Apache HTTP Server Version 2.2 文档

Apache HTTP Server Version 2.2 文档

本日志由 flyinweb 于 2009-06-26 15:08:00 发表到 WEB服务器 中,目前已经被浏览 12883 次,评论 0 次;

作者添加了以下标签: Apache文档

首页只显示了部分日志内容,要查看日志的全部内容请阅读全文

Apache编译失败及其解决方案

1、checking for SSL_set_cert_store... no
configure: error: ... Error, SSL/TLS libraries were missing or unusable

安装openssl,在编译参数中添加--with-ssl=/usr/local/ssl (ssl安装路径,根据安装的实际路径设置)

本日志由 flyinweb 于 2012-01-13 10:47:45 发表到 WEB服务器 中,目前已经被浏览 187 次,评论 0 次;

作者添加了以下标签: Apache compile fails

Nginx as an IMAP/POP3 proxy

At Gigahost we are managing a lot of mailboxes for our users.

At the moment these are all located on one high speced server with the outgoing SMTP split to another server.

We allow our users to connect via both IMAP and POP3 and support STARTTLS on ports 110/143 and SSL/TLS on ports 993/995.

Since we are constantly adding new users and these in turn add new mailboxes we are running out of options as to upgrade the current server. Hosting mailboxes via Courier, Dovecot or similar is very IO intensive and therefore in the long run disk IO becomes a problem.

The solution to this is ofcourse to scale the setup to more servers. Some hosting providers do this by simply adding users to a new mail server eg. mail2.example.com, mail3.example.com and so on.

What we would like to do is use a reverse proxy so that the user always connects to mail.gigahost.dk and the proxy ensures that the user is send to the correct server.

本日志由 flyinweb 于 2012-01-12 11:55:12 发表到 WEB服务器 中,目前已经被浏览 245 次,评论 0 次;

作者添加了以下标签: Reverse Proxy

首页只显示了部分日志内容,要查看日志的全部内容请阅读全文

Creating Certificate Authorities and self-signed SSL certificates
Following is a step-by-step guide to creating your own CA (Certificate Authority) -- and also self-signed SSL server certificates -- with openssl on Linux. Self-signing is the simpler route to take, but making one's own CA allows the signing of multiple server certificates using the same CA and involves only a few extra steps.

After using openssl to generate the necessary files, you'll need to integrate them into Apache. This process differs between Linux distros and versions of Apache. Additional references exist at the end of this document. My instructions for Setting up SSL: Ubuntu and Apache 2 are kept most current, and will carry you through to completion.

Making a homemade CA or self-signed certificate will cause the client web browser to prompt with a message whether to trust the certificate signing authority (yourself) permanently (store it in the browser), temporarily for that session, or to reject it. The message "web site certified by an unknown authority... accept?" may be a business liability for general public usage, although it's simple enough for the client to accept the certificate permanently.

Whichever route you take, you'll save the periodic expense of paying a recognized signing authority. This is purely for name recognition -- they've paid the major browser producers to have their CA pre-loaded into them. So if you're on a budget, have a special need or small audience, this may be useful.

本日志由 flyinweb 于 2012-01-07 16:35:20 发表到 WEB服务器 中,目前已经被浏览 226 次,评论 0 次;

作者添加了以下标签: Apache SSLSSL certificates

首页只显示了部分日志内容,要查看日志的全部内容请阅读全文

httpd: apr_sockaddr_info_get() failed for HOSTNAME

If you get this error when starting Apache 2 here is the fix…

Performing sanity check on apache22 configuration:
httpd: apr_sockaddr_info_get() failed for someserver1.host-name.net
httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1 for ServerName
Syntax OK
Starting apache22.
httpd: apr_sockaddr_info_get() failed for someserver1.host-name.net
httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1 for ServerName

The repair is very easy, just fix your hosts file locate at `/etc/hosts`.

First, determing your hostname of the machine that you are on…

#> hostname
someserver1.host-name.net

Then open your hosts file…

#> vi /etc/hosts

Then change all the host items to match

::1 localhost.someserver1.host-name.net localhost
127.0.0.1 localhost.someserver1.host-name.net localhost
192.1.0.123 someserver1.host-name.netsomeserver1
192.1.0.123 someserver1.host-name.net.

Then start the server again…

#> apachectl start
Performing sanity check on apache22 configuration:
Syntax OK
Starting apache22.
#> …

All set!!!

本日志由 flyinweb 于 2011-12-09 10:10:25 发表到 WEB服务器 中,目前已经被浏览 323 次,评论 0 次;

作者添加了以下标签: apr_sockaddr_info_get() failed

nginx: Setup SSL Reverse Proxy (Load Balanced SSL Proxy)

A reverse proxy is a proxy server that is installed in a server network. Typically, reverse proxies are used in front of Web servers such as Apache, IIS, and Lighttpd. How do I setup nginx web server as SSL reverse proxy?

When you've multiple backend web servers, encryption / SSL acceleration can be done by a reverse proxy. Nginx can act as SSL acceleration software. It provided the following benefits:

  • Easy of use : Nginx is easy to setup and upgrade.
  • Security : Nginx provide an additional layer of defense as Apache is behind the proxy. It can protect against common web-based attacks too.
  • Load Distribution : nginx use very little memory and can distribute the load to several Apache servers. It can even rewrite urls on fly.
  • Caching : Nginx act as a reverse proxy which offload the Web servers by caching static content, such as images, css, js, static html pages and much more.
  • Compression : Nginx can optimize and compress the content to speed up the load time.

    • 本日志由 flyinweb 于 2011-12-09 09:38:39 发表到 WEB服务器 中,目前已经被浏览 300 次,评论 0 次;

    作者添加了以下标签: NginxSSL Reverse ProxyLoad Balanced SSL Proxy

    首页只显示了部分日志内容,要查看日志的全部内容请阅读全文

    CentOS / Redhat Linux: Install Keepalived To Provide IP Failover For Web Cluster

    Keepalived provides a strong and robust health checking for LVS clusters. It implements a framework of health checking on multiple layers for server failover, and VRRPv2 stack to handle director failover. How do I install and configure Keepalived for reverse proxy server such as nginx or lighttpd?

    If your are using a LVS director to loadbalance a server pool in a production environment, you may want to have a robust solution for healthcheck & failover. This will also work with reverse proxy server such as nginx.

    本日志由 flyinweb 于 2011-12-09 09:36:24 发表到 WEB服务器 中,目前已经被浏览 332 次,评论 0 次;

    作者添加了以下标签: NginxkeepalivedIP Failover

    首页只显示了部分日志内容,要查看日志的全部内容请阅读全文

    Handling nginx Failover With KeepAlived

    How do configure to release and obtain VIP (virtual IP) when nginx is dead, down or system is rebooted for the kernel upgrades?

    Edit /usr/local/etc/keepalived/keepalived.conf and add the following section to check whether nginx is alive or dead:
    # vi /usr/local/etc/keepalived/keepalived.conf
    Updated file on both lb0 and lb1:

    vrrp_script chk_http_port {
        script "/usr/bin/killall -0 nginx"
        interval 2
        weight 2}
vrrp_instance VI_1 {
        interface eth0
        state MASTER
        virtual_router_id 51
        priority 101
        authentication {
            auth_type PASS
            auth_pass Add-Your-Password-Here
        }
        track_script {
            chk_http_port
        }
        virtual_ipaddress {202.54.1.1/29 dev eth1
        }}

    Save and close the file. Reload keealived:
    # /etc/init.d/keepalived restart
    If nginx died due to any issues keepalived will release master VIP and backup server will become active. When master nginx LB0 comes backs online, the backup LB1 will go down in backup state.

    本日志由 flyinweb 于 2011-12-09 09:34:42 发表到 WEB服务器 中,目前已经被浏览 389 次,评论 0 次;

    作者添加了以下标签: KeepAlivedNginx FailoverNginx

    541/7