ISC 553
URL components
1st part: protocol being used 2nd part: IP address or domain name 3rd part: resource being requested
Options directive and use of + and -
Allow use of the directives controlling specific directory features
Require
Apache's authorization directive
apt-get install
CLI tool to download latest software
Nslookup
Command used to query name servers
First line and any required header lines for a valid http-request to retrieve default document from the root document directory of virtual host Esig.com using http/1.1
GET / HTTP/1.1 HOST esig.com
Whois
Query tool for Internet domains and IP addresses
RWX
Read, write, execute
Kill
Terminate process based on ID
Alias (Virtual Directories)
Used to allow the web server to access documents in directories outside of the document hierarchy (maps a URL to a directory on the server)
UGO
User, group, other OR Root, group, world
Apache2.pid
Where Apache stores parent PID
Name-based
a configuration of the virtual host in which a client-provided hostname routes back to the same web server ip address
ScriptAlias
a directive that controls which directories contain server scripts (like Alias but for server scripts)
crontab
a file which calls upon the cron daemon to run a specified command at a certain point in time
Directory Index
a server-generated list displaying the contents of a directory
Daemon
a system process running in the background on the server such as print, email, web server, FTP
If directory indexing is permitted and there is no default document in directory, then
all the files in the directory are listed
AllowOverride
allow the use of .htaccess within the web server to allow overriding of the Apache config
Symlink
any file that contains a reference to another file or directory in the form of an absolute or relative path and that affects pathname resolution
Server config directives
both global and main server settings in a configuration file but not inside another container's context
init 0 or shutdown now -P
bring system and its processes to a halt then power off
POST
client sends data, usually HTML form data, accompanying HTTP request to server in Entity body
Apache Directives
commands used to configure Apache; they have set syntax and contexts, and they may have default value
Base module
compiled and loaded into the server by default
.htaccess
config file used for website access
htaccess
configuration file remotely located in a specific web directory - directives apply to that directory and subdirectories of its location
<Location>
container for directives affecting resources access through the specified URL paths
<Directory>
container for directives affecting resources located in the specified directories
<Files>
container for directives when accessed using specified HTTP methods
Request Method
determines what to do with the request
Directory
directives apply to a particular web directory and its subdirectories
Virtualhost
directives apply to one virtual host
SSI
directives that can be placed in your HTML file, telling the web server to include additional information in the displayed document
IncludesNOEXEC
disables the ability to run scripts and programs from SSI pages making the process more secure
Permissions security risks
don't allow non-root users to modify files written by root
1 - execute only (--x)
execute only (--x)
ServerRoot
files that control web server's operation
ps ax |grep
filter process list for phrase
Advantages of Apache
free, open-source and highly configurable, runs on multiple platforms, very scalable, fast response to HTTP queries, not bloated - only install the features you need
HOST
header: in HTTP/1.1 format his header identifies the virtual host name
Absolute URL enter into a browser address bar to generate HTTP request for index.html file on www.testcom webserver using port 8080
http://www.test.com:8080/index.html
Hostid
identifies the host on that network
Netid
identifies the network the hosts belong to
Default Document
if the URL doesn't specify a web page file or file path, the server sends the set default document from the document root
VirtualHosting
in Apache if you want to maintain multiple domains/hostnames, you set up <VirtualHost> containers for them
The HyperText Transfer Protocol (HTTP) 401 Unauthorized response status code
indicates that the client request has not been completed because it lacks valid authentication credentials for the requested resource.
HyperText Transfer Protocol (HTTP)
is the protocol which allows web browsers to communicate with web servers
GET
it retrieves information from server, and Entity body is empty
711 permissions
owner can do anything, others can only execute
755 permissions
owner can do anything, others can only read and execute
Discretionary Access
limits the access on an attribute dependent on the information supplied by an accessor (depends on what you know)
Mandatory Access
limits the access on some attribute for which the accesso has no control (depends on what you are)
History
list of commands run in that terminal session
<VirtualHost>
map directives to a particular VH, takes one or more host addresses
Domain Name Servers (DNS)
map human readable domain names to IP addresses. these are distributed throughout the Internet
Document Root
most web servers publish a single directory for publishing web documents
Persistent TCP connections
multiple documents to be transmitted over 1 TCP connection; Provides better support for multiple virtual hosts on one server
0 - no permissions (---)
no permissions (---)
Extension module
not normally compiled/loaded into the server
Plus
options are added to those currently in force
SSI security risks
presents security risks because of increased load on the server
Chroot (jail)
prevents Apache from being used as a point of break-in to the system hosting it; Limits the portion of the file system Apache can see to the root directory of the jail; Programs available to be run in jail can be very limited
Reverse DNS lookup
queries the DNS to find the domain name that is associated with an ip address
5 - read and execute (r-x)
read and execute (r-x)
6 - read and write (rw-)
read and write (rw-)
4 - read only (r-)
read only (r-)
7 - read, write, and execute (rwx)
read write execute (rwx)
Minus
removed from the options currently in force
Well-known ports 0-1023
reserved by ICANN for common TCP/IP applications; Significant for client applications to easily locate the corresponding server application processes on other hosts (client-server interactions)
Multipurpose Internet Mail Extensions (MIME)
rules allowing multimedia documents to be exchanged among different computer systems
HEAD
same as GET request except server returns only header section; Entity body is empty
A2enmod
script that enables the specified module within the apache2 configuration
A2ensite
script that enables the specified site within the apache2 configuration
Stateless
server doesn't remember previous requests, cookies or the server's API are used to
Netmask
specifies network's available hosts
.htaccess security risks
stop letting users set up these files which can override your security features
To Display
submit URL with no specified filename
In a HTTP Response the content type header
tells the browser what type of data is being returned with the response. The format of the value of content-type is a MIME type.
Total domains
the amount of domain configurations available on the web server to be potentially activated
Virtual hosting
the concept of having multiple websites on one system or Web Server
Web Documents
the files and directories that make up a website
Document Hierarchy
the structure of a website's Web Documents
External module
third-party and not included with the base Apache distribution
htpasswd
this is a command used to create or maintain the file used for username and password credentials when using basic authentication
Active sites
those with unique, direct content on their front page
DocumentRoot
top-level directory in the document tree visible from the web; contains web pages visible to the public
Ifconfig
used for network interface configuration
Authorization
verifying that an identity is valid to grant access to a requested resource
Non-script Aliased CGI security risks
very bad; means you should not indiscriminately use "Options +ExecCGI) and especially not in root directory container
main difference between http/1.1 and http/1.0
virtual hosts and persistent TCP connections
The Document Root location and the Default Document name can be set by the
web server admin
Context
where in the server's configuration files the directive is legal and scope
3 - write and execute (-wx)
write and execute (-wx)
2 - write only (-w-)
write only (-w-)