Mini Servers: Apache 2.2.9 Portable: Difference between revisions

Jump to navigation Jump to search
(Punctuation and grammatical changes; changed categories.)
Line 10: Line 10:
This write-up shows how to install, configure Apache 2.2.9 and to minimise the risk of unauthorized access.  
This write-up shows how to install, configure Apache 2.2.9 and to minimise the risk of unauthorized access.  


'''''[[#top | Top]]'''''
== Specification ==
== Specification ==
The server has the following specification:
The server has the following specification:


* Server shall be portable
* Server must be portable.
* Only static HTML pages shall be served.
* Only static HTML pages shall be served.
* The server shall log all web requests.
* The server will log all web requests.
* All unused modules shall be disabled.
* All unused modules shall be disabled.


The specification dictates using the minimum number of Apache (2.2.9) modules. You may be interested in the final disk size for such a solution, surprisingly its only 1MB for a server meeting our specification.
The specification dictates using the minimum number of Apache (2.2.9) modules. You may be interested in the final disk size for such a solution. Surprisingly its only 1MB for a server meeting our specification.


Don’t be deceived by the size! It is a fully functioning production server. I have removed complexity to highlight security issues.
Don’t be deceived by the size! It is a fully functioning production server. I have removed complexity to highlight security issues.


Take the last line of the specification; it states only modules required shall be installed. This increases security, any unused but installed modules have the capability to interact with others. It requires only one security vulnerability in any one of these unused modules to put the whole system at risk. Knowing our functionality requirements allows a list of required modules to be prepared and to exclude all unused modules.
Take the last line of the specification; it states only modules required shall be installed. This increases security; any unused but installed modules have the capability to interact with others. It requires only one security vulnerability in any one of these unused modules to put the whole system at risk. Knowing our functionality requirements allows a list of required modules to be prepared and to exclude all unused modules.


In terms of security always ask the question do we need that module if not don’t install it. The same argument applies to any other software, if its not required uninstall it.
In terms of security, always ask the question, do we need that module? If not, don’t install it. The same argument applies to any other software. \if its not required uninstall it.


'''''[[#top | Top]]'''''


== Modules ==
== Modules ==
Line 60: Line 58:
|Associates the requested filename's extensions with the file's behavior (handlers and filters) and content (mime-type, language, character set and encoding) Note without this module the file will be served as plain text. DefaultType text/plain
|Associates the requested filename's extensions with the file's behavior (handlers and filters) and content (mime-type, language, character set and encoding) Note without this module the file will be served as plain text. DefaultType text/plain
|}
|}
'''''[[#top | Top]]'''''


== Configuring Apache ==
== Configuring Apache ==
Line 205: Line 201:
|}
|}


A word of caution although the server is very secure it is not possible to guarantee one hundred percent. Added to this a real problem of running on a machine populated with other software this increases the security risk. It requires only one security vulnerability in any of these programs to compromise the whole system.
A word of caution. Although the server is very secure it is not possible to guarantee one hundred percent. Added to this a real problem of running on a machine populated with other software this increases the security risk. It requires only one security vulnerability in any of these programs to compromise the whole system.


''Try not to be over paranoid with security issues then again do not be complacent. No single site on the Internet and that includes this one can ever cover all security issues. My personal advice is to get out there and research the subject, seek out what the professionals advise.''
''Try not to be over paranoid with security issues then again do not be complacent. No single site on the Internet and that includes this one can ever cover all security issues. My personal advice is to get out there and research the subject, seek out what the professionals advise.''


'''''[[#top | Top]]'''''
 
=== Access control ===
=== Access control ===
Each time a module is added Apache’s configuration file increases in complexity. Our minimalist solution reduces this complexity while still harnessing the power of Apache to great effect. Now take another look at that access control block, encapsulated in such a small space are very powerful control features. I have only scratched the surface of this block, for detailed information go to Apache’s web site. The real point I am trying to make, for this server, '''implementing security is clean neat and visible'''.  
Each time a module is added Apache’s configuration file increases in complexity. Our minimalist solution reduces this complexity while still harnessing the power of Apache to great effect. Now take another look at that access control block, encapsulated in such a small space are very powerful control features. I have only scratched the surface of this block, for detailed information go to Apache’s web site. The real point I am trying to make, for this server, '''implementing security is clean neat and visible'''.  
'''''[[#top | Top]]'''''


== Support files ==
== Support files ==
Line 221: Line 215:
Download this server from SourceForge [http://sourceforge.net/project/showfiles.php?group_id=53691&package_id=275691 Project Page] save the file '''mini_server_1.exe''' to any folder of your choice.
Download this server from SourceForge [http://sourceforge.net/project/showfiles.php?group_id=53691&package_id=275691 Project Page] save the file '''mini_server_1.exe''' to any folder of your choice.


'''''Note'':''' Check out the mini server's [[Mini Servers: Support and download|support and download page]] detailing how to obtain full binaries for Apache.
'''''Note'':''' Check out the mini server's [[Mini Servers: Support and download|support and download page]], detailing how to obtain full binaries for Apache.


'''''[[#top | Top]]'''''


=== Extract files ===
=== Extract files ===
Double click on mini_server_1.exe, starts the extraction process. No need to change the folder destination, click extract, this creates a new folder '''mini_server_1''' containing two files and one folder.
Double click on mini_server_1.exe, starts the extraction process. No need to change the folder destination. Click extract; this creates a new folder '''mini_server_1''' containing two files and one folder.


# '''server_start.bat''' - Double click to start the server
# '''server_start.bat''' - Double click to start the server
Line 232: Line 225:
# '''udrive''' - Folder containing server and your web site.
# '''udrive''' - Folder containing server and your web site.


'''''[[#top | Top]]'''''


=== Test ===
=== Test ===
Line 243: Line 235:
# Stop the server by double clicking on '''server_stop.bat'''
# Stop the server by double clicking on '''server_stop.bat'''


'''''[[#top | Top]]'''''


== Change Virtual Drive ==
== Change Virtual Drive ==
Line 249: Line 240:
You can override this in one of two ways:
You can override this in one of two ways:


# Start the server using a drive parameter for example: '''server_start.bat z''' this forces the server to use drive z
# Start the server using a drive parameter, for example: '''server_start.bat z'''. This forces the server to use drive z
# Edit server_start.bat, locate the following line:<br>&nbsp;&nbsp;'''rem set Disk=w''' <br>Remove the rem and replace w with the letter you want to use for example:<br>&nbsp;&nbsp;'''set Disk=x'''&nbsp; Forces the server to use drive letter x
# Edit server_start.bat, locate the following line:<br>&nbsp;&nbsp;'''rem set Disk=w''' <br>Remove the rem and replace w with the letter you want to use for example:<br>&nbsp;&nbsp;'''set Disk=x'''&nbsp; Forces the server to use drive letter x


'''''[[#top | Top]]'''''
 


== Change server default port ==
== Change server default port ==
Line 265: Line 256:
If port already in use try any value above 2000
If port already in use try any value above 2000


'''''[[#top | Top]]'''''


== Multi Servers ==
== Multi Servers ==
If you wish to run several mini servers at the same time create a new folder for each server and copy contents of mini_server_1 into each of these.
If you wish to run several mini servers at the same time, create a new folder for each server and copy contents of mini_server_1 into each of these.


Change the server port for each server to be unique. The servers may be started in any order.
Change the server port for each server to be unique. The servers may be started in any order.


'''''Note'':''' You can run the mini servers alongside Uniform Server 3.5-Apollo however you must start Uniform Server first.
'''''Note'':''' You can run the mini servers alongside The Uniform Server 3.5-Apollo however you must start The Uniform Server first.
 
'''''[[#top | Top]]'''''


== Your web site ==
== Your web site ==
Open the folder www located in folder '''*mini_server_1\udrive\www''' (Note * is the path to the folder you extracted the server files) delete everything in '''www''' and copy your site into it.
Open the folder www located in folder '''*mini_server_1\udrive\www''' (Note: * is the path to the folder you extracted the server files) delete everything in '''www''' and copy your site into it.


'''''Note'':''' Make sure one of your pages in folder www is named '''index.html''' or '''index.htm''', otherwise you will need to type a page name in every time to access your site.
'''''Note'':''' Make sure one of your pages in folder www is named '''index.php''', '''index.html''' or '''index.htm''', otherwise you will need to type a page name in every time to access your site.


e.g. <nowiki>http://localhost:8081/somepage.html</nowiki>
e.g. <nowiki>http://localhost:8081/somepage.html</nowiki>
'''''[[#top | Top]]'''''


== Putting the server on-line ==
== Putting the server on-line ==
If connected to the Internet by a router to put the server on-line you need to forward port 8081 (or the port you have chosen to run the server on).  
If connected to the Internet by a router to put the server on-line you need to forward port 8081 (or the port you have chosen to run the server on).  


'''''[[#top | Top]]'''''


== Summary ==
== Summary ==
Don’t be deceived by this mini server's size, remember its powered by Apache and very secure. For a quick test I loaded UniCenter and put the server on-line.
Don’t be deceived by this mini server's size, remember it's powered by Apache and very secure. For a quick test I loaded UniCenter and put the server on-line.


I was surprised how fast it was. One final test I could not resist, dumped the entire server straight onto a USB memory stick and put that on-line. The speed was slightly slower, note I was using a cheapo memory stick. I was more than impressed with this dynamic duo Apache and Uniform Server's method of portability make an excellent basic portable server.  
I was surprised at how fast it was. In oOne final test I could not resist, I dumped the entire server straight onto a USB memory stick and put that on-line. The speed was slightly slower, but I was using a cheapo memory stick. I was more than impressed with this dynamic duo. Apache and The Uniform Server's method of portability make an excellent basic portable server.  


If you want a more permanent installation install the server as a service covered on [[Mini Servers: Apache 2.2.9 Service|the next page page]].
If you want a more permanent installation install the server as a service is covered on [[Mini Servers: Apache 2.2.9 Service|the next page page]].


Perhaps you would like to protect the server with a name and password I cover this with [[Mini Servers: Apache 2.2.9 Portable - Authentication|Mini Server 3]].  
Perhaps you would like to protect the server with a name and password. I cover this with [[Mini Servers: Apache 2.2.9 Portable - Authentication|Mini Server 3]].  
   
   
'''''[[#top | Top]]'''''


----
----
Line 307: Line 291:
|}
|}


[[Category: UniCenter]]
 
[[Category: Mini Servers]]
[[Category: Mini Servers]]
[[Category: Oily Rag]]
[[Category: Self Install]]