Apache 101: From Basics to Advanced
Apache HTTPD is the most-used (in marketing terms, the No. 1) Web server world-wide based on market share — currently, more than 60%. It’s very easy to get started with for anyone — whether you are a Web developer or a Web administrator. However, most of us typically configure a virtual host to point a website and be done with it. At most, configure Apache to do a few other things as and when a requirement or an issue props up.
“Apache 101: From Basics to Advanced” is a 16-hour, hands-on training programme where a participant is introduced to a holistic view of the Apache version 2.2 Web server as opposed to a google-and-get-it-done approach. Wouldn’t it be nice if we knew a few things the httpd server is capable of before diving in?
Audience
- Web developers
- Web administrators
- DevOps people
- System administrators
Prerequisites
- Linux command-line basics
Fee: Rs 15,000/- + service tax
Course Content
- Introduction to Apache
- Background & History
- Features & Versions
- Production Use
- Apache vs others — When & Why?
- Installation
- From source or binary?
- Building Apache from source
- Binary from Red Hat & Debian
- Test Apache service
- Start | Stop | Restart | (graceful vs. hard)
- apachectl script
- persist across reboots
- Prequel to configuration
- What lies inside /etc/{httpd,apache2}?
- The main configuration file
- Understanding its syntax
- Various Directives
- Various Sections
- Difference in Red Hat and Debian/Ubuntu approach
- Processing order
- Apache modules basics
- Virtual Hosting on Apache
- Configuring virtual hosts
- IP-based virtual hosting
- Port-based virtual hosting
- Name-based virtual hosting
- Mix-and-match virtual hosting
- Issues with virtual hosting (SSL)
- Per-user Web hosting (public_html)
- Logs
- Server logging
- Access logging
- Formatting access logs
- Conditional logging
- Debug logging
- Log rotation
- Analysing Logs
- Serving Dynamic Content and Rewriting URLs
- Server Side Includes (SSI)
- CGI in Apache using mod_cgi
- Serving PHP: mod_php
- Serving Perl: mod_perl
- Rewriting URLs: Rewrite module
- Understand Regex basics for rewriting URLs
- Enabling mod_rewrite
- Ruleset processing
- RewriteRule directive
- RewriteCond directive
- RewriteOptions directive
- RewriteBase directive
- RewriteMaps directive
- RewriteLock directive
- mod_rewrite in practice
- .htaccess files
- Enhance or limit functionality using modules
- Check what’s enabled by default
- Analyse what’s missing
- Compression: Deflate and gzip modules
- Custom HTTP headers: header module
- Set Cache Control & Expiry: expire module
- Proxy pass to upstream server: Proxy module
- Proxy pass to Java App server: mod_jk
- Performance Tuning
- Objectives
- Stressing using ab (Apache Bench)
- Hardware and OS tuning
- limits.conf
- Memory-footprint of Apache threads
- Apache Configuration Tuning
- Multi-processing modules (MPMs)
- Prefork MPM
- Worker MPM
- When and Why Prefork and Worker
- Implications of MPM selection and tuning
- FastCGI versus mod_php mod_perl…
- Analyse and get rid of unnecessary modules
- Other factors:
- hostname lookups
- Symbolic links
- AllowOverride using .htaccess
- Caching – disk_cache_module
- KeepAlive
- 404s are Expensive: Set Error Pages
- Security
- Keep track of Security updates, and keep apache patched, always
- Limiting modules (revisited)
- User and file system permissions
- Securing/limiting dynamic content
- Security implications of AllowOverride (i.e. .htaccess files)
- Authentication and authorization
- Access control
- IP/Host based access control
- Basic authentication
- Group-based authorization
- Authn/Authz providers
- SSL/TLS on Apache
- What’s HTTPS?
- SSL Certificates
- Configuring mod_ssl
- Miscellaneous
- What’s SEO got to do with Web servers?
- Why performance matters?
- Why 301 and not 302?
- Restricting access to search engine crawlers?
- Directory Indexing
- WebDAV
- What’s SEO got to do with Web servers?