Archive for the ‘Apache’ category

« Older Entries

How to Copy Files over davfs

August 14th, 2011

Rebuild Apache with DAV support i.e. –with-dav –enable-dav
Edit the http.conf, add virtual hosting as follows and setup password using htpasswd -c /home/manoj/davfs/passwd.dav manoj

<IfModule mod_dav_fs.c>
# Location of the WebDAV lock database.
DAVLockDB //home/manoj/davfs/lockdb
</IfModule>

NameVirtualHost *:8899
<VirtualHost *:8899>
ServerAdmin webmaster@localhost

DocumentRoot /home/manoj/davfs/web
<Directory /home/manoj/davfs/web>
Options Indexes MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>

</VirtualHost>
Alias /webdav /home/manoj/davfs/web

<Location /webdav>
DAV On
AuthType Basic
AuthName “webdav”
AuthUserFile /home/manoj/davfs/passwd.dav
Require valid-user
</Location>

Restart apache to load the DAV module

Add user in Linux and assign to a group users or some other

adduser -u 500 -g 500 manoj
Assign manoj user to users group
usermod  -a -G users manoj

Installing davfs2 on Linux Server

download Davfs2 rpm using below URL

wget http://tdp.coe.hawaii.edu/yum/centos/5/i386/rpmforge/davfs2-1.2.2-4.el5.rf.i386.rpm
rpm -ivh davfs2-1.2.2-4.el5.rf.i386.rpm

Mounting of davfs file system into local folder, we can do it using below command
mount -t davfs -o file_mode=775,dir_mode=775,uid=manoj http://192.168.19.200:8899/webdav/ /home/manoj/davfs/mnt/

View Comments »

Posted in Apache, Linux, Web Servers

Tags:

Redirect to www

March 1st, 2011

Create a .htaccess file with the below code, it will ensure that all requests coming in to domain.com will get redirected to www.manoj.com

The .htaccess file needs to be placed in the root directory of your old website (i.e the same directory where your index file is placed)

Options +FollowSymlinks
RewriteEngine on
rewritecond %{http_host} ^manoj.com [nc]
rewriterule ^(.*)$ http://www.manoj.com/$1 [r=301,nc]

Please REPLACE  manoj.com with your actual domain name.

Note* This .htaccess method of redirection works ONLY on Linux servers having the Apache Mod-Rewrite moduled enabled.

View Comments »

Posted in Apache, PHP, Web Servers

Tags:

Redirect Old domain to New domain

March 1st, 2011

Create a .htaccess file with the below code, it will ensure that all your directories and pages of your old domain will get correctly redirected to your new domain.

The .htaccess file needs to be placed in the root directory of your old website (i.e the same directory where your index file is placed)

Options +FollowSymLinks
RewriteEngine on
RewriteRule (.*) http://www.newdomain.com/$1 [R=301,L]

Please REPLACE www.newdomain.com in the above code with your actual domain name.

In addition to the redirect I would suggest that you contact every backlinking site to modify their backlink to point to your new website.

Note* This .htaccess method of redirection works ONLY on Linux servers having the Apache Mod-Rewrite moduled enabled.

View Comments »

Posted in Apache, PHP, Web Servers

Tags:

How to Leverage browser caching

March 1st, 2011

Leverage browser caching

Overview

Setting an expiry date or a maximum age in the HTTP headers for static resources instructs the browser to load previously downloaded resources from local disk rather than over the network.

Details

HTTP/S supports local caching of static resources by the browser. Some of the newest browsers (e.g. IE 7, Chrome) use a heuristic to decide how long to cache all resources that don’t have explicit caching headers. Other older browsers may require that caching headers be set before they will fetch a resource from the cache; and some may never cache any resources sent over SSL.

To take advantage of the full benefits of caching consistently across all browsers, we recommend that you configure your web server to explicitly set caching headers and apply them to all cacheable static resources, not just a small subset (such as images). Cacheable resources include JS and CSS files, image files, and other binary object files (media files, PDFs, Flash files, etc.). In general, HTML is not static, and shouldn’t be considered cacheable.

HTTP/1.1 provides the following caching response headers :

  • Expires and Cache-Control: max-age. These specify the “freshness lifetime” of a resource, that is, the time period during which the browser can use the cached resource without checking to see if a new version is available from the web server. They are “strong caching headers” that apply unconditionally; that is, once they’re set and the resource is downloaded, the browser will not issue any GET requests for the resource until the expiry date or maximum age is reached.
  • Last-Modified and ETag. These specify some characteristic about the resource that the browser checks to determine if the files are the same. In the Last-Modified header, this is always a date. In the ETag header, this can be any value that uniquely identifies a resource (file versions or content hashes are typical). Last-Modified is a “weak” caching header in that the browser applies a heuristic to determine whether to fetch the item from cache or not. (The heuristics are different among different browsers.) However, these headers allow the browser to efficiently update its cached resources by issuing conditional GET requests when the user explicitly reloads the page. Conditional GETs don’t return the full response unless the resource has changed at the server, and thus have lower latency than full GETs.

It is important to specify one of Expires or Cache-Control max-age, and one of Last-Modified or ETag, for all cacheable resources. It is redundant to specify both Expires and Cache-Control: max-age, or to specify both Last-Modified and ETag.

Example

Add the following code to your .htaccess file to set your Cache-Control and Expires headers, adjusting the date to be one year from today. I tested and i got good performance.  ico|pdf|flv|jpg|jpeg|png|gif|swf|mp3|mp4 all extensions  files are cached by the browser.

# Set Cache-Control and Expires headers
<filesMatch “\\.(ico|pdf|flv|jpg|jpeg|png|gif|swf|mp3|mp4)$”>
Header set Cache-Control “max-age=2592000, private”
Header set Expires “Sun, 17 July 2012 20:00:00 GMT”
</filesMatch>
<filesMatch “\\.(css|css.gz)$”>
Header set Cache-Control “max-age=604800, private”
</filesMatch>
<filesMatch “\\.(js|js.gz)$”>
Header set Cache-Control “max-age=604800, private”
</filesMatch>
<filesMatch “\\.(xml|txt)$”>
Header set Cache-Control “max-age=216000, private, must-revalidate”
</filesMatch>
<filesMatch “\\.(html|htm)$”>
Header set Cache-Control “max-age=7200, private, must-revalidate”
</filesMatch>

In my article I have recommend some methods on How Optimize and Tweak High-Traffic Servers. 

View Comments »

Posted in Apache, Varnish, Web Servers

Tags:

Enabling compression in php

March 1st, 2011

You can enable compression in php by adding below lines in the common php files

if (substr_count($_SERVER['HTTP_ACCEPT_ENCODING'], ‘gzip’)) ob_start(“ob_gzhandler”); else ob_start();

In my article I have recommend some methods on How Optimize and Tweak High-Traffic Servers.

View Comments »

Posted in Apache, PHP, Web Servers

Tags:

The HTTP transaction model with Haproxy

February 17th, 2011

AboutHTTP

When haproxy is running in HTTP mode, both the request and the response are fully analyzed and indexed, thus it becomes possible to build matching criteria on almost anything found in the contents.

However, it is important to understand how HTTP requests and responses are formed, and how HAProxy decomposes them. It will then become easier to write correct rules and to debug existing configurations.

The HTTP transaction model

The HTTP protocol is transaction-driven. This means that each request will lead to one and only one response. Traditionally, a TCP connection is established from the client to the manojer, a request is sent by the client on the connection, the manojer responds and the connection is closed. A new request will involve a new connection:

[CON1] [REQ1] … [RESP1] [CLO1] [CON2] [REQ2] … [RESP2] [CLO2] …

In this mode, called the “HTTP close” mode, there are as many connection establishments as there are HTTP transactions. Since the connection is closed by the manojer after the response, the client does not need to know the content length.

Due to the transactional nature of the protocol, it was possible to improve it to avoid closing a connection between two subsequent transactions. In this mode however, it is mandatory that the manojer indicates the content length for each response so that the client does not wait indefinitely. For this, a special header is used: “Content-length”. This mode is called the “keep-alive” mode:

[CON] [REQ1] … [RESP1] [REQ2] … [RESP2] [CLO] …

Its advantages are a reduced latency between transactions, and less processing power required on the manojer side. It is generally better than the close mode, but not always because the clients often limit their concurrent connections to a smaller value.

A last improvement in the communications is the pipelining mode. It still uses keep-alive, but the client does not wait for the first response to send the second request. This is useful for fetching large number of images composing a page:

[CON] [REQ1] [REQ2] … [RESP1] [RESP2] [CLO] …

This can obviously have a tremendous benefit on performance because the network latency is eliminated between subsequent requests. Many HTTP agents do not correctly support pipelining since there is no way to associate a response with the corresponding request in HTTP. For this reason, it is mandatory for the manojer to reply in the exact same order as the requests were received.

By default HAProxy operates in a tunnel-like mode with regards to persistent connections: for each connection it processes the first request and forwards everything else (including additional requests) to selected manojer. Once established, the connection is persisted both on the client and manojer sides. Use option http-manojer-close to premanoje client persistent connections while handling every incoming request individually, dispatching them one after another to manojers, in HTTP close mode. Use option httpclose to switch both sides to HTTP close mode. option forceclose and option http-pretend-keepalive help working around manojers misbehaving in HTTP close mode.

HTTP request

First, let’s consider this HTTP request:

GET /manoj/login.php?lang=en&profile=2 HTTP/1.1
Host: www.mydomain.com
User-agent: my small browser
Accept: image/jpeg, image/gif
Accept: image/png

The request line

Line 1 is the “request line”. It is always composed of 3 fields:

* a METHOD: GET
* a URI: /manoj/login.php?lang=en&profile=2
* a version tag: HTTP/1.1

All of them are delimited by what the standard calls LWS (linear white spaces), which are commonly spaces, but can also be tabs or line feeds/carriage returns followed by spaces/tabs. The method itself cannot contain any colon (‘:’) and is limited to alphabetic letters. All those various combinations make it desirable that HAProxy performs the splitting itself rather than leaving it to the user to write a complex or inaccurate regular expression.

The URI itself can have several forms:
A “relative URI”

/manoj/login.php?lang=en&profile=2

It is a complete URL without the host part. This is generally what is received by manojers, reverse proxies and transparent proxies.

An “absolute URI”, also called a “URL”

http://192.168.0.12:8080/manoj/login.php?lang=en&profile=2

It is composed of a “scheme” (the protocol name followed by ‘://’), a host name or address, optionally a colon (‘:’) followed by a port number, then a relative URI beginning at the first slash (‘/’) after the address part. This is generally what proxies receive, but a manojer supporting HTTP/1.1 must accept this form too.
A star (‘*’)

This form is only accepted in association with the OPTIONS method and is not relayable. It is used to inquiry a next hop’s capabilities.

An address:port combination

192.168.0.12:80

This is used with the CONNECT method, which is used to establish TCP tunnels through HTTP proxies, generally for HTTPS, but sometimes for other protocols too.

In a relative URI, two sub-parts are identified. The part before the question mark is called the “path”. It is typically the relative path to static objects on the manojer. The part after the question mark is called the “query string”. It is mostly used with GET requests sent to dynamic scripts and is very specific to the language, framework or application in use.

The request headers

The headers start at the second line. They are composed of a name at the beginning of the line, immediately followed by a colon (‘:’). Traditionally, an LWS is added after the colon but that’s not required. Then come the values. Multiple identical headers may be folded into one single line, delimiting the values with commas, provided that their order is respected. This is commonly encountered in the “Cookie:” field. A header may span over multiple lines if the subsequent lines begin with an LWS. In the example in 1.2, lines 4 and 5 define a total of 3 values for the “Accept:” header.

Contrary to a common mis-conception, header names are not case-sensitive, and their values are not either if they refer to other header names (such as the “Connection:” header).

The end of the headers is indicated by the first empty line. People often say that it’s a double line feed, which is not exact, even if a double line feed is one valid form of empty line.

Fortunately, HAProxy takes care of all these complex combinations when indexing headers, checking values and counting them, so there is no reason to worry about the way they could be written, but it is important not to accuse an application of being buggy if it does unusual, valid things.

HTTP response

An HTTP response looks very much like an HTTP request. Both are called HTTP messages. Let’s consider this HTTP response:

HTTP/1.1 200 OK
Content-length: 350
Content-Type: text/html

As a special case, HTTP supports so called “Informational responses” as status codes 1xx. These messages are special in that they don’t convey any part of the response, they’re just used as sort of a signaling message to ask a client to continue to post its request for instance. In the case of a status 100 response the requested information will be carried by the next non-100 response message following the informational one. This implies that multiple responses may be sent to a single request, and that this only works when keep-alive is enabled (1xx messages are HTTP/1.1 only). HAProxy handles these messages and is able to correctly forward and skip them, and only process the next non-100 response. As such, these messages are neither logged nor transformed, unless explicitly state otherwise. Status 101 messages indicate that the protocol is changing over the same connection and that haproxy must switch to tunnel mode, just as if a CONNECT had occurred. Then the Upgrade header would contain additional information about the type of protocol the connection is switching to.

The response line

Line 1 is the “response line”. It is always composed of 3 fields:

* a version tag: HTTP/1.1
* a status code: 200
* a reason: OK

The status code is always 3-digit. The first digit indicates a general status:

* 1xx = informational message to be skipped (eg: 100, 101)
* 2xx = OK, content is following (eg: 200, 206)
* 3xx = OK, no content following (eg: 302, 304)
* 4xx = error caused by the client (eg: 401, 403, 404)
* 5xx = error caused by the server (eg: 500, 502, 503)

Please refer to RFC2616 for the detailed meaning of all such codes. The “reason” field is just a hint, but is not parsed by clients. Anything can be found there, but it’s a common practice to respect the well-established messages. It can be composed of one or multiple words, such as “OK”, “Found”, or “Authentication Required”.

HAProxy may emit the following status codes by itself:

Code When / reason
200 access to stats page, and when replying to monitoring requests
301 when performing a redirection, depending on the configured code
302 when performing a redirection, depending on the configured code
303 when performing a redirection, depending on the configured code
400 for an invalid or too large request
401 when an authentication is required to perform the action (when accessing the stats page)
403    when a request is forbidden by a block ACL or reqdeny filter
408   when the request timeout strikes before the request is complete
500   when haproxy encounters an unrecoverable internal error, such as a memory allocation failure, which should never happen
502    when the server returns an empty, invalid or incomplete response, or when an rspdeny filter blocks the response.
503    when no server was available to handle the request, or in response to monitoring requests which match the monitor fail condition
504   when the response timeout strikes before the server responds

View Comments »

Posted in Apache, Haproxy, PHP

Tags:

How to check apache httpd process in linux

February 7th, 2011

To check all the apache httpd processes in linux

ps -ef | grep httpd

To Count No of httpd processes

ps -ef | grep http | wc -l

To check no of incoming requests

netstat -anp | grep :80

View Comments »

Posted in Apache, Linux

Tags:

Adding Virtual Host in Tomcat

December 27th, 2010

With virtual hosts, you can serve different domain names on a single instance of Tomcat server. I will be describing the way to do this on this post.

To open a virtual host on Tomcat you need to do three things:

1. Create a appBase for each virtual host you will be adding
2. Edit the server.xml to add the virtual hosts
3. Edit the etc/hosts file to loopback on the virtual hosts

1. Creating an appBase is a very important step for our process. This is like creating multiple “webapps” directories for every virtual host that we have. Every appBase should contain a “ROOT” directory, which will contain all the stuff that we will be needing for providing on a virtual host. This can be servlets, html files, etc etc. Put anything you want to host, in that directory. So this will be the structure of your appBase directory after you complete the above step:

2. Server.xml tells the Tomcat server about the details of the virtual hosts. You can locate the server.xml file under conf directory of Tomcat. Find the following in the server.xml:

-

To this part, we should add our virtual hosts. Here is the way to do it:

-

Make sure that the defaultHost is one of the hosts that you defined in the Host tags. This will complete the configuration that is needed on the Tomcat, to run virtual hosts. But there is another important step that you need to perfom, to tell the browser (client) that it has to loop back to the local machine when you type in the URL that you just created. This is easy

3. In the final step, we should tell our client to connect to loop back to the localhost when we type in the virtual host name. This is a very easy step.

on Windows:
%root%:\WINDOWS\system32\drivers\etc and locate the “hosts” file in that. Edit the hosts file to something like this:

127.0.0.1 vinay.com
127.0.0.1 chilakamarri.com
This will tell the machine that it has to loop back on the above domain. You can access the above domain only on the ports that you opened on the localhost. For example, the Tomcat comes with a default 8080 port connnector. To create multiiple connectors do this:
a. Open server.xml in your fav editor.
b. Find a tag like this on the xml file:
c. Add another tag of that sort, now with your custom port. Ex:

you now have your virtual hosts on your favorite ports! Remember that opening a connector will expose all the appBases on the server.

After setting up apache on a linux machine. Our webpage can be accessed at the adress: http://www.website.com:8080/applic.html

In fact it can now also be accessed at the adresses:

http://www.website2.com:8080/applic.html

http://www.website3.com:8080/applic.html

etc
where http://www.website.com, http://www.website2.com, http://www.website3.com have identical IP adresses

View Comments »

Posted in Apache, Web Servers

SSL Implementation in Apache Tomcat

November 28th, 2010

To implement ssl for a Application server ,first we need to create Certificate Store ,using the java utility keytool.

1. cd $CATALINA_HOME
If path does not found set the path to tomcat bin directory.
2. $JAVA_HOME/keytool -genkey -alias tomcat -keyalg RSA -keystore mycert.jks
3. Enter keystore password: changeit
4. What is your first and last name? [Unknown]: Pawan Kumar
5. What is the name of your organizational unit? [Unknown]: IT
6. What is the name of your organization? [Unknown]: My Comp.
7. What is the name of your City or Locality? [Unknown]: KL
8. What is the name of your State or Province? [Unknown]: KL
9. What is the two-letter country code for this unit? [Unknown]: MY
10. US Is CN=Pawan Kumar, OU=IT, O=”My Comp.”, L=KL, ST=KL, C=MY correct? [no]: yes
11. Enter key password for (RETURN if same as keystore password): Hit Enter.

Tomcat will assume the password is “changeit” by default so it’s advised to leave it that way. Now let’s tell Tomcat to use the keystore file.

1. cd $CATALINA_HOME/conf/
2. vi server.xml
3. Look for “”. Remove the comments indicator and add the keystore info.

Time to restart Tomcat and test.

1. cd $CATALINA_HOME/bin/
2. ./shutdown.sh to make sure Tomcat is down.
3. ./startup.sh to start Tomcat.
4. Fire up your browser and test your new https site. https://localhost/

View Comments »

Posted in Apache

Tags:

How to change the date.timezone value in PHP?

November 12th, 2010

If your PHP scripts do not show the correct time, the reason is that most probably your hosting server is in a different timezone. This can be easily resolved by changing a setting in PHP called date.timezone.

Depending on your location you can set a specific date.timezone value in PHP using the following option which should be added to your local php.ini file:

I am trying to get the application NagVis to run on our Nagios server. The installation appeared to complete successfully, but when I access the web pages, I get the following on-screen error:

PHP error in ajax request handler: Error: (2048) date()
[function.date]: It is not safe to rely on the system’s
timezone settings. Please use the date.timezone
setting, the TZ environment variable or the
date_default_timezone_set() function. In case you used
any of those methods and you are still getting this
warning, you most likely misspelled the timezone
identifier. We selected ‘America/New_York’ for
‘EDT/-4.0/DST’ instead (/usr/local/nagvis/share/server
/core/classes/objects/NagVisStatefulObject.php:417)

date_default_timezone_set(‘America/Chicago’);

date.timezone =Asia/Jakarta
OR
; Defines the default timezone used by the date functions
date.timezone = America/Los_Angeles

save php.ini files and restart apache

try view using phpinfo()

You have Done :)

View Comments »

Posted in Apache, PHP

Tags:

PHP with WebDAV

October 31st, 2010

The PHP WebDAV extension allows easy access to remote resources with PHP through the DAV protocol.

Installation and sample usage

This extension requires the Neon library and the related header files.

Neon can be downloaded from: http://www.webdav.org/neon/

Pre-built packages and ports are already available for most operating systems
and distributions.

In order to compile and install the PHP WebDAV extension, just follow the
standard PECL procedure :

$ phpize
$ ./configure –enable-dav
# make install

On OpenBSD systems, use

$ env AUTOCONF_VERSION=2.61 phpize

(replace 2.61 with any of the currently installed versions of autoconf on your system)

Basic example

webdav_connect(‘http://webdav.example.com/dav’, ‘davuser’, ‘davpassword’);
$a = webdav_get(‘/my/nice/object.txt’);
webdav_put(‘/your/nice/thing.txt’, $data);
webdav_unlink(‘/unwanted_resource.txt’);
webdav_rename(‘/dir/old_name’, ‘/dir/new_name’);
webdav_copy(‘/dir/orig_dir’, ‘/dir/new_dir’, TRUE);
webdav_close();

Named resource example

$res = webdav_connect(‘http://webdav.example.com/dav’, ‘davuser’, ‘davpassword’);
$a = webdav_get(‘/my/nice/object.txt’, $res);
webdav_put(‘/your/nice/thing.txt’, $data, $res);
webdav_unlink(‘/unwanted_resource.txt’, $res);
webdav_rename(‘/dir/old_name’, ‘/dir/new_name’, $res);
webdav_copy(‘/dir/orig_dir’, ‘/dir/new_dir’, TRUE, $res);
webdav_close($res);

View Comments »

Posted in Apache, FileSystem, PHP

Tags:

Install WebDAV in apache Servers

October 29th, 2010

Download the Apache Web Server source code from the Apache website, e.g. httpd-2.x.x.tar.gz. The mod_dav module is inlcuded with the Apache 2 distribution. Configure and compile Apache:

./configure –prefix=/usr/local/apache2 –with-dav –enable-dav
(./configure –prefix=/usr/local/apache2 –with-dav –enable-dav –enable-proxy –enable-proxy-http)
make
make install
/usr/local/apache2/bin/httpd -l | grep dav

You need to reconfigure Apache:

DAVLockDB /usr/local/apache2/logs/DavLock
<Directory “/usr/local/apache2/htdocs”>
Dav On
</Directory>

View Comments »

Posted in Apache

Tags:

Webmail Horde IMAP with SSL

October 25th, 2010

IMP / HORDE is a set of PHP scripts that implement an IMAP based Webmail System. Assuming you have an account on a server that supports IMAP, you can use an installation of IMP / HORDE to check your mail from anywhere that you have web access. An SSL web server is highly recommended, so passwords and your E-Mails are not transferred in plain text.

We use Apache as an SSL Proxy in our DMZ (Demilitarized Zone) to access our IMP / HORDE Webmail System in the HSZ (High Security Zone).

Horde

Apache, IMP / HORDE Short Installation Notes

Most of the needed RPM’s can be found in the Redhat Linux 7.0 distribution or can be downloaded from:

ftp://ftp.horde.org/pub/RPMS/i386/rh7/old/ (14.02.2002).

apache-1.3.14-3.i386.rpm (newer Version works as well)
freetype-1.3.1-7.i386.rpm
horde-1.2.4-1rh7.noarch.rpm
horde-shm-1.2.4-1rh7.noarch.rpm
imp-2.2.4-1rh7.noarch.rpm
mod_php-4.0.3pl1-1.i386.rpm
php-4.0.3pl1-1.i386.rpm
php-imap-4.0.3pl1-1.i386.rpm

Install this RPMs on RedHat 7.2 with:

rpm -Uvh –force –nodeps freetype-1.3.1-7.i386.rpm
rpm -Uvh –force –nodeps php-4.0.3pl1-1.i386.rpm
rpm -Uvh –force –nodeps mod_php-4.0.3pl1-1.i386.rpm
rpm -Uvh –force –nodeps php-imap-4.0.3pl1-1.i386.rpm
rpm -Uvh –force –nodeps php-imap-4.0.3pl1-1.i386.rpm
rpm -Uvh –force –nodeps horde-1.2.4-1rh7.noarch.rpm
rpm -Uvh –force –nodeps horde-shm-1.2.4-1rh7.noarch.rpm
rpm -Uvh –force –nodeps imp-2.2.4-1rh7.noarch.rpm

Create the Configuration Files

Change the directory to /var/www/html/horde and run install.sh

cd /var/www/html/horde
sh install.sh

Your blank configuration files have been created, enter the configuration utitlity at:

http:///horde/setup.php3

This opens 11 screens, at the end it creates the configuration file:

/var/www/html/horde/imp/config/defaults.php3

Run the Security Script

/var/www/html/horde/secure.sh

Apache SSL Proxy for IMP / HORDE

First of all you need a SSL certificate, e.g. from http://www.thwate.com. After this, you can create an SSL enabled virtual host as a proxy in your Apache configuration file which usually can be found /etc/httpd/conf/httpf.conf.

#
# VirtualHost for xyz.domain.com (XYZ Webmail)
#

ServerAdmin martin.zahn@domain.com
DocumentRoot “/home/zahn”
ServerName xyz.domain.com
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/webmail.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/webmail.key
SetEnvIf User-Agent “.*MSIE.*” nokeepalive ssl-unclean-shutdown
CustomLog /var/log/httpd/ssl_request_log \
“%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \”%r\” %b”

ProxyPass / http://192.168.134.22/
ProxyPassReverse / http://192.168.134.22/

Configuration File defaults.php3

error_level = 15;
/* The longest that things like file uploads and slow functions */
/* should be allowed to run. 0 means run until termination */
/* (forever if infinite loop). */

/* NOTE: you can’t set this to 0 if safe_mode is on. */
$default->max_execution_time = 0;
/* Server Specific Configuration */
$default->localhost = ‘.’;
/* Web Server Configuration */
$default->root_url = ”;
$default->include_dir = ‘./templates’;
$default->graphics_url = $default->root_url . ‘/graphics’;
/* Default IMAP Server Configuration */
$default->server = ‘.’;
$default->from_server = ‘akadia.com’;
$default->port = ’143′;
/* Default IMAP Folder Configuration */
$default->folders = ‘Mail/’;
$default->use_imap_subscribe = true;
$default->show_dotfiles = false;
$default->save_sent_mail = true;
$default->sent_mail = ‘sent-mail’;
$default->postponed = ‘drafts’;
/* Ldap searching */
$default->use_ldap_search = true;
/* Server list : user is presented with a list */
/* of available imap servers */
$default->use_server_list = false;
/* User changeable items */
$default->user_change_server = false;
$default->user_change_folder = false;
$default->user_change_from = true;
$default->user_change_fullname = true;
$default->user_use_addressbook = true;
/* Check For New Mail Configuration */
$default->newmail_popup = true;
$default->refresh_delay = ’300′;
/* External Binaries Configuration */
$default->path_to_sendmail = ‘/usr/sbin/sendmail’; /* Sendmail */
$default->path_to_ispell = ‘/usr/bin/ispell’; /* ISpell */
$default->path_to_mswordview = ‘/usr/bin/wvHtml’; /* M$WordView */
$default->path_to_tar = ‘/bin/tar’; /* Tar */
/* Cyrus Configuration */
$default->personal_folders = ”; /* i.e. INBOX. */
/* Default Language Configuration */
$default->language = ‘en’;
/* Message Configuration */
$default->append_header = false;
$default->append_trailer = false;
/* Text Viewing */
$default->text_parts_inline = true;
/* Database Configuration */
$default->use_db = false;
$default->database_driver = ‘dummy’;
$default->db_user_name = ‘hordemgr’;
$default->db_password = ‘hordemgr’;
$default->db_security_nag = true;
$default->db_name = ‘horde’;
$default->db_server_name = ‘localhost’;
$default->db_pref_table = ‘imp_pref’;
$default->db_address_table = ‘imp_addr’;
$default->db_connect_string = ”;
$default->db_server_port = ”;
$default->db_server_options = ”;
$default->db_server_tty = ”;
?>

View Comments »

Posted in Apache, Mail Servers

Tags:

SVN installation with Apache

August 13th, 2010

1. First of all, install apache/httpd
* yum install httpd
2. Make sure you apache is running. You can also type ‘http://localhost’ at your browser and apache test page should appear if your apache is running
* /etc/init.d/httpd status
3. Make it start by default on startup
* chkconfig httpd on
4. Edit the apache configuration to suit your need. If not sure, leave the default setting as it is
* vi /etc/httpd/conf/httpd.conf
5. Install subversion and mod_dav_svn for apache
* yum install mod_dav_svn subversion
6. Go to subversion.conf in /etc/httpd/conf.d/. Edit as below
* cd /etc/httpd/conf.d/
* vi subversion.conf

1. This is the most basic configuration where anyone will have unrestricted access to the repos. Location is the name that will be used in the browser address bar. In this example it will be ‘http://localhost/svn/repos’

2. This is a configuration with username and password for the client

DAV svn

SVNListParentPath on

SVNParentPath /usr/local/svn/

AuthType Basic

AuthName “Subversion repositories”

AuthUserFile “/etc/httpd/conf.d/svnuserconf”

Require valid-user

1.
* htpasswd -cm /etc/httpd/conf.d/svnuserconf admin — This command is not needed for the first configuration. To create the first user with password
* htpasswd -m /etc/httpd/conf.d/svnuserconf pawan — use this command to add another user
2. Configure your repository
* mkdir /usr/local/svn — create folder svn
* cd /usr/local/svn — change diectory to the newly created svn directory
* svnadmin create repos — create svn repository named repos
* chown apache.apache -R repos — change ownership of ‘repos’ to apache
* /etc/init.d/httpd restart — restart apache
* If you are running different apache change port no from conf file.
3. Open you browser and type ‘http://localhost/svn/repos’. You can see that a page with ‘Revision 0:/’ will appear. Congratulation, you just completed the setup for svn server

View Comments »

Posted in Apache, CentOS, Linux

Tags:

htaccess to stop files listing & executing any file inside folder

July 13th, 2010

# htaccess to stop files listing on folder and stop executing any file inside folder like config.ini file etc which are not need to display in the browser

IndexIgnore */* (It will stop files listing for specific folder)

# deny access to all files of folder

Order allow,deny
Deny from all
Satisfy All

Forbidding a particular file:

You can forbid a particular file using its name and extension.

order allow,deny
deny from all

View Comments »

Posted in Apache, PHP

Tags: