Tuesday, May 31, 2016

Dealing with configuration directives in Apache on Ubuntu

(1) We can list the statically compiled modules available for apache using the command,

apache2ctl -M

(2) "Options" directive is a useful directive which we can use to enable and disable various options for a virtual host. Since this directive comes as a core module, we don't have to load it in order to use. It's available by default.

First of all, create a new directory inside our web root for a particular virtual host. Then add some files into it. If we try to access this directory from the web browser, we will be able to see a list of files. We can disable these file listings by using the "Options" directive.

mkdir /var/www/smallco.com/public_html/files
touch /var/www/smallco.com/public_html/files/first-file.txt
touch /var/www/smallco.com/public_html/files/second-file.txt
w3m smallco.com/files

To disable these file listings, we will open the configuration file of this virtual host and add a "Directory" directive for this particulr directory and disable the "Indexes" option using the "Options" directive.

sudo vim /etc/apache2/sites-available/smallco.com.conf

<Directory /var/www/smallco.com/public_html/files>
    Options -Indexes

Now, let's restart the apache server and see,

sudo service apache2 restart

If the things seems not getting affected as expected, we can do a forced reload too as follows.

sudo service apache2 force-reload

Now, trying to access that directory from the web browser will show that the server is not giving a list of files in the directory due to our changes.

(3) "Location" directive is a similar directive to the "Directory" directive however there we specify a particular URL inside our website to which we point to. We usually use "Location" directive with the "SetHandler" directive to specify a particular program which should handle a request to a particular URL inside our website.

Let's specify a URL accessing which will display the server status of our web server. For this functionality, we need to have the status_module enabled on apache. Running the following command showed that we have this module currntly installed.

apachectl -M

Again, we can check whether it is enabled by looking at the enabled modules directory and then in the right files.

ls /etc/apache2/mods-enabled/
cat /etc/apache2/mods-enabled/status.load
cat /etc/apache2/mods-enabled/status.conf

As we can see, this status_module is loaded and enabled by default. But it is set to a particular URL called "/server-status". Let's change it to point to a different place in our website. In order to do that, we have to open our website configuration file as usual and put an entry there.

sudo vim /etc/apache2/sites-available/smallco.com.conf

<Location /smallco-status>
    SetHandler server-status
    Require local

sudo service apache2 restart
sudo service apache2 force-reload

Now, we can try to access that particular URL in our website and see how that request is handled by the status_module.

lynx smallco.com/smallco-status

(4) Let's use "Files" directive to specify some rules for a particular file. In the following scenario, we will first create a file which is available for anyone to access through the web since we have placed it in the web root of our website.

vim /var/www/smallco.com/public_html/restricted-file
lynx smallco.com/restricted-file

Now, let's restrict the access to this file only for a client coming from the same machine that runs the web server.

sudo vim /etc/apache2/sites-available/smallco.com.conf

<Files /var/www/smallco.com/public_html/restricted-file>
    Require local

After adding this directive, we need to restart the server and see.

sudo service apache2 restart
lynx smallco.com/restricted-file

That's all folks!

No comments:

Post a Comment