background
-
Q: What
is the HP-UX Web Server Suite?
The HP-UX Web Server Suite is a free product that can be downloaded for HP-UX
platform and includes key software products necessary to deploy, manage, and
implement mission critical web servers. The suite is comprised of:
- HP-UX Apache-based Web Server
- HP-UX Tomcat-based Servlet Engine
- HP-UX XML Web Server Tools
- HP-UX Webmin-based Admin
These components are based on software developed by the Apache Software
Foundation (http://www.apache.org)
and Webmin (http://www.webmin.com/).
- HP-UX Apache-based Web Server combines numerous popular modules from
other Open Source projects as well as provides HP value-added features for
the HP-UX platform
- Scripting capabilities: PHP, mod_perl, CGI
- Content management: WebDAV
- Security: authentication through an LDAP server, Chrooted environment,
SSL and TLS support
- HP-UX Webmin-based Admin is a Configuration and Administration GUI with
extensive enhancements for the HP-UX Apache-based Web Server.
- HP-UX Tomcat-based Servlet Engine provides customers Java-based extensions
for dynamic content generation via Servlets and JavaServer Pages (JSPs).
- HP-UX XML Web Server Tools is a collection of a Java-based XML tools used
for XML parsing, stylesheet and XSL processing, web-publishing and image
translating from the open source projects: Xerces, Xalan, Cocoon, FOP and
Batik.
HP enhances the software in the areas of performance, encryption, reliability,
customization and administration. HP also ensures the suite of products work
together with the HP-UX 11.x operating environment.
The HP-UX Web Server Suite is supported at no additional
charge for customers with HP-UX support agreements.
HP provides the HP-UX Web Server Suite with the correct hardware to match the
workload and cost effectiveness requirements of the customer. The suite runs
with HP-UX 11.0 and HP-UX 11i on the PA-RISC family of 64-bit RP hardware
servers. It also operates with HP-UX 11i on the Intel Itanium 64-bit family of
hardware servers. With this wide array of hardware to run the same HP-UX Web
Server Suite, high return on IT expenditure is coupled with ease of
administration.
For the latest information on the HP-UX Web Server Suite, see
www.hp.com/go/webserver
Click: "downloads".
-
Q: Where can I find more
information on Apache and HP-UX Web Server Suite?
For the latest information on the HP-UX Web Server Suite, see:
www.hp.com/go/webserver/
For the user's guide see httpd.apache.org/docs-2.0/
For the FAQ see httpd.apache.org/docs-2.0/faq/
For general information on Apache's HTTP Web Server, see:
httpd.apache.org/
For the Apache Software Foundation, see:
www.apache.org/
For the latest news on Apache, see:
www.apacheweek.com/
www.oreillynet.com/apache/
apachetoday.com
slashdot.org/index.pl?section=apache
-
Q: How can I influence the
future plans for the HP-UX Web Server Suite?
We are interested in hearing from you on what other key components
would be of value to solve your business problems. Please email us at [email protected]
with your suggestions and a brief description of what business problem
it can potentially solve or the benefit to your company.
-
Q: Where
can I get HP-UX Web Server Suite?
The latest release is always available on:
www.hp.com/go/webserver
Click: "downloads".
10.20 Binaries (unsupported)
The HP-UX Porting and Archive Centre at hpux.cs.utah.edu/
has 10.20 Apache binaries available for a limited time only. As of June
2002, no new 10.20 binaries are being created. Check for versions and availability
at:
hpux.cs.utah.edu/hppd/hpux/Networking/WWW/
-
Q: Who do I contact for support?
hp
Apache support
-
Q: Where can I get training?
hp
Apache support
-
Q: What is the release history
of HP-UX Web Server Suite?
| HP-UX Web Server Suite |
HP-UX Apache-based Web Server
|
HP-UX Tomcat-based Servlet Engine |
HP-UX Webmin-based Admin |
XML Web Server Tools |
| v.A.1.0.00.01 |
v.A.1.0.00.01
Apache 2.0.43 base. |
v.A.1.0.00.01
Tomcat 4.1.12 base |
v.A.1.0.00.01
Webmin 1.0.2 base |
v.A.1.0.00.01 |
-
Q: Which
operating systems and platforms are supported by HP-UX Web Server Suite?
| platform |
operating systems |
| PA-RISC 1.1 and 2.0 |
HP-UX 11.0/11i |
| Itanium Processor family (IPF/IA-64) |
HP-UX 11.0/11i
Version 1.5 or higher |
-
Q: What components does
HP-UX Web Server Suite contain?
| Platform |
PA-RISC 1.1/2.0 |
IPF (Itanium) |
| HP-UX OS |
11.0, 11i |
11i Version 1.5 and 1.6 |
| Apache |
2.0.43 |
2.0.43 |
| Data model |
32-bit |
64-bit |
| Perl |
yes |
yes, 64 bit |
| mod_perl |
yes |
yes |
| mod_jk |
yes |
yes |
| Tomcat |
yes |
yes |
| BSAFE Crypto-C SDK |
yes |
yes |
| mod_ssl |
yes, built-in |
yes, built-in |
| OpenSSL |
yes |
yes |
| PHP |
yes |
yes |
| Webmin |
yes |
yes |
| C++ module support |
yes |
yes |
| Chroot |
yes |
yes |
| Auto restart |
yes |
yes |
| Nohup |
yes |
yes |
| MM |
yes |
yes |
| Certmig |
yes |
yes |
| auth_ldap |
yes |
yes |
| PHP to Oracle connectivity |
yes |
yes |
| WebDAV |
yes |
yes |
| IPv6 |
yes |
|
| suEXEC |
yes |
yes |
| Xerces |
yes |
yes |
| Xalan |
yes |
yes |
| Cocoon |
yes |
yes |
| FOP |
yes |
yes |
| Batik |
yes |
yes |
For specific versions see the FAQ: Where can I find
the version numbers for HP-UX Web Server Suite and its components?
|
-
Q: Where can I find more information
on licenses?
When downloading from software depot the license is available on the
registration page under "terms and conditions".
The license files are a part of the installation.
See:
/opt/hpws/LICENSES
-
Q: How can I include or re-distribute
the HP-UX Web Server Suite with my CD packaging or other methods of
distribution (i.e. web download)?
Some components of the HP-UX Web Server Suite are proprietary and
require software license and distribution consent from Hewlett-Packard
and our partners. Each request must be evaluated separately. If interested,
please contact your local HP sales representative or email us at [email protected]
with your request for consideration.
|
-
Q: What is the difference
between Apache and HP-UX Apache-based Web Server?
Apache is an open source web server that is available in source code
and compiled binaries for various operating systems including older versions
of HP-UX. It has a reference implementation of RSA cryptographic libraries.
The HP-UX Apache-based Web Server is engineered through state-of-the-art
processes for the highest quality and is tailored to run smoothly on the
HP-UX. The HP-UX Apache-based Web Server is a total solution for web server
deployment for the enterprise. The Open Source Apache Web Server software
developed by the Apache Software Foundation (Apache HTTP Server Project
described at httpd.apache.org) serves as the foundation for the HP-UX Apache-based Web Server. In addition to the base HTTP server, HP has combined numerous
popular modules from other Open Source projects as well as HP-developed
valued features, such as performance tuning, user guides, and security
modules, so the HP-UX Apache-based Web Server is highly optimized for the
HP-UX environment.
-
Q: What are the differences
between HP Apache 1.3.x and HP-UX Web Server Suite?
The following improvements have been added to HP-UX Web Server Suite and were
not in 1.3.x:
To give the high scalability needed by heavy traffic web sites, HP-UX Web Server Suite
adds the ability to use threads.
To support the new standard for longer IP addresses, IPv6 has been added.
To increase functionality, WebDAV has been added to support web publishing
through authoring and versioning.
To help large organizations manage user authorization, auth_ldap has
been added so that HP-UX Apache-based Web Server can talk to a central LDAP server where user information is maintained.
To improve the administration of HP-UX Web Server Suite, functionality has been added to HP-UX Webmin-based Admin.
Also see the FAQ:
What components does
HP-UX Web Server Suite contain?
For new features in the open source Apache 2.x see:
httpd.apache.org/docs-2.0/new_features_2_0.html
-
Q: How do I migrate from
HP Apache 1.3.x to HP-UX Web Server Suite?
See "HP Apache-based Web Server Version 1.3.x to HP-UX Web Server Suite"
at www.hp.com/products1/unix/webservers/apache/techtips/index.html
-
Q: What threading model is
used by HP-UX Apache-based Web Server Suite?
It uses the worker module of Apache's MPM (Mult-Process Multi-thread)
architecture.
For more information, see httpd.apache.org/docs-2.0/mod/worker.html.
-
Q: Where can I find the version
numbers for HP-UX Web Server Suite and its components?
See the release notes:
/opt/hpws/apache/apache.release.notes
You can check the installed components by typing:
swlist -R depot
If server-info is enabled you can enter the following in a browser:
http://yourserver.com/server-info
See the FAQ: How can I get information about my
server from a browser?
Individual components will give you their version numbers.
For Apache use:
httpd -v or for more info httpd -V
For Tomcat view main web page:
http://yourserver.com:8081
For java use:
java -version
For Perl use:
perl -v or for more info perl -V
For PHP use the following function in a web page.
<?phpinfo()?>
For HP-UX OS use:
uname -r
-
Q: How do I start and stop
Apache?
For all the Apache actions log in as root.
To start the Apache server type:
/opt/hpws/apache/bin/apachectl start
To stop the Apache server type:
/opt/hpws/apache/bin/apachectl stop
To start the Apache server with SSL capability type:
/opt/hpws/apache/bin/apachectl startssl
To stop the Apache server with SSL capability type:
/opt/hpws/apache/bin/apachectl stop
See also:
How do I start Apache in secure mode through
Webmin?
How do I start and stop Webmin?
How do I start and stop Tomcat?
-
Q: How do I automatically
start HP-UX Apache-based Web Server on boot-up?
You will have to modify parameters in the configuration file
Edit:
/etc/rc.config.d/hpws_apacheconf.
Set start to true:
HPWS_APACHE_START=1
See also:
How do I automatically start Webmin on boot-up?
How do I automatically start Tomcat on boot-up?
-
Q: How can I implement a
process to verify that a web site running Apache is responding to clients?
A. Use Apache Bench, ab
/opt/hpws/apache/bin/ab -i -v 9 http://yourserver.com/index.html
The output will be similar to the following:
This is ApacheBench, Version 1.3c < $Revision:="$Revision:" 1.44="1.44" $="$"> apache-1.3
Copyright © 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Copyright © 1998-2000 The Apache Group, http://www.apache.org/
Benchmarking yourserver.com (be patient)...INFO: POST header == --- HEAD/index.html HTTP/1.0 User-Agent: ApacheBench/1.3c Host: yourserver.com
Accept: */*
B. Here's a simple Perl script to retrieve web pages from the command
line. You will need Perl 5.6.1.
Paste the following into a file called "verify.response.pl"
#!/opt/perl/bin/perl
require "getopts.pl";
use IO::Socket;
sub out {
print $s shift;
}
$port = 80;
Getopts('hw:f:p:');
if ($opt_h) {
print "Usage: $0 -w -f [-p ]\n";
print " hostname: Name or IP address of Web Server\n";
print " file: File name to get HEAD info on\n";
print " port: Port number the Web Server is running on (default: 80)\n";
exit;
}
if ($opt_f eq '') {
print "File name required with -f \n";
exit 1;
}
if ($opt_w eq '') {
print "Hostname required with -w \n";
exit 1;
}
if ($opt_p ne '') {
$port = $opt_p;
print "Using non-std port: $port\n";
}
$s = IO::Socket::INET->new("$opt_w:$port");
die "create socket: $!\n" if (!$s);
#$HEAD="GET " . $opt_f . " HTTP\/1.0 \n\n";
$HEAD="HEAD " . $opt_f . " HTTP\/1.0 \n\n";
print "Sending command: $HEAD ";
out "$HEAD";
print " -Reply from Server-\n";
while (< $s="$s">) {
print "$_";
}
close ($s);
C. Test
Sample usage of the perl script.
perl verify.response.pl -w yourserver.com/ -f /index.html -p 80
Where
-w is the hostname
-f is the file requested
-p is the port number
The output will look like the following:
Sending command: HEAD /index.html HTTP/1.0
-Reply from Server-
HTTP/1.1 200 OK
Date: Sun, 27 Jan 2002 21:31:03 GMT
Server: Apache/1.3.19 (Unix) mod_perl/1.25
Last-Modified: Thu, 10 Jan 2002 23:20:52 GMT
ETag: "2f6bc-1274-3c3e21d4"
Accept-Ranges: bytes
Content-Length: 4724
Connection: close
Content-Type: text/plain
Q: How can I migrate from
Netscape or iPlanet to HP Apache?
See "Migration Guide for iPlanet Web Server to HP Apache-based Web
Server on HP-UX" at:www.hp.com/products1/unix/webservers/apache/techtips/index.html
Q: Where can I find internet
specifications or RFCs?
Internet standards and specifications are documented in RFCs, Requests
for Comments.
For help in getting RFCs see: www.rfc-editor.org/
Some relevant RFCs are:
791 Internet Protocol, IP
793 Transmission Control Protocol, TCP
1945 HTTP 1.0
2616 HTTP 1.1 includes status codes
2854 HTML
Q: How can I get information
about my server from a browser?
In "httpd.conf" two handlers server-info and server-status allow you to see server information on your browser.
Edit the file:
/opt/hpws/apache/conf/httpd.conf
For server status
Uncomment the following lines to enable "server-status"
# <Location /server-status>
# SetHandler server-status
# Order deny,allow
# Deny from all
# Allow from yourserver.com
# < /Location>
To get more from the "server-status" handler set:
ExtendedStatus On
To test type the following in a browser:
yourserver.com/server-status
The module mod_status enables server-status.
For server information
Uncomment the following lines to enable "server-info"
# < Location /server-info>
# SetHandler server-info
# Order deny,allow
# Deny from all
# Allow from yourserver.com
# < /Location>
To test type the following in a browser:
yourserver.com/server-info
The module mod_info enables server-info.
Q: How can I get the GPL
Licensed Source code for pk12util, certmig, stunnel, etc.?
www.hp.com/products1/unix/webservers/apache/downloads/
Q: What is virtual hosting?
It is the ability of a single Apache server to host multiple web sites.
In "httpd.conf" virtual host sections provide multiple web servers on the
same machine. There are "name-based" virtual servers and "IP-based" virtual
servers. The virtual hosts can share parts of their configurations.
See:
/opt/hpws/apache/conf/httpd.conf
For more info see:
httpd.apache.org/docs/vhosts/index.html
|
-
Q: Where can I find more information
on setup and configuration?
Some books are:
Professional Apache by Peter Wainwright, Wrox Press Ltd., www.wrox.com
Apache Desktop Reference, by Ralf S. Engelschall, Addison-Wesley,
www.apacheref.com
Refer to the following files included with the software:
/opt/hpws/hp_docs/apache/apache.admin.guide
/opt/hpws/hp_docs/apache/ldap.admin.guide
/opt/hpws/hp_docs/apache/php.admin.guide
/opt/hpws/hp_docs/apache/ssl.admin.guide
/opt/hpws/hp_docs/apache/suexec.admin.guide
/opt/hpws/hp_docs/tomcat/tomcat.admin.guide
/opt/hpws/hp_docs/webmin/webmin.admin.guide
-
Q: What requirements are there
for HP-UX Web Server Suite?
New HP-UX operating environments with Java and Perl should run HP-UX Web Server Suite "out of the box" with no additional software needed. Special requirements relate mainly to Java and Perl.
For specific requirements see:
Software Depot
Under "featured products" click "HP Apache-based Web Server".
Select the version of Apache that you are interested in.
Scroll down to the section called "system requirements".
For HP-UX Web Server Suite components see the following FAQs:
What are Webmin's requirements?
What are LDAP's requirements?
What are Perl's requirements?
What are PHP's requirements?
What are mod_jk's requirements?
What are Tomcat's requirements?
What are xmltool's requirements?
-
Q: How much disk space does
HP-UX Web Server Suite require?
Approximately 55 megabytes for HP-UX Apache-based Web Server.
Approximately 20 megabytes for HP-UX Tomcat-based Servlet Engine .
Approximately 5 megabytes for HP-UX Webmin-based Admin.
Approximately 115 megabytes for HP-UX XML Web Server Tools.
-
Q: Which directories is
HP-UX Web Server Suite installed into by default?
HP-UX Web Server Suite components are installed in respective directories under /opt/hpws.
-
Q: How can I change
HP-UX Web Servers Suite document root?
DocumentRoot is the directory out of which you will serve your documents. By default, all requests are taken from this directory, but symbolic links and aliases may be used to point to other locations.
In the /opt/hpws/apache/conf/httpd.conf file change:
DocumentRoot "/opt/hpws/apache/htdocs"
To:
DocumentRoot "/path_to_home"
Also change:
Directory "/opt/hpws/apache/htdocs"
To:
Directory "/path_to_home"
-
Q: How can I change Tomcat's home directory?
A. In configuration file /opt/hpws/tomcat/conf/server.xml
Change:
Host name="localhost" debug="0" appBase="webapps"
To:
Host name="localhost" debug="0" appBase="/new_path_to_tomcat/webapps"
B. If your classes are in a non-standard location then set "CLASSPATH" in the setClasspath.sh file:
/opt/hpws/tomcat/bin/setClasspath.sh
Change:
CLASSPATH=/path_to_classes:${CLASSPATH}
-
Q: How can I install
HP-UX Web Server Suite into a different directory?
This assumes that you start Apache the standard way by using the "apachectl" script. You will need to become "root" user to do this.
Automatic method
A. Install the entire depot into /opt/hpws
B. Move it to the desired location by typing:
/opt/hpws/util/altroot.sh /opt/hpws /path_to_hpws
For help with this script type:
/opt/hpws/util/altroot.sh -h
Note: Prior to running this script, ensure that none of
processes (like Apache, Tomcat, Webmin, Stunnel, rotatelogs, logresolv)
are running.
C. Set shared library path.
Some Apache binaries such as htpasswd expect shared libraries to be in standard locations. To run them you will need to set the SHLIB_PATH.
Edit the file:
/path_to_hpws/apache/bin/apachectl
Replace all occurrences of:
/opt/hpws
With:
/path_to_hpws
Manual method
A. Install the entire depot in /opt/hpws
B. Move it to the desired location
cp -pr /opt/hpws /path_to_hpws
C. Set shared library path:
Some Apache binaries such as htpasswd expect shared libraries to be in standard locations. To run them you will need to set SHLIB_PATH
in your environment.Also ensure that your automatic scripts (like /path_to_hpws/apache/bin/apachectl)
are set right. All the occurences of /opt/hpws should have
been replaced with /path_to_hpws
D. In start/stop control file:
/path_to_hpws/apache/bin/apachectl
Replace all occurrences of:
/opt/hpws
With:
/path_to_hpws
And define HTTPD with a different server root:
HTTPD="/path_to_hpws/apache/bin/httpd -d /path_to_hpws"
For example without this step Apache will try to access the old
/opt/hpws/apache/logs directory
E. In automatic startup file:
/etc/rc.config.d/hpws_apacheconf
Replace:
HPWS_APACHE_HOME=/opt/hpws/apache
With:
HPWS_APACHE_HOME=/path_to_hpws/apache
Notes:
If you also plan to run Tomcat from a different directory then see:
How can I run Tomcat from a different directory?
If you are trying to run multiple Apache servers, you will have to
specify separate port numbers for each server. See:
What are the default ports used by HP-UX Web Server Suite?
How can I find out what ports are used?
-
Q: How can I install Tomcat
into a different directory?
To move Apache and Tomcat together see automatic method in:
How can I install Apache into a different directory?
First, install the entire depot, and then move it to the desired location.
For example /new_path_to_tomcat
A. In main configuration file:
/opt/hpws/apache/conf/httpd.conf
Replace all occurances of:
/opt/hpws/tomcat
With:
/new_path_to_tomcat
B. Edit main start/stop file.
/new_path_to_tomcat/bin/startup.sh
Change:
TOMCAT_DIR=/opt/hpws/tomcat
To:
TOMCAT_DIR=/new_path_to_tomcat
C. Edit main configuration file.
/new_path_to_tomcat/conf/server.xml
Change:
Host name="localhost" debug="0" appBase="webapps"
to
Host name="localhost" debug="0" appBase="/new_path_to_tomcat/webapps"
D. In automatic startup file:
/etc/rc.config.d/hpws_tomcatconf
Replace:
HPWS_TOMCAT_HOME=/opt/hpws/tomcat
With:
HPWS_TOMCAT_HOME=/new_path_to_tomcat
If you are trying to run multiple Tomcat servers, you will have to
specify separate port numbers for each server. See:
What are the default ports used by HP-UX Web Server Suite
?
How can I find out what ports are used?
-
Q: What is a minimal configuration
of Apache?
For a minimal configuration we will use only the "http.conf" file.
You will need "root" permissions to make these changes.
For an absolute minimum backup the old configuration file:
cp /opt/hpws/apache/conf/httpd.conf
/opt/hpws/apache/conf/httpd.conf.bak
Delete all the content and add only the following lines:
PidFile logs/httpd.pid
DocumentRoot "/opt/hpws/apache/htdocs"
Listen 80
User www
Group other
For a more reasonable minimum add the following lines:
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
<IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
ServerAdmin [email protected]
ServerName yourserver.com
DefaultType text/plain
HostnameLookups Off
A basic useable Apache would add access control, logging, and a more
intelligent response header. This would involve loading the following modules
and using their directives.
mod_access for access control.
mod_log_config for generic request logging.
mod_mime for response header generation for fixed content
type/encoding.
For some basic scripting support that would enable dynamic content,
you could add the following modules:
mod_cgi for Server-Side CGI implementation.
mod_include for Server-Side Includes.
-
Q: How can I add dynamic modules?
Note: For the compilation procedure, you don't need the Apache source
to create a DSO (Dynamic Shared Object). For PA-RISC systems the recommended
compiler is gcc 2.9.3 or later.
For IPF (Itanium) systems the recommended compiler is HP ansi c.
A. Copy all .c and .h files into a directory.
For example:
cp mod_foo.h mod_foo.c foo_property.h foo_property.c /opt/hpws/apache/src/foo_module
B. From the directory "/opt/hpws/apache/src/foo_module" compile
the DSO file to generate a shared library.
/opt/hpws/apache/bin/apxs -c mod_foo.c foo_property.c
C. Install the DSO file into the Apache installation and activate it
in the Apache configuration
This will automatically add the following to /opt/hpws/apache/conf/httpd.conf
Automatic method:
/opt/hpws/apache/bin/apxs -i -a -n 'foo' mod_foo.so
Manual method:
cp /opt/hpws/apache/src/foo_module/mod_foo.so /opt/hpws/apache/modules/mod_foo.so
Make sure that the permissions and ownership are the same as the other modules.
Edit "/opt/hpws/apache/conf/httpd.conf" and in the "LoadModule"
section add:
LoadModule foo_module modules/mod_foo.so
-
Q: How are multiple web sites
enabled?
There are essentially 2 ways to configure the HP-UX Apache-based Web Server
to host multiple web sites. Each technique has several variations:
1. Single HP-UX Apache-based Web Server with Virtual Hosts (Recommended)
Using this method, one main server is launched which starts a main httpd
process and a dynamic number of spare httpd processes. The Server daemon
and spares are started using the apachectl script which specifies one configuration file httpd.conf and a Process ID file httpd.pid. The server can be configured to host multiple 'virtual hosts'. These virtual hosts can be 'Name Based' and share a single IP address or 'IP Based' where each virtual server requires its own IP address. A virtual server can also use a non-standard port number. Port 80 is the default non-SSL (http) port and Port 443 is the default SSL (https) port. See the FAQ: How do I setup testing environment for virtual hosting?.
2. Independent HP-UX Apache-based Web Servers (Not Recommended)
A disadvantage of running multiple web servers is that the multiple
processes use more system resources. An advantage of running multiple
HP-UX Apache-based Web Servers is that these servers can be started or stopped
independently of each other. The "apachectl" script starts and
stops all processes related to the main server. The solution to this problem
is to create multiple 'instances' of the HP-UX Apache-based Web Server.
Note: When copying files and creating directories, make sure the files
or directories have the appropriate permissions and ownership. For example,
if the server is running as user 'www' it needs permission to read the
files (html) and in some cases write to the files (logs,pid).
For example, let's say one wanted to have separate instances of HP-UX Apache-based
Web server for the 3 following web sites hosted on the same machine:
www.cats.org
www.dogs.org
www.birds.org
After installing the default HP-UX Apache-based web server in /opt/hpws:
A. Make copies of the /opt/hpws/apache/bin/apachectl script and
give each one a unique name. ie:
/opt/hpws/apache/bin/apachectl_cats
/opt/hpws/apache/bin/apachectl_dogs
/opt/hpws/apache/bin/apachectl_birds
B. Edit each of the new scripts to specify new httpd.pid and httpd.conf
locations.
Note: Quotation marks "" are needed around the HTTPD runstring ie:
edit the following line in apachectl_cats:
PIDFILE=/opt/hpws/apache/cats_logs/httpd.pid
HTTPD="/opt/hpws/apache/bin/httpd -f /opt/hpws/apache/conf/httpd_cats.conf"
C. Make copies of the /opt/hpws/apache/conf/httpd.conf for each
web server:
/opt/hpws/apache/conf/httpd_cats.conf
/opt/hpws/apache/conf/httpd_dogs.conf
/opt/hpws/apache/conf/httpd_birds.conf
D. Edit each of the new 'httpd_xxx.conf' files to specify different
web sites settings:
ie, edit the file to specify the desired settings (values specified
for example):
PidFile /opt/hpws/apache/cats_logs/httpd.pid
BindAddress 1.2.3.4 (only if each server uses a different
IP address)
Listen 80 (each web site requires a different port # or a
different IP address)
ServerName www.cats.org
DocumentRoot /html/wwwcats/docs
ErrorLog /opt/hpws/apache/cats_logs/error_log
CustomLog /opt/hpws/apache/cats_logs/access_log
etc... (don't forget the SSL directives as well.)
E. Start and stop each web server by typing:
/opt/hpws/apache/bin/apachectl_cats stop
/opt/hpws/apache/bin/apachectl_dogs stop
/opt/hpws/apache/bin/apachectl_birds stop
Or:
/opt/hpws/apache/bin/apachectl_cats start
/opt/hpws/apache/bin/apachectl_dogs start
/opt/hpws/apache/bin/apachectl_birds start
-
Q: How do I make Apache a
proxy server?
This is a simple example of a proxy inside the firewall that could
provide access control.
Add the following to httpd.conf:
<IfModule mod_proxy.c>
ProxyRequests On
< Proxy *>
Order deny,allow
Allow from all
</Proxy>
</IfModule>
Assuming you are running Apache on yourserver.com, in your browser
set your proxy to yourserver.com. For MS Internet Explorer do
the following menu picks:
Tools->Internet Options->Connections->LAN Settings
Enter yourserver.com port 80
Now all URLs will be passed through yourserver.com on their
way to the internet.
Further directives can be used restrict access
You can use the ProxyPass directive to redirect URLs.
For example:
ProxyPass / http://another.com/mirror
The above will take all requests to:
http://yourserver.com/
and send them to:
http://another.com/mirror
Proxies can be used in many different ways, for instance load balancing. They can be inside or outside the firewall.
They can act as a firewall.
Note: Caching is now done by mod_cache.
For more information see:
httpd.apache.org/docs/mod/mod_proxy.html
Q: What is a reverse proxy?
A typical reverse proxy would be outside the firewall. To the user
it appears like a normal web server. However one of it's functions will
be to pass requests onto other web servers. It hides the actual URL's of
these servers.
For example in "httpd.conf" a reverse proxy could have the
following directives:
ProxyPass / http://foo.com/mirror
ProxyPassReverse / http://foo.com/mirror
ProxyPassReverse reverses out the change to the URL in the "Location"
header on HTTP redirect responses. Normally it is paired with the "ProxyPass"
directive.
Reasons to do this are:
A. Security because you want to hide the actual URL.
B. Transparency because you want to change the actual URL without the
user knowing or caring. For example you don't want his bookmarks to change.
C. Accessibility since the user might not have access to the actual
URL.
Request flow with and without reverse proxy enabled
| Proxy Example |
Reverse Proxy Example |
1) Client Browser
http://yourserver.com/mirror/foo/bar |
1) Client Browser
http://yourserver.com/mirror/foo/bar |
2) Proxy Server
ProxyPass /mirror/foo/ http://foo.com |
2) Proxy Server
ProxyPass /mirror/foo/ http://foo.com
ProxyPassReverse /mirror/foo/ http://foo.com |
3) Translation of URL
http://yourserver.com/mirror/foo/bar
is changed to:
http://foo.com/bar |
3) Translation of URL
http://yourserver.com/mirror/foo/bar
is changed to:
http://foo.com/bar |
4) Content Server
http://foo.com/bar
Assume that the content server redirects URL to:
http://foo.com/new |
4) Content Server
http://foo.com/bar
Assume that the content server redirects URL to:
http://foo.com/new |
5) Proxy Server gets back
http://foo.com/new |
5) Proxy Server gets back
http://foo.com/new |
| |
6) Reverse translation of URL
http://foo.com/new
is changed to:
http://yourserver.com/mirror/foo/new |
6) Client Browser gets back
http://foo.com/new |
7) Client Browser gets back
http://yourserver.com/mirror/foo/new |
Q: How do I enable Apache
logging?
For more detail see "A. Look at the log files" and "B. Increase the
log level" in the FAQ:
In general what should I do to solve problems in
Apache?
By default logging is enabled. Excessive logging can decrease server
performance.
For Apache logging edit file:
/opt/hpws/apache/conf/httpd.conf
And set:
ErrorLog logs/error_log
CustomLog logs/access_log common
RewriteLog logs/rewrite_log
ScriptLog logs/script_log
TransferLog logs/proxy_access_log
Note: Virtual hosts can have their own ErrorLog and CustomLog. For SSL logging edit file:
/opt/hpws/apache/conf/ssl.conf
And set:
ErrorLog logs/error_log
For auth_ldap logging edit file:
/opt/hpws/apache/conf/httpd.conf
And set:
LogLevel debug
Note: There are no special auth_LDAP logging directives.
For Tomcat logging edit file:
/opt/hpws/tomcat/conf/server.xml
And set:
<LogSetter name="tc_log" timestamps="true"
verbosityLevel="DEBUG" />
<LogEvents enabled="true" />
<LogSetter name="servlet_log"
path="logs/servlet-${yyyyMMdd}.log"/>
<LogSetter name="JASPER_LOG"
path="logs/jasper-${yyyyMMdd}.log"
verbosityLevel = "DEBUG" />
For PHP logging edit file:
/opt/hpws/apache/conf/php.ini
And set:
log_errors = On
error_log = filename
For mod_jk logging edit file:
/opt/hpws/tomcat/jk/apache2/mod_jk.conf
And set:
JkLogFile /opt/hpws/tomcat/logs/jk.log
Q: What are the default ports
used by HP-UX Web Server Suite?
Apache uses 80.
SSL uses 443.
Tomcat server uses 8081.
Tomcat ajp12 connector to Apache uses 8007.
Tomcat ajp13 connector to Apache uses 8009.
Webmin uses 10000.
auth_LDAP uses 389
auth_LDAP stunnel uses 636
Q: How can I find out what
ports are used?
HP-UX Web Server Suite includes a script called:
/opt/hpws/util/ports.sh
For a list of standard port numbers see:
www.iana.org/assignments/port-numbers
Q: How do I customize access
logs?
The access log is really a form of CustomLog. It is the Apache log
file that can be customized. There are several standard preformatted "LogFormat"
directives called "combined", "common", "referer", and "agent". The most verbose one is "combined".
Look in /opt/hpws/apache/conf/httpd.conf under CustomLog.
For more info see:
httpd.apache.org/docs-2.0/mod/mod_log_config.html
Q: How do I setup a testing
environment for virtual hosting?
This is not recommended for a production environment because it involves
changing the way machines are found on your network. Consult the system
administrator or site operator before making these kinds of changes.
httpd.apache.org/docs-2.0/vhosts/index.html
In order to test "Virtual Hosts, we need to set-up a system so it can
be accessed by multiple host/domain names. This can be done in two ways.
One is to have site-IT make the necessary DNS changes. This means the whole
site gets affected. Another is to isolate a test system, and make some
configuration changes, such that our tests are isolated.
A. Setting up the system hosting Apache webserver.
There are two ways.
(i) Without changing DNS entries:
Edit the file /etc/hosts
Change:
192.168.1.1 yourserver yourserver.com
127.0.0.1 localhost loopback
To:
192.168.1.1 yourserver yourserver.com
192.168.1.1 foo www.foo.com
192.168.1.1 bar www.bar.com
127.0.0.1 localhost loopback
Edit the file /etc/nsswitch.conf
Change:
hosts: dns files
To:
hosts: files [NOTFOUND=continue] dns
The above will allow the system to look at your /etc/hosts
file first for any machine-name and if it wasn't found there, lookup using
the DNS.
(ii) Changing DNS entries
Edit your DNS lookup table to add:
192.168.1.1 foo www.foo.com
192.168.1.1 bar www.bar.com
B. Setting up the Apache webserver for name based virtual hosting on the
same IP address.
In the file /opt/hpws/apache/conf/httpd.conf go to �Section
3: Virtual Hosts�.
Add the following:
NameVirtualHost 192.168.1.1
<VirtualHost foo>
DocumentRoot /opt/hpws/apache/htdocs-foo
ServerName www.foo.com
</VirtualHost>
<VirtualHost bar>
DocumentRoot /opt/hpws/apache/htdocs-bar
ServerName www.bar.com
</VirtualHost>
To test the configuration enter
/opt/hpws/apache/bin/httpd -t -D DUMP_VHOSTS
You should see the text:
VirtualHost configuration:
192.168.1.1:80 is a NameVirtualHost
default server www.foo.com (/opt/hpws/apache/conf/httpd.conf:1299)
port 80 namevhost www.foo.com (/opt/hpws/apache/conf/httpd.conf:1299)
port 80 namevhost www.bar.com (/opt/hpws/apache/conf/httpd.conf:1304)
Q: How do you verify that
virtual hosting is working?
This assumes that virtual hosting has been setup based on the FAQ:
How
do I setup testing environment for virtual hosting?
Create the file:
/opt/hpws/apache/htdocs-foo/index.html
Add the following:
<HTML>
<HEAD>
<TITLE>index.html for www.foo.com </TITLE>
</HEAD>
<BODY>
<P>index.html for www.foo.com</P>
</BODY>
</HTML>
Create the file:
/opt/hpws/apache/htdocs-bar/index.html
Add the following:
<HTML>
<HEAD>
<TITLE>index.html for www.foo.com </TITLE>
</HEAD>
<BODY>
<P>index.html for www.foo.com</P>
</BODY>
</HTML>
Then test by invoking the browser on the same server.
If you've selected option (i) in the previous FAQ: How
do I setup testing environment for virtual hosting?, you can connect
only from the system on which the Apache webserver is installed. If you've
selected option (ii) in the previous step (modifying DNS), then you can
connect from any system on the network.
Enter the URL:
www.foo.com
You should see the text:
index.html for www.foo.com�
Enter the URL:
www.bar.com
You should see the text:
index.html for www.bar.com�
Q: Does HP-UX Apache-based Web Server support
HTTP PUT?
Yes. More information about using HTTP PUT can be found in the
following URLs:
Using HTTP PUT with Apache:
www.apacheweek.com/features/put
Using HTTP PUT through a PHP script:
teckla.corp.hp.com/reference/cgi/php/features.file-upload.put-method.html
Q: How to spread apache on NFS?
Use Serverroot on an NFS mounted File System but do NOT put
the Lockfile and Scriptsock directive on an NFS mounted FS.
More information about Apache on NFS can be found in the Apache Admin guide.
|
-
Q: In general what should
I do to solve problems in HP-UX Web Server Suite?
A. Look at the log files
The main error log is:
/opt/hpws/apache/logs/error_log
The access log is:
/opt/hpws/apache/logs/access_log
The access log may have more info on the errors that appear in the
error log. In particular it will have status codes. The access_log is disabled
by default. To enable the access_log, uncomment the following line in /opt/hpws/apache/conf/httpd.conf:
CustomLog logs/access_log common
For https errors see:
/opt/hpws/apache/logs/error_log
For suEXEC errors see:
/opt/hpws/apache/logs/suexec_log
For mod_rewrite errors see:
/opt/hpws/apache/logs/rewrite_log
By default this is not enabled so you need to edit:
/opt/hpws/apache/conf/httpd.conf
To enable mod_rewrite logs type:
RewriteLog logs/rewrite_log
For mod_cgi errors see:
/opt/hpws/apache/logs/script_log
By default this is not enabled so you need to edit:
/opt/hpws/apache/conf/httpd.conf
To enable cgi logs type:
ScriptLog logs/script_log
For Tomcat Java errors see:
In /opt/hpws/tomcat/logs/
tomcat.log is the main error log.
tomcat_startup.log saves not only startup info but also the
standard output, STDOUT, and standard error, STDERR, from Tomcat.
jasper.log has jsp info.
servlet.log has servlet info.
jk.log has mod_jk info.
For Cocoon errors see:
Cocoon produces execution log entries for debugging/auditing.
The amount of data to be logged can be controlled by log-level parameter in web.xml file. The default is DEBUG (maximum data). By default, the log file is:/opt/hpws/tomcat/webapps/cocoon/WEB-INF/logs/cocoon.log.
Cocoon keeps the generated .java files in a directory tree starting at (by default):/opt/hpws/tomcat/webapps/work/localhost_8080%2Fcocoon/org/apache/cocoon/www
Files created by LogTransformer are kept (by default) in /opt/hpws/tomcat directory.
B. Increase the log level
Increasing the log level will slow down the server. You should reset
the log levels after the problem is solved.
For Apache problems
In /opt/hpws/apache/conf/ http.conf
Set:
LogLevel debug
CustomLog /opt/hpws/apache/logs/access_log combined
For https problems
In /opt/hpws/apache/conf/ssl.conf
Set:
LogLevel debug
For mod_ rewrite problems
In /opt/hpws/apache/conf/httpd.conf
Set:
RewriteLogLevel 9
For Tomcat Java problems
In /opt/hpws/tomcat/conf/server.xml
There are various "Logger" tags.
In each one you can set the verbosity attribute.
For example set:
verbosity = 4
For more information see:
http://yourserver.com/hp_docs/tomcat/tomcat_manual/config/logger.html
For PHP problems
See "Error handling and logging" in:
/opt/hpws/apache/conf/php.ini
For mod_jk problems
In /opt/hpws/tomcat/jk/apache2/mod_jk.conf
Set:
JkLogLevel debug
For auth_ldap problems
In /opt/hpws/apache/conf/http.conf
Set:
LogLevel debug
Note: There are no special auth_LDAP logging directives.
For more info on log files see:
httpd.apache.org/docs-2.0/logs.html
C. Check permissions.
First give read/write/execute permissions to appropriate files. See
if this works. If it does then gradually reduce permissions to minimum
that works. If it doesn't then at least you have eliminated permissions
as a cause of the problem.
D. Look at configuration files.
The configuration files are heavily commented and act as help files.
/opt/hpws/apache/conf/httpd.conf
/opt/hpws/apache/conf/ssl.conf
/opt/hpws/apache/conf/cache.conf
/opt/hpws/apache/conf/ldap.conf
/opt/hpws/tomcat/conf/server.xml
/opt/hpws/tomcat/jk/apache2/mod_jk.conf
/opt/hpws/tomcat/jk/apache2/workers.properties
To test the syntax of httpd.conf and any include configuration files type:
/opt/hpws/apache/bin/httpd -t
E. Use tools
ApacheBench can be used as a command line browser to test the web server.
For usage type:
/opt/hpws/apache/bin/ab -h
If you need more info set the verbosity to a high level.
For example:
-v 9
Q: What do the HTTP error
messages mean?
HTTP errors are in the form of status codes returned from the server.
See RFC 2616. Where can I find internet specifications
or RFCs?
Status codes are grouped as follows:
100-199 Informational.
200-299 Client Request successful.
300-399 Client request redirected, further action necessary.
400-499 Client request incomplete.
400 Bad Request
401 Unauthorized
402 Payment Required
403 Forbidden
404 Not Found
405 Method Not Allowed
406 Not Acceptable
407 Proxy Authentication Required
408 Request Timeout
409 Conflict
410 Gone
411 Length Required
412 Precondition Failed
413 Request Entity Too Large
414 Request-URI Too Long
415 Unsupported Media Type
416 Requested Range Not Satisfiable
417 Expectation Failed
500-599 Server errors.
501 Not Implemented
502 Bad Gateway
503 Service Unavailable
504 Gateway Timeout
505 HTTP Version Not Supported
Q: How do I customize the
error logs or access logs?
It is not possible to customize the format of the error_log but you
can change the verbosity level to be info, warn, debug, etc. The format
is not customizable because it conforms to the CLF (Common Log Format).
However many error messages such as http status codes can be found in the
access_log which is actually a kind of "CustomLog". It is enabled in httpd.conf by the following directives:
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog logs/access_log common
For more info on custom log files see:
httpd.apache.org/docs-2.0/logs.html#accesslog
or
httpd.apache.org/docs/logs.html#accesslog
See comments and examples in:
/opt/hpws/apache/conf/httpd.conf
The program "logresolve" can resolve IP addresses into names and extract statistics from the log files.
For usage type:
/opt/hpws/apache/bin/logresolve -h
For info see:
httpd.apache.org/docs-2.0/programs/logresolve.html
Q: What do the error log
messages mean?
For more info on log files see:
httpd.apache.org/docs/logs.html
Some common error log messages are:
File does not exist
Verify that the file exists and that httpd.conf is configured so that
it can find it.
Premature end of script headers
This implies a CGI problem. Many things can cause this error message.
Check file permissions. Check path to executable for example Perl in script
header
should be #!/opt/perl/bin/perl. Check script syntax. Try running
the script from the command line.
"Apache.pm" failed to load
This is usually due to Perl binaries not being in the PATH.
/opt/hpws/apache/bin/apachectl should set the environment variable PERL5LIB correctly. If you start Apache with /opt/hpws/bin/httpd instead and PERL5LIB is not set properly then you will get this error.
SIGBUS or Segmentation fault
This is a severe problem. Check for a bad module or configuration in
recent additions to the web server suite. Sometimes these problems only
occur under heavy load.
(233)No buffer space available: accept: (client socket)
In general this error can be ignored. This error will be generated
in the following scenario:
A. A client makes a new TCP connection to the server.
B. The new connection is queued on the servers LISTEN socket.
C. Client sends a TCP reset on the connection.
D. Server calls accept.
E. Accept fails and server will log the error and shut down httpd process handling it.
Note that if the client comes back with a new request it will be properly handled.
Q: How often should I check
error logs?
Some errors may not cause obvious symptoms so it is good to check the
error logs periodically. For example you should check the logs:
A. After starting or restarting the server.
B. Atleast once a week and possibly daily depending on the size or
complexity of your web site.
C. Whenever new functionality is added such as new modules.
D. Whenever new dynamic content is added such as cgi scripts or java
jsps.
Q: How do I find out who
is accessing my Apache web server?
Check the access logs at:
/opt/hpws/apache/logs/access_log
Note: the access_log is not enabled by default.
Q: I get the error "Can't
shl_load() a library containing Thread Local Storage". What should I do?
Error message:
/usr/lib/dld.sl: Can't shl_load() a library containing Thread Local
Storage: <name of the library
Thread local storage needs to be
allocated before the library is loaded.
For example if you get an error:
/usr/lib/dld.sl: Can't shl_load() a library containing Thread Local
Storage: /usr/contrib/oracle/lib/libjava.sl
/usr/lib/dld.sl: Exec format error
Syntax error on line 224 of /opt/hpws/apache/conf/httpd.conf:
Cannot load /opt/hpws/apache/modules/libphp4_oracle.sl into server:
Exec format error
../bin/apachectl start: httpd could not be started
Then you need to do the following:
Edit the file "/opt/hpws/apache/bin/apachectl" and add:
export LD_PRELOAD="/usr/lib/libpthread.sl:/
usr/contrib/oracle/lib/libjava.sl"
Q: Why do I need to do LD_PRELOAD
when a module includes threading?
Thread local storage needs to be enabled before the library is loaded.
This should be eliminated in the HP-UX 11.23 OS release.
Q: Some web pages cause
my browser to freeze.
What should I look for?
The drivers for some common graphics cards are known to cause MS Internet
Explorer to hang. The DDHelp error message indicates the problem file.
In particular nvidia graphics chip drivers had a DirectX bug that only
failed on certain web pages. The solution is to download an updated driver.
Q: Why does my C++ module
fail to load?
Typically this is because it wasn't compiled with the proper stub or
that it wasn't linked properly.
See
/opt/hpws/apache/build/examples/README and
mod_hello.cpp for a simple example.
Q: Why do my web pages fail
with "chroot" enabled?
The script makes a "best guess" at which files to copy into the new
root. Other files may need to be copied. Look at the script in a text editor
for hints as to what types of files are generally needed. Also error messages
will often indicate that a file is missing. If so then copy the file into
the new root structure in a matching place.
Did you run the script /opt/hpws/apache/util/chroot_os_cp.sh?
Also see Troubleshooting in:
/opt/hpws/hp_docs/apache/utilities.user.guide.
Q: Why don't my perl scripts
run?
It could be because Perl is not available.
Check the error_log file.
If /opt/hpws/apache/logs/error_log says "Apache.pm" failed to load then mod_perl has not loaded and all perl scripts will fail. This is usually due to perl binaries not being in the PATH or the PERL5LIB environment variable not being set to include following as a single line:
/opt/hpws/apache/lib/perl/lib/site_perl/5.6.1/PA-RISC1.1-thread-multi:/opt/hpws/apache/lib/perl/lib
SOLUTION: Verify that perl is installed in /opt/perl/bin and
that /opt/perl/bin/perl and /opt/perl/lib/5.6.1 exist. Next specify
where the mod_perl libraries are installed with the following command as
a single line:
export PERL5LIB=/opt/hpws/apache/lib/perl/lib/site_perl/5.6.1/PA-RISC1.1-thread-multi:/opt/hpws/apache/lib/perl/lib
The PERL5LIB environment variable is preset by the shell running the Apache executable. If you experience problems, manually set this environment variable as shown above.
To test whether you have the correct 5.6.1 on your system type:
/opt/perl/bin/perl -v PA-RISC versions of HP-UX Web Server Suite should say it is "v5.6.1"" and that it is "provided by ActiveState Tool Corp". IPF (Itanium) versions of HP-UX Web Server Suite should say it is "v5.6.1 built for IA64" and that it is "provided by ActiveState Tool Corp". If not, you need to install the correct HP-UX release of perl.
First download
Perl from the URL software.hp.com/ then:
In the left navigation bar, click on "search".
Use keywords: Perl v.5.6.1
Q: I cannot access the download
site. What should I do?
Contact the response center or [email protected]
Q: I get permission denied
errors running some JSPs with Tomcat but others work. Why?
JSPs automatically create directories and files in the tomcat/work directory. These directories have the write permissions for the user & group of the user who started tomcat. The write permissions are not granted to others (rwxrwxr-x).Subsequently, if other users, those who do not belong to the above group, try to start Tomcat, they'll not have permissions to write in the work directory.
The solution is to either always start Tomcat as "www" or always
start Tomcat with users who belong to the same group
Q: What should I do
if I get error messages like "Spurious SSL handshake interrupt[Hint: Usually just one of those OpenSSL confusions!?]"?
The reason for these error messages is because of the idle server maintenance that is done in Apache - when Apache sends a dummy connect request on all the ports that it listens to - and mod_ssl doesn't know what is happening. One solution to get rid of the problem is by having the statement "Listen 443" ahead of "Listen 80" in httpd.conf (and getting rid of "Listen 443" from ssl.conf.
Q: Why won't Tomcat shutdown?
Under heavy stress tomcat may get into a state where shutdown fails.
As user root type:
kill -9 [tomcat pid]
The PID(Process ID) can be found in the file:
/opt/hpws/apache/logs/tomcat.pid
Q: Why does Apache fail
to start with a "dlclose Unresolved Symbol" error?
One possible reason is that HP-UX needs a linker patch named PHSS_26559.
Check for the patch by doing:
swlist | grep "PHSS_26559"
Install the patch if you don't have it.
|
-
Q: Where can I find more
information on security components?
For the OpenSSL User's Guide, see
www.openssl.org/docs/
For the mod_ssl User's Guide, see
www.modssl.org/docs/
For Chroot see the FAQ:
What
is chroot?
-
Q: What cryptographic algorithms
does HP HP-UX Apache-based Web Server use ?
HP-UX Apache-based Web Server uses all the industry standard cryptographic algorithms such as RSA(512/1024), RC2, RC3, RC4,DES, 3DES, SHA, MD5, ... supported by OpenSSL.
The crypto algorithms, RC4, RSA, and MD5 in the RSA Crypto-C library
are specially tuned by HP for
better performance on HP-UX. We use these algorithms with OpenSSL to provide
superior performance for SSL connections.
-
Q: What different types
of authentication are used in HP-UX
Apache-based Web Server?
For more info see Where
can I find more information on modules? except for htaccess where you
should see What
is htaccess? and mod_auth_ldap where you should see Where
can I find more information on LDAP?.
A. .htaccess files
Authentication by user name/password. Hidden .htaccess files restrict access to files at this point and below in the file system.
B. mod_auth
Authentication by user name/password.
C. mod_auth_anon
Authentication by anonymous name/email address.
D. mod_auth_dbm
Authentication by user name/password from a UNIX NDBM database.
E. mod_ssl
Authentication by exchanging client and server SSL certificates.
F. mod_auth_ldap
Authentication from an LDAP server.
-
Q: What is htaccess?
It is authentication by user name and password. Hidden ".htaccess"
files restrict access to files at this point and below in the file system.
It is part of Apache's basic authentication mechanism.
The procedure is to:
A. Create a password with "htpasswd".
B. Place an ".htaccess" file in a directory.
C. Set "AllowOverride All" for that directory.
Now you will be prompted for a name and password when accessing files.
See FAQ How
do I enable an authentication prompt for certain URLs?
-
Q: How do I enable an authentication prompt for certain URLs?
For example one way is to use htaccess.
You must be the user root to do this.
Do the following command as a single line:
/opt/hpws/apache/bin/htpasswd -c /opt/hpws/apache/.passwd me
At the prompt enter the following:
secret
secret
Edit or create /opt/hpws/apache/htdocs/.htaccess
Add lines:
AuthUserFile /opt/hpws/apache/.passwd
AuthType Basic
AuthName Test
<Limit GET>
</Limit>
Edit /opt/hpws/apache/conf/httpd.conf
Go to:
<Directory �/opt/pws/apache/htdocs�>
Change:
AllowOverride None
To:
AllowOverride All
Now you will get an authorization prompt when you try to access files
in /opt/hpws/htdocs and below.
You will have to answer the prompt with:
User: me
Password: secret
-
Q: Can I use LDAP for authentication?
Yes, by using the auth_ldap module included with HP-UX Apache-based Web Server.
-
Q: How do I force a web
page to use SSL protection?
Let's assume you want to force SSL access to the directory, /opt/hpws/apache/cgi-bin.
Add the following to /opt/hpws/apache/conf/httpd.conf:
<IfDefine SSL>
<Directory /opt/hpws/apache/cgi-bin>
SSLRequireSSL
</Directory>
</IfDefine SSL>
-
Q: How do I remove the PEM
Pass Phrase for my server key?
To remove the pass phrase in the private key that's stored within "/opt/hpws/apache/conf/ssl.key/server.key",
as "root" user enter the following command as a single line:
/opt/hpws/apache/ssl/openssl_bsafe/bin/openssl rsa -in server.key
-out server1.key
In /opt/hpws/apache/conf/ssl.conf:
Replace:
SSLCertificateKeyFile /opt/hpws/apache/conf/ssl.key/server.key
With:
SSLCertificateKeyFile /opt/hpws/apache/conf/ssl.key/server1.key
-
Q: How do I restore the
PEM Pass Phrase for my server key?
To put back the pass phrase that has been removed from a private key
or to add a pass phrase for the first time, from " /opt/hpws/apache/conf/ssl.key/server.key
", as "root" user enter the following command as a single line:
/opt/hpws/apache/ssl/openssl_bsafe/bin/openssl rsa -des3 -in server1.key
-out server2.key
If necessary, update /opt/hpws/apache/conf/ssl.conf:
Replace:
SSLCertificateKeyFile /opt/hpws/apache/conf/ssl.key/server1.key
With:
SSLCertificateKeyFile /opt/hpws/apache/conf/ssl.key/server2.key
-
Q: Can I create my own
certificates?
Yes, by using mkcert.sh or webmin.
Since they will not be issued by a "trusted authority", they may not
be accepted by other sites. These are called "self signed certificates".
See FAQ How
do I generate keys and certificates for my server?
-
Q: How do I generate keys
and certificates for my server?
A. Use webmin
See FAQ Can
Webmin generate keys, certificates, and certificate requests?
B. Or use /opt/hpws/apache/bin/mkcert.sh which has built-in usage/help
documentation.
- Q: Can Webmin generate keys,
certificates, and certificate requests?
Yes but only with HP-UX Web Server Suite.
It can generate keys, certificates, and certificate requests for the
Certificate Authority (CA) and the server using the OpenSSL toolkit.
In webmin, http://yourserver.com:10000
Click on "Generate Certificates" from Webmin's main Apache screen.
-
Q: How do I add a trusted
Certificate Authority (CA) certificate
to Apache?
Download the trusted CA certificate from Certificate Authority.
IMPORTANT: Verify that there are no carriage return characters (^M)
at the end of each line. If any are present, please remove them.
Edit or create the following file and append the downloaded CA certificate.
Refer to the /opt/hpws/hp_docs/apache/ssl.admin.guide for detailed instructions.
-
Q: How do I require clients
to have a certificate from a trusted Certificate Authority (CA)?
Uncomment or add following directives in /opt/hpws/apache/conf/ssl.conf
SSLCACertificatePath /opt/hpws/apache/conf/ssl.crt
SSLCACertificateFile /opt/hpws/apache/conf/ssl.crt/ca-bundle.crt
SSLVerifyClient require
SSLVerifyDepth 10
Now only certificates signed by a CA whose certificates is in Apache's ca.bundle.crt file will be accepted. All others will be rejected.
-
Q: What versions of iPlanet
certificates can be migrated to
HP-UX Apache-based Web Server?
iPlanet 4.x certificates can be migrated using the certmig utility.
-
Q: How do I migrate certificates from iPlanet?
See "Migration Guide for iPlanet Web Server to HP Apache-based Web
Server on HP-UX" at:www.hp.com/products1/unix/webservers/apache/techtips/index.html
/opt/hpws/hp_docs/apache/utilities.user.guide
/opt/hpws/hp_docs/apache/certmig.user.guide
-
Q: What is chroot?
Chroot provides an important security tool for your web server. Chroot
means CHange ROOT. It causes the named directory to become the root directory,
the starting point for path searches so a malicious program cannot get
to the real root file system. The Apache process that serves requests cannot
see or get to files outside of this new root directory. Because of this
we need to copy required files into our new root directory structure. For
example Perl will need to be copied.
-
Q: How do I setup chroot?
For a default implementation use the script file "chroot_os_cp.sh".
You can easily edit the file to conform to your special needs. View the
script for additional documentation.
See:
/opt/hpws/apache/bin/chroot_os_cp.sh
-
Q: What is suEXEC?
suEXEC allows two things: A. It allows cgi scripts in the "ScriptAlias" directory (default /cgi-bin) to be executed as the owner:group defined by the "SuexecUserGroup" directive in httpd.conf. (HP-UX Apache-based Web Server only)
B. It allows the scripts located in "~user/public_html" directory
to be executed as CGI scripts with the users limited permissions.
The administrator needs to:
i. Have ExecCGI option set for the directory <Directory /home/*/public_html>
ii. Set up, "AddHandler cgi-script .cgi", for the directory.
This enables users to run the ".cgi" file in their "public_html"
directory as a cgi script. Without suEXEC these scripts will run as "www:other"
(or whatever is specified by the User/Group directive for the server).
For security reasons it is better to run these cgi scripts under the
limited permissions of user.
See:
http://httpd.apache.org/docs-2.0/suexec.html
-
Q: How is suEXEC supported
by HP-UX Apache-based Web Server?
suEXEC is supported in 2.x versions of Apache.
-
Q: How do I start HP-UX Web Server
in secure mode through Webmin?
If necessary remove the PEM pass phrase from your server key as shown in "How
do I remove the PEM Pass Phrase for my server key?".
In webmin, http://yourserver.com:10000
On the servers tab, click on "HP-UX
Apache-based Web Server"
Click on "Edit Defined Parameters"
In the text field type: "-DSSL"
Click on "save"
Stop and start Apache from the top right links.
-
Q: Why would I use shm
instead of dbm for session caching?
"dbm" is for operating systems that don't support shared memory.
Since HP-UX supports shared memory "shm" session caching is the
prefered solution.
|
-
Q: How do I improve Apache performance?
The following directives are all in "httpd.conf".
A. Disable indexing of directories.
With the "Options" directive don't use "Indexes"
or "All" which enable index generation. Indexes are dynamically
generated for every access. It is much better to create an "index.html"
file instead.
B. Logging
Disable logging as much as possible. If necessary write each log to
their own file system using different high speed disks. This will decrease
delays caused by disk scheduling.
C. Set the following directives:
KeepAlive on
HostNameLookups off
D. With the "Options" directive use "FollowSymLinks"
not "SymLinksIfOwnerMatch".
E. For local directory URL's put a forward slash, "/", at the
end. That way the server can avoid needless file searches.
F. Deny access to well mannered spiders or web crawlers with a "robots.txt"
file under the document root. The file has "User-Agent" and "Disallow"
directives that limit access to URLs.
G. Use a high speed backend connection between the web server and database.
H. Avoid JSP's. Instead use Perl, C, C++, or Java modules.
I. For images:
Specify height and width.
Keep size small.
Minimize number of images.
Avoid animations.
Don't use macromedia flash on home pages.
J. Don't combine large and small images into same file.
Put alternate large images into a seperate file since many users will
not choose to view the large image.
-
Q: How do I improve SSL performance?
See:
/opt/hpws/hp_docs/apache/ssl.admin.guide
-
Q: How do I improve PHP performance?
Some suggestions are: A. Use only one echo or print statement in the
script. Use array or concatenation to compose the html then send with only
one echo or print.
B. Use the set of output buffer (ob_???) functions newly available in
PHP4. For example ob_start.
C. Use an accelerator. Search the web for "PHP Accelerator" and you
will find several accelerators, some of which are free.
-
Q: How do I improve Tomcat performance?
See:
/opt/hpws/hp_docs/tomcat/tomcat.admin.guide
-
Q: What kernel and network parameters
should I use for high loads?
The following is a guide to setting parameters on HP-UX 11.0 and later
systems. A specific system may vary from these guidelines. See your HP
sales representative for HP Consulting
options.
kernel parameters
| STRMSGSZ |
65535 |
| dnlc_hash_locks |
512 |
| create_fastlinks |
1 |
| dbc_max_pct |
15 |
| dbc_min_pct |
15 |
| eqmemsize |
2048 |
| max_thread_proc |
2048 |
| maxdsiz |
0X40000000 |
| maxdsiz_64bit |
0X40000000 |
| maxfiles |
2048 |
| maxfiles_lim |
2048 |
| maxssiz |
0X17f00000 |
| maxssiz_64bit |
0X40000000 |
| maxswapchunks |
16384 |
| maxtsiz |
0X40000000 |
| maxtsiz_64bit |
0X40000000 |
| maxuprc |
512 |
| maxusers |
2048 |
| maxvgs |
64 |
| msgmax |
32768 |
| msgmnb |
65535 |
| msgmni |
3200 |
| msgseg |
32767 |
| msgssz |
32 |
| msgtql |
32000 |
| nflocks |
2000 |
| npty |
60 |
| nstrpty |
60 |
| nstrtel |
60 |
| o_sync_is_o_dsync |
1 |
| semmni |
4096 |
| semmns |
4096 |
| semmnu |
2048 |
| semume |
64 |
| semvmx |
32768 |
| shmmax |
0X40000000 |
| shmmni |
1024 |
| shmseg |
512 |
| swchunk |
4096 |
| vps_ceiling |
64 |
network parameters
| tcp_time_wait_interval |
60000 |
| tcp_conn_req_max |
1024 --> 4096 |
| tcp_ip_abort_interval |
60000 |
| tcp_keepalive_interval |
900000 |
| tcp_rexmit_interval_initial |
1500 |
| tcp_rexmit_interval_max |
60000 |
| tcp_rexmit_interval_min |
500 |
| tcp_xmit_hiwater_def |
32768 |
| tcp_recv_hiwater_def |
32768 |
The "ndd" command is used for network tuning.
To check the current setting of the system listen queue:
ndd -get /dev/tcp tcp_conn_request_max
For example to adjust the system listen queue size to 256:
ndd -set /dev/tcp tcp_conn_request_max 256
-
Q: How do I improve Cocoon's performance?
See: xml.apache.org/cocoon/performancetips.html
-
Q: How do I do load balancing
with HP-UX Apache-based Web Server?
See: www.webtechniques.com/archives/1998/05/engelschall/
-
Q: How do I enable 2 Tomcat
servers to work with 1 HP-UX Web Server Suite?
This could be done for either load balancing or isolation of the Tomcat
Java servers.
connector.
You will need to become the user called bin to do this.
A. Copy Tomcat
cd /opt/hpws
cp -pr tomcat tomcat2
B. Edit:
/opt/hpws/tomcat2/conf/server.xml
Change:
<Host name="localhost" debug="0" appBase="webapps"
To:
<Host name="localhost" debug="0" appBase="/opt/hpws/tomcat2/webapps">
Change HTTP/1.1 Connector port:
port="8081"
To:
port="8091"
Change AJP 1.3 Connector port:
port="8009"
To:
port="8019"
Change:
<Server port="8005"/>
To:
<Server port="8015"/>
Change:
Context path="/examples" docBase="/examples"
To:
Context path="/examples2" docBase="examples"
C. Change ports in worker configuration file.
Edit /opt/hpws/tomcat/jk/apache2/workers.properties
Change:
worker.list=ajp13
To:
worker.list=tomcat, tomcat2
Comment out:
worker.ajp13.port=8009
worker.ajp13.host=localhost
worker.ajp13.type=ajp13
Add:
worker.tomcat.port=8009
worker.tomcat.host=localhost
worker.tomcat.type=ajp13
worker.tomcat2.port=8019
worker.tomcat2.host=localhost
worker.tomcat2.type=ajp13
D. Add context for our second Tomcat.
Since Apache already reads /opt/hpws/tomcat/jk/apache2/mod_jk.conf
we
will add it there.
Edit /opt/hpws/tomcat/jk/apache2/mod_jk.conf
Comment out:
JkMount /examples ajp13
JkMount /examples/* ajp13
Add the following lines:
JkMount /examples tomcat
JkMount /examples/* tomcat
JkMount /examples2 tomcat2
JkMount /examples2/* tomcat2
F. Test
Edit a sample index file
/opt/hpws/tomcat2/webapps/examples/jsp/index.html
Change title from:
JSP Samples
To:
Tomcat2 JSP Samples
As root stop Apache, Tomcat, and Tomcat2.
/opt/hpws/apache/bin/apachectl stop
/opt/hpws/tomcat/bin/shutdown.sh
/opt/hpws/tomcat2/bin/shutdown.sh
As root start Apache, Tomcat, and Tomcat2.
/opt/hpws/apache/bin/apachectl start
/opt/hpws/tomcat/bin/startup.sh
/opt/hpws/tomcat2/bin/startup.sh
In a browser enter:
http://yourserver.com/examples/jsp/
You should see:
JSP Samples
To test the second Tomcat, in a browser enter:
http://yourserver.com/examples2/jsp/
You should see:
Tomcat2 JSP Samples
|
-
Q: Where can I find more information
on modules?
See:
httpd.apache.org/docs-2.0/mod/index-bytype.html
-
Q: How can I enable a precompiled
module?
A. Copy module or shared library to:
/opt/hpws/apache/modules/
B. Set file permissions and ownership to:
-rwxr-xr-x bin bin mod_foo.so
C. Edit the file:
/opt/hpws/apache/conf/httpd.conf
Add the LoadModule directive. For example:
LoadModule foo_module modules/mod_foo.so
|
syntax error in file /opt/hpws/webmin/miniserv.pl at line 6, next 2 tokens "use Socket"
syntax error in file /opt/hpws/webmin/miniserv.pl at line 41, next 2 tokens "\Net:"
Q: How do I start and stop
Webmin?
For all the webmin actions log in as "root".
To start Webmin type:
/opt/hpws/webmin/webmin-init start
Point the browser to: yourserver.com:10000
Login : admin
Default Password : hp.com
To stop Webmin type
/opt/hpws/webmin/webmin-init stop
Q: How do I automatically
start Webmin on boot-up?
Edit:
/etc/rc.config.d/hpws_webminconf.
Set start to true:
Set HPWS_ WEBMIN_START=1
Q: How do I change webmin's
administrator password?
To change the password of user "admin" to "foo":
As root, run the following as a single line:
/opt/hpws/webmin/changepass.pl /opt/hpws/webmin/conf
admin foo
|
-
Q: Where can I find more information
on HP-UX Web Server Suite and IPv6?
www.ipv6.org
See the file in the Apache bundle:
/opt/hpws/hp_docs/admin-guide
The IPv6 product supports IPv4 as well as IPv6.
-
Q: What are IPv6's requirements?
HP-UX 11.11 requires IPv6 to be installed.
IPv6 product number: T1306AA is available from software.hp.com
Search for: T1306AA
HP-UX 11.23 onwards comes with IPv6.
PA-RISC 11i
For java support you must have Java 1.4.
-
Q: How do I enable IPv6?
The installed product should be enabled by default "out of the box".
To verify IPv6 functionality:
A. Make sure that one of the interfaces is configured for IPv6 addresses.
At the command prompt type:
ifconfig lan0
You should see output similar to the following:
lan0: flags=843<UP,BROADCAST,RUNNING,MULTICAST>
inet 111.222.333.444 netmask ffffff00 broadcast 111.222.333.255
lan0: flags=4800841<UP,RUNNING,MULTICAST,ONLINK>
inet6 fe80::210:83ff:feff:da14 prefix 10
B. Make sure that DNS server is properly configured for the IPv6 address.
If you are using "/etc/hosts", for hostname lookup, then an
entry for the IPv6 address should be present in "/etc/hosts"
C. Ensure that "/etc/nsswitch.conf" has a line corresponding
to "ipnodes". An example entry is shown below:
ipnodes: dns [NOTFOUND=continue] files
More information on IPv6 configuration can be found in the documentation
that comes with IPv6 product.
Q: What components of HP-UX Web Server Suite support IPv6?
Only the following support is available:
A. Complete Support
Means that module work on IPv6 platform, and all the functionalities
of IPv6 are also implemented.
- Apache Core
- PHP
- SSI
- CGI (C-based and shell script)
- Tomcat
- Servlets
- JSP
B. Partial Support
Although the following components works on IPv6 platform, they may not
behave correctly for networking calls related to IPv6 addresses, due to lack
of underlying support.
- CGI (Perl-based)
- mod perl
- Webmin
CGI scripts written in Perl will return failure for any calls to, say,
gethostbyname() for the IPv6 addresses, as Perl does not support IPv6.
Hence, CGI, mod_perl and Webmin are supported only in IPv4 mode.
- mod_ssl
Since HP-UX Apache-based Web Server implements the SSL using the OpenSSL library, mod_ssl does not support IPv6 addresses.
- WebDAV
Currently there are no IPv6 compatible clients for WebDAV. Hence, WebDAV with IPv6 addresses is not supported for this release of HP-UX Apache-based Web Server.
- LDAP connectivity
If your LDAP server is not IPv6 capable, then you will need to configure
your auth_ldap to connect to the LDAP server using the IPv4 address.
- Stunnel
Stunnel currently does not have IPv6 capabilities, i.e. it cannot listen
on IPv6 addresses. Therefore, when one starts Stunnel they need to specify
an IPv4 address/port for Stunnel. Hence your auth_ldap configuration should
point to the IPv4 address/port that Stunnel is listening on.
- OpenSSL
OpenSSL does not have support for IPv6. However, on an IPv6 machine,
it could still be used in IPv4 mode.
- ab with SSL
/opt/hpws/apache/bin/ab implements SSL using OpenSSL. Since OpenSSL does not have support for IPv6, ab does not either.
- SSL clients
Currently, there are no SSL clients available from HP on HP-UX for
IPv6. However, one could use the standard SSL clients in IPv4 mode.
|
-
Q: Where can I find more information
on webDAV?
www.webDAV.org
-
Q: What are webDAV's requirements?
Server side:
HP-UX Apache-based Web Server needs a non-nfs directory with write permission for use by WebDAV module.
Client side:
You need a client that is enabled to interact with the WebDAV server.
Windows 2000 is enabled by default. WindowsNT may not have complete support
for �Web Folders� and hence you may not be able to fully test WebDAV with
an NT client.
-
Q: How do I enable webDAV?
You must be logged on as root to Configure DAV:
A. Load Modules
Edit:
/opt/hpws/apache/conf/httpd.conf
Uncomment or add the following:
#LoadModule dav_module mod_dav.so
#LoadModule dav_fs_module mod_dav_fs.so
B. Provide a non-nfs location to WebDAV
Edit,
/opt/hpws/apache/conf/httpd.conf
After line:
DocumentRoot "/opt/hpws/apache/htdocs"
Add the �DAVLockDB� directive as follows.
DAVLockDB /some/path/DAVLock
Note: WebDAV will create files under the /some/path/� directory
with the prefix "DAVLock". Any prefix and path can be used. However, ensure
that this directory exists and is on a non-NFS mounted file system.
After line:
<Directory "/opt/hpws/apache/htdocs">
Add the following line:
DAV On
Note: The same can be done within a <Location> directive.
C. Change ownership
chown �R www:other /opt/hpws/apache/htdocs
D. Restart Apache
/opt/hpws/apache/bin/apachectl stop
/opt/hpws/apache/bin/apachectl start
E. Verify if DAV works:
Windows2000 ONLY:
1) Double click the �My Network Places� icon on the Windows 2000
desktop.
2) Double click �Add Network Place
3) Enter the following URL:
yourserver.com/
4) Provide a simple display name for this WebDAV folder.
5) Result/Output:
If able to connect successfully to the WebDAV server and a web-folder
is created on the Windows machine, then our WebDAV server is working.
WindowsNT ONLY:
1) Double click on �Network Neighbourhood
2) Click on the �Network Neighbourhood� drop-down list, and select
�Web Folders
3) Double click on �Add Web Folder�.
4) Enter the following URL:
yourserver.com/
5) Provide a simple display name for this WebDAV folder.
6) Result/Output:
If able to connect successfully to the WebDAV server and a web-folder is created on the Windows machine, then our WebDAV server is working.
Note: WindowsNT may not have complete support for �Web Folders�
and hence you may not be able to fully test WebDAV.
|
-
Q: Where can I find more information
on auth_ldap?
www.rudedog.org/auth_ldap/
www.openldap.org
-
Q: What are auth_ldap's requirements?
HP-UX Apache-based Web Server is an LDAP client. It needs an LDAP server. If you have a secure LDAP server (LDAPs) you will need to use the "stunnel" program supplied with HP-UX Apache-based Web Server.
-
Q: How do I enable auth_ldap?
Edit:
/opt/hpws/apache/conf/httpd.conf
Uncomment the following line:
#Include conf/ldap.conf
Edit:
/opt/hpws/apache/conf/ldap.conf
Change 127.0.0.1:389 to the actual IP address and port number of your LDAP server and replace hp.com with your organization in the following line:
AuthLDAPURL ldap://127.0.0.1:389/o=hp.com
-
Q: How do I use auth_ldap with
HP-UX Apache-based Web Server?
See the following file:
/opt/hpws/hp_docs/apache/ldap.admin.guide
|
-
Q: Where can I find more
information on mod_perl?
perl.apache.org
is the main Apache mod_perl site.
perl.apache.org/guide/
is the mod_perl guide.
perl.apache.org/dist/cgi_to_mod_perl.html
for converting from CGI to mod_perl.
perl.apache.org/dist/mod_perl_traps.html
for a collection of problems to avoid.
perl.apache.org/stein.schl.org/WWW/software/CGI/
for CGI.pm info.
cpan.perl.org Comprehensive
Perl Archive Network (CPAN) has lots of Perl software.
dbi.perl.org
for the home of the database interface to Perl.
-
Q: What are Perl's requirements?
For PA-RISC:
CGI will work with any Perl.
mod_perl requires HP's Perl 5.6.1.
For IPF (Itanium):
CGI will work with any Perl.
mod_perl requires HP's 64 bit Perl 5.6.1.
Download Perl from www.software.hp.com.
Search for: Perl v.5.6.1
-
Q: How do I enable Perl?
There are two ways to run Perl scripts on Apache. They can be run through CGI or mod_perl. mod_perl will be faster.
A. CGI method
These scripts can be run by placing the file in
/opt/hpws/apache/cgi-bin
The first line of the script should point to the Perl executable.
#!/opt/perl/bin/perl
B. mod_perl method
In the file:
/opt/hpws/apache/conf/httpd.conf
uncomment the mod_perl LoadModule directive
LoadModule perl_module modules/mod_perl.so
In the same file, also uncomment the section
<IfModule mod_perl.c> ... </IfModule>
This will allow all files ending with *.pl to be run through the Perl
module.
-
Q: What are the differences
in using Perl as a CGI script or through mod_perl?
mod_perl executes Perl scripts faster than CGI.
It allows other Apache modules to be written in Perl.
It has additional functionality provided by mod_perl handlers and <Perl>...</Perl>
sections.
|
-
Q: Where can I find more information on PHP?
www.php.net/docs.php for the PHP User's Guide.
www.php.net for general information
on PHP.
-
Q: What are PHP's requirements?
For Oracle support the Oracle client libraries must be on the Apache
web server machine.
-
Q: How do I enable PHP?
In the file /opt/hpws/apache/conf/httpd.conf uncomment:
#LoadModule php4_module modules/libphp4.so
Edit the file:
/opt/hpws/apache/bin/apachectl
Uncomment the individual line that begins with:
#export LD_PRELOAD="/usr/lib/libpthread.sl:/usr/lib/libcl.sl:/path_to_oracle/lib/libjava.sl"
For PHP Oracle support edit the file:
/opt/hpws/apache/bin/apachectl
Uncomment and set appropriate values for the following variables in
apachectl:
export ORACLE_HOME = /path/to/oracle-8.1.6/client/side/libraries
export SHLIB_PATH=$SHLIB_PATH:$ORACLE_HOME/lib
export LD_PRELOAD=$LD_PRELOAD:$ORACLE_HOME/JRE/lib/PA_RISC/native_threads/
libjava.sl
export ORACLE_SID=YourConnectionName
Q: How can I change PHP defaults?
Edit the following file and restart Apache:
/opt/hpws/apache/conf/php.ini
Q: How do I connect PHP to a
database?
The extension for the database must be enabled. Currently MySQL and Oracle are supported.
Next your web page needs to use the php function associated with the
database.
Assuming a database with a customer table containing name and address
fields, a simple MySQL example is:
<?
@ $db = mysql_pconnect("localhost", user, password);
if (!db)
{
echo "Error: Couldn't connect";
}
mysql_select_db("customers");
$query = "select * from customers";
$result = mysql_query($query);
$num_results = mysql_num_rows($result);
for ($i = 0; $i < $num_results; $i++)
{
$row = mysql_fetch_array($result);
echo "<p>i+1).". Name: ";
echo $row["name"];
echo "<br> Address: ";
echo $row["address"];
echo "<p>";
}
?>
Q: What PHP extensions are enabled
by default?
By default no extensions are enabled. However substantial functionality
including MySQL database connectivity is built into PHP.
Q: How do I add PHP extensions
to Apache?
You need to edit two directives in the file:
/opt/hpws/apache/conf/php.ini
A. The location of the extensions.
extension_dir = /opt/hpws/apache/php/lib/php/extensions
B. The name of the extension.
extension = foo.sl
|
-
Q: Where can I find more information
on mod_jk?
jakarta.apache.org/tomcat/tomcat-4.1-doc/jk2/jk/aphowto.html
-
Q: What are mod_jk's requirements?
Same as Apache and Tomcat.
-
Q: How do I enable mod_jk?
In the file:
/opt/hpws/apache/conf/httpd.conf
Uncomment the following line:
#Include tomcat/jk/apache2/mod_jk.conf
-
Q: What are mod_jk workers?
A worker is a tomcat instance that serves servlet requests coming from
the web server. In most cases there is only a single worker (the one and
only tomcat process) but sometimes you will run multiple workers to achieve
load balancing or site partitioning. Each worker is identified to the web
server by the host where it is located, the port where it listens and the
communication protocol used to exchange messages.
-
Q: What are the different connectors
available for mod_jk/tomcat?
There are three worker types:
A. ajp13 the recommended worker between
Apache and Tomcat)
B. jni (supporting in-process Tomcat, not supported by HP-UX Apache-based Web Server)
C. lb (a load balancing worker that provides round-robin based sticky
load balancing with a certain level of fault-tolerance)
|
-
Q: Where can I find more information
on Tomcat?
version 4.1:
jakarta.apache.org/tomcat/tomcat-4.1-doc/index.html
"Apache Jakarta-Tomcat", by James Goodwill, APress.
"Core Servlets and JavaServer Pages (JSP)", by Marty Hall, Prentice
Hall PTR.
"Professional Java Server Programming J2EE Edition", by Allamaraju,Avedal,
Browett, et.al., Wrox Press.
"Java Developer's Guide to Servlets and JSP", by Bill Brogden, Sybex
Inc.
-
Q: What are Tomcat's requirements?
The minimum requirement is the JRE (Java Runtime Environment) 1.2.2.04
or higher. Java 1.3 JRE is recommended.
If you wish to use JSPs (Java Server Pages) then you also need the JDK
(Java Development Kit) so that you can compile JSPs.
For PA-RISC:
HP JDK 1.2.2.04 or higher must be used.
The latest version of Java 1.3.x can be downloaded from:
www.hp.com/products1/unix/java/java2/sdkrte1_3/index.html.
The latest version of Java 1.2 can be downloaded from:
www.hp.com/products1/unix/java/java2/sdkrte/index.html.
For IPF (Itanium):
HP JDK 1.3.x.0 for IPF or higher must be used.
The latest version of Java 1.3.x can be downloaded from www.hp.com/go/java/.
For IPv6 support Java 1.4 is required.
-
Q: How do I start and stop
Tomcat?
For all the Tomcat actions log in as same user every time, for example
"www". See: I get permission denied errors
running some JSPs with Tomcat but others work. Why?
To start Tomcat:
/opt/hpws/tomcat/bin/startup.sh
To stop Tomcat:
/opt/hpws/tomcat/bin/shutdown.sh
-
Q: How do I automatically
start Tomcat on boot-up?
Edit:
/etc/rc.config.d/hpws_tomcatconf
Set the following:
HPWS_TOMCAT_START=1
JAVA_HOME=<location of java>
|
-
Q: What is XML Web Server Tools?
HP-UX XML Web Server Tools is a group of standards-based XML products
that run in the Java environment. It is a new component starting in Jan 2003.
For more information see:
/opt/hpws/hp_docs/xmltools/xml.admin.guide
http://xml.apache.org
-
Q: What are xmltool's requirements?
Java 1.2 or higher is required to run xmltools.
-
Q: What is Xerces and where do I get more information on Xerces?
Xerces provides XML parsing and generation. Fully validating parsers are
available for both
Java and C++, implementing the W3C XML and DOM (Level 1 and 2) standards, as
well as the de facto SAX (version 2) standard
For more information see:
/opt/hpws/hp_docs/xmltools/xml.admin.guide
http://xml.apache.org/xerces2-j/index.html
-
Q: What is Xalan and where do I get more information on Xalan?
Xalan is an XSLT stylesheet processor for transforming XML documents into
HTML, text, or other XML document types.
For more information see:
/opt/hpws/hp_docs/xmltools/xml.admin.guide
http://xml.apache.org/xalan-j/index.html
-
Q: What is Cocoon and where do I get more information on Cocoon?
Cocoon is a framework for XML web publishing that brings a whole new world of abstraction and ease to
consolidated web site creation and management based on the XML paradigm and related technologies.
For more information see:
/opt/hpws/hp_docs/xmltools/xml.admin.guide
http://xml.apache.org/cocoon/index.html
-
Q: How do I enable Cocoon with Tomcat?
Copy the cocoon.war file to /opt/hpws/tomcat/webapps directory.
Start the servlet engine.
Type-in the URL http://localhost:8081/cocoon in your browser.
You should see the Cocoon welcome message.
For more information see:
/opt/hpws/hp_docs/xmltools/xml.admin.guide
-
Q: What is FOP and where do I get
more information on FOP?
FOP is a print formatter driven by XSL formatting objects. It is a Java 1.2
application that reads a formatting object tree and then turns it into a PDF
document. The formatting object tree, can be in the form of an XML document
(output by an XSLT engine like Xalan) or can be passed in memory as a DOM
Document or (in the case of Xalan) SAX events.
For information see:
/opt/hpws/hp_docs/xmltools/xml.admin.guide
http://xml.apache.org/fop/index.html
-
Q: What is Batik and where do I get
more information on Batik?
Batik is a Java-based toolkit for applications or applets that want to use
images in the Scalable Vector Graphics (SVG) format for purposes such as
parsing, viewing, generation or manipulation on either the client side or
the server side.
For more information see:
/opt/hpws/hp_docs/xmltools/xml.admin.guide
http://xml.apache.org/batik
/index.html
|
|
