ISC 553

Ace your homework & exams now with Quizwiz!

URL components

1st part: protocol being used 2nd part: IP address or domain name 3rd part: resource being requested

Options directive and use of + and -

Allow use of the directives controlling specific directory features


Apache's authorization directive

apt-get install

CLI tool to download latest software


Command used to query name servers

First line and any required header lines for a valid http-request to retrieve default document from the root document directory of virtual host using http/1.1



Query tool for Internet domains and IP addresses


Read, write, execute


Terminate process based on ID

Alias (Virtual Directories)

Used to allow the web server to access documents in directories outside of the document hierarchy (maps a URL to a directory on the server)


User, group, other OR Root, group, world

Where Apache stores parent PID


a configuration of the virtual host in which a client-provided hostname routes back to the same web server ip address


a directive that controls which directories contain server scripts (like Alias but for server scripts)


a file which calls upon the cron daemon to run a specified command at a certain point in time

Directory Index

a server-generated list displaying the contents of a directory


a system process running in the background on the server such as print, email, web server, FTP

If directory indexing is permitted and there is no default document in directory, then

all the files in the directory are listed


allow the use of .htaccess within the web server to allow overriding of the Apache config


any file that contains a reference to another file or directory in the form of an absolute or relative path and that affects pathname resolution

Server config directives

both global and main server settings in a configuration file but not inside another container's context

init 0 or shutdown now -P

bring system and its processes to a halt then power off


client sends data, usually HTML form data, accompanying HTTP request to server in Entity body

Apache Directives

commands used to configure Apache; they have set syntax and contexts, and they may have default value

Base module

compiled and loaded into the server by default


config file used for website access


configuration file remotely located in a specific web directory - directives apply to that directory and subdirectories of its location


container for directives affecting resources access through the specified URL paths


container for directives affecting resources located in the specified directories


container for directives when accessed using specified HTTP methods

Request Method

determines what to do with the request


directives apply to a particular web directory and its subdirectories


directives apply to one virtual host


directives that can be placed in your HTML file, telling the web server to include additional information in the displayed document


disables the ability to run scripts and programs from SSI pages making the process more secure

Permissions security risks

don't allow non-root users to modify files written by root

1 - execute only (--x)

execute only (--x)


files that control web server's operation

ps ax |grep

filter process list for phrase

Advantages of Apache

free, open-source and highly configurable, runs on multiple platforms, very scalable, fast response to HTTP queries, not bloated - only install the features you need


header: in HTTP/1.1 format his header identifies the virtual host name

Absolute URL enter into a browser address bar to generate HTTP request for index.html file on www.testcom webserver using port 8080


identifies the host on that network


identifies the network the hosts belong to

Default Document

if the URL doesn't specify a web page file or file path, the server sends the set default document from the document root


in Apache if you want to maintain multiple domains/hostnames, you set up <VirtualHost> containers for them

The HyperText Transfer Protocol (HTTP) 401 Unauthorized response status code

indicates that the client request has not been completed because it lacks valid authentication credentials for the requested resource.

HyperText Transfer Protocol (HTTP)

is the protocol which allows web browsers to communicate with web servers


it retrieves information from server, and Entity body is empty

711 permissions

owner can do anything, others can only execute

755 permissions

owner can do anything, others can only read and execute

Discretionary Access

limits the access on an attribute dependent on the information supplied by an accessor (depends on what you know)

Mandatory Access

limits the access on some attribute for which the accesso has no control (depends on what you are)


list of commands run in that terminal session


map directives to a particular VH, takes one or more host addresses

Domain Name Servers (DNS)

map human readable domain names to IP addresses. these are distributed throughout the Internet

Document Root

most web servers publish a single directory for publishing web documents

Persistent TCP connections

multiple documents to be transmitted over 1 TCP connection; Provides better support for multiple virtual hosts on one server

0 - no permissions (---)

no permissions (---)

Extension module

not normally compiled/loaded into the server


options are added to those currently in force

SSI security risks

presents security risks because of increased load on the server

Chroot (jail)

prevents Apache from being used as a point of break-in to the system hosting it; Limits the portion of the file system Apache can see to the root directory of the jail; Programs available to be run in jail can be very limited

Reverse DNS lookup

queries the DNS to find the domain name that is associated with an ip address

5 - read and execute (r-x)

read and execute (r-x)

6 - read and write (rw-)

read and write (rw-)

4 - read only (r-)

read only (r-)

7 - read, write, and execute (rwx)

read write execute (rwx)


removed from the options currently in force

Well-known ports 0-1023

reserved by ICANN for common TCP/IP applications; Significant for client applications to easily locate the corresponding server application processes on other hosts (client-server interactions)

Multipurpose Internet Mail Extensions (MIME)

rules allowing multimedia documents to be exchanged among different computer systems


same as GET request except server returns only header section; Entity body is empty


script that enables the specified module within the apache2 configuration


script that enables the specified site within the apache2 configuration


server doesn't remember previous requests, cookies or the server's API are used to


specifies network's available hosts

.htaccess security risks

stop letting users set up these files which can override your security features

To Display

submit URL with no specified filename

In a HTTP Response the content type header

tells the browser what type of data is being returned with the response. The format of the value of content-type is a MIME type.

Total domains

the amount of domain configurations available on the web server to be potentially activated

Virtual hosting

the concept of having multiple websites on one system or Web Server

Web Documents

the files and directories that make up a website

Document Hierarchy

the structure of a website's Web Documents

External module

third-party and not included with the base Apache distribution


this is a command used to create or maintain the file used for username and password credentials when using basic authentication

Active sites

those with unique, direct content on their front page


top-level directory in the document tree visible from the web; contains web pages visible to the public


used for network interface configuration


verifying that an identity is valid to grant access to a requested resource

Non-script Aliased CGI security risks

very bad; means you should not indiscriminately use "Options +ExecCGI) and especially not in root directory container

main difference between http/1.1 and http/1.0

virtual hosts and persistent TCP connections

The Document Root location and the Default Document name can be set by the

web server admin


where in the server's configuration files the directive is legal and scope

3 - write and execute (-wx)

write and execute (-wx)

2 - write only (-w-)

write only (-w-)

Related study sets

Classification and Dichotomous Keys Study Guide

View Set