ISC 553

URL components

1st part: protocol being used 2nd part: IP address or domain name 3rd part: resource being requested

Options directive and use of + and -

Allow use of the directives controlling specific directory features

Require

Apache's authorization directive

apt-get install

CLI tool to download latest software

Nslookup

Command used to query name servers

First line and any required header lines for a valid http-request to retrieve default document from the root document directory of virtual host Esig.com using http/1.1

GET / HTTP/1.1 HOST esig.com

Whois

Query tool for Internet domains and IP addresses

RWX

Read, write, execute

Kill

Terminate process based on ID

Alias (Virtual Directories)

Used to allow the web server to access documents in directories outside of the document hierarchy (maps a URL to a directory on the server)

UGO

User, group, other OR Root, group, world

Apache2.pid

Where Apache stores parent PID

Name-based

a configuration of the virtual host in which a client-provided hostname routes back to the same web server ip address

ScriptAlias

a directive that controls which directories contain server scripts (like Alias but for server scripts)

crontab

a file which calls upon the cron daemon to run a specified command at a certain point in time

Directory Index

a server-generated list displaying the contents of a directory

Daemon

a system process running in the background on the server such as print, email, web server, FTP

If directory indexing is permitted and there is no default document in directory, then

all the files in the directory are listed

AllowOverride

allow the use of .htaccess within the web server to allow overriding of the Apache config

Symlink

any file that contains a reference to another file or directory in the form of an absolute or relative path and that affects pathname resolution

Server config directives

both global and main server settings in a configuration file but not inside another container's context

init 0 or shutdown now -P

bring system and its processes to a halt then power off

POST

client sends data, usually HTML form data, accompanying HTTP request to server in Entity body

Apache Directives

commands used to configure Apache; they have set syntax and contexts, and they may have default value

Base module

compiled and loaded into the server by default

.htaccess

config file used for website access

htaccess

configuration file remotely located in a specific web directory - directives apply to that directory and subdirectories of its location

<Location>

container for directives affecting resources access through the specified URL paths

<Directory>

container for directives affecting resources located in the specified directories

<Files>

container for directives when accessed using specified HTTP methods

Request Method

determines what to do with the request

Directory

directives apply to a particular web directory and its subdirectories

Virtualhost

directives apply to one virtual host

SSI

directives that can be placed in your HTML file, telling the web server to include additional information in the displayed document

IncludesNOEXEC

disables the ability to run scripts and programs from SSI pages making the process more secure

Permissions security risks

don't allow non-root users to modify files written by root

1 - execute only (--x)

execute only (--x)

ServerRoot

files that control web server's operation

ps ax |grep

filter process list for phrase

Advantages of Apache

free, open-source and highly configurable, runs on multiple platforms, very scalable, fast response to HTTP queries, not bloated - only install the features you need

HOST

header: in HTTP/1.1 format his header identifies the virtual host name

Absolute URL enter into a browser address bar to generate HTTP request for index.html file on www.testcom webserver using port 8080

http://www.test.com:8080/index.html

Hostid

identifies the host on that network

Netid

identifies the network the hosts belong to

Default Document

if the URL doesn't specify a web page file or file path, the server sends the set default document from the document root

VirtualHosting

in Apache if you want to maintain multiple domains/hostnames, you set up <VirtualHost> containers for them

The HyperText Transfer Protocol (HTTP) 401 Unauthorized response status code

indicates that the client request has not been completed because it lacks valid authentication credentials for the requested resource.

HyperText Transfer Protocol (HTTP)

is the protocol which allows web browsers to communicate with web servers

GET

it retrieves information from server, and Entity body is empty

711 permissions

owner can do anything, others can only execute

755 permissions

owner can do anything, others can only read and execute

Discretionary Access

limits the access on an attribute dependent on the information supplied by an accessor (depends on what you know)

Mandatory Access

limits the access on some attribute for which the accesso has no control (depends on what you are)

History

list of commands run in that terminal session

<VirtualHost>

map directives to a particular VH, takes one or more host addresses

Domain Name Servers (DNS)

map human readable domain names to IP addresses. these are distributed throughout the Internet

Document Root

most web servers publish a single directory for publishing web documents

Persistent TCP connections

multiple documents to be transmitted over 1 TCP connection; Provides better support for multiple virtual hosts on one server

0 - no permissions (---)

no permissions (---)

Extension module

not normally compiled/loaded into the server

Plus

options are added to those currently in force

SSI security risks

presents security risks because of increased load on the server

Chroot (jail)

prevents Apache from being used as a point of break-in to the system hosting it; Limits the portion of the file system Apache can see to the root directory of the jail; Programs available to be run in jail can be very limited

Reverse DNS lookup

queries the DNS to find the domain name that is associated with an ip address

5 - read and execute (r-x)

read and execute (r-x)

6 - read and write (rw-)

read and write (rw-)

4 - read only (r-)

read only (r-)

7 - read, write, and execute (rwx)

read write execute (rwx)

Minus

removed from the options currently in force

Well-known ports 0-1023

reserved by ICANN for common TCP/IP applications; Significant for client applications to easily locate the corresponding server application processes on other hosts (client-server interactions)

Multipurpose Internet Mail Extensions (MIME)

rules allowing multimedia documents to be exchanged among different computer systems

HEAD

same as GET request except server returns only header section; Entity body is empty

A2enmod

script that enables the specified module within the apache2 configuration

A2ensite

script that enables the specified site within the apache2 configuration

Stateless

server doesn't remember previous requests, cookies or the server's API are used to

Netmask

specifies network's available hosts

.htaccess security risks

stop letting users set up these files which can override your security features

To Display

submit URL with no specified filename

In a HTTP Response the content type header

tells the browser what type of data is being returned with the response. The format of the value of content-type is a MIME type.

Total domains

the amount of domain configurations available on the web server to be potentially activated

Virtual hosting

the concept of having multiple websites on one system or Web Server

Web Documents

the files and directories that make up a website

Document Hierarchy

the structure of a website's Web Documents

External module

third-party and not included with the base Apache distribution

htpasswd

this is a command used to create or maintain the file used for username and password credentials when using basic authentication

Active sites

those with unique, direct content on their front page

DocumentRoot

top-level directory in the document tree visible from the web; contains web pages visible to the public

Ifconfig

used for network interface configuration

Authorization

verifying that an identity is valid to grant access to a requested resource

Non-script Aliased CGI security risks

very bad; means you should not indiscriminately use "Options +ExecCGI) and especially not in root directory container

main difference between http/1.1 and http/1.0

virtual hosts and persistent TCP connections

The Document Root location and the Default Document name can be set by the

web server admin

Context

where in the server's configuration files the directive is legal and scope

3 - write and execute (-wx)

write and execute (-wx)

2 - write only (-w-)

write only (-w-)