CompTIA Linux+ XK0-005 – Unit 13 – Web Environment part 1

1. Web Environment

All right. Now, in this unit, we’re going to talk about your web environment. What we’re going to do is we’re going to cover the two most popular servers that you have that you’re going to use for any type of framework for your web developers to go in and create a beautiful presentation, either through Java or PHP. That is, we’re going to talk about setting up the Apache web services, followed by the database called MySQL, or some people might say MySQL. Both of these, as I said, are popular. They’re usually what we would consider freeware. You can install them as services onto your different varieties or distributions of Linux.

And this course is going to talk about all the steps necessary to set it up. Again, as I said, a framework. I’m not going to show you how to do PHP, scripting or Javascripting. This is not a web development class, but the installation and foundation for your web developers to be able to come in and create a, like I said, a great presentation. So let’s get ready. We’ll go through the installation, the configuration, and we’ll show you all of the little extra things you need to know so that you can set it up and fine tune it the way you want.

2. Topic A: Web Services

All right, so in our first section here, we’re going to talk about the web services, and that, of course, is going to focus on Apache as our web server. Now, for those of you who still like to use Windows, notice how I said that, right? So I’m assuming if you like Linux, you don’t like Windows. I like them both. But if you want to use Apache, you can also run Apache on Windows. So one of the great things about this service is that it’s available in either of those platforms.

3. Web Technologies

So as a web technology, Apache is considered the most popular web server. In fact, if you were to go take a survey of all of the public web servers, you would see that Apache by far has the largest percentage. Now I know you’ll see some factoids that say things like Windows IIS is the most prevalent. Well, a lot of that’s because it was automatically installed on a lot of servers. So the that even internally for every domain controller there was IIS and it’s not as prevalent now because they kind of stopped doing that automatic install. But for the public side you’ll see that Apache is quite prevalent. Now there are a couple of different languages that you can use, programming languages that it supports.

Java of course, is a nice universal scripting language. PHP, which is called the Pre Hypertext processor, is another programming language that’s also very popular. And there are some modules that you can add on to Apache to get you some extra type of services like Tomcat. That’s an Apache module that enables what we call server side web page programming using Java. Now, this is what I can tell you about server side is that when you have an actual server that’s handling pushing out of the HTML content to the clients, there’s usually a server side code and a client side code. The client side code is responsible for sometimes that nice little eye candy and ad banners and taking care of your forms and filling in that information.

The server side is keeping track of things like your session, your session, ID, any of that stuff that we want to keep hidden from you as a client, but use it to keep track of what you’re doing, especially if you have a kind of a shopping cart or those types of things going on. Now also in the back end to be able to help you and by the way, MySQL is a database back end is not just for web pages, it is a database. It’s a fully fledged database program, a database management system that allows you to be able to store tables mostly in a relational database. But that is also another part of the web technology because today so many of our web pages are based on a data content. Now internally, if I have a lot of people who want to go out to the Internet, one of the other little things I can add on is this thing called Squid.

Squid is a caching proxy server. Now Squid is what we would typically call an application firewall. What it means is like any proxy server, as you try to make your connections to the web page, it actually stops your connection, breaks it and makes a new one on your behalf. That way it can go through and do content screening, context screening. It can be the one that gets attacked by any malware that you’re actually downloading from a site rather than sending it to you. I mean, it offers a lot of serious protection, both for web servers and for clients. Anyway, those are the technologies that you’ve have available to you. And again, you got to like how inexpensive this is.

4. Sample PHP Program

Now, as I said, PHP is a programming language, and I at all don’t pretend to be a programmer, it’s not my strength. I understand little pieces of it. So I can kind of explain some examples of what you might see when you see a PHP program. But remember, it’s about trying to give you some content on the page. Usually your scripting language, whatever it is, will be blocked off by this less than and greater than n sign, we call those tags. And usually the very beginning is to say what kind of scripting language it is. So you might see question mark PHP.

And then each scripting language has its own methodology of being programmed. As an example. You can create variables like dollar sign message as a variable and give it a value. Or you can have it take input from something a person types in and then if you wanted to, you could have it printed things by using echo commands or whatever it takes to do the output to a screen or whatever you want it to do. But again, that’s just an example of the types of scripting that you can do. So you can have some wonderful good looking client side pages.

5. MySQL Client

Now another thing that you’re going to work with often is what’s called the MySQL Client. Now the MySQL Client MySQL, whichever way you like to pronounce it, is the front end that we use to be able to get into the database management system. So the SQL Server, the MySQL Server sits alone as its own running service. And it’s kind of funny because when you look at the files that compose shows the MySQL, you see usually one big file. Then you open up some sort of client, some sort of management tool like.

The MySQL client and it connects to that service and then actually shows you all of these tables after tables after everything else that is actually inside that one big file that Linux sees. Well the goal there of course is to be able to actually work with the tables, the things that are being managed by the database management system adding records, viewing records, creating new tables, creating new users. All of that’s done as long as you have the right authentication with the MySQL Client.

6. Apache

All right, so the one service we haven’t really talked about is Apache. Now, Apache is an Http server. Its job is to publish web pages. That means your HTML code, images, style sheets, JavaScript files, whatever it is that takes up most web services needs for storing information, linking it all together, often through the HTML, so that when somebody comes in there and makes the connection and downloads a page, they have whatever content you want them to see. Now, in order to use it, you obviously have to install it. A part of any good operating system is to not just automatically turn on these services or add new modules without your specific wanting that to be installed.

And that is a security issue. So you’re going to have to go through the installation. We’ll talk about that here in just a second. But what most web servers do is after installation they all refer to what’s called a default document. Now a default document is basically the file that’s going to be served up to a user who comes to your web page. So let me explain that. If you’re not sure what I mean, let’s say you decide to go to even Apache. org, so you go to www. apache. org or Apache. com. Well, you just said go to the web server.

You didn’t tell me which HTML file do you want to see by default? It’ll either give you a file called index HTM or index HTML. They used to be called default HTML or default HTM. But it’s just a file that has a name that we said is the default document. In fact, it doesn’t even have to be that index file. That’s just generally what we have it set up as. It can be any file by any name you deem, but you have to tell me, when somebody visits my website, what’s the first thing they’re going to see if they don’t specify a page. So that’s kind of what the default document is set up to be and that’s something you need to plan for as well.

7. Demo – Installing Apache

All right, we are going to install Apache. And to do that, we have to install the package. So I’m going to go to System Synaptic package manager. Got to make sure I have the right account. So now I’ve got the right root account. And as I’ve done before, I just find it easier to search for the package, in this case for Apache. And I want Apache to, to market. And look at this. We’re going to get utilities, common utilities, everything else that goes with it. So we’re going to grab all of that sort of stuff. I might as well install the documentation while we’re at it. And we’ll click apply, click apply. And again, we’re going to get these modules put in this entire set of packages. We’ll install Apache and then we’re going to open up our web browser and just take a look and seeif we get the default web page for our browser, for our web server, I should say.

All right, so it’s going to take just a couple of seconds to get all of these in there. You can see the status bars moving across. I think that’s why they made status bars, so we wouldn’t get bored and think that it’s crashed. And once this thing is done, all right, we’ll close this down. We’ll go ahead and close our Synaptic Manager down. We’ll go to applications and internet. Ice Weasel And hopefully you remember that we have a host entry for how to connect to ourselves. That’s Httplocalhost. And I hit Enter and there it is. If you see that it works, that’s the default page basically crying out to you saying, look, Apache works. You have it installed. And it was just that easy to do.

8. Apache Configuration Part 1

Now, when it comes down to the configuration of Apache, there are several configuration files that you can work with if you want to finetune or do something beyond just the simple default installation. For example, there’s an Apache. Two CNF. I just call them config files. So apache. Two config file. Now this file is the primary servers configuration file and it has all of the settings that apply to all all the websites that are supported by the Apache server. So it’s very much a global settings file that talks about the website. Now, an important thing about Apache as a web server, it can support multiple, multiple sites. You can define each of those sites, each of them with their own path, their own virtual directories and each one with their own name.

If you want, you can even assign different ports to them. It’s like any other web service. So if you do have more than one site, this file would have the common settings that would apply to all of them. Another one of the configuration files is the Httpd config file and this file has all the user level settings and they can extend and override the settings that you made in the global Apache two file. Now again, user level settings means that I expect different things from different levels or different users, I should say, that apply to my website. And it’s something that you can say, all right, here’s the general settings, but these users have some different settings, whatever those settings may be.

9. Apache Configuration Part 2

Another one of the things that you’re going to work with is a file that is called the sites enabled. And this file is what’s going to define the websites and the directories that are being published by the Apache server. So just a second ago, as I just said, you can have multiple websites, multiple directories, all of them available on Apache. But you do have to tell Apache what those sites are, what is their names, what am I going to publish them at, and that’s what we’re going to do with the sites enabled.

10. Site Definition Files Part 1

Now, within each site you also have definition files. Now one of the ones that you would see under the Apache two sites enables is again, as I said, we’re going to define those sites. But on your server you can have one or more virtual websites and they’re all going to be defined in that sites enabled directory. It should be there by default and by default it has a single file. Guess what it is. It’s your default website.

11. Site Definition Files Part 2

Some of the other site definition files you have would be called directives. Now this is going to be in the document root directory and it’s going to go by each of the directory names. And the idea here is that this document anyway, this directive defines all of the virtual directories where the directory should be a true physical path on your server. Now that’s important because the directory is going to be pointing to where the files are. So it’s an actual location on your hard drive. Now, when somebody comes to your system.

It might have a different name than the actual physical path, but we still have to make sure we know exactly where these files are so the server knows where to go and retrieve content. Now following that, the directory section is going to define the options that you have for the physical directory’s name on your server. Now you can have a lot of different directory sections for this virtual hardware that you have. The settings are going to be between the opening and closing directory tags in this file that you’re going to be naming.

12. Site Definition Files Part 3

Now, other things that you’ll see in your site definition files is the script alias, which we call the alias or directory path. This directive is designed to define an alias for directory where your common gateway interface, your CGI scripts are located very quickly. CGI scripts are precreated programs that often supply connections to other locations. A very common type of CGI that you might see, especially in the older days, is a script to handle things like credit card processing. So if somebody supplied a credit card, this programwould securely connect to a bank and deal with that processing and verification, all that sort of stuff.

So you also need to be able to supply the paths to those types of scripts or CGI stuff. The directories, of course, as I said, corresponds to the virtual name as it appears to the clients, and it’s the path to your physical file name on your server. So you’re doing both with the directory. It’s the virtual name. So they might go to www. Mywebspacecom and that name is actually going to point to some other path inside of your Linux server.

13. Site Definition Files Part 4

And then some of the other types of definitions that you can create are things like your error logs, log levels or custom logs. That means you can include directors that would appear in your Apache to config file in your virtual host configuration and these can override the settings that you have at the server level. But obviously you’re going to have to make the decision about what on the site do you want to keep track of. So again, that’s your error log, your log logging levels and your custom logs. And we talked a lot about logging and how it’s a very good proactive way of keeping track of what’s happening on your system or it can be one of those things you look at post mortem. But either way, if you don’t capture the information, you’re not going to have it there to help you.

14. The .htaccess File Part 1

Now, one of the other configuration files is this hidden file called the dot HT access. Now, remember the dot preceding the name. That’s what makes it hidden. It is a configuration file, and if you want to use it, you actually have to set it up so that it has the allow overwrite set to any value other than none. Now, some of the valid options could be things like all off config file info and some other types of options, each of those designed to enable or block a subset of configuration options within the HT access file. So basically, the common use of this file is to help enable password protected access to web page files within your directory. Hopefully, that makes some sense. We’re trying to add the protection.

15. The .htaccess File Part 2

Now, if you do turn on this password protection, then you’re going to generally have to have a password file. And let me talk about that. In your HT access, if you say authentication type is basic and then you say the authentication user file that you’re going to look at, you provide the path to the file that has all of the usernames and passwords and that file is called the HT password file. Now remember, when we say password in Linux, spelling it’s p a SSWD. Now it does require that you put in a valid user

information. So once you say here’s the path to that password file, then in the HT password file you’re going to actually put in usernames and then the hashes of whatever passwords that they are going to supply and you can put as many users in there as you want to. Granted, I know it’s sounds like a lot of work, but it’s your upfront preparation work to protect those files in your web directory that are very important to you.