Home > Articles

Building Apache

This chapter is from the book

This chapter is from the book

The software said it requires Microsoft IIS 4 or better, so I installed Apache.

—Unknown (paraphrased)

In this chapter:

  • Sample Installation

  • Configuration Reference

  • Configuration Special Topics

In this chapter, we first discuss the process of building a full-featured Apache web server with Perl scripting and SSL/TLS capabilities; our discussion takes the form of a step-by-step tutorial that introduces the Apache AutoConf-style Interface (APACI). The procedure includes getting and extracting the distributions, configuring the source trees, building the packages, and finally installing the packages. A complete reference follows the tutorial and covers all command-line variables and options of APACI in detail. Selected Apache configuration special topics are also discussed in more detail at the end of the chapter.

3.1 Sample Step-by-Step Installation

Here we build a full-featured Apache web server with Perl scripting and SSL/TLS capabilities.

In the first part of this chapter, we show a complete step-by-step installation procedure for an Apache server including two extensions, mod_perl and mod_ssl. These two particular modules were selected because they are also covered in Chapter 4 (the configuration chapter). Other popular third-party modules such as mod_php3, mod_dav, and mod_jserv can be added in an analogous fashion. You can therefore treat this section as an installation tutorial intended to help you better understand the configuration reference in Section 3.2 and to get a general impression of how to perform a complex Apache installation.

3.1.1 File System Preparation

For installing Apache you need 25MB free disk space for installation plus 60MB temporary disk space.

As the first step, you must decide where the server package should be installed. That is, you have to choose a common installation path prefix, such as /usr/local/apache. This prefix is important because it is required repeatedly in the installation procedure. All packages will be installed in subdirectories under this prefix. The file system on which this path prefix will reside must have at least 25MB of free disk space available. In addition, you need a working directory where the packages can be built prior to the installation. For this temporary area, additional disk space of at least 60MB is required.

3.1.2 Obtaining the Source Distribution

Next, you must obtain the Apache source distribution. Although so-called binary distributions are available, we recommend that you start with the source distribution, except in those very rare cases where no C compiler is available. First, determine the latest version number of Apache by looking at the Apache home page (http://www.apache.org/httpd). It always includes a note about the latest version.

Table 3.1. The involved software packages

Package Source Distribution
Apache http://www.apache.org/dist/apache_1.3.12.tar.gz
Mod_perl http://perl.apache.org/src/mod_perl-1.24.tar.gz
Perl http://www.perl.com/cpan/src/5.0/perl-5.005-03.tar.gz
mod_ssl http://www.modssl.org/source/mod_ssl-2.6.6-1.3.12.tar.gz
OpenSSL http://www.openssl.org/source/openssl-0.9.6.tar.gz

For instance, at the time of this writing, the most recent Apache version was 1.3.12. To grab the source distribution, you can use a browser and fetch it via HTTP from the area http://www.apache.org/dist/. Apache is also available from mirror locations around the world. The list of available locations can be found at http://www.apache.org/mirrors/.

All of these software packages are available free of charge on the Internet.

In this book, we also cover two popular Apache extensions, mod_perl (the Apache interface to Perl) and mod_ssl (the Apache interface to OpenSSL). You must therefore obtain the distributions of four additional packages: the Perl interpreter (www.perl.com), the mod_perl module (perl.apache.org), the OpenSSL toolkit (www.openssl.org), and the mod_ssl module (www.modssl.org).

Table 3.1 on the preceding page summarizes the download locations for the latest stable version of all involved packages. If they have changed since this book's publication, start over with the home page of the package to find the latest version and current download location.

To build the packages, move the distribution files into your chosen working directory and extract the five distribution "tarballs" there.

$  gunzip -c apache_1.3.12.tar.gz | tar xvf-
   apache_1.3.12/
   apache_1.3.12/src/
   apache_l.3.12/src/ap/
   :
   $  gunzip -c mod_perl-1.24.tar.gz | tar xvf-
   mod_perl-l.24/
   mod_perl–1.24/t/
   mod_perl-l.24/t/docs/
   :
   $  gunzip -c perl-5.005_03.tar.gz | tar xvf-
   perl5.005_03/
   perl5.005_03/Artistic
   perl5.005_03/Changes
   :
   $  gunzip -c mod_ssl-2.6.6-1.3.l2.tar.gz | tar xvf-
   mod_ssl-2.6.6-1.3.12/ANNOUNCE
   mod_ssl-2.6.6-1.3.12/CHANGES
   mod_ssl-2.6.6-1.3.12/CREDITS
   :
   $  gunzip -c openssl-0.9.6.tar.gz | tar xvf-
   openssl-0.9.6/CHANGES
   openssl-0.9.6/CHANGES.SSLeay
   openssl-0.9.6/Configure
   :
   

3.1.3 Package Prerequisites

To build the complex Apache modules, the third-party packages must usually be installed first.

The Apache build process discussed later in this chapter depends on the availability of the mod_perl and mod_ssl modules. But these, in turn, depend on the Perl and OpenSSL third-party packages. For this reason, a prerequisite to building Apache with these modules is to build these two packages first. Follow these steps to install Perl and OpenSSL:

  • Go into the source tree of Perl and follow the directions in the INSTALL document found there. The typical installation steps will look like the following:

    $  cd perl-5.005.03
             $  sh Configure -d -s -e -Dprefix=/usr/local/apache
             First let's make sure your kit is complete.  Checking...
             Locating common programs...
             :
             $  make
             'sh  cflags libperl.a miniperlmain.o'  miniperlmain.c
             CCCMD = cc -DPERL_CORE -c -I/usr/local/include -0
             :
             $  make install
             ./perl installperl
             mkdir /usr/local/apache/bin
             :
             $  (cd /usr/include; /usr/local/apache/bin/h2ph *.h sys/*.h machine/*.h)
             a.out.h -> a.out.ph
             acl.h -> acl.ph
             :
             $  cd..
             							

    Good packages usually do not require you to manually edit their configuration. Instead, they provide some sort of autoconfiguration mechanism.

  • Go into the source tree of OpenSSL and follow the directions in its INSTALL document. The typical installation steps will be similar to the following:

    $  cd openssl-0.9.6
             $  sh config --prefix=/usr/local/apache
             Operating system: i386-whatever-freebsd3
             Configuring for FreeBSD-elf
             :
             $  make
             making all in crypto...
             echo "#define DATE ..'date'ii >date.h
             gcc -I. -I../include -DTERMIOS -DL_ENDIAN ...
             :
             $  make install
             installing crypto...
             making install in crypto/md2...
             :
             $  cd..
             							

Complex Apache modules usually provide automated ways to get to the Apache source tree. Most rely on APACI features.

After you complete these steps, the Perl interpreter and the OpenSSL toolkit will be installed under /usr/local/apache. Now, you must proceed with the application of mod_perl and mod_ssl to the Apache source tree.

Follow these steps:

  • Go into the source tree of mod_perl and follow the directions in the INSTALL.apaci document found there. Many configuration options are available for mod_perl, although the typical installation steps will look like the following:

    $  cd mod_perl-1.24
             $  /usr/local/apache/bin/perl Makefile.PL APACHE.SRC=../apache.1.3.12
                DO_HTTPD=1 USE_APACI=1 PREP_HTTPD=1 EVERYTHING=1
             Will configure via APACI
             (cd ../apache_l.3.12/src && ./Configure -file Configuration)
             :
             $  make
             mkdir blib
             mkdir blib/lib
             cp ../apache-1.3.12/src/include/http_protocol.h ...
             :
             $  make install
             Installing /usr/local/apache/lib/per15/site_perl/5.005/...
             :
             $  cd..
             							
  • Go into the source tree of mod_ssl and follow the directions in its INSTALL document. Once again, many configuration options are available, but the typical installation steps will look like the following:

    $  cd mod_ssl-2.6.6-1.3.12
             $  ./configure -with-apache=../apache_l.3.12
             Configuring mod_ssl/2.6.3 for Apache/1.3.12
             + Apache location: ../apache_l.3.12 (Version 1.3.12)
             :
             $  cd..
             							

3.1.4 Configuring the Apache Source Tree

The recommended standard way to configure the Apache 1.3 source tree is the new Apache AutoConf-style Interface.

The next major step is to configure the Apache source tree. You must select the desired modules, the compiler and flags used for building, the installation path layout, and other features. Typically, you will use the Apache AutoConf-style Interface (APACI)— a script named "configure" you will find in the top-level of the Apache source tree.1 This script provides numerous options that allow you to flexibly configure the build and installation. A complete option reference appears in Section 3.2.

The minimal configuration step usually takes the following form:

$  cd apache_1.3.12
   $  ./configure --prefix=/usr/local/apache
   Configuring for Apache, Version 1.3.12
   :
   $  cd..
   					

APACI offers lots of command-line options, which at first look are ugly. Once you become familiar with APACI, you will enjoy its consistent and batch-capable nature.

Because we want to build Apache with our two additional modules and because it's reasonable to build Apache as flexibly as possible with the help of the Dynamic Shared Object (DSO) facility, we recommend the following steps:

$  cd apache_1.3.12
   $  env SSL_BASE=/usr/local/apache ./configure
      --target=apache
      --with layout=GNU
      --without-confadjust
      --prefix-=/usr/local/apache
      --with-perl=/usr/local/apache/bin/perl
      --activate-module=src/modules/perl/libperl.a
      --enable-module=perl
      --enable-module=ssl
      —enable-shared=remain
   Configuring for Apache, Version 1.3.12
   + using installation path layout: GNU (config.layout)
   + activated perl module (modules/perl/libperl.a)
   Creating Makefile
   Creating Configuration.apaci in src
   Creating Makefile in src
   + configured for FreeBSD 3.1 platform
   + setting C compiler to gcc
   + setting C pre-processor to gcc -E
   + checking for system header files
   + using custom target name: apache
   + adding selected modules
   o rewrite_module uses ConfigStart/End
   enabling DBM support for mod_rewrite
   o dbm_auth_module uses ConfigStart/End
   o db_auth_module uses ConfigStart/End
   using Berkeley-DB/1 .x for mod.auth_db (–lc)
   o ssl_module uses ConfigStart/End
   + SSL interface: mod_ssl/2.6.3
   + SSL interface build type: OBJ
   + SSL interface compatibility: enabled
   + SSL interface experimental code: disabled
   + SSL interface vendor extensions: disabled
   + SSL interface plugin: Vendor DBM (libc)
   + SSL library path: /usr/local/apache
   + SSL library version: OpenSSL 0.9.6
   + SSL library type: installed package (stand-alone)
   + SSL library plugin mode: none
   o perl-module uses ConfigStart/End
   + mod_perl build type: OBJ
   + id: mod.perl/1.24
   + id: Perl/5.00503 (freebsd) [[/usr/local/apache/bin/perl]
   + setting up mod_perl build environment
   + adjusting Apache build environment
   + enabling Perl support for SSI (mod_include)
   + enabling Extended API (EAPI)
   + doing sanity check on compiler and options
   Creating Makefile in src/support
   :
   

APACI options are just what their name implies: optional. Don't get confused by the large number of available options -they are just available for fine-tuning, but are not mandatory.

These steps configure Apache as follows:

  1. The SSL_BASE variable locates the installed OpenSSL package for module mod_ssl.

  2. --target names the program "apache" (the default is "httpd").

  3. --with-layout selects a GNU-style file system layout (the default is an old-style "Apache" layout).

  4. --prefix specifies the installation path prefix.

  5. --sbindir ensures that all binaries are installed into a single directory for binaries.

  6. --with-perl locates the installed Perl package for mod_perl.

  7. --activate-module activates the mod_perl module for the configuration process.

  8. The two --enable-module options enable mod_perl and mod_ssl.

  9. --enable-shared forces all unenabled modules to be built as DSOs for later loading on demand.

3.1.5 Building and Installing Apache

The final step is to actually build the Apache package ingredients and install them under our selected installation path prefix. Because we used APACI, this task is easy and usually involves only two simple commands:

$  make
   ===> src
   ===> src/os/unix
   gcc -c -I../.. -I../../os/unix -I../../ ...
   :
   $  make install
   ===> [mktree: Creating Apache installation tree]
   ./src/helpers/mkdir.sh /usr/local/apache/bin
   ./src/helpers/mkdir.sh /usr/local/apache/bin
   :
   

Of course, we used mod_ssl. Consequently, a X.509 server certificate and private key are required, though they can be dummy ones for testing purposes. The following steps are required in our situation:

$  make
   ===> src
   ===> src/os/unix
   gcc -c -I../.. -I../../os/unix -I../../ ...
   :
   $  make certificate TYPE=dummy
   SSL Certificate Generation Utility (mkcert.sh)
   :
   $  make install
   ===> [mktree: Creating Apache installation tree]
   ./src/helpers/mkdir.sh /usr/local/apache/bin
   ./src/helpers/mkdir.sh /usr/local/apache/bin
   :
   

Installing a ready-to-run Apache web server with the help of APACI is just a matter of a few make commands.

Voilà! You have now successfully installed an Apache web server including mod_perl and mod_ssl under /usr/local/apache. Your reward is an out-of-the-box usable Apache web server including Perl scripting and SSL/TLS functionality. To verify that it works properly, fire up your new server from the root user account…

$  su
   Password:
   #  /usr/local/apache/sbin/apachectl startssl
   /usr/local/apache/bin/apachectl startssl: httpd started
   % $  ps -ax|grep -i apache
   % 8593   ??    Ss    0:01.87 /usr/local/apache/sbin/apache -DSSL
   % 8594   ??    S     0:00.00 /usr/local/apache/sbin/apache -DSSL
   % 8595   ??    S     0:00.00 /usr/local/apache/sbin/apache -DSSL
   % 8596   ??    S     0:00.00 /usr/local/apache/sbin/apache -DSSL
   % 8597   ??    S     0:00.00 /usr/local/apache/sbin/apache -DSSL
   % 8598   ??    S     0:00.00 /usr/local/apache/sbin/apache -DSSL
   

… and try to connect to it with your favorite browser via both HTTP and HTTPS through the URLs http://localhost/ and https://localhost/. Both protocols should be usable.

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020