Q) What is Apache web server?
Apache is one of the most popular, open source, robust, reliable and powerful web application used to hosts the website on a web server by serving the web files on the Internet.
A web server delivers content that can be accessed through the internet. This includes HTML documents, multimedia such as images and videos, CSS style sheets and client-side scripts such as Java scripts.
Apache supports cryptographic protocol SSL, an authentication mechanism, virtual hosting, CGI and load balancing across multiple servers to handle a large amount of traffic and many other features. It can be integrated with other open source and proprietary applications such as PHP, MySQL, Python, Tomcat applications.
Apache supports cryptographic protocol SSL, an authentication mechanism, virtual hosting, CGI and load balancing across multiple servers to handle a large amount of traffic and many other features. It can be integrated with other open source and proprietary applications such as PHP, MySQL, Python, Tomcat applications.
Q) What is Virtual Hosting in Apache?
Virtual hosting is the method of hosting multiple domain names on a server with single IP address.
Virtual hosting allows one server to share its resources such as memory and processor cycle in order to use its resources more effectively.
There are two types of virtual hosting in Apache.
1. Name Based Virtual Hosting
2. IP-Based Virtual Hosting
1) What is Name Based Virtual Hosting in Apache?
With the name based virtual hosting you can host several domains/websites on a single machine with single IP. All the domains on that server will be sharing single IP. It is easier to configure Name Based virtual hosting than IP Based virtual hosting because you need to only configure the DNS of that domain to map it with the correct IP address and then configure apache to recognize it with the domain name.
2)What is IP-Based Virtual Hosting in Apache?
With the IP-based virtual hosting, you can assign separate IP address for each domain on a single server. These IP’s can be attached to the server with single NIC card and as well as multiple NIC’s.
Q) What is DocumentRoot in Apache?
The DocumentRoot Directive in Apache is used to define top level root directory from which Apache will serve web files. The directory defined in DocumentRoot contains the file that Apache will serve when it receives the request with the URL /.
The default DocumentRoot for both secure and non-secure web server is the” /var/www/html” directory.
The default DocumentRoot for both secure and non-secure web server is the” /var/www/html” directory.
This can be changed to anything by setting ‘DocumentRoot’ in virtual host section of configuration file.
Q) What is DirectoryIndex in apache?
DirectoryIndex is the name of the first file which apache will look for when a request comes from the domain.
For Eg: when www.example.com is requested by the client, apache will go to DocumentRoot of that website and look for the index file.
For Eg: when www.example.com is requested by the client, apache will go to DocumentRoot of that website and look for the index file.
Q) How to hide server version detail in HTTP response header?
Add following lines in httpd.conf file.
Add following lines in httpd.conf file.
ServerTokens Prod
ServerSignature Off
The parent re-reads its configuration files and re-opens its log files.
ServerSignature Off
Q) What is Apache graceful restart?
During graceful restart, apache causes its children to continue to serve their current request until they can be replaced with children running the new configuration.The parent re-reads its configuration files and re-opens its log files.
Q) Apache Directives
<Directory>: This directive refers to the directory in the filesystem and specifies how apache will behave with regards to that directory.
<Directory>: This directive refers to the directory in the filesystem and specifies how apache will behave with regards to that directory.
<File>: This directive refers to the file within the directory in the filesystem on the server. This will control the behavior of the web server with regards to the specific file.
<Location>: This directive controls the behavior of the web server with regards to the particular path requested by the client.
When applying directives to objects that reside in the filesystem always use <Directory> or <Files>. When applying directives to objects that do not reside in the filesystem (such as a web page generated from a database), use <Location>.
Order:
Order allow, deny
If you set Order allow, deny only those host names or IP addresses associated with allow directive are allowed access. All remaining hosts or IP address would be denied.
Order allow, deny
If you set Order allow, deny only those host names or IP addresses associated with allow directive are allowed access. All remaining hosts or IP address would be denied.
Order deny, allow
If you set Order deny, allow only those host names or IP addresses associated with deny directive are denied access. All remaining hosts or IP address would be allowed.
Reference link: more about apache configuration structure.
Q)HTTP status code?
Reference Link: geekflare.com/http-status-code-infographics
If you set Order deny, allow only those host names or IP addresses associated with deny directive are denied access. All remaining hosts or IP address would be allowed.
Reference link: more about apache configuration structure.
Q) User based security/authentication in apache.
User based authentication allows only certain users or group of users to access the website.
To setup user based security/authentication we need to setup “Directory” or “Location” container with following directives.
For Eg:
AuthType Basic
AuthName "Protected Space"
AuthUserFile /path/to/user/file
Or AuthGroupFile /path/to/group/file
Require valid-user
AuthType: The type of authentication being used. In this case, it is set to Basic.
AuthName: The authentication realm or name. This is the message that the user will see in the username/password pop-up.
AuthUserFile: The location of the password file.
AuthGroupFile: The location of the group file.
Require: What conditions need to be satisfied in order to allow the user through.
Reference link: steps to setup user based authentication
2. Server: The encryption using private key/public key pair ensures that the data can be encrypted by one key but can only be decrypted by another key.
3. Client: The client utilizes the copy of server certificate received from the server to authenticate the identity of the server and also obtain the public key of the server from the server certificate.
4. Server: web server then decrypt the symmetric encryption key using its private key and uses the symmentric encryption key to decrypt the URL and http data.
5. Client: the client decrypty http data and html document using the symmetric key and display the information.
Q) How SSL works?
1. Client: The client initiates the SSL handshake process by sending an URL starting with https:// to the server.
The client initially sends the web server a list of each encryption algorithm which it supports. Algorithm supported by SSL DES.
2. Server: The encryption using private key/public key pair ensures that the data can be encrypted by one key but can only be decrypted by another key.
The server selects an encryption algorithm from the list of encryption algorithms supported by and received from the client.
The server sends the client a copy of server certificate.
3. Client: The client utilizes the copy of server certificate received from the server to authenticate the identity of the server and also obtain the public key of the server from the server certificate.
The client also checks that the certificate was issued by trusted party that the certificate is still valid and that certificate is related to site connected.
The client then uses the public key to ecrypt random symmetric encryption key and send it to the server with encrypted URL required as well as other encrypted http data.
4. Server: web server then decrypt the symmetric encryption key using its private key and uses the symmentric encryption key to decrypt the URL and http data.
The web server send back the requested html document and httpd data encrypted with symmetric key.
5. Client: the client decrypty http data and html document using the symmetric key and display the information.
Q)HTTP status code?
Reference Link: geekflare.com/http-status-code-infographics
No comments:
Post a Comment