Apache Virtual Hosts on Debian 7

Virtual Hosts are used to run more than one domain off of a single IP address. This is especially useful to people who need to run several sites off of one virtual private server– each will display different information to the visitors, depending on which website the user is accessing.There is no limit to the number of virtual hosts that can be added to a VPS.

Set Up
The steps in this tutorial require the user to have root privileges. You can see how to set that up in the Initial Server Setup. Choose whichever username you fancy.

Additionally, you need to have apache already installed and running on your virtual server. If you haven’t already done so, use the following command:

sudo apt-get install apache2

Continue reading “Apache Virtual Hosts on Debian 7” »

Share

Simple way to tune apache performance using mpm prefork module

There could be many reasons why your website performance is poor, one of them can possibly be that Apache is not coping with the load. Below you’ll find ready to consume configuration to make Apache performance better using the Apache MPM prefork module.

To do this, just include the below lines into your httpd.conf apache configuration file:

<IfModule mpm_prefork_module>
 StartServers 2
 MinSpareServers 2
 MaxSpareServers 5
 MaxClients 200 #must be customized
 ServerLimit 200 #must be customized
 MaxRequestsPerChild 100
 </IfModule>

KeepAlive Off

Some explanations are here:

Continue reading “Simple way to tune apache performance using mpm prefork module” »

Share

Hiding Apache and PHP Server Signature

Revealing web server signature with server/PHP version info can be a security risk as you are essentially telling attackers known vulnerabilities of your system. Thus it is recommended you disable all web server signatures as part of server hardening process.signature

Disable Apache Web Server Signature

Disabling Apache web server signature can be achieved by editing Apache config file.

On Debian, Ubuntu or Linux Mint:

$ sudo vi /etc/apache2/apache2.conf

Continue reading “Hiding Apache and PHP Server Signature” »

Share

Remove apache, phpmyadmin etc from ubuntu 16.04

You can remove the packages in Ubuntu by executing the commands:

dpkg --purge phpmyadmin
dpkg --purge mysql-server
dpkg --purge apache2.2-common

Or

You have option also to remove the following packages:

sudo apt-get remove apache2*
sudo apt-get remove phpmyadmin 
sudo apt-get remove mysql-server
sudo apt-get remove php5

Or

sudo apt-get --purge apache2*
sudo apt-get --purge phpmyadmin 
sudo apt-get --purge mysql-server
sudo apt-get --purge php5
Share

Install Phalcon framework in Debain 6/7

This repo can be used additionally to the squeeze-php54 repo of dotdeb.org.

Add the following into /etc/apt/sources.list

deb http://debrepo.frbit.com/ frbit-squeeze main

Add the key, update apt and install packages

wget -O – http://debrepo.frbit.com/frbit.gpg | sudo apt-key add –
aptitude update
aptitude install php5-igbinary php5-mongo php5-oauth php5-phalcon php5-runkit php5-stats php5-stomp php5-yaf php5-yaml

Share

Installing Apache2, PHP5, MySQL and PHPMyadmin On Debian

First we install MySQL 5 like this:

apt-get install mysql-server mysql-client

You will be asked to provide a password for the MySQL root user – this password is valid for the user root@localhost as well as root@server1.example.com, so we don't have to specify a MySQL root password manually later on:

New password for the MySQL "root" user: <– yourrootsqlpassword
Repeat password for the MySQL "root" user: <– yourrootsqlpassword

3 Installing Apache2
Apache2 is available as a Debian package, therefore we can install it like this:

apt-get install apache2

Now direct your browser to http://192.168.0.100, and you should see the Apache2 placeholder page (It works!): Continue reading “Installing Apache2, PHP5, MySQL and PHPMyadmin On Debian” »

Share

.htaccess URL redirect

# This allows you to redirect your entire website to any other domain
Redirect 301 / http://mt-example.com/

# This allows you to redirect your entire website to any other domain
Redirect 302 / http://mt-example.com/

# This allows you to redirect index.html to a specific subfolder
Redirect /index.html http://example.com/newdirectory/

# Redirect old file path to new file path
Redirect /olddirectory/oldfile.html http://example.com/newdirectory/newfile.html

# Provide Specific Index Page (Set the default handler)
DirectoryIndex index.html

Share

Hide the Apache Web Server Version number with ServerSignature and ServerTokens directives

You can easily hide Apche (httpd) version number and other information. There are two config directives that controls Apache version. The ServerSignature directive adds a line containing the Apache HTTP Server server version and the ServerName to any server-generated documents, such as error messages sent back to clients. ServerSignature is set to on by default. The ServerTokens directive controls whether Server response header field which is sent back to clients includes a description of the generic OS-type of the server as well as information about compiled-in modules. By setting this to Prod you only displays back Apache as server name and no version number displayed back.

Open your httpd.conf file using text editor such as vi:

vi httpd.conf

Append/modify config directive as follows:

ServerSignature Off
ServerTokens Prod

Save and close the file. Restart Apache web server:

# /etc/init.d/httpd restart

Share

Securing directory using .htaccess file

First make sure your Apache configuration is set for allowing .htaccess. Read this Article first before you move to the next steps.

.htaccess File Creation:

Let's assume /test-dir1 is to be password protected.

$ cd /var/www/html/test-dir1

$ vi .htaccess

Write the following lines into this file:

AuthName "Authorized Users Only."
AuthType Basic
AuthUserFile /etc/httpd/conf/.htpasswd
require user testusr

Telling Apache About Users:
Now we have to inform Apache about the user and its password.

$ htpasswd -c /etc/httpd/conf/.htpasswd testusr

The above command will work if you have htpasswd in your /usr/local/bin and it happens if you install Apache from RPM. /etc/httpd/conf/.htpasswd is the location of file that will contain the authenticated/trusted user password. Continue reading “Securing directory using .htaccess file” »

Share