Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"
The ONE Campaign to make poverty history

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents

· Introduction to Operating Systems
· Linux Basics
· Working with the System
· Shells and Utilities
· Editing Files
· Basic Administration
· The Operating System
· The X Windowing System
· The Computer Itself
· Networking
· System Monitoring
· Solving Problems
· Security
· Installing and Upgrading
· Linux and Windows

Glossary
MoreInfo
Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
FAQ
Copyright Info
Terms of Use
Privacy Info
Disclaimer
WorkBoard
Thanks
Donations
Advertising
Masthead / Impressum
Your Account

Communication
Feedback
Forums
Private Messages
Surveys

Features
HOWTOs
News Archive
Submit News
Topics
User Articles
Web Links

Google
Google


The Web
linux-tutorial.info

Who's Online
There are currently, 88 guest(s) and 0 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here

  

HOWTO Home

Current HOWTO: Apache Overview HOWTO


Apache Overview HOWTO: Apache Next Previous Contents

2. Apache

Apache is the leading internet web server, with over 60% market share, according to the Netcraft survey. Several key factors have contributed to Apache's success:

  • The Apache license. It is an open source, BSD-like license that allows for both commercial and non-commercial uses of Apache.
  • Talented community of developers with a variety of backgrounds and an open development process based on technical merits.
  • Modular architecture. Apache users can easily add functionality or tailor Apache to their specific enviroment.
  • Portable: Apache runs on nearly all flavors of Unix (and Linux), Windows, BeOs, mainframes...
  • Robustness and security.
Many commercial vendors have adopted Apache-based solutions for their products, including Oracle, Red Hat and IBM. In addition, Covalent provides add-on modules and 24x7 support for Apache.

The following websites use Apache or derivatives. Chances are that if Apache is good enough for them, it is also good enough for you :)

>From the Apache website:

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

Apache started its life as modifications to the NCSA Web server, one of the first HTTP servers. You can learn more about Apache's history here:

The Apache project has grown beyond building just a web server into developing other critical server side technologies. The Apache Software Foundation, described in a later section, serves as an umbrella for these projects.

2.1 Architecture

There are two main versions of Apache, the 1.3 series and the 2.0 series. Although both versions are considered production quality, they differ in architecture and capabilities.

2.1.1 Apache 1.3

Apache 1.3 has been ported to a great variety of Unix platforms and is the most widely deployed Web server on the Internet.

Process-based Web server

Apache 1.3 on Unix is a process-based Web server. The Apache program forks several children at startup. Forking means that a parent process makes identical copies of itself, called children. Each one of the children can serve a request independent of the others. This approach has the advantage of improved stability: If one of the children misbehaves (runs out of control or has memory leaks) it can be terminated without affecting the others. The stability comes with a performance penalty. In most Unix operating systems, creating processes and context switching (assigning processor time to each process) are expensive operations. Since processes are isolated from each other, they cannot easily share code and data, consuming system resources.

Windows support

Apache 1.3 is the first version of Apache to support Windows, although the port is not considered to be as stable as its Unix counterparts. This is due to the fact that the server had been designed with Unix in mind and the Windows port was a later addition that did not integrate very well.

Modular

Apache 1.3 has a modular architecture. You can enable or disable modules to add and remove Web server functionality. You can customize Apache to improve performance and security. In addition to modules bundled with the server, there is a great number of third party modules, providing extended functionality.

2.1.2 Apache 2.0

Apache 2.0 is the latest and greatest version of the Apache server. The architecture contains significant improvements over the 1.3 series. The following are some of them.

Multi Processing Modules

Apache 2.0 abstracts the request processing architecture in special server modules, called Multi Processing modules (MPMs). This means that Apache can be configured to be a pure process-based server, a purely threaded server or a mixture of those models. Threads are contained inside processes and run simultaneously. Unlike processes, threads can share data and code. Threads are thus more "lighweight" than processes, and in most cases threaded servers scale better than process based servers. The disadvantage is that the server is less reliable, since if a thread misbehaves it can corrupt data or code belonging to other threads.

Protocol Modules

The protocol handling has been encapsulated in its own layer in Apache 2.0. That means it is possible to write modules to serve protocols other than HTTP, such as POP3 for mail or FTP for file transfer. These protocol modules can take advantage of a solid server framework and module functionality, such as authentication and dynamic content generation. This means that, for example, you can authenticate your POP3 users against the same user database Apache uses for web requests and that FTP content can be generated dynamically using PHP, CGI or any other technologies explained later in this document.

Module and filter architecture.

Apache 2.0 maintains the 1.3 modular architecture and adds an additional extension mechanism: filters. Filters allow modules to modify the content generated by other modules. They can encrypt, scan for viruses or compress not only static files but dynamically generated content.

Compatibility issues

Unfortunately, though the module API is similar between versions, they are not identical and Apache 1.3 modules need to be ported to the new architecture. Most mainstream modules such as PHP and mod_perl already have Apache 2.0 versions and others, such as mod_dav and mod_ssl, are now part of the server distribution. Running modules on a threaded architecture requires specific changes to modules. Modules distributed with Apache have undergone those changes and are considered `thread-safe', but third-party modules or libraries may not. If you need one of those, you will be limited to running Apache as a pure process-based server.

Portable

Apache runs equally well now on Windows and Unix platforms thanks to the Apache Portable Runtime (APR) library. It abstracts the differences among operating systems, such as file or network access APIs. Porting Apache to a new platform is often as simple as porting the Apache Portable Runtime. This abstraction layer also provides for platform-specific tuning and optimization.

2.2 Security

Apache provides several security-related modules for securing and restricting access to the server.

Authentication

Authentication modules allow you to determine the identity of a client, usually by verifying an username and password against a backend database. Apache includes modules to authenticate against plain text and database files. Additional authentication modules exist that connect Apache to existing security frameworks or databases, including: NT Domain controller, Oracle, mySQL, PostgresSQL and so on.

The LDAP modules are specially interesting, as they allow integration with company and enterprise wide existing directory services. You can find these modules at http://modules.apache.org. An Apache 2.0 LDAP module can be found at the Apache website.

Access Control

Apache provides the mod_access module that can restrict access to resources based on parameters of the client request, such as the presence of a specific header or the IP address or hostname of the client. Third party modules allow you to restrict access to clients that misbehave, as explained in later sections on performance and bandwidth control.

SSL/TLS

The Secure Sockets Layer/Transport Layer Security protocols allow data between the Web server and client to be encrypted. In Apache 1.3, the protocols are implemented by mod_ssl, which is distributed separately from the mod_ssl website and requires applying patches to the server. This was necessary because of export regulations on encryption. Most of those restrictions have since then being lifted and starting with Apache 2.0, mod_ssl is now included as a base module with Apache.

2.3 Proxy

A proxy is a program that performs requests on behalf of another. There are different kind of Web proxies. A traditional HTTP proxy, also called a forward proxy, accepts requests from clients (usually Web browsers), contacts the remote server, and returns the responses.

A reverse proxy is a Web server that is placed in front of other servers, providing a unified front end and offloading certain tasks, such as SSL processing, from the backend Web servers.

Apache supports both types of proxy, caching of proxied content and differente proxy backends such as FTP.

2.4 Performance and scalability

Raw performance is only one of the factors to consider in a web server (flexibility and stability come usually first).

Having said that, there are solutions to improve performance on heavy loaded webservers serving static content. If you are in the hosting business Apache also provides ways in which you can measure and control bandwidth usage. Throttling in this context usually means slowing down the delivery of content based on the file requested, a specific client IP address and so on. This is done to prevent abuse.

  • mod_mmap: Included in current Apache 1.3 releases, it maps to memory a statically configured list of files that are frequently requested but infrequently changed. This functionality is included in mod_file_cache in Apache 2.
  • Mod_bandwidth: This Apache 1.3 module enables the setting of server-wide or per connection bandwidth limits, based on the specific directory, size of files and remote IP/domain.
  • Bandwidth share module: provides bandwidth throttling and balancing by client IP address. It supports Apache 1.3 and earlier versions of Apache 2.
  • Mod_throttle:Throttle bandwidth per virtual host or user. For Apache 1.3

Load Balancing

Using the Apache reverse proxy and mod_rewrite you can have an Apache process distributing requests among a variety of backend web servers. You can find more information at http://www.apache.org/docs/misc/rewriteguide.html

Additionally, mod_backhand is an Apache 1.3 module that allows seamless redirection of HTTP requests from one web server to another. This redirection can be used to target machines with under-utilized resources, thus providing fine-grained, per-request load balancing of web requests. You can find more information at http://www.backhand.org/.

Compression

Apache 2.0 includes mod_deflate, a filtering module that compresses content before delivering it to clients. This saves bandwidth but can have a performance impact. The mod_gzip module provides this functionality for Apache 1.3

2.5 CGI scripts

CGI stands for Common Gateway Interface. CGI programs are external programs that are called when a user requests a certain page. The CGI program receives information from the web server (form variable values, type of browser, IP address of the client and so on) and uses that information to output a web page to the client.

Apache has support for CGIs and there is a third-party Apache 1.3 module that provides support for the FastCGI protocol. It avoids the performance penalties associated with starting and stopping a CGI program with every request. You can find it at http://fastcgi.com/

2.6 Development Platform Integration

Web applications are written in high-level languages such as Java, Perl, C# and so on and Apache has several modules that integrate them with the server. In many cases the modules expose the Apache API so entire Apache modules can be written in those languages.

Perl

mod_perl is one of the most veteran and successful Apache projects. It embeds a Perl interpreter in Apache and allows access to the web server internals from Perl. This allows for entire modules to be written in Perl or a mixture of Perl and C code. In the 1.3 Apache versions, one interpreter has to be embedded in each child, since the server is multiprocess based. In heavy traffic dynamic sites, the increased size could make a difference. In threaded versions of Apache 2.0 mod_perl allows for sharing of code, data and session state among interpreters. This results in a faster, leaner solution.

mod_perl is in itself another platform, with a great variety of modules available such as Mason and Embperl for embedding Perl in HTML pages and AxKit for XML-driven templates.

PHP

From the PHP website: PHP is a server-side, cross-platform, HTML embedded scripting language. It is the most popular module for Apache and this is due to a variety of reasons:

  • Learning curve is quite low
  • Great documentation
  • Extensive database support
  • Modularity
PHP has a modular design. Among many others, there are modules that provide support for:
  • Database connetivity for popular databases such as Oracle, MS-SQL server, ODBC interface, MySQL, mSQL, PostgreSQL and so on.
  • XML support
  • File transfer: FTP
  • HTTP
  • Directory support: LDAP
  • Mail support: IMAP, POP3, NNTP
  • PDF document generation
  • CORBA
  • SNMP
You only need to compile/use the modules you need. PHP can be used with Apache, as an external CGI or with other webservers. It is crossplatform and it runs on most flavors of Unix and Windows. If you come from a Windows background, you probably have used Internet Information Server with Active Server Pages and MS-SQL Server. A common replacement in the Unix world for this trio is Apache with PHP and MySQL. Since PHP works:
  • with Apache and with Microsoft IIS
  • with MySQL and with MS-SQL server
  • on Unix and on Windows
you have a nice, gradual migration path from a Microsoft-centric solution to Unix based solutions.

Python

Python is a popular object oriented scripting language. Mod_Python, which is now an official Apache project, allows you to integrate Python with the Apache web server. You can develop complex web applications or accelerate existing Python CGI scripts. Recent versions run on Apache 2.0.

Tcl

The Tcl Apache project integrates Tcl with the Apache webserver. Tcl is a lightweight, extensible scripting language. You can learn more about Tcl here. There are several modules currently under the Apache Tcl umbrella:

  • Both Mod_dtcl and Neowebscript allow embedding Tcl on HTML pages. Rivet combines the best of both modules.
  • Mod_tcl takes an approach similar to mod_perl, exposing the Apache API.
  • WebSH provides a Tcl Web application environment

Microsoft technologies

Several modules allow integration with Microsoft languages and technologies such as the .Net framework or Active Server Pages.

.Net

mod_haydn integrates Mono with Apache and exposes the Apache API to the .Net framework, allowing you to write modules in C#, for example. Covalent provides mod_asp.net, an commercial Windows module that allows Apache to run ASP.Net applications, allowing you to replace Microsoft IIS.

ASP

ASP stands for Active Server Pages and is a Microsoft technology that allows you to embed code, usually Visual Basic, in HTML pages. Several companies such as ChilliSoft and Stryon provide products that can run ASP applications on Unix environments.

ISAPI

ISAPI is an API that you can use to extend Microsoft IIS, similarly to how you would use the Apache API. Apache includes a module mod_isapi that mirrors this functionality and allows you to run ISAPI modules.

Java

Most applications servers, such as those from Oracle, IBM and BEA provide modules to integrate with the Apache web server. Additionally, several modules such as mod_jk and mod_webapp allow you to connect to Tomcat, a Servlet and JavaServer Pages container that is also part of the Apache Software Foundation.

Modules for other languages

This document has described modules for popular server side languages such as Perl, Python and PHP. You can find additional language modules (JavaScript, Haskell, Ruby and others) at the Apache modules directory.

2.7 Management

An important part of Web server administration includes building, configuring and monitoring different servers.

Build tools

Apache can be extended and customized in many different ways. Integration of different modules with the server can sometimes be a difficult task. Tools such as the Apache Toolbox can make this task easier, by providing a menu driven build framework.

User Interfaces for Apache

Apache is configured thru text configuration files, and that sometimes can be hard, specially for people coming from a Windows background. There are open source graphical tools that make this task easier:

  • Comanche, by yours truly, is crossplatform and runs on Unix/Linux, Windows and Mac.
  • Webmin: A nice web based interface.
  • gui.apache.org: GUI interfaces for Apache project. Programs are in various degrees of development.

SNMP

SNMP stands for Simple Network Management Protocol. It allows monitoring and management of network servers, equipment and so on. SNMP modules for Apache help manage large deployments of web servers, measure the quality of service offered and integration of Apache with existing management frameworks.

  • Open source Mod SNMP for Apache 1.3.
  • Covalent SNMP provides a commercial SNMP module, support for the latest SNMPv3 standard, integration with HP-Openview, Tivoli and so on.

2.8 Publishing

Authors of Web content require a means of managing that content and uploading it to the server. One of the protocols used for this purpose is DAV (Distributed Authoring and Versioning). DAV is an extension to the HTTP protocol that enables users and applications to publish and modify Web content. DAV technology is widely implemented, Microsoft supports it at the operating system level (WebFolders) and in its Office suite. Same goes for Apple OS-X and a variety of third party products from Adobe, Oracle and so on. You can get the mod_dav module for Apache 1.3 at http://www.webdav.org/mod_dav/. In Apache 2.0, mod_dav is included with the base distribution.

Previous to DAV, Microsoft had its own publishing protocol, integrated with the Microsoft FrontPage tool. You can add server-side support for Frontpage using the modules at http://www.rtr.com/Ready-to-Run_Software/, though due to the way they integrate with Apache they are not considered secure.

2.9 Protocol modules

Apache 2.0 introduced the concept of protocol modules. That means that developers can reuse the Apache server framework to implement new protocols such as those dealing with mail and file transfer. mod_ftp is a commercial Apache-based FTP module from Covalent. mod_pop3 is an open source module that implements the POP3 protocol, commonly used by mail readers to retrieve messages from mail servers.

2.10 Virtual Hosting

Apache provides extensive virtual hosting support which means that you can serve multiple websites from a single server. In Apache 2.0, with the per-child MPM you can have multiple children, each one serving a different domain under different Unix user ids. This is very important for security in shared hosting scenarios, as it allows you to isolate customers from each other. The following are additional, alternative, virtual hosting modules.

2.11 Commercial support

Apache is the web server of choice for many commercial entities, including big enterprises. These companies have certain requirements when adopting a technology, specially one that is at the core of their Internet strategy, such as Web servers. Those requirements include performance, stability, management capabilities, support, professional services and integration with legacy systems. A number of commercial companies, such as IBM, Red Hat and Covalent, provide the products and services necessary to make Apache meet the needs of Enterprise customers.

In addition, many other companies and OEMs ship Apache as a bundled web server with their products.


Next Previous Contents

The Linux Tutorial completely respects the rights of authors and artists to decide for themselves if and how their works can be used, independent of any existing licenses. This means if you are the author of any document presented on this site and do no wish it to be displayed as it is on this site or do not wish it to be displayed at all, please contact us and we will do our very best to accommodate you. If we are unable to accommodate you, we will, at your request, remove your document as quickly as possible.

If you are the author of any document presented on this site and would like a share of the advertising revenue, please contact us using the standard Feedback Form.


  




Login
Nickname

Password

Security Code
Security Code
Type Security Code


Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!


Amazon Wish List

Did You Know?
The Linux Tutorial welcomes your suggestions and ideas.


Friends



Tell a Friend About Us

Bookmark and Share



Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.78 Seconds