SDB:Configuración archivos Apache
Esta página describe los archivos de configuración más importantes del servidor web Apache en openSUSE.
El artículo se puede aplicar a las versiones de openSUSE a partir de la 11.3.
Contenido
Introducción
Una vez instalado Apache puede ser necesario configurar nuestro servidor, para ello Apache dispone de una serie de archivos que nos permiten adaptarlo según nuestras necesidades, entre los más importantes se encuentran los siguientes:
- httpd.conf en el que se describen las directivas generales del servidor. Disponible en /etc/apache2/
- default-server.conf Describen las directivas generales a aplicar a los Hosts Virtuales Se encuentra en /etc/apache2.
- *.conf in /etc/apache2/vhosts.d: Todos estos archivos contendrán la configuración de especificaciones y directivas propias para cada Host Virtual que deseamos mantener en nuestro servidor
- .htaccess (hypertext access), también conocido como archivo de configuración distribuida, es un fichero especial, popularizado por el Servidor HTTP Apache que permite definir diferentes directivas de configuración para cada directorio (con sus respectivos subdirectorios) sin necesidad de editar el archivo de configuración principal de Apache.
Archivo httpd.conf
El servidor web Apache se configura modularmente a través de directivas, en un archivo que sigue la ruta /etc/apache2/httpd.conf. Se trata un archivo de texto el cuál una vez se modifica es necesario reiniciar el servicio apache2 para que sus cambios surjan efecto. Como norma general, este fichero no suele ser necesario modificarlo:
#
# /etc/apache2/httpd.conf
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs-2.2/> for detailed information about
# the directives.
# Based upon the default apache configuration file that ships with apache,
# which is based upon the NCSA server configuration files originally by Rob
# McCool. This file was knocked together by Peter Poeml <poeml+apache@suse.de>.
# If possible, avoid changes to this file. It does mainly contain Include
# statements and global settings that can/should be overridden in the
# configuration of your virtual hosts.
# Quickstart guide:
# http://en.opensuse.org/Apache_Quickstart_HOWTO
# Overview of include files, chronologically:
#
# httpd.conf
# |
# |-- uid.conf . . . . . . . . . . . . . . UserID/GroupID to run under
# |-- server-tuning.conf . . . . . . . . . sizing of the server (how many processes to start, ...)
# |-- sysconfig.d/loadmodule.conf . . . . . [*] load these modules
# |-- listen.conf . . . . . . . . . . . . . IP adresses / ports to listen on
# |-- mod_log_config.conf . . . . . . . . . define logging formats
# |-- sysconfig.d/global.conf . . . . . . . [*] server-wide general settings
# |-- mod_status.conf . . . . . . . . . . . restrict access to mod_status (server monitoring)
# |-- mod_info.conf . . . . . . . . . . . . restrict access to mod_info
# |-- mod_usertrack.conf . . . . . . . . . defaults for cookie-based user tracking
# |-- mod_autoindex-defaults.conf . . . . . defaults for displaying of server-generated directory listings
# |-- mod_mime-defaults.conf . . . . . . . defaults for mod_mime configuration
# |-- errors.conf . . . . . . . . . . . . . customize error responses
# |-- ssl-global.conf . . . . . . . . . . . SSL conf that applies to default server _and all_ virtual hosts
# |
# |-- default-server.conf . . . . . . . . . set up the default server that replies to non-virtual-host requests
# | |--mod_userdir.conf . . . . . . . . enable UserDir (if mod_userdir is loaded)
# | `--conf.d/apache2-manual?conf . . . add the docs ('?' = if installed)
# |
# |-- sysconfig.d/include.conf . . . . . . [*] your include files
# | (for each file to be included here, put its name
# | into APACHE_INCLUDE_* in /etc/sysconfig/apache2)
# |
# `-- vhosts.d/ . . . . . . . . . . . . . . for each virtual host, place one file here
# `-- *.conf . . . . . . . . . . . . . (*.conf is automatically included)
#
#
# Files marked [*] are created from sysconfig upon server restart: instead of
# these files, you edit /etc/sysconfig/apache2
# Filesystem layout:
#
# /etc/apache2/
# |-- charset.conv . . . . . . . . . . . . for mod_auth_ldap
# |-- conf.d/
# | |-- apache2-manual.conf . . . . . . . conf that comes with apache2-doc
# | |-- mod_php4.conf . . . . . . . . . . (example) conf that comes with apache2-mod_php4
# | `-- ... . . . . . . . . . . . . . . . other configuration added by packages
# |-- default-server.conf
# |-- errors.conf
# |-- httpd.conf . . . . . . . . . . . . . top level configuration file
# |-- listen.conf
# |-- magic
# |-- mime.types -> ../mime.types
# |-- mod_autoindex-defaults.conf
# |-- mod_info.conf
# |-- mod_log_config.conf
# |-- mod_mime-defaults.conf
# |-- mod_perl-startup.pl
# |-- mod_status.conf
# |-- mod_userdir.conf
# |-- mod_usertrack.conf
# |-- server-tuning.conf
# |-- ssl-global.conf
# |-- ssl.crl/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificate Revocation Lists (CRL)
# |-- ssl.crt/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificates
# |-- ssl.csr/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificate Signing Requests
# |-- ssl.key/ . . . . . . . . . . . . . . PEM-encoded RSA Private Keys
# |-- ssl.prm/ . . . . . . . . . . . . . . public DSA Parameter Files
# |-- sysconfig.d/ . . . . . . . . . . . . files that are created from /etc/sysconfig/apache2
# | |-- global.conf
# | |-- include.conf
# | `-- loadmodule.conf
# |-- uid.conf
# `-- vhosts.d/ . . . . . . . . . . . . . . put your virtual host configuration (*.conf) here
# |-- vhost-ssl.template
# `-- vhost.template
### Global Environment ######################################################
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests.
# run under this user/group id
Include /etc/apache2/uid.conf
# - how many server processes to start (server pool regulation)
# - usage of KeepAlive
Include /etc/apache2/server-tuning.conf
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog /var/log/apache2/error_log
# generated from APACHE_MODULES in /etc/sysconfig/apache2
Include /etc/apache2/sysconfig.d/loadmodule.conf
# IP addresses / ports to listen on
Include /etc/apache2/listen.conf
# predefined logging formats
Include /etc/apache2/mod_log_config.conf
# generated from global settings in /etc/sysconfig/apache2
Include /etc/apache2/sysconfig.d/global.conf
# optional mod_status, mod_info
Include /etc/apache2/mod_status.conf
Include /etc/apache2/mod_info.conf
# optional cookie-based user tracking
# read the documentation before using it!!
Include /etc/apache2/mod_usertrack.conf
# configuration of server-generated directory listings
Include /etc/apache2/mod_autoindex-defaults.conf
# associate MIME types with filename extensions
TypesConfig /etc/apache2/mime.types
DefaultType text/plain
Include /etc/apache2/mod_mime-defaults.conf
# set up (customizable) error responses
Include /etc/apache2/errors.conf
# global (server-wide) SSL configuration, that is not specific to
# any virtual host
Include /etc/apache2/ssl-global.conf
# forbid access to the entire filesystem by default
<Directory />
Options None
AllowOverride None
Order deny,allow
Deny from all
</Directory>
# use .htaccess files for overriding,
AccessFileName .htaccess
# and never show them
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
# List of resources to look for when the client requests a directory
DirectoryIndex index.html index.html.var
### 'Main' server configuration #############################################
#
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
#
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
#
Include /etc/apache2/default-server.conf
# Another way to include your own files
#
# The file below is generated from /etc/sysconfig/apache2,
# include arbitrary files as named in APACHE_CONF_INCLUDE_FILES and
# APACHE_CONF_INCLUDE_DIRS
Include /etc/apache2/sysconfig.d/include.conf
### Virtual server configuration ############################################
#
# VirtualHost: If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs-2.2/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.
#
Include /etc/apache2/vhosts.d/*.conf
# Note: instead of adding your own configuration here, consider
# adding it in your own file (/etc/apache2/httpd.conf.local)
# putting its name into APACHE_CONF_INCLUDE_FILES in
# /etc/sysconfig/apache2 -- this will make system updates
# easier :)
El anterior es el contenido por defecto de dicho archivo, en él se pueden apreciar, las directivas Include básicas, así como las de directorio Directory
Archivo default-server.conf
También se encuentra alojado en /etc/apache2 y contiene las directivas por defecto de los Hosts Virtuales. El contenido de su archivo es el siguiente:
#
#
# Global configuration that will be applicable for all virtual hosts, unless
# deleted here, or overriden elswhere.
#
DocumentRoot "/srv/www/htdocs"
#
# Configure the DocumentRoot
#
<Directory "/srv/www/htdocs">
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs-2.2/mod/core.html#options
# for more information.
Options None
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
AllowOverride None
# Controls who can get stuff from this server.
Order allow,deny
Allow from all
</Directory>
# Aliases: aliases can be added as needed (with no limit). The format is
# Alias fakename realname
#
# Note that if you include a trailing / on fakename then the server will
# require it to be present in the URL. So "/icons" isn't aliased in this
# example, only "/icons/". If the fakename is slash-terminated, then the
# realname must also be slash terminated, and if the fakename omits the
# trailing slash, the realname must also omit it.
#
# We include the /icons/ alias for FancyIndexed directory listings. If you
# do not use FancyIndexing, you may comment this out.
#
Alias /icons/ "/usr/share/apache2/icons/"
<Directory "/usr/share/apache2/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the realname directory are treated as applications and
# run by the server when requested rather than as documents sent to the client.
# The same rules about trailing "/" apply to ScriptAlias directives as to
# Alias.
#
ScriptAlias /cgi-bin/ "/srv/www/cgi-bin/"
# "/srv/www/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#
<Directory "/srv/www/cgi-bin">
AllowOverride None
Options +ExecCGI -Includes
Order allow,deny
Allow from all
</Directory>
# UserDir: The name of the directory that is appended onto a user's home
# directory if a ~user request is received.
#
# To disable it, simply remove userdir from the list of modules in APACHE_MODULES
# in /etc/sysconfig/apache2.
#
<IfModule mod_userdir.c>
# Note that the name of the user directory ("public_html") cannot simply be
# changed here, since it is a compile time setting. The apache package
# would have to be rebuilt. You could work around by deleting
# /usr/sbin/suexec, but then all scripts from the directories would be
# executed with the UID of the webserver.
UserDir public_html
# The actual configuration of the directory is in
# /etc/apache2/mod_userdir.conf.
Include /etc/apache2/mod_userdir.conf
# You can, however, change the ~ if you find it awkward, by mapping e.g.
# http://www.example.com/users/karl-heinz/ --> /home/karl-heinz/public_html/
#AliasMatch ^/users/([a-zA-Z0-9-_.]*)/?(.*) /home/$1/public_html/$2
</IfModule>
# Include all *.conf files from /etc/apache2/conf.d/.
#
# This is mostly meant as a place for other RPM packages to drop in their
# configuration snippet.
#
# You can comment this out here if you want those bits include only in a
# certain virtual host, but not here.
#
Include /etc/apache2/conf.d/*.conf
# The manual... if it is installed ('?' means it won't complain)
Include /etc/apache2/conf.d/apache2-manual?conf
Lo más destacable es como el directorio raíz del servidor se encuentra en la ruta /srv/www/htdocs. Si se quiere asignar otro, la directiva DocumentRoot es la encargada. Después también se comprueba las directivas específicas para este directorio y como asigna una directiva Include /etc/apache2/conf.d/*.conf para indicar donde se almacenaran las configuraciones de los Hosts Virtuales.
Archivos *.conf o Hosts Virtuales
Tal y como hemos visto en el punto anterior Include /etc/apache2/conf.d/*.conf indica dónde están alojados los Hosts Virtuales que no son otra cosa que nuestros que controla nuestro servidor web Apache. Aunque la configuración por defecto de Apache es bastante segura, resulta mucho más ventajoso disponer de configuraciones especificas para dominio que queremos controlar, a esta manera de proceder es lo que se denomina como Host Virtual que permite un alojamiento compartido dentro del mismo servidor.
Se puede realizar de dos maneras posibles basada en nombres o basada en direcciones IP.
Alojamiento compartido basado en nombres
Un ejemplo de un archivo de configuración podría ser el siguiente:
NameVirtualHost *
<VirtualHost *>
ServerName www.domain.tld
DocumentRoot /www/domain
</VirtualHost>
<VirtualHost *>
ServerName www.otherdomain.tld
DocumentRoot /www/otherdomain
</VirtualHost>
En el se aprecian como dos dominios comparten el mismo servidor y apuntan distintas rutas de almacenamiento. Ejemplos
Alojamiento compartido basado en direcciones IP
Un ejemplo de un archivo de configuración podría ser el siguiente:
...
Port 80
ServerName server.domain.tld
<VirtualHost 111.22.33.44>
DocumentRoot /www/domain
ServerName www.domain.tld
...
</VirtualHost>
<VirtualHost 111.22.33.55>
DocumentRoot /www/otherdomain
ServerName www.otherdomain.tld
...
</VirtualHost>
En el se aprecian como dos dominios comparten el mismo servidor y apuntan distintas rutas de almacenamiento y son accedidos desde diferentes IP. Ejemplos