All Red Hat Linux documents are copyrighted to Red Hat Inc.

10.2. Migrating Apache HTTP Server 1.3 Configuration Files

If upgrading from Red Hat Linux 7.3 or earlier upon which the Apache HTTP Server was already installed, then the new stock configuration file for the Apache HTTP Server 2.0 package is installed as /etc/httpd/conf/httpd.conf.rpmnew and the original version 1.3 httpd.conf is not touched. It is, of course, entirely up to you whether you use the new configuration file and migrate the old settings to it or use the existing file as a base and modify it to suit; however, some parts of the file have changed more than others and a mixed approach is generally the best. The stock configuration files for both version 1.3 and version 2.0 are divided into three sections. The goal of this guide is to suggest what is hopefully the easiest route.

If the /etc/httpd/conf/httpd.conf is a modified version of the default Red Hat Linux version and a saved a copy of the original is available, it may be easiest to invoke the diff command, as in the following example:

diff -u httpd.conf.orig httpd.conf | less

This command highlights any modifications made. If a copy of the original file is not available, extract it from an RPM package using the rpm2cpio and cpio commands, as in the following example:

	  rpm2cpio apache-<version-number>.i386.rpm | cpio -i --make

In the above command, replace <version-number> with the version number for the apache package.

Finally, it is useful to know that the Apache HTTP Server has a testing mode to check for configuration errors. To use access it, type the following command:

apachectl configtest

10.2.1. Global Environment Configuration

The global environment section of the configuration file contains directives which affect the overall operation of the Apache HTTP Server, such as the number of concurrent requests it can handle and the locations of the various files. This section requires a large number of changes compared with the others and it is therefore recommended to base this section on the Apache HTTP Server 2.0 configuration file and migrate the old settings into it.

10.2.1.1. Selecting Which Interfaces and Ports To Bind To

The BindAddress and Port directives no longer exist; their functionality is now provided by a more flexible Listen directive.

If Port 80 was set in the 1.3 version configuration file, change it to Listen 80 in the 2.0 configuration file. If Port was set to some value other than 80, then append the port number to the contents of the ServerName directive.

For example, the following is a sample Apache HTTP Server 1.3 directive:

Port 123
ServerName www.example.com

To migrate this setting to Apache HTTP Server 2.0, use the following structure:

Listen 123
ServerName www.example.com:123 

For more on this topic, refer to the following documentation on the Apache Software Foundation's website:

10.2.1.2. Server-pool Size Regulation

In Apache HTTP Server 2.0, the responsibility for accepting requests and dispatching child-processes to handle them has been abstracted into a group of modules called Multi-Processing Modules (MPMs). Unlike other modules, only one module from the MPM group can be loaded by the Apache HTTP Server. There are three MPM modules that ship with version 2.0: prefork, worker, and perchild.

The original Apache HTTP Server 1.3 behavior has been moved into the prefork MPM. Currently only the prefork MPM is available on Red Hat Linux, although the other MPMs may be made available at a later date.

The prefork MPM accepts the same directives as Apache HTTP Server 1.3, so the following directives may be migrated directly:

  • StartServers

  • MinSpareServers

  • MaxSpareServers

  • MaxClients

  • MaxRequestsPerChild

For more on this topic, refer to the following documentation on the Apache Software Foundation's website:

10.2.1.3. Dynamic Shared Object (DSO) Support

There are many changes required here, and it is highly recommended that anyone trying to modify an Apache HTTP Server 1.3 configuration to suit version 2.0 (as opposed to migrating the changes into the version 2.0 configuration) copy this section from the stock Red Hat Linux Apache HTTP Server 2.0 configuration file.

Those who do not want to copy the section from the stock Apache HTTP Server 2.0 configuration should note the following:

  • The AddModule and ClearModuleList directives no longer exist. These directives where used to ensure that modules could be enabled in the correct order. The Apache HTTP Server 2.0 API allows modules to specify their ordering, eliminating the need for these two directives.

  • The order of the LoadModule lines is no longer relevant.

  • Many modules have been added, removed, renamed, split up, or incorporated with each other.

  • LoadModule lines for modules packaged in their own RPMs (mod_ssl, php, mod_perl, and the like) are no longer necessary as they can be found in the relevant file in the /etc/httpd/conf.d/ directory.

  • The various HAVE_XXX definitions are no longer defined.

ImportantImportant
 

If modifying the original file, please note that it is of paramount importance that the httpd.conf contains the following directive:

Include conf.d/*.conf

Omission of this directive will result in the failure of all modules packaged in their own RPMs (such as mod_perl, php, and mod_ssl).

10.2.1.4. Other Global Environment Changes

The following directives have been removed from Apache HTTP Server 2.0's configuration:

  • ServerType — The Apache HTTP Server can only be run as ServerType standalone making this directive irrelevant.

  • AccessConfig and ResourceConfig — These directives have been removed since they mirror the functionality of the Include directive. If the AccessConfig and ResourceConfig directives are set then replace them with Include directives.

    To ensure that the files are read in the order implied by the older directives the Include directives should be placed at the end of httpd.conf, with the one corresponding to ResourceConfig preceding the one corresponding to AccessConfig. If using the default values, include them explicitly as conf/srm.conf and conf/access.conf files.

10.2.2. Main Server Configuration

The main server configuration section of the configuration file sets up the main server, which responds to any requests that are not handled by a <VirtualHost> definition. Values here also provide defaults for any <VirtualHost> containers defined.

The directives used in this section have changed little between Apache HTTP Server 1.3 and version 2.0. If the main server configuration is heavily customized it may be easier to modify the existing configuration file to suit Apache HTTP Server 2.0. Users with only lightly customized main server sections should migrate their changes into the default 2.0 configuration.

10.2.2.1. UserDir Mapping

The UserDir directive is used to enable URLs such as http://example.com/~bob/ to map to a subdirectory within the home directory of the user bob, such as /home/bob/public_html. A side-effect of this feature allows a potential attacker to determine whether a given username is present on the system. For this reason, the default configuration for Apache HTTP Server 2.0 disables this directive.

To enable UserDir mapping, change the directive in httpd.conf from:

UserDir disable

to the following:

UserDir public_html

For more on this topic, refer to the following documentation on the Apache Software Foundation's website, http://httpd.apache.org/docs-2.0/mod/mod_userdir.html#userdir.

10.2.2.2. Logging

The following logging directives have been removed:

  • AgentLog

  • RefererLog

  • RefererIgnore

However, agent and referrer logs are still available using the CustomLog and LogFormat directives.

For more on this topic, refer to the following documentation on the Apache Software Foundation's website:

10.2.2.3. Directory Indexing

The deprecated FancyIndexing directive has now been removed. The same functionality is available through the FancyIndexing option within the IndexOptions directive.

The new VersionSort option to the IndexOptions directive causes files containing version numbers to be sorted in a more natural way. For example, httpd-2.0.6.tar appears before httpd-2.0.36.tar in a directory index page.

The defaults for the ReadmeName and HeaderName directives have changed from README and HEADER to README.html and HEADER.html.

For more on this topic, refer to the following documentation on the Apache Software Foundation's website:

10.2.2.4. Content Negotiation

The CacheNegotiatedDocs directive now takes the argument on or off. Existing instances of CacheNegotiatedDocs should be replaced with CacheNegotiatedDocs on.

For more on this topic, refer to the following documentation on the Apache Software Foundation's website:

10.2.2.5. Error Documents

To use a hard-coded message with the ErrorDocument directive, the message should be enclosed in a pair of double quotation marks ["], rather than just preceded by a double quotation mark as required in Apache HTTP Server 1.3.

To migrate an ErrorDocument setting to Apache HTTP Server 2.0, use the following structure:

ErrorDocument 404 "The document was not found"

Note the trailing double quote in the previous example ErrorDocument directive.

For more on this topic, refer to the following documentation on the Apache Software Foundation's website:

10.2.3. Virtual Hosts Configuration

The contents of all <VirtualHost> containers should be migrated in the same way as the main server section as described in Section 10.2.2 Main Server Configuration.

ImportantImportant
 

Note that SSL/TLS virtual host configuration has been moved out of the main server configuration file and into /etc/httpd/conf.d/ssl.conf.

For more on this topic, refer to the chapter titled Apache HTTP Secure Server Configuration in the Red Hat Linux Customization Guide and the documentation online at the following URL:

10.2.4. Modules and Apache HTTP Server 2.0

In Apache HTTP Server 2.0, the module system has been changed to allow modules to be chained together or combined in new and interesting ways. Common Gateway Interface (CGI) scripts, for example, can generate server-parsed HTML documents which can then be processed by mod_include. This opens up a tremendous number of possibilities with regards to how modules can be combined to achieve a specific goal.

The way this works is that each request is served by exactly one handler module followed by zero or more filter modules.

Under Apache HTTP Server 1.3, for example, a PHP script would be handled in its entirety by the PHP module. Under Apache HTTP Server 2.0, the request is initially handled by the core module — which serves static files — and is then filtered by the PHP module.

Exactly how to use this, and all the other new features of Apache HTTP Server 2.0 for that matter, is beyond the scope of this document; however, the change has ramifications if the PATH_INFO directive is used for a document which is handled by a module that is now implemented as a filter, as each contains trailing path information after the true file name. The core module, which initially handles the request, does not by default understand PATH_INFO and will return 404 Not Found errors for requests that contain such information. As an alternative, use the AcceptPathInfo directive to coerce the core module into accepting requests with PATH_INFO.

The following is an example of this directive:

AcceptPathInfo on

For more on this topic, refer to the following documentation on the Apache Software Foundation's website:

10.2.4.1. The mod_ssl Module

The configuration for mod_ssl has been moved from httpd.conf into the file /etc/httpd/conf.d/ssl.conf. For this file to be loaded, and hence for mod_ssl to work, the statement Include conf.d/*.conf must be in the httpd.conf as described in Section 10.2.1.3 Dynamic Shared Object (DSO) Support.

ServerName directives in SSL virtual hosts must explicitly specify the port number.

For example, the following is a sample Apache HTTP Server 1.3 directive:

<VirtualHost _default_:443>
    # General setup for the virtual host
    ServerName ssl.example.name
    ...
</VirtualHost>

To migrate this setting to Apache HTTP Server 2.0, use the following structure:

<VirtualHost _default_:443>
    # General setup for the virtual host
    ServerName ssl.host.name:443
    ...
</VirtualHost>

For more on this topic, refer to the following documentation on the Apache Software Foundation's website:

10.2.4.2. The mod_proxy Module

Proxy access control statements are now placed inside a <Proxy> block rather than a <Directory proxy:>.

The caching functionality of the old mod_proxy has been split out into the following three modules:

  • mod_cache

  • mod_disk_cache

  • mod_file_cache

These generally use the same or similar directives as the older versions of the mod_proxy module.

For more on this topic, refer to the following documentation on the Apache Software Foundation's website:

10.2.4.3. The mod_include Module

The mod_include module is now implemented as a filter and is therefore enabled differently. Refer to Section 10.2.4 Modules and Apache HTTP Server 2.0 for more about filters.

For example, the following is a sample Apache HTTP Server 1.3 directive:

AddType text/html .shtml
AddHandler server-parsed .shtml

To migrate this setting to Apache HTTP Server 2.0, use the following structure:

AddType text/html .shtml
AddOutputFilter INCLUDES .shtml

Note that just as before, the Options +Includes directive is still required for the <Directory> container or in a .htaccess file.

For more on this topic, refer to the following documentation on the Apache Software Foundation's website:

10.2.4.4. The mod_auth_dbm and mod_auth_db Modules

Apache HTTP Server 1.3 supported two authentication modules, mod_auth_db and mod_auth_dbm, which used Berkeley Databases and DBM databases respectively. These modules have been combined into a single module named mod_auth_dbm in Apache HTTP Server 2.0, which can access several different database formats. To migrate from mod_auth_db, configuration files should be adjusted by replacing AuthDBUserFile and AuthDBGroupFile with the mod_auth_dbm equivalents: AuthDBMUserFile and AuthDBMGroupFile. Also, the directive AuthDBMType DB must be added to indicate the type of database file in use.

The following example shows a sample mod_auth_db configuration for Apache HTTP Server 1.3:

<Location /private/>
  AuthType Basic
  AuthName "My Private Files"
  AuthDBUserFile /var/www/authdb
  require valid-user
</Location>

To migrate this setting to version 2.0 of Apache HTTP Server, use the following structure:

<Location /private/>
  AuthType Basic
  AuthName "My Private Files"
  AuthDBMUserFile /var/www/authdb
  AuthDBMType DB
  require valid-user
</Location>

Note that the AuthDBMUserFile directive can also be used in .htaccess files.

The dbmmanage Perl script, used to manipulate user name and password databases, has been replaced by htdbm in Apache HTTP Server 2.0. The htdbm program offers equivalent functionality and like mod_auth_dbm can operate a variety of database formats; the -T option can be used on the command line to specify the format to use.

Table 10-1 shows how to migrate from a DBM-format database to htdbm format using dbmmanage.

Actiondbmmanage command (1.3)Equivalent htdbm command (2.0)
Add user to database (using given password)dbmmanage authdb add username passwordhtdbm -b -TDB authdb username password
Add user to database (prompts for password)dbmmanage authdb adduser usernamehtdbm -TDB authdb username
Remove user from databasedbmmanage authdb delete usernamehtdbm -x -TDB authdb username
List users in databasedbmmanage authdb viewhtdbm -l -TDB authdb
Verify a passworddbmmanage authdb check usernamehtdbm -v -TDB authdb username

Table 10-1. Migrating from dbmmanage to htdbm

The -m and -s options work with both dbmmanage and htdbm, enabling the use of the MD5 or SHA1 algorithms for hashing passwords, respectively.

When creating a new database with htdbm, the -c option must be used.

For more on this topic, refer to the following documentation on the Apache Software Foundation's website:

10.2.4.5. The mod_perl Module

The configuration for mod_perl has been moved from httpd.conf into the file /etc/httpd/conf.d/perl.conf. For this file to be loaded, and hence for mod_perlto work, the statement Include conf.d/*.conf must be included in the httpd.conf as described in Section 10.2.1.3 Dynamic Shared Object (DSO) Support.

Occurences of Apache:: in the httpd.conf must be replaced with ModPerl::. Additionally, the manner in which handlers are registered has been changed.

This is a sample Apache HTTP Server 1.3 mod_perl configuration:

<Directory /var/www/perl>
    SetHandler perl-script
    PerlHandler Apache::Registry
    Options +ExecCGI
</Directory>

This is the equivalent mod_perl for Apache HTTP Server 2.0:

<Directory /var/www/perl>
    SetHandler perl-script
    PerlModule ModPerl::Registry
    PerlHandler ModPerl::Registry::handler
    Options +ExecCGI
</Directory>

Most modules for mod_perl 1.x should work without modification with mod_perl 2.x. XS modules require recompilation and may possibly require minor Makefile modifications.

10.2.4.6. The mod_python Module

The configuration for mod_python has been moved from httpd.conf into the file /etc/httpd/conf.d/python.conf. For this file to be loaded, and hence for mod_python to work, the statement Include conf.d/*.conf must be in the httpd.conf as described in Section 10.2.1.3 Dynamic Shared Object (DSO) Support.

10.2.4.7. PHP

The configuration for PHP has been moved from httpd.conf into the file /etc/httpd/conf.d/php.conf. For this file to be loaded, the statement Include conf.d/*.conf must be in the httpd.conf as described in Section 10.2.1.3 Dynamic Shared Object (DSO) Support.

The PHP is now implemented as a filter and must therefore be enabled in a different manor. See Section 10.2.4 Modules and Apache HTTP Server 2.0 for more about filters.

Under Apache HTTP Server 1.3, PHP was implemented using the following directives:

AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

Under Apache HTTP Server 2.0, use the following directives instead:

<Files *.php>
    SetOutputFilter PHP
    SetInputFilter PHP
</Files>

In PHP 4.2.0 and later the default set of predefined variables which are available in the global scope has changed. Individual input and server variables are, by default, no longer placed directly into the global scope. This change may cause scripts to break. Revert to the old behavior by setting register_globals to On in the file /etc/php.ini.

For more on this topic, refer to the following URL for details concerning the global scope changes:

© Copyright 2003-2014 www.php-editors.com. The ultimate PHP Editor and PHP IDE site.