unix86.org

Install Apache2 and OpenSSL packages:

apt-get install apache2 openssl ssl-cert

Create SSL directory under /etc/apache2

mkdir /etc/apache2/ssl

Generate SSL certificate:

openssl req $@ -new -x509 -days 3652 -nodes -out /etc/apache2/ssl/unix86.pem \
 -keyout /etc/apache2/ssl/unix86.pem

Generating a 1024 bit RSA private key
.................++++++
..........++++++
writing new private key to '/etc/apache2/ssl/unix86.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:HK
State or Province Name (full name) [Some-State]:Hong-Kong
Locality Name (eg, city) []:Hongkong
Organization Name (eg, company) [Internet Widgits Pty Ltd]:UNIX86.COM
Organizational Unit Name (eg, section) []:IT
Common Name (eg, YOUR name) []:mail.unix86.com
Email Address []:tonyn@unix86.com

Change the SSL Cert file permission

chmod 600 /etc/apache2/ssl/unix86.pem

Create SSL virtual hosts

cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl

vi /etc/apache2/sites-available/ssl
#-------------------------------------------------------------------------------
NameVirtualHost *:443
<VirtualHost *:443>
 SSLEngine On
 SSLCertificateFile /etc/apache2/ssl/unix86.pem
 
    ServerAdmin webmaster@unix86.org
    DocumentRoot /var/www/
    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>
    <Directory /var/www/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
        AllowOverride None
        Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Order allow,deny
        Allow from all
    </Directory>

    ErrorLog /var/log/apache2/error-unix86.org.log
    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn
    CustomLog /var/log/apache2/access-unix86.org.log combined
    ServerSignature On

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>
</VirtualHost>
#-------------------------------------------------------------------------------

Modify /etc/apache2/ports.conf

vi /etc/apache2/ports.conf
#-------------------------------------------------------------------------------
Listen 80

<IfModule mod_ssl.c>
    Listen 443
</IfModule>
#-------------------------------------------------------------------------------

Enable SSL Virtual Host

a2ensite ssl
a2enmod ssl

Mod rewrite

It’s always good to force users to access things like webmail via https, this can be accomplished with mod_rewrite.

Enable the mod_rewrite module

a2enmod rewrite

Then add the following to /etc/apache2/sites-available/default

vi /etc/apache2/sites-available/default
#-------------------------------------------------------------------------------
RewriteEngine   on
RewriteCond     %{SERVER_PORT} ^80$
RewriteRule     ^/webmail(.*)$ https://%{SERVER_NAME}/webmail$1 [L,R]
RewriteLog      "/var/log/apache2/rewrite.log"
RewriteLogLevel 2
#-------------------------------------------------------------------------------

Force an SSL connection and redirect all traffic to port 80 to port 443 (HTTPS), use this instead:

vi /etc/apache2/sites-available/default
#-------------------------------------------------------------------------------
RewriteEngine   on
RewriteCond     %{SERVER_PORT} ^80$
RewriteRule     ^(.*)$ https://%{SERVER_NAME}$1 [L,R]
#-------------------------------------------------------------------------------

Restart Apache2:

/etc/init.d/apache2 restart

Sources:

https://help.ubuntu.com/8.04/serverguide/C/certificates-and-security.html
https://help.ubuntu.com/community/forum/server/apache2/SSL
http://twpug.net/modules/newbb/viewtopic.php?topic_id=2893
http://www.tc.umn.edu/~brams006/selfsign_ubuntu.html
http://www.linode.com/wiki/index.php/Apache2_SSL_in_Ubuntu
http://alephzarro.com/blog/2007/01/07/installation-of-subversion-on-ubuntu-with-apache-ssl-and-basicauth/
http://davidlaing.com/2008/12/27/self-cert-ssl-certificate-for-apache2-on-ubuntu-804lts/

WebLog Expert

http://www.weblogexpert.com/download.htm

Nihuo Web Log Analyzer (Trial)

http://www.loganalyzer.net/download.html

Jakarta-jmeter Wiki

http://wiki.apache.org/jakarta-jmeter/LogAnalysis

http://www.freedownloadmanager.org/downloads/apache_log_analyzer_software/

Apache Log Analyzer 2 Feed

http://code.simonecarletti.com/wiki/apachelog2feed

http://linuxgazette.net/issue83/tougher.html

AlterWind Log Analyzer

http://www.alterwind.com/loganalyzer/

http://swik.net/awstats+Apache

http://www.exefind.com/apache-log-analyzer/

AGG Software: Web Log Analyzer - Apache Log Analyzer

http://www.kmint21.com/web-log-analizer/

AWStats official web site

http://awstats.sourceforge.net/

Virtual hosts can be “IP-based”, meaning that you have a different IP address for every web site, or “name-based”, meaning that you have multiple names running on each IP address. The fact that they are running on the same physical server is not apparent to the end user.

Basics Concepts Of Virtual Hosts

Using virtual hosts, host several domains with a single web server. In this way, save the costs and administration workload for separate servers for each domain. There are several options regarding virtual hosts

* Name-based virtual hosts
* IP-based virtual hosts
* Operation of multiple instances of Apache on one machine

Name-Based Virtual Hosts

With name-based virtual hosts, one instance of Apache hosts several domains. You do not need to set up multiple IPs for a machine. This is the easiest, preferred alternative. Reasons against the use of name-based virtual hosts are covered in the Apache documentation.

Configure it directly by way of the configuration file /etc/apache2/sites-available/filename (by default we have default name file take this as reference and create new file). To activate name-based virtual hosts, specify a suitable directive. NameVirtualHost *. * is sufficient to prompt Apache to accept all incoming requests. Subsequently, configure the individual hosts:

NameVirtualHost *
ServerName www.unix86.com
DocumentRoot /home/www/htdocs/unix86.com
ServerAdmin webmaster@unix86.com
ErrorLog /var/log/apache2/www.unix86.com-error_log
CustomLog /var/log/apache2/www.unix86.com-access_log common
ServerName www.unix86.net
DocumentRoot /home/www/htdocs/unix86.net
ServerAdmin webmaster@unix86.net
ErrorLog /var/log/apache2/www.unix86.net-error_log
CustomLog /var/log/apache2/www.unix86.net-access_log common

A VirtualHost entry must also be configured for the domain originally hosted on the server (www.unix86com). In this example, the original domain and one additional domain (www.unix86.net) are hosted on the same server.

Just as in NameVirtualHost, a * is used in the VirtualHost directives. Apache uses the host field in the HTTP header to connect the request to the virtual host. The request is forwarded to the virtual host whose ServerName matches the host name specified in this field.

For the directives ErrorLog and CustomLog, the log files do not need to contain the domain name. Here, use a name of your choice.

ServerAdmin designates the e-mail address of the responsible person that can be contacted if problems arise. In the event of errors, Apache gives this address in the error messages it sends to clients.

IP-Based Virtual Hosts

This alternative requires the setup of multiple IPs for a machine. In this case, one instance of Apache hosts several domains, each of which is assigned a different IP. The following example shows how Apache can be configured to host the original IP (192.168.1.10) plus two additional domains on additional IPs (192.168.1.20 and 192.168.1.21). This particular example only works on an intranet, because IPs ranging from 192.168.0.0 to 192.168.255.0 are not routed on the Internet.

Configuring IP Aliasing

For Apache to host multiple IPs, the underlying machine must accept requests for multiple IPs. This is called multi-IP hosting. For this purpose, IP aliasing must be activated in the kernel.

Once the kernel has been configured for IP aliasing, the commands ifconfig and route can be used to set up additional IPs on the host. These commands must be executed as root. For the following example, it is assumed that the host already has its own IP, such as 192.168.1.10, which is assigned to the network device eth0.

Enter the command ifconfig to find out the IP of the host. Further IPs can be added with commands like the following:

/sbin/ifconfig eth0:0 192.168.1.20

/sbin/ifconfig eth0:1 192.168.1.21

All these IPs are assigned to the same physical network device (eth0).

Virtual Hosts with IPs

Once IP aliasing has been set up on the system or the host has been configured with several network cards, Apache can be configured. Specify a separate VirtualHost block for every virtual server:

ServerName www.myothercompany.com

DocumentRoot /home/www/htdocs/myothercompany.com

ServerAdmin webmaster@myothercompany.com

ErrorLog /var/log/apache2/www.myothercompany.com-error_log

CustomLog /var/log/apache2/www.myothercompany.com-access_log common

ServerName www.anothercompany.com

DocumentRoot /home/www/htdocs/anothercompany.com

ServerAdmin webmaster@anothercompany.com

ErrorLog /var/log/apache2/www.anothercompany.com-error_log

CustomLog /var/log/apache2/www.anothercompany.com-access_log common

VirtualHost directives are only specified for the additional domains. The original domain (www.example.com) is configured through its own settings (under DocumentRoot, etc.) outside the VirtualHost blocks.

Multiple Instances of Apache

With the above methods for providing virtual hosts, administrators of one domain can read the data of other domains. To segregate the individual domains, start several instances of Apache, each with its own settings for User, Group, and other directives in the configuration file.

In the configuration file, use the Listen directive to specify the IP handled by the respective Apache instance. For the above example, the directive for the first Apache instance would be:

Listen 192.168.1.10:80

For the other two instances

Listen 192.168.1.20:80

Listen 192.168.1.21:80

In Apache2 to configure virtual hosts there are two important files i.e

/etc/apache2/sites-available and /etc/apache2/sites-enabled/

We need to create symlink between these two folders for each virtual host or you can use a2ensite and a2dissite

a2ensite

This Will create the correct symlinks in sites-enabled to allow the site configured in sitefilename to be served

a2dissite

This Will remove the symlinks from sites-enabled so that the site configured in sitefilename will not be served

Example for name based virtual hosts

Apache 2.0, the default site is instead the first file (in alphabetical order) in the /etc/apache2/sites-enabled directory. After initial installation, there will be a symlink from 000-default in this directory to /etc/apache2/sites-available/default. As you can see from this, Apache 2.0 offers another level of abstraction in the Virtual Hosts by recommending putting the actual files in /etc/apache2/sites-available and then symlinking from there to /etc/apache2/sites-enabled. I would recommend following this convention, but it’s not mandatory. In our example above, we would create two files, /etc/apache2/sites-available/default and /etc/apache2/sites-available/example.com. Our /etc/apache2/sites-available/default file would look like this

NameVirtualHost *

ServerName incorrect.com

DocumentRoot /home/www/html/default

And our /etc/apache2/sites-available/example.com would look like this

NameVirtualHost *

ServerName www.example.com

ServerAlias example.com

DocumentRoot /home/www/html/example.com/html

CustomLog logs/www.example.com-access_log common

We would then create symlinks to the /etc/apache2/sites-enabled directory with the ln -s

#ln -s /etc/apache2/sites-available/example.com /etc/apache2/sites-enabled/example.com

or you can use the following command

#a2ensite example.com

Site www.example.com installed; run /etc/init.d/apache2 reload to enable.

Now you need to restart the apache web server using the following command

#/etc/init.d/apache2 restart

Now we have our Virtual Hosts configured, it’s time to test. To start Apache 2, type /etc/init.d/apache2 start and fire up a browser and head to www.example.com

Example for IP based virtual hosts

/etc/apache2/sites-available/example.com would look like this:

ServerName www.example.com

ServerAlias example.com

DocumentRoot /home/www/html/example.com/html

CustomLog logs/www.example.com-access_log common

We would then create symlinks to the /etc/apache2/sites-enabled directory with the ln -s

#ln -s /etc/apache2/sites-available/example.com /etc/apache2/sites-enabled/example.com

or you can use the following command

#a2ensite example.com

Site www.example.com installed; run /etc/init.d/apache2 reload to enable.

Now you need to restart the apache web server using the following command

#/etc/init.d/apache2 restart

Now we have our Virtual Hosts configured, it’s time to test.Fire up a browser and head to www.example.com to see if your web site is working or not.

http://www.ducea.com/2006/06/26/apache-tips-tricks-disable-directory-indexes/

http://www.techiecorner.com/106/how-to-disable-directory-browsing-using-htaccess-apache-web-server/

http://www.jb51.net/os/Solaris/1673_2.html

http://www.securityfocus.com/infocus/1786

<Directory /home/pcman/www.unix86.org>
# Use this Options to enable/allow index
        Options Indexes FollowSymLinks MultiViews
# Use this Options to disable/deny index
        Options FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
</Directory>