|Source Repository:||Repository:Gentoo Portage Tree|
Summary: The Apache Web Server
- Install suexec with apache
- Link in apache2 modules statically rather then plugins
- Group authorizations based on host (name or IP address). Available as a compatibility module with previous versions.
- Provides core authentication capabilities common to all authentication providers (functionality provided by authn_alias in previous versions).
- Provides core authorization capabilities to various authorization/authorization modules, such as authn_file and authz_user.
- Provides authorization capabilities via SQL database so that authenticated users can be allowed or denied access to portions of the web site by group membership.
- Disk based storage module for the HTTP caching filter (similar to mem_cache in previous versions).
- Module to rewrite links in html pages behind a reverse proxy
- Enable http2/alpn module
- Request counting load balancer scheduler algorithm for proxy_balancer.
- Weighted traffic counting load balancer scheduler algorithm for proxy_balancer.
- Pending request counting load balancer scheduler algorithm for proxy_balancer.
- Heartbeat traffic counting load balancer scheduler algorithm for proxy_balancer.
- Macros for the Apache config file.
- Slot-based shared memory provider.
- A shared object cache provider using a high-performance cyclic buffer inside a shared memory segment.
- Basic (required) security for Unix-family platforms.
- FCGI support module for mod_proxy.
- Provides support for the tunnelling of web socket connections to a backend websockets server.
- Ratelimit module for transfer rate management
- Remotip module for logging
Apache is a powerful web server which serves html/css/cgi/pl out of the box, and can serve other languages/frameworks via extensions.
The Apache Homepage says this of Apache:
The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.
Configure USE Flags
Depending upon one's personal preferences, flag changes are sometimes necessary. To extend default USE flags in an Apache ebuild, compile a custom flavor. This can be achieved by Portage's
package.use. Create a directory
/etc/portage/package.use and file called
/etc/portage/package.use/apache, and add the USE flags you want. For example:
# install -d /etc/portage/package.use
www-servers/apache ssl threads
Alternatively, if one prefers a
/etc/portage/package.use flat file:
# echo 'www-servers/apache ssl threads' >> /etc/portage/package.use
After configuring your preferred USE flags, emerge Apache:
# emerge apache
Many packages have Apache2 USE flags. These USE flags are often required for an application to be supported by Apache. Setting a system wide Apache2 USE flag is a good idea.
Apache's configuration files are broken up and located in several spots.
conf.d controls the init script, adding things to it such as -D SECURITY & -D PHP will enable web application fire-walling & the php scripting language.
httpd.conf controls how the server behaves, at the bottom of the file it has directives to include configuration files ending in .conf in
DSO / mod_php
To show which PHP versions are available for Apache on your system:
# eselect php list apache2  php5.5  php5.6 *
To select PHP 5.5:
# eselect php set apache2 php5.5
"... -D PHP"
# rc-service apache2 restart
If php code is showing instead of processing server side, ensure you have emerged app-eselect/eselect-php with the apache2 useflag.
Apache supports php-fpm also, this is the preferred method to serve php.
... APACHE2_MODULES="actions alias auth_basic auth_digest authn_alias authn_anon authn_core authn_dbm authn_file authz_core authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir env expires ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif socache_shmcb speling status unique_id unixd userdir usertrack vhost_alias proxy proxy_fcgi" ...
"... -D PROXY"
... <VirtualHost *:80> ServerName localhost Include /etc/apache2/vhosts.d/default_vhost.include ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/localhost/htdocs/$1 DirectoryIndex /index.php ...
Do not forget to start php-fpm:
# rc-update add php-fpm default rc
Enabling Security Module
# emerge mod_security
APACHE2_OPTS="... -D SECURITY"
Control this module by editing these files, and restarting Apache.
To start Apache temporarily:
# rc-service apache2 start
To start Apache immediately, and every boot:
# rc-update add apache2 default # rc
The Apache documentation describes
The mod_rewrite module uses a rule-based rewriting engine, based on a PCRE regular-expression parser, to rewrite requested URLs on the fly. By default, mod_rewrite maps a URL to a filesystem path. However, it can also be used to redirect one URL to another URL, or to invoke an internal proxy fetch.
Setting it up
mod_rewrite has a reputation of being difficult to set up. mod_rewrite requires following symlinks & Order allow,deny (apache 2.2) or Require all granted (apache 2.4) is set. To test functionality of mod_rewrite we will need to make a few files.
If you want to test this for web applications such as mediawiki adjust the path to
RewriteEngine on RewriteRule ^test.html$ rewrite.html
rewrite is not working
rewrite is working
Then point your browser to http://127.0.0.1/test.html. You should see that the text from rewrite.html has been loaded.