Apache and PHP
Introduction
Apache upgrade
PHP upgrade
Configuring server name
Introduction
This document is meant to provide information on installing/upgrading
Apache, which will happen from time to time. There is an exploit on
versions below 1.3.26, so it must be upgraded to 1.3.26 or newer.
The document also explains how to configure Apache statically to
run PHP. Due to an exploit PHP must also be upgraded, to 4.1.2 or
newer. Unfortunately the latest version 4.1.2 does not always produce
working DSOs, so
we are statically compiling PHP support into Apache at present.
Other software such as Fastcgi is run as DSOs. The separate document
here explains how to install Fastcgi
on our servers.
Installing Apache
- Get apache_1.3.x.tar.gz from here.
- Upload it to /usr/local/src.
- Untar and unzip with tar -xvzf apache_1.3.x.tar.gz.
- Delete the .tar.gz file if desired.
- cd apache_1.3.x
and then as with most packages:
- ./configure [1]
- make
- If Apache is already installed, it would be wise to make a backup of
the working httpd - cp /usr/local/apache/bin/httpd /usr/local/apache/bin/httpd.bkp.
This also gives you a file with a datestamp to compare so that you
can see if your latest recompile has taken place successfully.
- make install
[1] This gives you a vanilla configuration for Apache.
We will want DSO support and static support for PHP, so we will normally use
./configure --prefix=/usr/local/apache --activate-module=src/modules/php4/libphp4.a --enable-module=so, but this will come in
when you follow the procedure to add PHP support.
Upgrading to Apache 1.3.26 and PHP 4.2.1
- Follow the steps above to install Apache 1.3.26.
- Get php-4.2.1.tar.gz from here.
- Upload it to /usr/local/src.
- Untar and unzip with tar -xvzf php-4.2.1.tar.gz.
- Delete the .tar.gz file if desired.
Now follow the installation instructions below - adapted from the PHP
install document - to the letter.
- cd /usr/local/src/apache_1.3.26
- ./configure
- cd ../php-4.2.1
- ./configure --with-mysql --with-apache=../apache_1.3.26
- make
- make install
- cd ../apache_1.3.26
- ./configure --prefix=/usr/local/apache --activate-module=src/modules/php4/libphp4.a --enable-module=so
Ignore the fact that libphp4.a does not yet exist - this is correct.
If you get the prefix wrong there is no need to recompile, just
change it in the new apachectl file.
- make
- If Apache is already installed, it would be wise to make a backup of
the working httpd - cp /usr/local/apache/bin/httpd /usr/local/apache/bin/httpd.bkp.
This also gives you a file with a datestamp to compare so that you
can see if your latest recompile has taken place successfully.
- make install
- cd ../php-4.2.1
- cp php.ini-dist /usr/local/lib/php.ini
You can edit /usr/local/lib/php.ini to set PHP options at a later time if
required.
- Edit /usr/local/apache/conf/httpd.conf and add:
- AddType application/x-httpd-php .php
if it is not already present.
- Check that Apache will run:
/usr/local/apache/bin/apachectl configtest
and if that's ok, restart:
/usr/local/apache/bin/apachectl stop
/usr/local/apache/bin/apachectl start
- Check that mod_so.c is installed - in the output of /usr/local/apache/bin/httpd -l.
You can test that the new install is working by getting a HEAD from the server:
telnet localhost 80
HEAD / HTTP/1.1
Host: [any host served]
[hit return twice]
You will see this:
HTTP/1.1 200 OK
Date: Wed, 10 Jul 2002 09:53:53 GMT
Server: Apache/1.3.26 (Unix) PHP/4.2.1
Content-Type: text/html
If telnet localhost 80 gives connection refused check that httpd is
running, and then just test from the nearest jump point instead.
Don't forget to edit //usr/local/apache/include/httpd.h so that
the version is no longer disclosed - see next step.
Configuring Server Name
When you do a HEAD, you get a response like:
Server: Apache/1.3.26 (Unix) PHP/4.2.1 which tells the world which
server you are using. We prefer to disguise this, so you should edit
/usr/local/apache/include/httpd.h to read as follows:
#define SERVER_BASEVENDOR "Foo Ltd"
#define SERVER_BASEPRODUCT "Foo Ltd"
#define SERVER_BASEREVISION "Foo Ltd"
Test again with a HEAD and all should be well.
You are reading pages on Flash's server.
Please direct all queries to flash@gorge.org.