Apache 101: From Basics to Advanced

Apache HTTPD is the most-used (in marketing terms, the No. 1) Web server world-wide based on market share — currently, more than 60%. It’s very easy to get started with for anyone — whether you are a Web developer or a Web administrator. However, most of us typically configure a virtual host to point a website and be done with it. At most, configure Apache to do a few other things as and when a requirement or an issue props up.

“Apache 101: From Basics to Advanced” is a 16-hour, hands-on training programme where a participant is introduced to a holistic view of the Apache version 2.2 Web server as opposed to a google-and-get-it-done approach. Wouldn’t it be nice if we knew a few things the httpd server is capable of before diving in?

Audience

  • Web developers
  • Web administrators
  • DevOps people
  • System administrators

Prerequisites

  • Linux command-line basics
Duration: 4 Days (16 hours)


Fee: Rs 15,000/- + service tax

Course Content

  1. Introduction to Apache
    • Background & History
    • Features & Versions
    • Production Use
    • Apache vs others — When & Why?
  2. Installation
    • From source or binary?
    • Building Apache from source
    • Binary from Red Hat & Debian
    • Test Apache service
      • Start | Stop | Restart | (graceful vs. hard)
      • apachectl script
      • persist across reboots
  3. Prequel to configuration
    • What lies inside /etc/{httpd,apache2}?
    • The main configuration file
      • Understanding its syntax
      • Various Directives
      • Various Sections
      • Difference in Red Hat and Debian/Ubuntu approach
    • Processing order
    • Apache modules basics
  4. Virtual Hosting on Apache
    • Configuring virtual hosts
    • IP-based virtual hosting
    • Port-based virtual hosting
    • Name-based virtual hosting
    • Mix-and-match virtual hosting
    • Issues with virtual hosting (SSL)
    • Per-user Web hosting (public_html)
  5. Logs
    • Server logging
    • Access logging
    • Formatting access logs
    • Conditional logging
    • Debug logging
    • Log rotation
    • Analysing Logs
  6. Serving Dynamic Content and Rewriting URLs
    • Server Side Includes (SSI)
    • CGI in Apache using mod_cgi
    • Serving PHP: mod_php
    • Serving Perl: mod_perl
    • Rewriting URLs: Rewrite module
      • Understand Regex basics for rewriting URLs
      • Enabling mod_rewrite
      • Ruleset processing
      • RewriteRule directive
      • RewriteCond directive
      • RewriteOptions directive
      • RewriteBase directive
      • RewriteMaps directive
      • RewriteLock directive
      • mod_rewrite in practice
    • .htaccess files
  7. Enhance or limit functionality using modules
    • Check what’s enabled by default
    • Analyse what’s missing
    • Compression: Deflate and gzip modules
    • Custom HTTP headers: header module
    • Set Cache Control & Expiry: expire module
    • Proxy pass to upstream server: Proxy module
    • Proxy pass to Java App server: mod_jk
  8. Performance Tuning
    • Objectives
    • Stressing using ab (Apache Bench)
    • Hardware and OS tuning
      • limits.conf
    • Memory-footprint of Apache threads
    • Apache Configuration Tuning
    • Multi-processing modules (MPMs)
      • Prefork MPM
      • Worker MPM
      • When and Why Prefork and Worker
      • Implications of MPM selection and tuning
    • FastCGI versus mod_php mod_perl…
    • Analyse and get rid of unnecessary modules
    • Other factors:
      • hostname lookups
      • Symbolic links
      • AllowOverride using .htaccess
    • Caching – disk_cache_module
    • KeepAlive
    • 404s are Expensive: Set Error Pages
  9. Security
    • Keep track of Security updates, and keep apache patched, always
    • Limiting modules (revisited)
    • User and file system permissions
    • Securing/limiting dynamic content
    • Security implications of AllowOverride (i.e. .htaccess files)
    • Authentication and authorization
    • Access control
    • IP/Host based access control
    • Basic authentication
    • Group-based authorization
    • Authn/Authz providers
    • SSL/TLS on Apache
      • What’s HTTPS?
      • SSL Certificates
      • Configuring mod_ssl
  10. Miscellaneous
    • What’s SEO got to do with Web servers?
      • Why performance matters?
      • Why 301 and not 302?
      • Restricting access to search engine crawlers?
    • Directory Indexing
    • WebDAV