackagestomanykindsofUNIX‐likesystemswithoutmanualuserinterven0on.

–  createsaconfigura0onscriptforapackagefromatemplatefilethatliststheopera0ngsystemfeaturesthatthepackagecanuse,intheformofM4macrocalls.


apr–ApachePortableRun0me

•  ThemissionoftheApachePortableRun0me(APR)projectistocreateandmaintainsoPwarelibrariesthatprovideapredictableandconsistentinterfacetounderlyingplanorm‐specificimplementa0ons.–  TheprimarygoalistoprovideanAPItowhichsoPwaredevelopersmaycodeandbe

assuredofpredictableifnotiden0calbehaviourregardlessoftheplanormonwhichtheirsoPwareisbuilt,relievingthemoftheneedtocodespecial‐casecondi0onstoworkaroundortakeadvantageofplanorm‐specificdeficienciesorfeatures.

•  APRprovidesasetofAPIsthatmaptotheunderlyingopera0ngsystem.WheretheOSdoesn'tsupportapar0cularfunc0on,APRwillprovideareplacement.Thus,theAPRcanbeusedtomakeaprogramtrulyportableacrossplanorms.


PassiInstallazione


Requisi0

•  DiskSpace•  ANSI‐CCompilerandBuildSystem

•  Accurate7mekeeping

•  Perl5[OPTIONAL]•  apr/apr‐u7l>=1.2


DownloadeverificaPGP

•  h+pd‐2.2.17.tar.gz[PGP][MD5][SHA1]–  [PGP]=h+pd‐2.2.17.tar.gz.asc–  [MD5]=h+pd‐2.2.17.tar.gz.md5–  [SHA1]=h+pd‐2.2.17.tar.gz.sha1

•  KEYS

•  Pre-yGoodPrivacy(PGP)


h+p://h+pd.apache.org/download.cgi#apache22h+p://h+pd.apache.org/dev/verifica0on.html

Signatures

Fingerprint

Fingerprint

Verifica•  First,wewillcheckthedetachedsignature(h+pd‐2.0.44.tar.gz.asc)against

ourrelease(h+pd‐2.0.44.tar.gz).

%gpgh-pd‐2.0.44.tar.gz.asc

gpg:SignaturemadeSatJan1807:21:282003PSTusingDSAkeyIDDE885DD3

gpg:Can'tchecksignature:publickeynotfound


•  Wedon'thavethereleasemanager'spublickey(DE885DD3)inourlocalsystem.Younowneedtoretrievethepublickeyfromakeyserver.Onepopularserverispgpkeys.mit.edu(whichhasawebinterface).Thepublickeyserversarelinkedtogether,soyoushouldbeabletoconnecttoanykeyserver.

%gpg‐‐keyserverpgpkeys.mit.edu‐‐recv‐keyDE885DD3gpg:reques7ngkeyDE885DD3fromHKPkeyserverpgpkeys.mit.edugpg:trustdbcreatedgpg:keyDE885DD3:publickey"SanderStriker<[email protected]>"

importedgpg:Totalnumberprocessed:1gpg:imported:1

•  youhavenowreceivedapublickeyforanen0tyknownas'SanderStriker<[email protected]>'However,youhavenowayofverifyingthiskeywascreatedbythepersonknownasSanderStriker.


•  But,let'strytoverifythereleasesignatureagain.


gpg:SignaturemadeSatJan1807:21:282003PSTusingDSAkeyIDDE885DD3gpg:Goodsignaturefrom"SanderStriker<[email protected]>”

gpg:aka"SanderStriker<[email protected]>”

gpg:checkingthetrustdbgpg:noul7matelytrustedkeysfound

gpg:WARNING:Thiskeyisnotcer7fiedwithatrustedsignature!

gpg:Thereisnoindica7onthatthesignaturebelongstotheowner.

Fingerprint:4C1EADADB4EF5007579C919C6635B6C0DE885DD3

•  Atthispoint,thesignatureisgood,butwedon'ttrustthiskey.Agoodsignaturemeansthatthefilehasnotbeentampered.However,duetothenatureofpublickeycryptography,youneedtoaddi0onallyverifythatkeyDE885DD3wascreatedbytherealSanderStriker.

•  Anya+ackercancreateapublickeyanduploadittothepublickeyservers.Theycanthencreateamaliciousreleasesignedbythisfakekey.Then,ifyoutriedtoverifythesignatureofthiscorruptrelease,itwouldsucceedbecausethekeywasnotthe'real'key.Therefore,youneedtovalidatetheauthen0cityofthiskey.


•  Thecrucialsteptovalida0onistoconfirmthekeyfingerprintofthepublickey.

%gpg‐‐fingerprintDE885DD3

pub1024D/DE885DD32002‐04‐10SanderStriker<[email protected]>Keyfingerprint=4C1EADADB4EF5007579C919C6635B6C0DE885DD3

uidSanderStriker<[email protected]>

sub2048g/532D14CA2002‐04‐10


gpg:SignaturemadeSatJan1807:21:282003PSTusingDSAkeyIDDE885DD3

gpg:Goodsignaturefrom"SanderStriker<[email protected]>”

gpg:aka"SanderStriker<[email protected]>"


Esercizio

•  ControllareevalidarelefirmediunadistribuzioneApache– GNUPG(h+p://www.gnupg.org/)– OpenPGP(h+p://www.openpgp.org/)

•  ProvaresiaconPGPcheMD5


InstallazioneeConfigurazione

•  Libtool,autoconf,apr•  DownloadeverificaPGPsignature–  Esempiogenerale

•  Configurazione–  Leprincipaliopzioni–  (Imodulilivediamodopo)


h+p://h+pd.apache.org/docs/2.2/install.html


h+p://h+pd.apache.org/download.cgih+p://h+pd.apache.org/dev/verifica0on.html

Configurazione

•  ThenextstepistoconfiguretheApacheHTTPdsourcetreeforyourpar0cularplanormandpersonalrequirements.Thisisdoneusingthescriptconfigureincludedintherootdirectoryofthedistribu0on.

•  Themostimportantop0onistheloca0on‐‐prefixwheretheApacheHTTPServeristobeinstalledlater,becauseApacheHTTPdhastobeconfiguredforthisloca0ontoworkcorrectly.–  configure‐‐prefix=/usr/www/

•  youcanspecifywhichfeaturesyouwantincludedinApacheHTTPdbyenablinganddisablingmodules.



‐‐disable‐‐‐enable‐...

‐‐enable‐MODULE=sharedThecorrespondingmodulewillbebuildasDSOmodule.‐‐enable‐MODULE=sta?cBydefaultenabledmodulesarelinkedsta?cally.Youcan

forcethisexplicitly.Lalogicaè:disabilitareimoduliabilita?perdefaulteviceversaabilitare

quellinondidefaultadesempio:‐‐disable‐auth‐basic‐‐enable‐ssl


Imodulididefault

•  Listamoduli– h+p://h+pd.apache.org/docs/2.2/mod/

•  Modulidefaulteopzionalisonoindica0quì– h+p://h+pd.apache.org/docs/2.2/programs/configure.html


make&makeinstall

•  setu+ovaabuonfineoccorreconfigurareapache

vi/etc/conf/hKpd.conf


Apacheconfigura0on

•  Configura0onfile/etc/h+pd/h+pd.conf

•  References–  QuickReferenceh+p://h+pd.apache.org/docs/2.2/mod/quickreference.html

–  CoreFeaturesh+p://h+pd.apache.org/docs/2.2/mod/core.html#op0ons

PRENDETECOMEESEMPIOILFILEh+pd.confCREATOALMOMENTODELL’INSTALLAZIONEDIAPACHE.


Directory

•  <Directory>and</Directory>areusedtoencloseagroupofdirec0vesthatwillapplyonlytothenameddirectory,sub‐directoriesofthatdirectory,andthefileswithintherespec0vedirectories.Anydirec0vethatisallowedinadirectorycontextmaybeused.Directory‐pathiseitherthefullpathtoadirectory,orawild‐cardstringusingUnixshell‐stylematching.


Op0on

•  TheOp0onsdirec0vecontrolswhichserverfeaturesareavailableinapar0culardirectory.

•  op?oncanbesettoNone,inwhichcasenoneoftheextrafeaturesareenabled

•  Forexample:– All– ExecCGI– FollowSymbolicLinks–  Indexes


AllowOverride

•  Whentheserverfindsan.htaccessfile(asspecifiedbyAccessFileName)itneedstoknowwhichdirec0vesdeclaredinthatfilecanoverrideearlierconfigura0ondirec0ves.– AuthConfig– FileInfo–  Indexes– Limit– Op0ons[=Op0on,...]


OrderControllodegliaccessi

•  TheOrderdirec0ve,alongwiththeAllowandDenydirec0ves,controlsathree‐passaccesscontrolsystem.–  ThefirstpassprocesseseitherallAlloworallDenydirec0ves,asspecifiedbytheOrder

direc0ve.–  Thesecondpassparsestherestofthedirec0ves(DenyorAllow).

–  Thethirdpassappliestoallrequestswhichdonotmatcheitherofthefirsttwo.

•  Orderingisoneof:–  Allow,DenyFirst,allAllowdirec0vesareevaluated;atleastonemustmatch,orthe

requestisrejected.Next,allDenydirec0vesareevaluated.Ifanymatches,therequestisrejected.Last,anyrequestswhichdonotmatchanAlloworaDenydirec0vearedeniedbydefault.

–  Deny,AllowFirst,allDenydirec0vesareevaluated;ifanymatch,therequestisdeniedunlessitalsomatchesanAllowdirec0ve.AnyrequestswhichdonotmatchanyAlloworDenydirec0vesarepermi+ed.


Order:esempioInthefollowingexample,allhostsintheapache.orgdomainareallowedaccess;

allotherhostsaredeniedaccess. Order Deny,Allow Deny from all Allow from apache.org

Inthenextexample,allhostsintheapache.orgdomainareallowedaccess,exceptforthehostswhichareinthefoo.apache.orgsubdomain,whoaredeniedaccess.Allhostsnotintheapache.orgdomainaredeniedaccessbecausethedefaultstateistoDenyaccesstotheserver.

Order Allow,Deny Allow from apache.org Deny from foo.apache.org

Ontheotherhand,iftheOrderinthelastexampleischangedtoDeny,Allow,allhostswillbeallowedaccess.Thishappensbecause,regardlessoftheactualorderingofthedirec0vesintheconfigura0onfile,theAllowfromapache.orgwillbeevaluatedlastandwilloverridetheDenyfromfoo.apache.org.Allhostsnotintheapache.orgdomainwillalsobeallowedaccessbecausethedefaultstateisAllow.


Order:esempio

ThepresenceofanOrderdirec0vecanaffectaccesstoapartoftheserverevenintheabsenceofaccompanyingAllowandDenydirec0vesbecauseofitseffectonthedefaultaccessstate.Forexample,

<Directory /www> Order Allow,Deny </Directory>

willDenyallaccesstothe/wwwdirectorybecausethedefaultaccessstateissettoDeny.


Allow/Deny•  TheAllow/Denydirec0veaffectswhichhostscanaccessanareaoftheserver.

Accesscanbecontrolledbyhostname,IPaddress,IPaddressrange,orbyothercharacteris0csoftheclientrequestcapturedinenvironmentvariables.Thefirstargumenttothisdirec0veisalwaysfrom.Thesubsequentargumentscantakethreedifferentforms.

•  IfAllowfromallisspecified,thenallhostsareallowedaccess,subjecttotheconfigura0onoftheDenyandOrderdirec0vesasdiscussedbelow.

•  Toallowonlypar0cularhostsorgroupsofhoststoaccesstheserver,thehostcanbespecifiedinanyofthefollowingformats:–  A(par0al)domain‐name

•  Allowfromapache.orgAllowfrom.netexample.edu

–  AfullIPaddress•  Allowfrom10.1.2.3

Allowfrom192.168.1.104192.168.1.205–  Apar0alIPaddress

•  Allowfrom10.1Allowfrom10172.20192.168.2

–  Anetwork/netmaskpair•  Allowfrom10.1.0.0/255.255.0.0


Auten0cazionedibase

•  Realizzatamediantedire}vechevannoinunasezione<Directory>– nelmainconfigura0onfile–  inunfile.htaccess,inquestocasovaabilitatal’autorizzazioneaconfigurarel’auten0cazione•  AllowOverrideAuthConfig

•  L’auten0cazionedibaseu0lizzaunmeccanismoaverificautente/password– nonprevedecifratura


Creazionediunfiledipassword•  Thisfileshouldbeplacedsomewherenotaccessiblefromtheweb.Thisisso

thatfolkscannotdownloadthepasswordfile.Forexample,ifyourdocumentsareservedoutof/usr/local/apache/htdocsyoumightwanttoputthepasswordfile(s)in/usr/local/apache/passwd.

•  Tocreatethefile,usethehtpasswdu0litythatcamewithApache.ThiswillbelocatedinthebindirectoryofwhereveryouinstalledApache.IfyouhaveinstalledApachefromathird‐partypackage,itmaybeinyourexecu0onpath.

•  Tocreatethefile,type:–  htpasswd‐c/usr/local/apache/passwd/passwordsrbowen

•  htpasswdwillaskyouforthepassword,andthenaskyoutotypeitagaintoconfirmit:


Esempiodiconfigurazione


Anexampleofthisisusingaccesscontroltoassurethat,althougharesourceispasswordprotectedfromoutsideyournetwork,allhostsinsidethenetworkwillbegivenunauthen0catedaccesstotheresource.ThiswouldbeaccomplishedbyusingtheSa0sfydirec0ve,asshownbelow.

Autorizzaregruppi

•  Ifyouwanttoletmorethanonepersonin,you'llneedtocreateagroupfilethatassociatesgroupnameswithalistofusersinthatgroup.Theformatofthisfileispre+ysimple,andyoucancreateitwithyourfavoriteeditor.Thecontentsofthefilewilllooklikethis:–  GroupName:rbowendpi+ssungorshersey

•  Toaddausertoyouralreadyexis0ngpasswordfile,type:htpasswd/usr/local/apache/passwd/passwordsusername


Esercizio

•  Installareeconfigurareapachesullavostramacchina– bindingsulocalhost:80– bingingsualtraporta

•  Provarelevarieopzionidiapachectld•  Configurarel’auten0cazionesemplice


ErrorLog•  Theservererrorlog,whosenameandloca0onissetbytheErrorLogdirec0ve,isthemost

importantlogfile.ThisistheplacewhereApacheh+pdwillsenddiagnos0cinforma0onandrecordanyerrorsthatitencountersinprocessingrequests.Itisthefirstplacetolookwhenaproblemoccurswithstar0ngtheserverorwiththeopera0onoftheserver,sinceitwilloPencontaindetailsofwhatwentwrongandhowtofixit.


AccessLog•  Theserveraccesslogrecordsallrequestsprocessedbytheserver.Theloca0onand

contentoftheaccesslogarecontrolledbytheCustomLogdirec0ve.TheLogFormatdirec0vecanbeusedtosimplifytheselec0onofthecontentsofthelogs.Thissec0ondescribeshowtoconfiguretheservertorecordinforma0onintheaccesslog.


Esercizio

•  Provareivariforma0dilogging•  Provarelarotazionedeilog–  fareunoscriptdishellcheperiodicamentesvolgeleseguen0azioni


UntutorialdiBashshellscrip0ngh+p://steve‐parker.org/sh/sh.shtml

Star0ngApacheh+pd

•  IftheListenspecifiedintheconfigura0onfileisdefaultof80(oranyotherportbelow1024),thenitisnecessarytohaverootprivilegesinordertostartapache,sothatitcanbindtothisprivilegedport.Oncetheserverhasstartedandperformedafewpreliminaryac0vi0essuchasopeningitslogfiles,itwilllaunchseveralchildprocesseswhichdotheworkoflisteningforandansweringrequestsfromclients.Themainh+pdprocesscon0nuestorunastherootuser,butthechildprocessesrunasalessprivilegeduser.ThisiscontrolledbytheselectedMul0‐ProcessingModule.


h+p://h+pd.apache.org/docs/2.2/bind.htmlh+p://h+pd.apache.org/docs/2.2/invoking.htmlh+p://h+pd.apache.org/docs/2.2/programs/apachectl.htmlh+p://h+pd.apache.org/docs/2.2/stopping.htm

apachectlcommand•  startStarttheApacheh+pddaemon.Givesanerrorifitisalreadyrunning.Thisis

equivalenttoapachectl‐kstart.•  stopStopstheApacheh+pddaemon.Thisisequivalenttoapachectl‐kstop.

•  restartRestartstheApacheh+pddaemon.Ifthedaemonisnotrunning,itisstarted.Thiscommandautoma0callycheckstheconfigura0onfilesasinconfigtestbeforeini0a0ngtherestarttomakesurethedaemondoesn'tdie.Thisisequivalenttoapachectl‐krestart.

•  fullstatusDisplaysafullstatusreportfrommod_status.Forthistowork,youneedtohavemod_statusenabledonyourserverandatext‐basedbrowsersuchaslynxavailableonyoursystem.TheURLusedtoaccessthestatusreportcanbesetbyedi0ngtheSTATUSURLvariableinthescript.


apachectlcommand•  statusDisplaysabriefstatusreport.Similartothefullstatusop0on,exceptthatthe

listofrequestscurrentlybeingservedisomi+ed.•  gracefulGracefullyrestartstheApacheh+pddaemon.Ifthedaemonisnot

running,itisstarted.Thisdiffersfromanormalrestartinthatcurrentlyopenconnec0onsarenotaborted.Asideeffectisthatoldlogfileswillnotbeclosedimmediately.Thismeansthatifusedinalogrota0onscript,asubstan0aldelaymaybenecessarytoensurethattheoldlogfilesareclosedbeforeprocessingthem.Thiscommandautoma0callycheckstheconfigura0onfilesasinconfigtestbeforeini0a0ngtherestarttomakesureApachedoesn'tdie.Thisisequivalenttoapachectl‐kgraceful.

•  graceful‐stopGracefullystopstheApacheh+pddaemon.Thisdiffersfromanormalstopinthatcurrentlyopenconnec0onsarenotaborted.Asideeffectisthatoldlogfileswillnotbeclosedimmediately.Thisisequivalenttoapachectl‐kgraceful‐stop.

•  configtestRunaconfigura0onfilesyntaxtest.Itparsestheconfigura0onfilesandeitherreportsSyntaxOkordetailedinforma0onaboutthepar0cularsyntaxerror.Thisisequivalenttoapachectl‐t.


apache web server: architeura, installazione ... · apache: la storia • in february of 1995, the...

Documents