Discount Web Hosting, Subdomain, Vps Hosting, J2ee Web Hosting, Programming Blog

612 Part V . Running Servers Read permissions are not necessary for compiled binaries, such as those written in C or C++, but can be safely added unless there is a need to keep the contents of the program secret. A client denied by server configuration error indicates that Apache was configured to deny access to the object. Check the configuration files for and sections that might affect the file you are trying to access, remembering that settings applied to a path are also applied to any paths below it. You can override these by changing the permissions only for the more specific path to which you want to allow access. The Directory index forbidden by rule error indicates that Apache could not find an index file with a name specified in the DirectoryIndex directive and was configured to not create an index containing a list of files in a directory. Make sure your index page, if you have one, has one of the names specified in the relevant DirectoryIndex directive, or add an Options Indexes line to the appropriate or section for that object. Premature end of script headers errors can indicate that a script is crashing before it finishes. Sometimes, the errors that caused this also show up in the error log. When using suexec or suPHP, this error may also be caused by a file ownership or permissions error. These errors are indicated in /var/log/apache/suexec.log or /var/log/apache/suphp.log. Securing Your Web Traffic with SSL/TLS You ll want to add security for your server, including your own certificates. Your data is important, and so is your capability to pass it along your network or the Internet to others. Networks just aren t secure enough by themselves to protect your communications. This section examines ways you can help guard them. Electronic commerce applications such as online shopping and banking are generally encrypted using either the Secure Socket Layer (SSL) or Transport Layer Security (TLS) specifications. TLS is based on version 3.0 of the SSL specifications, so they are very similar in nature. This similarity, combined with the fact that SSL is older, results in the SSL acronym often being used to refer to either variety. For Web connections, the SSL connection is established first, and then normal HTTP communication is tunneled through it. Because SSL negotiation takes place before any HTTP communication, name-based virtual hosting (which occurs at the HTTP layer) does not work with SSL. As a consequence, every SSL virtual host you configure will need to have a unique IP address. Note Note
Note: In case you are looking for affordable and reliable webhost to host and run your j2ee application check Vision J2ee Web Hosting services.

Chapter 23 . Running a Linux, Apache, MySQL, and PHP (LAMP) Server 611 If you aren t getting enough information in the ErrorLog, you can configure it to log more information using the LogLevel directive. The options available for this directive, in increasing order of verbosity, are emerg, alert, crit, error, warn, notice, info, and debug. Select only one of these. Any message that is at least as important as the LogLevel you select will be stored in the ErrorLog. On a typical server, this is set to warn. You should not set it to any lower than crit and should avoid leaving it set to debug because that can slow down the server and result in a very large ErrorLog. As a last resort, you can also try running apache manually to check for crashes or other error messages: # /usr/sbin/apache -d /etc/apache -F ; echo $? The -d flag tells apache where to look for its configuration file, and the -F flag tells it to run in the foreground. The semicolon separates this command from the echo command, which will display the return code ($?) from Apache after it exits. In the event that apache crashes during this step, you can use tools such as gdb and strace to trace the problem. Access Forbidden and Server Internal Errors There are two common types of errors that you may encounter when attempting to view specific pages on your server: permission errors and server internal errors. Both types of errors can usually be isolated using the information in the error log. After making any of the changes below to attempt to solve one of these problems, try the request again and then check the error log to see if the message has changed (for example, to show that the operation completed successfully). File not found errors can be checked in the same way as access forbidden and server internal errors. You may sometimes find that Apache is not looking where you think it is for a specific file. Generally, the entire path to the file shows up in the error log. Make sure you are accessing the correct virtual host, and check for any Alias settings that might be directing your location to a place you don t expect. A file permissions prevent access error indicates that the apache process is running as a user that is unable to open the requested file. Make sure that the account has execute permissions on the directory and every directory above it, as well as read permissions on the files themselves. Read permissions on a directory are also necessary if you want Apache to generate an index of files. See the manual page for chmod for more information about how to view and change permissions. Note
If you are looking for cheap and quality webhost to host and run your website check Jboss Web Hosting services.

610 Part V . Running Servers You can use the netstat command to view the list of programs (including Apache) with TCP ports in the LISTEN state: # netstat -nltp Active Internet connections (only servers) Proto Local Address Foreign Address State PID/Program name tcp 0.0.0.0:80 0.0.0.0:* LISTEN 2105/apache The output from netstat (which was shortened to fit here) indicates that an instance of the apache process with a process ID of 2105 is listening (as indicated by the LISTEN state) for connections to any local IP address (indicated by 0.0.0.0) on port 80 (the standard HTTP port). If a different program is listening to port 80, it will be shown there. You can use the kill command to terminate the process, but if it is something other than apache (or httpd), you should also find out why it is running. If you don t see any other processes listening on port 80, it could be that you have accidentally told Apache to listen on the same IP address and port combination in more than one place. There are three configuration directives that can be used for this: BindAddress, Port, and Listen: . BindAddress enables you to specify a single IP address to listen on, or you can specify all IP addresses using the * wildcard. You should never have more than one BindAddress statement in your configuration file. . Port specifies which TCP port to listen on but does not enable you to specify the IP address. Port is generally not used more than once in the configuration. . Listen enables you to specify both an IP address and a port to bind to. The IP address can be in the form of a wildcard, and you can have multiple Listen statements in your configuration file. Generally, it is a good idea to use only one type of these directives to avoid confusion. Of the three, Listen is the most flexible, so it is probably the one you ll want to use the most. A common error when using Listen is to specify a port on all IP addresses (*:80) as well as that same port on a specific IP address (1.2.3.4:80), which will result in the error from make_sock. Configuration errors relating to SSL (discussed later in this chapter) will commonly result in Apache not starting properly. Make sure all key and certificate files exist and that they are in the proper format (use openssl to examine them, as shown later in this chapter). For other error messages, try doing a Web search to see if somebody else has encountered the problem. In most cases, you can find a solution within the first few matches.
We highly recommend you visit web and email hosting services if you need stable and cheap web hosting platform for your web applications.

Chapter 23 . Running a Linux, Apache, MySQL, and PHP (LAMP) Server 609 This section refers to the Apache HTTPD binary as apache, which is what it is named on Debian systems. However, in most other distributions, the binary is named httpd. On different systems, you may need to substitute httpd for apache when it appears by itself, although not for commands such as apachectl. Configuration Errors You may occasionally run into configuration errors or script problems that prevent Apache from starting or that prevent specific files from being accessible. Most of these problems can be isolated and resolved using two Apache-provided tools: the apachectl program and the system error log. When encountering a problem, first use the apachectl program with the configtest parameter to test the configuration. In fact, it s a good idea to develop the habit of running this every time you make a configuration change: # apachectl configtest Syntax OK # apachectl graceful /usr/sbin/apachectl graceful: httpd gracefully restarted In the event of a syntax error, apachectl indicates where the error occurs and also does its best to give a hint about the nature of the problem. You can then use the graceful restart option (apachectl graceful) to instruct Apache to reload its configuration without disconnecting any active clients. The graceful restart option in apachectl automatically tests the configuration before sending the reload signal to apache, but it is still a good idea to get in the habit of running the manual configuration test after making any configuration changes. Some configuration problems pass the syntax tests performed by apachectl, but then result in the HTTP daemon exiting immediately after reloading its configuration. If this happens, use the tail command to check Apache s error log for useful information. On Debian systems, the error log is in /var/log/apache/error.log. On other systems, the location can be found by looking for the ErrorLog directive in your Apache configuration. One of the more commonly encountered errors looks something like this: [crit] (98)Address already in use: make_sock: could not bind to port 80 This error often indicates that something else is bound to port 80 (not very common unless you have attempted to install another Web server), that another Apache process is already running (apachectl usually catches this), or that you have told Apache to bind the same IP address and port combination in more than one place. Note Note
Note: In case you are looking for affordable and reliable webhost to host and run your j2ee application check Vision J2ee Web Hosting services.

608 Part V . Running Servers 8. In the General settings, make sure you set an admin password. Under Locations and URLs, set the temporary directory to /tmp. The other default settings should work, but you can change the look and feel or gallery name to suit your tastes. 9. Tighten the permissions on gallery/.htaccess and gallery/config.php: $ cd ~/public_html/gallery $ sh secure.sh 10. You re now ready to start administrating your photo gallery through the Web interface at http://yourservername/gallery/. Figure 23-3 shows an example photo gallery. Figure 23-3: A sample Gallery installation, with photos. Troubleshooting In any complex environment, you will occasionally run into problems. This section includes tips for isolating and resolving the most common errors that you may encounter.
In case you need affordable webhost to host your website, our recommendation is ecommerce web host services.

Chapter 23 . Running a Linux, Apache, MySQL, and PHP (LAMP) Server 607 $ cd ~/public_html $ wget http://dl.sourceforge.net/sourceforge/gallery/gallery-1.4.4-pl2.tar.gz $ tar xzf gallery-1.4.4-pl2.tar.gz The second code line (starting $ wget http:) is too long to fit on one line in this book. Just keep typing on one line until you finish .tar.gz, and then press Enter. The wget and tar command lines may be different from this example if you use different versions of Gallery. 6. Run the Gallery preconfigure script to set up the necessary file permissions, and create an albums directory that the Web scripts will be able to write to: $ cd ~/public_html/gallery $ sh configure.sh $ mkdir -m 777 ../albums 7. Go through the setup process at the Gallery setup page, http://yourserver name/gallery/setup/. A screenshot of the Gallery configuration page can be seen in Figure 23-2. The first page tests for all of the necessary programs, which are available if you installed the prerequisites in step 1. It indicates the installation status. There will be one warning about the composite program not being found and another indicating that no additional languages were downloaded. Figure 23-2: The Gallery setup page. Note
Please visit Domain Name Hosting services for high quality webhost to host and run your jsp applications.

606 Part V . Running Servers You may want to place individual virtual hosts in separate files for convenience. However, you should be careful to keep your primary virtual host in a file that will be read before the others because the first virtual host receives requests for site names that don t match any in your configuration. In a commercial Web-hosting environment, it is common to make a special default virtual host that contains an error message indicating that no site by that name has been configured. Installing a Web Application: Gallery Gallery is a Web-based photo gallery management system written in PHP. Through its Web interface, you can upload pictures to your own photo galleries, which will then be available on the Web through your LAMP server. Gallery stores its information in data files in your Web directory and does not require that MySQL be installed on your server. Despite its many advanced features, such as support for multiple photo albums and automatic generation of thumbnails, Gallery only takes a few minutes to install once your LAMP server has been configured. Before proceeding with this section, you will need to add a virtual host for Gallery. Then you ll be ready to install Gallery, as shown here: 1. There are several programs that Gallery uses in order to perform image manipulation. You can install these using APT: # apt-get install netpbm libjpeg-progs jhead unzip 2. Configure your virtual host so that the security features needed by Gallery are permitted by Apache by adding this to the block in /etc/ apache/conf.d/vhosts.conf: AllowOverride Limit Options FileInfo Be sure to replace username with the name of the user account that owns the Web documents. 3. Test and reload the Apache HTTP server configuration: # apachectl configtest Syntax OK # apachectl graceful 4. Log out of your root account and log in as the user who owns the Web document folder. 5. Download the latest Gallery version 1.x package from http://gallery. menalto.com/index.php and extract it to the location where you want to have it installed. A gallery directory under your public_html folder is an ideal location: Note Note Note
In case you need affordable webhost to host your website, our recommendation is ecommerce web host services.

Chapter 23 . Running a Linux, Apache, MySQL, and PHP (LAMP) Server 605 NameVirtualHost *:80 ServerName www.example.org ServerAlias web.example.org DocumentRoot /home/username/public_html/ User username Group groupname DirectoryIndex index.php index.html index.htm The NameVirtualHost line tells Apache to determine which virtual host to serve documents from based on the hostname provided by the HTTP client. The *:80 means that requests to port 80 on any IP address will be treated in this manner. Similarly, the *:80 specification in the VirtualHost block indicates what address and port this virtual host applies to. The port is optional for both the NameVirtualHost and VirtualHost specifications but should always be used to prevent interference with SSL virtual hosts. The ServerName and ServerAlias lines tell Apache which names this virtual host should be recognized as, so replace them with names appropriate to your site. You can leave out the ServerAlias line if you do not have any alternate names for the server, and you can specify more than one name per ServerAlias line or have multiple ServerAlias lines if you have several alternate names. The DocumentRoot specifies where the Web documents for this site are stored. If you plan to have more than one site per user, you will need to modify this layout appropriately. Replace username with the name of the account that is administrating the Web site. For this example, each Web site is required to be administered by a different user account. The User and Group lines are used by suexec to determine which account to run scripts as. The groupname parameter should be changed to username s primary group. In most modern installations, this is the same as the username. These two lines must be left out if you aren t using suexec. When you are done, use apachectl to check the configuration and then do a graceful restart: # apachectl configtest Syntax OK # apachectl graceful Unless you have already created it, you will receive a warning about the public_ html not existing. Run mkdir ~/public_html as the user that owns the Web site in order to create it. Additional virtual hosts can be added by repeating the VirtualHost block and repeating the configuration test (configtest) and reload (graceful) steps. Note
In case you need affordable webhost to host your website, our recommendation is ecommerce web host services.

604 Part V . Running Servers Three directives commonly found in location blocks and access control files are DirectoryIndex, Options, and ErrorDocument: . DirectoryIndex tells Apache which file to load when the URI contains a directory but not a filename. This directive doesn t work in Files blocks. . Options is used to adjust how Apache handles files within a directory. The ExecCGI option tells Apache that files in that directory can be run as CGI scripts, and the Includes option tells Apache that server-side includes (SSI) are permitted. Also commonly used is the Indexes option, which tells Apache to generate a list of files if one of the filenames found in the DirectoryIndex setting is missing. An absolute list of options can be specified, or the list of options can be modified by adding + or - in front of an option name. See http:// httpd.apache.org/docs/mod/core.html#options for more information. . ErrorDocument directives can be used to specify which file to send in the result of an error. The directive must specify an error code and the full URI for the error document. Possible error codes include 403 (access denied), 404 (file not found), and 500 (server internal error). More information about the ErrorDocument directive can be found at http://httpd.apache.org/docs/ mod/core.html#errordocument. Another common use for location blocks and access control files is to limit access to a resource. The Allow directive can be used to permit access to matching hosts, and the Deny directive can be used to forbid it. Both of these options can occur more than once within a block and are handled based on the Order setting. Setting Order to Deny,Allow permits access to any host that is not listed in a Deny directive. A setting of Allow,Deny denies access to any host not allowed in an Allow directive. Like most other options, the most specific Allow or Deny option for a host is used, meaning that you can Deny access to a range and Allow access to subsets of that range. By adding the Satisfy option and some additional parameters, you can add password authentication. For more information about access control, see http://httpd.apache.org/docs/mod/mod_access.html. Location blocks (in the generic sense) can be enclosed within a VirtualHost block. Virtual hosts, which are described in greater detail in the next section, are a convenient (and almost essential) tool for altering server behavior based on the server address or name that a request is directed to. Most global configuration options are applied to virtual hosts but can be overridden by directives within the VirtualHost block. Adding a Virtual Host to Apache Apache supports the creation of separate Web sites within a single server to keep content separate. Individual sites are configured in the form of virtual hosts, which also are useful when only a single site will be used. Here s how to configure a virtual host: Create a file named /etc/apache/conf.d/vhosts.conf using this template:
Searching for affordable and proven webhost to host and run your servlet applications? Go to Linux Web Hosting services and you will find it.

Chapter 23 . Running a Linux, Apache, MySQL, and PHP (LAMP) Server 603 Different types of location tags exist, and are selected based on the type of resource location that is being specified. The specifier that is included in the start tag will be handled based on the type of location tag. The ones you will generally use and encounter are Directory, Files, and Location. In this chapter, Location refers specifically to the third type of tag, and location refers generically to any of the three. . Directory tags are used to specify a path based on the location on the file system. For instance, refers to the root directory on the computer. Directories inherit settings from directories above them, with the most specific Directory block overriding less specific ones, regardless of the order in which they appear in the configuration files. . Files tags are used to specify files by name. Files tags can be contained within Directory blocks to limit them to files under that directory. Settings within a Files block will override the ones in Directory blocks. . Location tags are used to specify the URI that is used to access a file or directory. This is different from Directory in that it relates to the address contained within the request and not to the real location of the file on the drive. Location tags are processed last and will override the settings in Directory and Files blocks. Match versions of these tags DirectoryMatch, FilesMatch, and LocationMatch have the same function but can contain regular expressions in the resource specification. FilesMatch and LocationMatch blocks are processed at the same time as Files and Location, respectively. DirectoryMatch blocks are processed after Directory blocks. Apache can also be configured to process configuration options contained within files with the name specified in the AccessFileName directive (which is generally set to .htaccess). Directives in access configuration files are applied to all objects under the directory they contain, including subdirectories and their contents. Access configuration files are processed at the same time as Directory blocks, using a similar most specific match order. Access control files are useful for allowing users to change specific settings without having access to the server configuration files. The configuration directives permitted within an access configuration file are determined by the AllowOverride setting on the directory in which they are contained. Some directives do not make sense at that level and will generally result in a server internal error message when trying to access the URI. The AllowOverride option is covered in detail at http:// httpd.apache.org/docs/mod/core.html#allowoverride. Note Note
Check Tomcat Web Hosting services for best quality webspace to host your web application.