LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/HOWTO/Apache-Overview-HOWTO-2.html

551 lines
24 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>Apache Overview HOWTO: Apache</TITLE>
<LINK HREF="Apache-Overview-HOWTO-3.html" REL=next>
<LINK HREF="Apache-Overview-HOWTO-1.html" REL=previous>
<LINK HREF="Apache-Overview-HOWTO.html#toc2" REL=contents>
</HEAD>
<BODY>
<A HREF="Apache-Overview-HOWTO-3.html">Next</A>
<A HREF="Apache-Overview-HOWTO-1.html">Previous</A>
<A HREF="Apache-Overview-HOWTO.html#toc2">Contents</A>
<HR>
<H2><A NAME="s2">2. Apache</A></H2>
<P>Apache is the leading internet web server, with over 60% market share, according
to the
<A HREF="http://www.netcraft.com/survey">Netcraft survey</A>.
Several key factors have contributed to Apache's success:
<UL>
<LI>The
<A HREF="http://www.apache.org/LICENSE.txt">Apache license</A>. It is
an open source, BSD-like license that allows for both commercial and non-commercial
uses of Apache.</LI>
<LI>Talented community of
<A HREF="http://www.apache.org/foundation/members.html">developers</A>
with a variety of backgrounds and an open development process based on technical merits.</LI>
<LI>Modular architecture. Apache users can easily add functionality or tailor Apache to their
specific enviroment.</LI>
<LI>Portable: Apache runs on nearly all flavors of Unix (and Linux), Windows, BeOs, mainframes...</LI>
<LI>Robustness and security.</LI>
</UL>
Many commercial vendors have adopted Apache-based solutions for their products, including
<A HREF="http://www.oracle.com">Oracle</A>,
<A HREF="http://www.redhat.com">Red Hat</A> and
<A HREF="http://www.ibm.com">IBM</A>.
In addition,
<A HREF="http://www.covalent.net">Covalent</A> provides add-on modules and 24x7 support for Apache.
<P>The following websites use Apache or derivatives. Chances are that if Apache
is good enough for them, it is also good enough for you :)
<UL>
<LI>
<A HREF="http://www.amazon.com">Amazon.com</A></LI>
<LI>
<A HREF="http://www.yahoo.com">Yahoo!</A></LI>
<LI>
<A HREF="http://www.w3c.org">W3 Consortium</A></LI>
<LI>
<A HREF="http://www.ft.com">Financial Times</A></LI>
<LI>
<A HREF="http://www.apple.com">Apple</A></LI>
<LI>
<A HREF="http://www.mp3.com">MP3.com</A></LI>
<LI>
<A HREF="http://www.stanford.edu">Stanford</A></LI>
</UL>
<P>>From the
<A HREF="http://httpd.apache.org">Apache website</A>:
<P><EM>The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for modern operating systems including UNIX and
Windows NT. The goal of this project is to provide a secure, efficient and
extensible server that provides HTTP services in sync with the current HTTP
standards.</EM>
<P>Apache started its life as modifications to the NCSA Web server,
one of the first HTTP servers. You can learn more about Apache's history
<A HREF="http://httpd.apache.org/ABOUT_APACHE.html">here</A>:
<P>The Apache project has grown beyond building just a web server into developing other
critical server side technologies. The Apache Software Foundation, described
in a later section, serves as an umbrella for these projects.
<P>
<H2><A NAME="ss2.1">2.1 Architecture</A>
</H2>
<P>There are two main versions of Apache, the 1.3 series and the
2.0 series. Although both versions are considered production quality, they
differ in architecture and capabilities.
<P>
<H3>2.1.1 Apache 1.3</H3>
<P>Apache 1.3 has been ported to a great variety of Unix platforms and is
the most widely deployed Web server on the Internet.
<P>
<H3>Process-based Web server</H3>
<P>Apache 1.3 on Unix is a process-based Web server. The Apache program forks
several children at startup. Forking means that a parent process makes identical copies
of itself, called <EM>children</EM>. Each one of the children can serve a
request independent of the others. This approach has the advantage of
improved stability: If one of the children misbehaves (runs out of control
or has memory leaks) it can be terminated without affecting the others.
The stability comes with a performance penalty. In most Unix operating
systems, creating processes and context switching (assigning processor time
to each process) are expensive operations. Since processes are isolated from
each other, they cannot easily share code and data, consuming system resources.
<P>
<H3>Windows support</H3>
<P>Apache 1.3 is the first version of Apache to support Windows, although the
port is not considered to be as stable as its Unix counterparts. This is due
to the fact that the server had been designed with Unix in mind and the
Windows port was a later addition that did not integrate very well.
<P>
<H3>Modular</H3>
<P>Apache 1.3 has a modular architecture. You can enable or disable modules
to add and remove Web server functionality. You can customize Apache
to improve performance and security. In addition to modules bundled with the
server, there is a great number of third party modules, providing extended
functionality.
<P>
<H3>2.1.2 Apache 2.0</H3>
<P>Apache 2.0 is the latest and greatest version of the Apache server.
The architecture contains significant improvements over the 1.3 series. The
following are some of them.
<P>
<P>
<H3>Multi Processing Modules</H3>
<P>Apache 2.0 abstracts the request processing architecture in special server
modules, called Multi Processing modules (MPMs). This means that Apache can be configured to be a pure process-based
server, a purely threaded server or a mixture of those models. Threads are
contained inside processes and run simultaneously. Unlike processes, threads
can share data and code. Threads are thus more "lighweight" than
processes, and in most cases threaded servers scale better than process
based servers. The disadvantage is that the server is less reliable, since
if a thread misbehaves it can corrupt data or code belonging to other threads.
<P>
<H3>Protocol Modules</H3>
<P>The protocol handling has been encapsulated in its own layer in
Apache 2.0. That means it is possible to write modules to serve protocols
other than HTTP, such as POP3 for mail or FTP for file transfer. These
protocol modules can take advantage of a solid server framework and module
functionality, such as authentication and dynamic content generation. This
means that, for example, you can authenticate your POP3 users against the
same user database Apache uses for web requests and that FTP content can be
generated dynamically using PHP, CGI or any other technologies explained
later in this document.
<P>
<H3>Module and filter architecture.</H3>
<P>Apache 2.0 maintains the 1.3 modular architecture and adds an additional
extension mechanism: filters. Filters allow modules to modify the content
generated by other modules. They can encrypt, scan for viruses or compress
not only static files but dynamically generated content.
<P>
<H3>Compatibility issues</H3>
<P>Unfortunately, though the module API is similar between versions, they are not identical
and Apache 1.3 modules need to be ported to the new architecture. Most
mainstream modules such as PHP and mod_perl already have Apache 2.0 versions
and others, such as mod_dav and mod_ssl, are now part of the server
distribution. Running modules on a threaded architecture requires specific
changes to modules. Modules distributed with Apache have undergone those
changes and are considered `thread-safe', but third-party modules or
libraries may not. If you need one of those, you will be limited to running
Apache as a pure process-based server.
<P>
<H3>Portable</H3>
<P>Apache runs equally well now on Windows and Unix platforms thanks to the
Apache Portable Runtime (APR) library. It abstracts the differences among
operating systems, such as file or network access APIs. Porting Apache to a
new platform is often as simple as porting the Apache Portable Runtime.
This abstraction layer also provides for platform-specific tuning and
optimization.
<P>
<P>
<H2><A NAME="ss2.2">2.2 Security</A>
</H2>
<P>Apache provides several security-related modules for securing and
restricting access to the server.
<P>
<H3>Authentication</H3>
<P>Authentication modules allow you to determine the identity of a client,
usually by verifying an username and password against a backend database.
Apache includes modules to authenticate against plain text and database files.
Additional authentication modules exist that connect Apache to
existing security frameworks or databases, including: NT Domain
controller, Oracle, mySQL, PostgresSQL and so on.
<P>The LDAP modules are specially interesting, as they allow integration with
company and enterprise wide existing directory services.
You can find these modules at
<A HREF="http://modules.apache.org">http://modules.apache.org</A>.
An Apache 2.0 LDAP module can be found
<A HREF="http://httpd.apache.org/docs-2.0/mod/mod_auth_ldap.html">at the Apache website</A>.
<P>
<P>
<H3>Access Control</H3>
<P>Apache provides the mod_access module that can restrict access to
resources based on parameters of the client request, such as the presence of
a specific header or the IP address or hostname of the client. Third party
modules allow you to restrict access to clients that misbehave, as explained
in later sections on performance and bandwidth control.
<P>
<H3>SSL/TLS</H3>
<P>The Secure Sockets Layer/Transport Layer Security protocols allow data
between the Web server and client to be encrypted. In Apache 1.3, the
protocols are implemented by mod_ssl, which is distributed separately from the
<A HREF="http://www.modssl.org">mod_ssl website</A> and requires
applying patches to the server. This was necessary because of export
regulations on encryption. Most of those restrictions have since then being
lifted and starting with Apache 2.0, mod_ssl is now included as a base
module with Apache.
<P>
<H2><A NAME="ss2.3">2.3 Proxy</A>
</H2>
<P>A proxy is a program that performs requests on behalf of another. There
are different kind of Web proxies. A traditional HTTP proxy, also called a
<EM>forward proxy</EM>, accepts requests from clients (usually Web
browsers), contacts the remote server, and returns the responses.
<P>A reverse proxy is a Web server that is placed in front of other servers,
providing a unified front end and offloading certain tasks, such as SSL
processing, from the backend Web servers.
<P>Apache supports both types of proxy, caching of proxied content and
differente proxy backends such as FTP.
<P>
<H2><A NAME="performance"></A> <A NAME="ss2.4">2.4 Performance and scalability</A>
</H2>
<P>Raw performance is only one of the factors to consider in a web server
(flexibility and stability come usually first).
<P>Having said that, there are solutions to improve performance on heavy loaded
webservers serving static content. If you are in the hosting business
Apache also provides ways in which you can measure and control bandwidth usage.
Throttling in this context usually means slowing down the delivery of content
based on the file requested, a specific client IP address and so on. This is done
to prevent abuse.
<UL>
<LI><B>mod_mmap</B>: Included in current Apache 1.3 releases, it maps to
memory a statically configured list of files that are frequently requested
but infrequently changed. This functionality is included in mod_file_cache
in Apache 2.</LI>
<LI><B>
<A HREF="http://www.cohprog.com/mod_bandwidth.html">Mod_bandwidth</A></B>: This Apache 1.3 module
enables the setting of server-wide or per connection bandwidth limits, based
on the specific directory, size of files and remote IP/domain.</LI>
<LI><B>
<A HREF="http://www.topology.org/src/bwshare/README.html">Bandwidth share module</A></B>: provides
bandwidth throttling and balancing by client IP address. It supports Apache 1.3 and earlier versions of Apache 2. </LI>
<LI><B>
<A HREF="http://www.snert.com/Software/Throttle/index.shtml">Mod_throttle</A></B>:Throttle
bandwidth per virtual host or user. For Apache 1.3</LI>
</UL>
<H3>Load Balancing</H3>
<P>Using the Apache reverse proxy and mod_rewrite you can have an Apache
process distributing requests among a variety of backend web servers.
You can find more information at
<A HREF="http://www.apache.org/docs/misc/rewriteguide.html">http://www.apache.org/docs/misc/rewriteguide.html</A><P>Additionally, mod_backhand is an Apache 1.3 module that allows seamless
redirection of HTTP requests from one web server to another. This
redirection can be used to target machines with under-utilized resources,
thus providing fine-grained, per-request load balancing of web
requests. You can find more information at
<A HREF="http://www.backhand.org/">http://www.backhand.org/</A>.
<P>
<H3>Compression</H3>
<P>Apache 2.0 includes mod_deflate, a filtering module that compresses
content before delivering it to clients. This saves bandwidth but can have a
performance impact. The
<A HREF="http://www.remotecommunications.com/apache/mod_gzip/">mod_gzip module</A>
provides this functionality for Apache 1.3
<P>
<H2><A NAME="ss2.5">2.5 CGI scripts</A>
</H2>
<P>CGI stands for Common Gateway Interface. CGI programs are external programs
that are called when a user requests a certain page. The CGI program receives information
from the web server (form variable values, type of browser, IP
address of the client and so on) and uses that information to output a web page to the client.
<P>Apache has support for CGIs and there is a third-party Apache 1.3 module
that provides support for the FastCGI protocol. It avoids the performance
penalties associated with starting and stopping a CGI program with every
request. You can find it at
<A HREF="http://fastcgi.com/">http://fastcgi.com/</A><P>
<H2><A NAME="ss2.6">2.6 Development Platform Integration</A>
</H2>
<P>Web applications are written in high-level languages such as Java, Perl,
C# and so on and Apache has several modules that integrate them with the
server. In many cases the modules expose the Apache API so entire Apache
modules can be written in those languages.
<H3><A NAME="mod_perl"></A> Perl</H3>
<P>
<A HREF="http://perl.apache.org/">mod_perl</A> is one of the most
veteran and successful Apache projects. It embeds a Perl interpreter
in Apache and allows access to the web server internals from
Perl. This allows for entire modules to be written in Perl or a
mixture of Perl and C code. In the 1.3 Apache versions, one
interpreter has to be embedded in each child, since the server is
multiprocess based. In heavy traffic dynamic sites, the increased
size could make a difference. In threaded versions of Apache 2.0
mod_perl allows for sharing of code, data and session state among
interpreters. This results in a faster, leaner solution.
<P>mod_perl is in itself another platform, with a great variety of modules
available such as
<A HREF="www.masonhq.com">Mason</A> and
<A HREF="http://perl.apache.org/embperl/">Embperl</A> for
embedding Perl in HTML pages and
<A HREF="axkit.org">AxKit</A> for
XML-driven templates.
<P>
<H3><A NAME="php"></A> PHP</H3>
<P>From the
<A HREF="http://www.php.net">PHP</A> website:
<EM>PHP is a server-side, cross-platform, HTML embedded scripting
language</EM>. It is
the
<A HREF="http://www.securityspace.com/s_survey/data/man.200209/apachemods.html">most popular module for Apache</A>
and this is due to a variety of reasons:
<UL>
<LI>Learning curve is quite low </LI>
<LI>Great documentation</LI>
<LI>Extensive database support</LI>
<LI>Modularity</LI>
</UL>
PHP has a modular design. Among many others, there are modules that provide
support for:
<UL>
<LI>Database connetivity for popular databases such as Oracle,
MS-SQL server, ODBC interface, MySQL, mSQL, PostgreSQL and so on.</LI>
<LI>XML support</LI>
<LI>File transfer: FTP</LI>
<LI>HTTP</LI>
<LI>Directory support: LDAP </LI>
<LI>Mail support: IMAP, POP3, NNTP</LI>
<LI>PDF document generation</LI>
<LI>CORBA</LI>
<LI>SNMP</LI>
</UL>
You only need to compile/use the modules you need. PHP can be used with Apache, as an external CGI or with other webservers.
It is crossplatform and it runs on most flavors of Unix and Windows. If you come from a Windows background, you probably have used Internet
Information Server with Active Server Pages and MS-SQL Server. A common
replacement in the Unix world for this trio is Apache with PHP and MySQL.
Since PHP works:
<UL>
<LI>with Apache and with Microsoft IIS</LI>
<LI>with MySQL and with MS-SQL server</LI>
<LI>on Unix and on Windows</LI>
</UL>
you have a nice, gradual migration path from a Microsoft-centric solution to Unix based solutions.
<P>
<H3>Python</H3>
<P>Python is a popular object oriented scripting language.
<A HREF="http://www.modpython.org">Mod_Python</A>, which is now
an official Apache project, allows you to integrate Python with the Apache
web server. You can develop complex web applications or accelerate existing
Python CGI scripts. Recent versions run on Apache 2.0.
<P>
<H3>Tcl</H3>
<P>The
<A HREF="http://tcl.apache.org">Tcl Apache project</A> integrates
Tcl with the Apache webserver. Tcl is a lightweight, extensible
scripting language. You can learn more about Tcl
<A HREF="http://tcl.activestate.com/">here</A>.
There are several modules currently under the Apache Tcl umbrella:
<UL>
<LI>Both
<A HREF="http://tcl.apache.org/mod_dtcl/">Mod_dtcl</A> and
<A HREF="http://tcl.apache.org/neowebscript/">Neowebscript</A> allow
embedding Tcl on HTML pages.
<A HREF="http://tcl.apache.org/rivet/">Rivet</A> combines the best of both modules.</LI>
<LI>
<A HREF="http://tcl.apache.org/mod_tcl/mod_tcl.html">Mod_tcl</A> takes an approach similar
to mod_perl, exposing the Apache API.</LI>
<LI>
<A HREF="http://tcl.apache.org/websh/">WebSH</A> provides a Tcl Web
application environment</LI>
</UL>
<P>
<H3>Microsoft technologies</H3>
<P>Several modules allow integration with Microsoft languages and
technologies such as the .Net framework or Active Server Pages.
<H3>.Net</H3>
<P>
<A HREF="http://haydn.sourceforge.net/">mod_haydn</A> integrates
<A HREF="http://www.go-mono.com">Mono</A> with Apache and exposes
the Apache API to the .Net framework, allowing you to write modules in C#,
for example.
<A HREF="http://www.covalent.net">Covalent</A> provides
mod_asp.net, an commercial Windows module that allows Apache to run ASP.Net
applications, allowing you to replace Microsoft IIS.
<H3>ASP</H3>
<P>ASP stands for Active Server Pages and is a Microsoft technology that
allows you to embed code, usually Visual Basic, in HTML pages. Several
companies such as
<A HREF="http://www.chilisoft.com/">ChilliSoft</A> and
<A HREF="http://www.stryon.com/">Stryon</A> provide products that can run ASP
applications on Unix environments.
<H3>ISAPI</H3>
<P>ISAPI is an API that you can use to extend Microsoft IIS, similarly to
how you would use the Apache API. Apache includes a module mod_isapi that
mirrors this functionality and allows you to run ISAPI modules.
<P>
<H3>Java</H3>
<P>Most applications servers, such as those from Oracle, IBM and BEA provide
modules to integrate with the Apache web server. Additionally, several
modules such as mod_jk and mod_webapp allow you to connect to Tomcat, a
Servlet and JavaServer Pages container that is also part of the Apache
Software Foundation.
<P>
<H3>Modules for other languages</H3>
<P>This document has described modules for popular server side languages
such as Perl, Python and PHP. You can find additional language modules (JavaScript, Haskell, Ruby and others)
at the
<A HREF="http://modules.apache.org">Apache modules directory</A>.
<P>
<H2><A NAME="ss2.7">2.7 Management</A>
</H2>
<P>An important part of Web server administration includes building,
configuring and monitoring different servers.
<P>
<H3>Build tools</H3>
<P>Apache can be extended and customized in many different ways. Integration
of different modules with the server can sometimes be a difficult task.
Tools such as the
<A HREF="http://www.apachetoolbox.com">Apache Toolbox</A> can make this task easier, by
providing a menu driven build framework.
<P>
<H3>User Interfaces for Apache</H3>
<P>Apache is configured thru text configuration files, and that sometimes
can be hard, specially for people coming from a Windows background.
There are open source graphical tools that make this task easier:
<UL>
<LI>
<A HREF="http://www.comanche.org">Comanche</A>, by yours truly,
is crossplatform and runs on Unix/Linux, Windows and Mac.</LI>
<LI>
<A HREF="http://www.webmin.com/webmin/">Webmin</A>: A nice
web based interface.</LI>
<LI>
<A HREF="http://gui.apache.org">gui.apache.org</A>: GUI interfaces
for Apache project. Programs are in various degrees of development.</LI>
</UL>
<P>
<H3>SNMP</H3>
<P>SNMP stands for Simple Network Management Protocol. It allows monitoring
and management of network servers, equipment and so on. SNMP modules for Apache
help manage large deployments of web servers, measure the quality of service
offered and integration of Apache with existing management frameworks.
<UL>
<LI>Open source
<A HREF="http://www.simpleweb.org/software/packages/mod-snmp/">Mod SNMP</A> for Apache 1.3.</LI>
<LI>
<A HREF="http://www.covalent.net">Covalent SNMP</A> provides
a commercial SNMP module, support for the latest SNMPv3 standard, integration
with HP-Openview, Tivoli and so on.</LI>
</UL>
<P>
<H2><A NAME="ss2.8">2.8 Publishing</A>
</H2>
<P>Authors of Web content require a means of managing that content and
uploading it to the server. One of the protocols used for this purpose is
DAV (Distributed Authoring and Versioning). DAV is an extension to the HTTP
protocol that enables users and applications to publish and modify Web
content. DAV technology is widely implemented, Microsoft supports it
at the operating system level (WebFolders) and in its Office suite. Same
goes for Apple OS-X and a variety of third party products from Adobe,
Oracle and so on. You can get the mod_dav module for Apache 1.3 at
<A HREF="http://www.webdav.org/mod_dav/">http://www.webdav.org/mod_dav/</A>. In Apache 2.0, mod_dav is
included with the base distribution.
<P>Previous to DAV, Microsoft had its own publishing protocol, integrated
with the Microsoft FrontPage tool. You can add server-side support for Frontpage using
the modules at
<A HREF="http://www.rtr.com/Ready-to-Run_Software/">http://www.rtr.com/Ready-to-Run_Software/</A>,
though due to the way they integrate with Apache they are not considered
secure.
<P>
<H2><A NAME="ss2.9">2.9 Protocol modules</A>
</H2>
<P>Apache 2.0 introduced the concept of protocol modules. That means that
developers can reuse the Apache server framework to implement new protocols
such as those dealing with mail and file transfer. mod_ftp is a commercial
Apache-based FTP module from
<A HREF="http://www.covalent.net">Covalent</A>.
<A HREF="http://cvs.apache.org/viewcvs.cgi/httpd-pop3/">mod_pop3</A> is an open source module that
implements the POP3 protocol, commonly used by mail readers to retrieve
messages from mail servers.
<P>
<H2><A NAME="ss2.10">2.10 Virtual Hosting</A>
</H2>
<P>Apache provides extensive virtual hosting support which means that you can
serve multiple websites from a single server. In Apache 2.0, with the
per-child MPM you can have multiple children, each one serving a different
domain under different Unix user ids. This is very important for security
in shared hosting scenarios, as it allows you to isolate
customers from each other. The following are additional, alternative, virtual
hosting modules.
<UL>
<LI>
<A HREF="http://funkcity.com/0101/">mod_dynvhost</A></LI>
<LI>
<A HREF="http://www.joytec.de/mod_pweb.html">mod_pweb</A></LI>
<LI>
<A HREF="http://www.fractal.net/mod_v2h.tm">mod_v2h</A></LI>
</UL>
<P>
<P>
<H2><A NAME="ss2.11">2.11 Commercial support</A>
</H2>
<P>Apache is the web server of choice for many commercial entities,
including big enterprises. These companies have certain requirements when
adopting a technology, specially one that is at the core of their Internet
strategy, such as Web servers. Those requirements include performance,
stability, management capabilities, support, professional services and
integration with legacy systems. A number of commercial companies, such as
<A HREF="http://www.ibm.com">IBM</A>,
<A HREF="http://www.redhat.com">Red Hat</A> and
<A HREF="http://www.covalent.net">Covalent</A>, provide the products and services necessary to
make Apache meet the needs of Enterprise customers.
<P>In addition, many other companies and OEMs ship Apache as a bundled web
server with their products.
<P>
<P>
<HR>
<A HREF="Apache-Overview-HOWTO-3.html">Next</A>
<A HREF="Apache-Overview-HOWTO-1.html">Previous</A>
<A HREF="Apache-Overview-HOWTO.html#toc2">Contents</A>
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink