But in this article I will focus only Apache internal information one can get..so here we go:
Get the module information:
We usually add so many module in the web server(Apache) along with the default module come along with that.Here we will look in how to get the module built with it.How do you do that? Like this:
bhaskar@bhaskar-laptop_19:37:24_Sat Oct 02:/etc/httpd/conf> sudo /usr/sbin/httpd -M
Password:
Loaded Modules:
core_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
php5_module (shared)
authn_file_module (shared)
authn_dbm_module (shared)
authn_anon_module (shared)
authn_dbd_module (shared)
authn_default_module (shared)
authz_host_module (shared)
authz_groupfile_module (shared)
authz_user_module (shared)
authz_dbm_module (shared)
authz_owner_module (shared)
authnz_ldap_module (shared)
authz_default_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
file_cache_module (shared)
cache_module (shared)
disk_cache_module (shared)
mem_cache_module (shared)
dbd_module (shared)
dumpio_module (shared)
ext_filter_module (shared)
include_module (shared)
filter_module (shared)
substitute_module (shared)
deflate_module (shared)
ldap_module (shared)
log_config_module (shared)
log_forensic_module (shared)
logio_module (shared)
env_module (shared)
mime_magic_module (shared)
cern_meta_module (shared)
expires_module (shared)
headers_module (shared)
ident_module (shared)
usertrack_module (shared)
unique_id_module (shared)
setenvif_module (shared)
version_module (shared)
proxy_module (shared)
proxy_connect_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
ssl_module (shared)
mime_module (shared)
dav_module (shared)
status_module (shared)
autoindex_module (shared)
asis_module (shared)
info_module (shared)
suexec_module (shared)
cgi_module (shared)
cgid_module (shared)
dav_fs_module (shared)
vhost_alias_module (shared)
negotiation_module (shared)
dir_module (shared)
imagemap_module (shared)
actions_module (shared)
speling_module (shared)
userdir_module (shared)
alias_module (shared)
rewrite_module (shared)
Syntax OK
So here we pass the "M" flag with httpd binary.
Syntanx check of config file:
Next how to find the systax of the configuration file of Apache is alright,here is what you have to do:
bhaskar@bhaskar-laptop_19:38:30_Sat Oct 02:/etc/httpd/conf> sudo /usr/sbin/httpd -t
Syntax OK
Check in the compiled module:
Here is the steps to find it:
bhaskar@bhaskar-laptop_19:42:59_Sat Oct 02:/etc/httpd/conf> sudo /usr/sbin/httpd -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
Check how the Apache server compiled:
If we want to know the Apache server built initially,then we migth do the following:
bhaskar@bhaskar-laptop_19:43:30_Sat Oct 02:/etc/httpd/conf> sudo /usr/sbin/httpd -V
Server version: Apache/2.2.16 (Unix)
Server built: Aug 17 2010 12:52:36
Server's Module Magic Number: 20051115:24
Server loaded: APR 1.4.2, APR-Util 1.3.9
Compiled using: APR 1.4.2, APR-Util 1.3.9
Architecture: 32-bit
Server MPM: Prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D DEFAULT_PIDLOG="/var/run/httpd/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="/var/run/httpd/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
How to check VirtualHost config check:
If we have so many virtualhost built inside into Apache then we must check the configuration(one of the source of not starting the server properly)beforehand.
bhaskar@bhaskar-laptop_19:48:11_Sat Oct 02:/etc/httpd/conf> sudo /usr/sbin/httpd -S
VirtualHost configuration:
Syntax OK
What are the configuration directives available to the server?
Let's find out what are the directives we can manipulate for this web server...to unveiled it do the following:
bhaskar@bhaskar-laptop_19:48:54_Sat Oct 02:/etc/httpd/conf> sudo /usr/sbin/httpd -L
Allowed in *.conf only outside
Allowed in *.conf only outside
Allowed in *.conf only outside
Allowed in *.conf anywhere and in .htaccess
when AllowOverride isn't None
Allowed in *.conf anywhere and in .htaccess
when AllowOverride isn't None
Allowed in *.conf anywhere and in .htaccess
when AllowOverride isn't None
Allowed in *.conf anywhere and in .htaccess
when AllowOverride isn't None
Allowed in *.conf anywhere and in .htaccess
when AllowOverride isn't None
Allowed in *.conf only outside
Allowed in *.conf only outside
Allowed in *.conf anywhere and in .htaccess
when AllowOverride isn't None
AuthType (core.c)
An HTTP authorization type (e.g., "Basic")
Allowed in *.conf only inside
when AllowOverride includes AuthConfig
AuthName (core.c)
The authentication realm (e.g. "Members Only")
Allowed in *.conf only inside
when AllowOverride includes AuthConfig
Require (core.c)
Selects which authenticated users or groups may access a protected space
Allowed in *.conf only inside
when AllowOverride includes AuthConfig
Satisfy (core.c)
access policy if both allow and require used ('all' or 'any')
Allowed in *.conf only inside
when AllowOverride includes AuthConfig
AddDefaultCharset (core.c)
The name of the default charset to add to any Content-Type without one or 'Off' to disable
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes FileInfo
AcceptPathInfo (core.c)
Set to on or off for PATH_INFO to be accepted by handlers, or default for the per-handler preference
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes FileInfo
AccessFileName (core.c)
Name(s) of per-directory config files (default: .htaccess)
Allowed in *.conf only outside
DocumentRoot (core.c)
Root directory of the document tree
Allowed in *.conf only outside
ErrorDocument (core.c)
Change responses for HTTP errors
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes FileInfo
AllowOverride (core.c)
Controls what groups of directives can be configured by per-directory config files
Allowed in *.conf only inside
Options (core.c)
Set a number of attributes for a given directory
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes Options
DefaultType (core.c)
the default MIME type for untypable files
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes FileInfo
FileETag (core.c)
Specify components used to construct a file's ETag
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes FileInfo
EnableMMAP (core.c)
Controls whether memory-mapping may be used to read files
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes FileInfo
EnableSendfile (core.c)
Controls whether sendfile may be used to transmit files
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes FileInfo
Protocol (core.c)
Set the Protocol for httpd to use.
Allowed in *.conf only outside
AcceptFilter (core.c)
Set the Accept Filter to use for a protocol
Allowed in *.conf only outside
Port (core.c)
Port was replaced with Listen in Apache 2.0
Allowed in *.conf only outside
HostnameLookups (core.c)
"on" to enable, "off" to disable reverse DNS lookups, or "double" to enable double-reverse DNS lookups
Allowed in *.conf anywhere
ServerAdmin (core.c)
The email address of the server administrator
Allowed in *.conf only outside
ServerName (core.c)
The hostname and port of the server
Allowed in *.conf only outside
ServerSignature (core.c)
En-/disable server signature (on|off|email)
Allowed in *.conf anywhere and in .htaccess
when AllowOverride isn't None
ServerRoot (core.c)
Common directory of server-related files (logs, confs, etc.)
Allowed in *.conf only outside
ErrorLog (core.c)
The filename of the error log
Allowed in *.conf only outside
ServerAlias (core.c)
A name or names alternately used to access the server
Allowed in *.conf only outside
ServerPath (core.c)
The pathname the server can be reached at
Allowed in *.conf only outside
Timeout (core.c)
Timeout duration (sec)
Allowed in *.conf only outside
ContentDigest (core.c)
whether or not to send a Content-MD5 header with each request
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes Options
UseCanonicalName (core.c)
How to work out the ServerName : Port when constructing URLs
Allowed in *.conf anywhere
UseCanonicalPhysicalPort (core.c)
Whether to use the physical Port when constructing URLs
Allowed in *.conf anywhere
Include (core.c)
Name of the config file to be included
Allowed in *.conf anywhere
LogLevel (core.c)
Level of verbosity in error logging
Allowed in *.conf only outside
NameVirtualHost (core.c)
A numeric IP address:port, or the name of a host
Allowed in *.conf only outside
ServerTokens (core.c)
Determine tokens displayed in the Server: header - Min(imal), OS or Full
Allowed in *.conf only outside
LimitRequestLine (core.c)
Limit on maximum size of an HTTP request line
Allowed in *.conf only outside
LimitRequestFieldsize (core.c)
Limit on maximum size of an HTTP request header field
Allowed in *.conf only outside
LimitRequestFields (core.c)
Limit (0 = unlimited) on max number of header fields in a request message
Allowed in *.conf only outside
LimitRequestBody (core.c)
Limit (in bytes) on maximum size of request message body
Allowed in *.conf anywhere and in .htaccess
when AllowOverride isn't None
LimitXMLRequestBody (core.c)
Limit (in bytes) on maximum size of an XML-based request body
Allowed in *.conf anywhere and in .htaccess
when AllowOverride isn't None
RLimitCPU (core.c)
Soft/hard limits for max CPU usage in seconds
Allowed in *.conf anywhere and in .htaccess
when AllowOverride isn't None
RLimitMEM (core.c)
Soft/hard limits for max memory usage per process
Allowed in *.conf anywhere and in .htaccess
when AllowOverride isn't None
RLimitNPROC (core.c)
soft/hard limits for max number of processes per uid
Allowed in *.conf anywhere and in .htaccess
when AllowOverride isn't None
LimitInternalRecursion (core.c)
maximum recursion depth of internal redirects and subrequests
Allowed in *.conf only outside
ForceType (core.c)
a mime type that overrides other configured type
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes FileInfo
SetHandler (core.c)
a handler name that overrides any other configured handler
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes FileInfo
SetOutputFilter (core.c)
filter (or ; delimited list of filters) to be run on the request content
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes FileInfo
SetInputFilter (core.c)
filter (or ; delimited list of filters) to be run on the request body
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes FileInfo
AddOutputFilterByType (core.c)
output filter name followed by one or more content-types
Allowed in *.conf anywhere and in .htaccess
when AllowOverride includes FileInfo
AllowEncodedSlashes (core.c)
Allow URLs containing '/' encoded as '%2F'
Allowed in *.conf only outside
PidFile (core.c)
A file for logging the server process ID
Allowed in *.conf only outside
ScoreBoardFile (core.c)
A file for Apache to maintain runtime process management information
Allowed in *.conf only outside
LockFile (core.c)
The lockfile used when Apache needs to lock the accept() call
Allowed in *.conf only outside
MaxRequestsPerChild (core.c)
Maximum number of requests a particular child serves before dying.
Allowed in *.conf only outside
CoreDumpDirectory (core.c)
The location of the directory Apache changes to before dumping core
Allowed in *.conf only outside
AcceptMutex (core.c)
Valid accept mutexes for this platform and MPM are: default, flock, fcntl, sysvsem, pthread.
Allowed in *.conf only outside
MaxMemFree (core.c)
Maximum number of 1k blocks a particular childs allocator may hold.
Allowed in *.conf only outside
TraceEnable (core.c)
'on' (default), 'off' or 'extended' to trace request body content
Allowed in *.conf only outside
User (prefork.c)
Effective user id for this server
Allowed in *.conf only outside
Group (prefork.c)
Effective group id for this server
Allowed in *.conf only outside
ChrootDir (prefork.c)
The directory to chroot(2) into
Allowed in *.conf only outside
ListenBacklog (prefork.c)
Maximum length of the queue of pending connections, as used by listen(2)
Allowed in *.conf only outside
Listen (prefork.c)
A port number or a numeric IP address and a port number, and an optional protocol
Allowed in *.conf only outside
SendBufferSize (prefork.c)
Send buffer size in bytes
Allowed in *.conf only outside
ReceiveBufferSize (prefork.c)
Receive buffer size in bytes
Allowed in *.conf only outside
StartServers (prefork.c)
Number of child processes launched at server startup
Allowed in *.conf only outside
MinSpareServers (prefork.c)
Minimum number of idle children, to handle request spikes
Allowed in *.conf only outside
MaxSpareServers (prefork.c)
Maximum number of idle children
Allowed in *.conf only outside
MaxClients (prefork.c)
Maximum number of children alive at the same time
Allowed in *.conf only outside
ServerLimit (prefork.c)
Maximum value of MaxClients for this run of Apache
Allowed in *.conf only outside
GracefulShutdownTimeout (prefork.c)
Maximum time in seconds to wait for child processes to complete transactions during shutdown
Allowed in *.conf only outside
KeepAliveTimeout (http_core.c)
Keep-Alive timeout duration (sec)
Allowed in *.conf only outside
MaxKeepAliveRequests (http_core.c)
Maximum number of Keep-Alive requests per connection, or 0 for infinite
Allowed in *.conf only outside
KeepAlive (http_core.c)
Whether persistent connections should be On or Off
Allowed in *.conf only outside
LoadModule (mod_so.c)
a module name and the name of a shared object file to load it from
Allowed in *.conf only outside
LoadFile (mod_so.c)
shared object file or library to load into the server at runtime
Allowed in *.conf only outside
Now get few information from your browser,most probably you are running headless server(as the norm in the production environment or data center as I have had worked for)YMMV..here is the screenshot of it how it look like with "lynx" commandline browser:
Apache Server Status
Apache Server Info
Specifically the info thing shows lot of internals.I have snipped the picture for only one window,it might consist of serveral window full of information.
Now for those two information one has to have two module must loaded into the Apache server,otherwise it won't be accissible like I showed.So the evidence of those two modules are below:
mod_status:
bhaskar@bhaskar-laptop_20:11:24_Sat Oct 02:/etc/httpd/conf> sudo grep "mod_status" /etc/httpd/conf/httpd.conf
LoadModule status_module modules/mod_status.so
And
mod_info:
bhaskar@bhaskar-laptop_20:11:40_Sat Oct 02:/etc/httpd/conf> sudo grep "mod_info" /etc/httpd/conf/httpd.conf
LoadModule info_module modules/mod_info.so
Plus one has to have an entry in main apache main configuration file for those two module to show up on the browser like below:
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1
SetHandler server-info
Order deny,allow
Deny from all
Allow from 127.0.0.1
One can put the server ip or name of the host where the apache server running with Allow from directive.
Last but not the least for heaven's sake please look into apache log file if you find any inconsistencies.Generally those are located in /var/log directory as apache/apache2/httpd/httpd2,because different distro maintain different name for that dir.Now basically it consists of few files like this:
access.log,error.log...... and name signifies it.Looking for the logs if something goes wrong considered to be a good starting point and practice.
Hope this will help.
Cheers!
Bhaskar
No comments:
Post a Comment