apache 2.0.52 
- 必要なソフト
- openssl
以下のサイトよりファイルをダウンロード
http://www.apache.org/
- インストール
# cd /usr/local/arch # wget http://www.meisei-u.ac.jp/mirror/apache/dist/httpd/httpd-2.0.52.tar.gz # cd ../src # tar xvzf ../arch/httpd-2.0.52.tar.gz # cd httpd-2.0.52 # ./configure --prefix=/usr/local/apache \ > --with-mpm=worker \ > --enable-so \ > --enable-ssl \ > --enable-rewrite \ > --enable-redirect \ > --with-ssl=/usr/local/openssl \ > --disable-status \ > --disable-userdir # make # make install
- 設定
# cd/usr/local/apache/conf # vi httpd.conf
ServerRoot "/usr/local/apache"
PidFile logs/httpd.pid
Timeout 300
KeepAlive On
MaxKeepAlive Requests 100
KeepAliveTimeout 30
<IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
Listen 80
User www
Group www
ServerAdmin admin@domain.com
ServerName www.domain.com:80
UseCanonicalName Off
DirectoryIndex index.html index.html.var index.cgi index.php
AccessFileName .htaccess
DocumentRoot "/usr/local/apache/htdocs"
TypesConfig conf/mime.types
DefaultType text/plain
HostnameLookups Off
<IfModule mod_mime_magic.c>
MIMEMagicFile conf/magic
</IfModule>
ErrorLog logs/apache_error.log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
CustomLog logs/apache_access.log combined
ServerTokens Full
ServerSignature On
ServerTokens Full
ServerSignature On
#for tomcat
#LoadModule jk2_module modules/mod_jk2.so
#for php
#LoadModule php4_module modules/libphp4.so
#AddType application/x-httpd-php .php
#AddType application/x-httpd-php-source .phps
#for cgi
AddHandler cgi-script .cgi
#for rewrite
#RewriteEngine On
#Include conf/rewrite.conf
<Files ~"^\.ht">
Order allow,deny
Deny from all
</Files>
<Directory "/usr/local/apache/htdocs">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>- BASIC認証を使用するディレクトリの設定例
<Directory "/usr/local/apache/private">
AuthUserFile /usr/local/apache/conf/.htpasswd
AuthGroupFile /dev/null
AuthName "UserAuthentication is required"
AuthTypeBasic
<LimitGET>
require valid-user
</Limit>
Options Indexes ExecCGI FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Alias /private "/usr/local/apache/private"- BASIC認証を使用するファイルの設定例
<Directory "/user/local/apache/status">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
<Files "admin.cgi">
AuthUserFile /usr/local/apache/conf/.htpasswd-pub
AuthGroupFile /dev/null
AuthName "UserAuthentication is required"
AuthTypeBasic
<LimitGET>
require valid-user
</Limit>
Order allow,deny
Allow from all
</Files>
</Directory>
Alias /status "/usr/local/apache/status"- SSLの設定例
# cd /usr/local/apache/conf # openssl md5 * > rand.dat # openssl genrsa -rand rand.dat -des 1024 > key.pem # openssl rsa -in key.pem -out key.pem # openssl req -new -key key.pem -out csr.pem # openssl x509 -in csr.pem -out cert.pem -req -signkey key.pem # vi httpd.conf
<IfDefine SSL>
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
#SSLSessionCache none
#SSLSessionCache shmht:/usr/local/apache/logs/ssl_scache(512000)
#SSLSessionCache shmcb:/usr/local/apache/logs/ssl_scache(512000)
SSLSessionCache dbm:/usr/local/apache/logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/usr/local/apache/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
<VirtualHost www.domain.com:443>
DocumentRoot "/usr/local/apache/htdocs"
ServerName www.domain.com:443
ServerAdmin admin@domain.com
ErrorLog /usr/local/apache/logs/apache_error.log
TransferLog /usr/local/apache/logs/apache_access.log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile conf/cert.pem
SSLCertificateKeyFile conf/key.pem
<Directory "/usr/local/apache/htdocs">
AuthUserFile conf/.htpasswd
AuthGroupFile /dev/null
AuthName "User Authentication is required"
AuthType Basic
<Limit GET>
require valid-user
</Limit>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
#SSLCACertificatePath /usr/local/apache/conf/ssl.crt
#SSLCACertificateFile /usr/local/apache/conf/ssl.crt/ca-bundle.crt
#SSLCARevocationPath /usr/local/apache/conf/ssl.crl
#SSLCARevocationFile /usr/local/apache/conf/ssl.crl/ca-bundle.crl
#SSLVerifyClient require
#SSLVerifyDepth 10
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /usr/local/apache/logs/ssl_request.log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
</IfDefine>- rewriteの設定例
# cd /usr/local/apache/conf # vi rewrite.conf
RewriteRule ^/$ /cgi-bin/ [PT] RewriteRule ^/([0-9]*)\.html(#.*)?$ /index.php?id=$1$2 [PT]
- 起動
# apachectl startssl
- linux/apache (1273d) [ apache 2.0.52 ]
Counter: 500,
today: 1,
yesterday: 0
最終更新: 2008-11-26 (水) 00:32:26 (JST) (1273d) by aqua
