Mini Servers: Apache 2.2.9 Perl 5.10 Portable

From The Uniform Server Wiki
Revision as of 19:32, 20 July 2008 by Ric (talk | contribs) (New page: {{Uc nav mini servers}} Apache 2.2.9|right'''Mini server using Apache 2.2.9 and Activestate Perl 5.10 Core''' This mini server packs a real punch; trouble is it a...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Mini Servers:  Introduction | Support | Server 1 - Portable | Server 2 - Service | Server 3 - Portable Authentication | Server 4 - Portable Authen. SSL | Server 5 - SSL Standalone | Browsers dislike self-signed certificates | Server 6 - PHP 5.2.6 Portable | Server 7 - PHP 5.2.6 Service | Server 8 - MySQL Support | Guest Book | Server 9 - Perl 5.2.6 Portable | Server 10 - Perl 5.2.6 Service | Server 11 - MySQL 5.0.67 Portable | Server 12 - MySQL 5.0.67 Service | Server 13 - MySQL 4.1.22 Portable | Server 14 - MySQL 4.1.22 Service | phpMyAdmin - Mini support | MySQL - General problems

Mini Servers:
Compact but fully functional.
Apache 2.2.9
Apache 2.2.9

Mini server using Apache 2.2.9 and Activestate Perl 5.10 Core

This mini server packs a real punch; trouble is it also packs a real disk hit, using the full version of Perl you are looking at 53M hence I have used only the core and few modules reducing the server to about 3MB. It still provides usful features for dynamic pages adding a Perl core greatly extends the server's power.

Note: Check the support files section for download details.

Security

In order for Perl applications to perform their task they need to interact with the underlying programs if a security hole exists between interactions it can be exploited. Exploitation occurs only when data is returned by a user! or if the script is malicious.

Hence use well-written scripts, it is standard practice to confine scripts to a separate folder known as the cgi-bin.

Lets get the server up and running with Perl.

Top

Specification

The server has the following specification:

  • Server shall be portable
  • Static HTML and Dynamic Perl pages shall be served.
  • SSI shall be enabled
  • The server shall log all web requests.
  • All unused modules shall be disabled.

Our mini server is intended to be small in keeping with this philosophy only the Perl core and a few library elements shall be used it is relatively large at 2MB however this is small in comparison to the complete Perl package of 50MB.

If the basic core and included library elements do not meet your requirements download the full Perl package and add libraries as required.

Top

Configuring Apache

Using the configuration file from server 1 very few changes are required however a new section is required to implement a safe location for CGI scripts. I have highlighted the changes and new section in bold.

httpd.conf located in folder: *\udrive\usr\local\apache2\conf Comments

# UniCenter - Very basic server
# Author: Mike Gleaves
# Main Apache 2.2.9 HTTP server configuration file.
# 15-7-2008

 

# ================================================
# Modules
# ================================================
 LoadModule alias_module modules/mod_alias.so
 LoadModule authz_host_module modules/mod_authz_host.so
 LoadModule include_module modules/mod_include.so
 LoadModule cgi_module modules/mod_cgi.so
 LoadModule dir_module modules/mod_dir.so
 LoadModule log_config_module modules/mod_log_config.so
 LoadModule mime_module modules/mod_mime.so

LoadModule alias_module: Module required to handle alias directives

LoadModule cgi_module: Module required to handle CGI scripts "Perl".

LoadModule include_module: Allows a page to be passed for SSI (Server side includes) embedded commands allow a page to call CGI scripts.

# ========================================
# Basic settings
# ========================================
 Listen 80
 ServerName localhost:80
 ServerAdmin fred@www.somedomain.com
 UseCanonicalName Off
 ServerSignature Off
 HostnameLookups Off
 ServerTokens Prod
 ServerRoot "/usr/local/apache2"
 DocumentRoot "/www"
 PidFile /usr/local/apache2/logs/httpd.pid
<IfModule mod_dir.c>
  DirectoryIndex index.html index.htm index.pl index.cgi
</IfModule>
AddHandler server-parsed .shtml .shtm .sht

DirectoryIndex: When a user requests a page supplying only a folder name (example fred.com) the index page is automatically returned by default. Note you can have more than one index page in the same folder with a different file extension. Order of priority left to right, first one found in the list is returned, all other are ignored. I have added index.pl and index.cg to this list.

AddHandler server-parsed: Pages with a file extension that is in the list are processed by Apache for embedded SSI commands.

# ========================================
# HTTP and performance settings
# ========================================
 Timeout 300
 KeepAlive On
 MaxKeepAliveRequests 100
 KeepAliveTimeout 15
<IfModule mpm_winnt.c>
  ThreadsPerChild 64
  MaxRequestsPerChild 0
</IfModule>

 

# ========================================
# Access control
# ========================================
<Directory />
  Options FollowSymLinks
  Options None
  AllowOverride None
  Order deny,allow
  Deny from all
</Directory>

<Directory "/www">
  Options Indexes FollowSymLinks Includes ExecCGI
  Order allow,deny
  Allow from all
</Directory>

Options FollowSymLinks: The Options directive controls which server features are available in a particular directory. The restrictive parameters specified for the root directory <Directory /> , Options is set to only FollowSymLinks. No features are enabled, except that the server is allowed to follow symbolic links in the root directory.

Document root folder <Directory "/www"> Options:

Indexes: Permits the server to generate a directory listing for a directory if no DirectoryIndex (for example, index.html) is specified.

FollowSymLinks: Allows the server to follow symbolic links in this directory.

# ========================================
# Access control cgi
# ========================================
 ScriptAlias /cgi-bin/ "/cgi-bin/"

 <Directory "/cgi-bin">
  AllowOverride None
  Options None
  Order allow,deny
  Allow from all
 </Directory>

The ScriptAlias directive defines where CGI scripts are located. A special directory known as cgi-bin outside of the DocumentRoot contains your server-side executable files and scripts. This prevents them being directly accessible over the Internet.

# ========================================
# MIME encoding
# ========================================
 DefaultType text/plain
 TypesConfig /usr/local/apache2/conf/mime.types

 

# ========================================
# Logs: debug, info, notice, warn, error, crit
# ========================================
 LogLevel warn
 LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
 \"%{User-Agent}i\"" combined
 LogFormat "%h %l %u %t \"%r\" %>s %b" common
 LogFormat "%{Referer}i -> %U" referer
 LogFormat "%{User-agent}i" agent
 ErrorLog "logs/error_log"
 CustomLog "logs/access.log" combined
# ========================================

 

Top

Perl - Core

Although our mini server only uses the Perl core you need to download the full package to extract it. (OK I have included a core in the support files) Check the Activestate site and download any newer version this allows you to install any libraries you require. On the other hand perhaps you want to run an earlier version of Perl. The following outlines how to install Perl on our mini server.

Download

We are not interested in installing Perl on our PC hence download a zip package

  • The mini servers use ActivePerl-5.10.0.1003-MSWin32-x86-285500.zip downloadable from Activestate download page.
  • After downloading unzip to any folder, locate the files perl.exe and perl510.dll copy them to the mini server folder *\uc_server_3a\udrive\usr\bin
  • Create a new folder *\uc_server_3a\udrive\usr\lib and add libraries as required. (I have included a small number of library elements in the support files)

Top

Perl ini

Believe it or not that’s all there is to the installation process. A Perl ini file is not required its provided in the core.

Top

Testing

Double click on uc_server_start.bat and check the server runs.

Security

When testing you need as much information as possible however when you put your servers on-line its best to restrict what you make public.

Restrict public Information:

Make sure the following are set in the Apache configuration file:

  • ServerTokens Prod – Prevents exposing server information makes it a little more difficult for automated attacks, which scan for vulnerable versions of Apache or its modules.
  • ServerSignature Off - Suppresses the error line which exposes the server version number, virtual host ServerName, "mailto:" reference to the ServerAdmin

The above are not real security measures they just provide a little fence to be jumped when a script kiddie wants to play.

Top

Support files

Each mini server is complete and zipped into a single self-extracting archive file.

Download

Download this server from the mini server's Support and download page. Save the file uc_server_3a.exe to any folder of your choice.

Note: Check the file's integrity using its MD5 a suitable checker winMd5Sum Portable can be found at Portable Apps under Utilities.

Top

Extract files

Double click on uc_server_3a.exe, starts the extraction process.

No need to change the folder destination, click extract, this creates a new folder uc_server_3a containing the following:

Top level folder uc_server_3a contains two files:
1) uc_server_start.bat - Double click to start the
2) uc_server_stop.bat - Double click to stop server
cgi-bin folder: Contains demo scripts and single page web site.
program home: Uniform Server's programs that make the server portable
tmp folder: Stores temporary files such as sessions
bin folder: Perl program
lib folder: Perl libraies and modules
apache2 folder: Contains all files associate with the Apache server
www folder: This is where you put your web site or sites
Test sites: mpg1 and mpg2 are test sites these are included to

provide an idea of the servers capability's. Delete these folders and
copy your sites into this folder (Referred to as the document root folder)

Top


Test

Testing is straight forward.

  1. Start the server by double clicking on uc_server_start.bat (Creates a virtual drive "w" to run the server on)
  2. Start a web browser.
  3. Type http://localhost/ into the browser address bar.
  4. An index page is displayed, check out the test site MPG1,MPG2 (Perl single page web site).
  5. Stop the server by double clicking on uc_server_stop.bat

Note: If you need to change the virtual drive letter open file uc_server_start.bat locate this line:

if "%Disk%"=="" set Disk=w and change the drive letter from w to one that is not being used.

Top

Your web site

Open the folder www located in folder *uc_server_3a\udrive\www (Note * is the path to the folder you extracted the server files) delete everything in www and copy your site into it.

Note: Make sure one of your pages in folder www is named index.html or index.htm, otherwise you will need to type a page name in every time to access your site.

e.g. http://localhost/somepage.html

Top

Problems - shebang

I found this to be a real pain you need to change the “shebang” depending on how you run the mini server, portable or as a service. If you're running CGI's on Windows use the portable server, this will allow you to move the scripts to a Unix system without change!

The following lists the “shebang” required to get your cgi scripts working:

  • Reference Unix: #!/usr/bin/perl
  • Mini Portable Server: #!/usr/bin/perl
  • Mini Server run as service: #!c:/uc_server_3b/usr/bin/perl

Note: If you use the Unix "shebang" on a mini server installed as a service you will receive this error message in

Apache's error log: (OS 3) The system cannot find the path specified

Top

Summary

This mini server is ideal for learning Perl its compact size allows you have several copies installed on a USB pen drive each with different test applications.

I must stress that it’s very compact because it uses the bare minimum of Perl’s modules. Download the full version and select the modules you require this page will help if you have problems.

This server can also be run as a service covered on the next page.


Top


Ric