Apache

Revision as of 23:57, 31 July 2011 by chris collman (talk | contribs) (Installing Apache: Add lamp, clue others that LAMP had best be initially installed else apt-get will not work ...I think)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Note: You are currently viewing documentation for Moodle 2.0. Up-to-date documentation for the latest stable version is available here: Apache.

When most people refer to Apache they are talking about the "Apache HTTP Server Project". In fact Apache is really the "Apache Software Foundation" which hosts a long list of projects of which the HTTP server is just one, albeit the best known.

The Apache HTTP Server enables web pages to be published on the internet (or an intranet or even on a single test machine). The PHP scripting language, in which Moodle is developed, is tightly integrated with the Apache HTTP Server. A web server is a required component of a Moodle installation. There are two distinct developments of the Apache HTTP Server, version 1 and version 2. Although version 2 should have replaced version 1, the architectures are so different that they both continue to be supported. Either are fully supported by PHP and Moodle.

The Apache HTTP Server Project describes itself thus:

"The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

Apache has been the most popular web server on the Internet since April 1996. The November 2005 Netcraft Web Server Survey found that more than 70% of the web sites on the Internet are using Apache, thus making it more widely used than all other web servers combined."

Installing Apache

Usually Apache is installed alongside PHP and MySQL in a combination known as XAMPP, MAMP or LAMP. See information about XAMPP(Windows cross platforms) and for information about MAMP (Mac OS platforms).

Example, Debian/Ubuntu to install Apache from the LAMP files:

apt-get install apache2

See the documentation for your particular distro for the instructions. Apache is straightforward to build from source if required and the PHP documentation contains an article on building both Apache and PHP together.

Performance

Caching

Apache can be tuned to make pages load faster by specifying how the browser should cache the various page elements. How to do this varies slightly between OSes but there are two basic steps

  1. Install and enable mod_expires - refer to documentation or man pages
  2. Add this code to the virtual server config file within the section for the root directory (or within the .htaccess file if AllowOverrides is On):
<IfModule mod_expires.c>
 ExpiresActive On
 ExpiresDefault "access plus 1 seconds"
 ExpiresByType text/html "access plus 1 seconds"
 ExpiresByType image/gif "access plus 120 minutes"
 ExpiresByType image/jpeg "access plus 120 minutes"
 ExpiresByType image/png "access plus 120 minutes"
 ExpiresByType text/css "access plus 60 minutes"
 ExpiresByType text/javascript "access plus 60 minutes"
 ExpiresByType application/x-javascript "access plus 60 minutes"
 ExpiresByType text/xml "access plus 1 seconds"
</IfModule>

The effect is to make everything stay in the cache except HTML and XML, which change dynamically. It's possible to gain a several hundred percent decrease in load times this way

More info: www.metaskills.net

Servers

Apache serves webpages by spawning new child processes (smaller sub-programs) to deal with each connection. The number of these that you allow to run and to be kept in reserve has a big impact on how fast your server will run. The risk (especially on a server with a small amount of memory, such as a VPS) is that the available RAM will run out and the system will end up using the far slower hard disk as swap memory instead. To prevent this, you need to tell Apache only to have a certain number. Here is a sample set of configuration directives for a VPS server with 128MB of RAM (with up to 384 burstable), which apparently works quite well (more info here)

Make a back up of your httpd.conf first. It’s generally found at /etc/httpd/conf/httpd.conf, then open the file with your editor e.g.

nano /etc/httpd/conf/httpd.conf

Then look for these values, which may be spread about a little and change them:

Timeout 200
KeepAlive On
MaxKeepAliveRequests 200
KeepAliveTimeout 3
MinSpareServers 5
MaxSpareServers 15
StartServers 5
MaxClients 20
MaxRequestsPerChild 2000
HostnameLookups Off

If you find that you are running out of memory (type

top

if using Linux and look at the swap figure), just lower some of the numbers. Similary, if you have extra memory, you can afford to raise them a bit. Remember to combine tuning of Apache with tuning of your database app.

Reverse Proxy

The following is working on a Moodle 2.0 environment 3-2-2011

A Reverse proxy is useful when you want to run a moodle on a computer that is inside your network. This is assuming you have a server running Apache with a Real World IP called (say) foo.bar.org

You want everyone in the world to be able to log in to your moodle at (say) foo.bar.org/foomoo The foomoo is anything you want to call your moodle. foo.bar.org is your real world domain name.

Before you start this, check that in your local network you can go to moo.bar.local/foomoo and access your moodle. (i.e your local moodle lives at moo.bar.local/foomoo)

Inside your network you have a server called moo.bar.local on a local ip (These kind of addressed are commonly like 192.168.x.x or 172.16.x.x or 10.x.x.x). Moodle is installed on that server as moo.bar.local/foomoo

Apache is configured in various ways but usually a conf file in /etc/http/conf/httpd.conf or maybe in /etc/apache2. Directives are sometimes separated into a conf.d directory.

You need these settings somewhere in your apache configuration. These are the settings that worked for me and there are a number of proxy modules for apache. (I am not an expert on the moodle proxy modules. I know that the following worked for me).

  1. Proxy Server directives. Uncomment the following lines to
  1. enable the proxy server:

<IfModule mod_proxy.c>

<Proxy *>

   Order deny,allow
   Deny from all
   Allow from all

</Proxy>


Also


ProxyPass /foomoo http://moo.bar.local/foomoo

ProxyPassReverse /foomoo http://moo.bar.local/foomoo



In your config.php on your moodle server make two setting

$CFG->reverseproxy = 'true';

$CFG->wwwroot = 'http://foo.bar.org/foomoo';


Restart apache on both servers.

At this point, you will not be able to access your moodle inside your local network but it should work from outside.

Inside your local network you will have a DNS server somewhere (often a MS AD server). If you don't have a dns server I would be very surprised but for a small network it is possible. My advice is get one.

On that dns server you will need to have an "A" Record installed that links foo.bar.org to moo.bar.local. A dns change sometimes takes a while to propagate.

This should make you Moodle work from inside the site as well as outside.

SSL

If you want your website not to be hackable, you need to enable SSL so that your moodle password cannot be easily read by others as it is transmitted (as normal internet communications normally can be). There are 2 options - generate a self-signed certificate, which stops casual network sniffing, but which can ultimately be compromised with enough effort, or purchase a certificate from a vendor (about $35 per year from the cheap ones). Below are instructions for install of a self-signed certificate.

Debian and Apache2

1. generate a certification:

     apache2-ssl-certificate

for debian etch, apache2-ssl-certificate is no longer available, use make-ssl-cert instead:

         make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

2. edit /etc/apache2/ports.conf:

     Listen 80
     Listen 443

3. copy /etc/apache2/sites-available/default to /etc/apache2/sites-available/default-ssl, and change /etc/apache2/sites-available/default:

     NameVirtualHost *:80
     <VirtualHost *:80>
     ...
     </VirtualHost>

and also /etc/apache2/sites-available/default-ssl:

     NameVirtualHost *:443
     <VirtualHost *:443>
     ...
             SSLEngine on
             SSLCertificateFile /etc/apache2/ssl/apache.pem
     ...
     </VirtualHost>

4. symbolic link the ssl file:

     a2ensite default-ssl

5. don't forget to symbolic link the ssl module:

     a2enmod ssl

6. restart apache and test the connection (e.g. https://localhost/):

     /etc/init.d/apache2 restart

See also