Chapter 4- Server Configuration

guideflannelΔιακομιστές

4 Δεκ 2013 (πριν από 3 χρόνια και 6 μήνες)

79 εμφανίσεις

Free Powerpoint Templates

Page
1

Free Powerpoint Templates

Chapter 4
-

Server
Configuration

Free Powerpoint Templates

Page
2

Objectives


Choosing Web Server software


Customizing your web server


Controlling access


Secure socket layer configuration


Virtual hosts

Free Powerpoint Templates

Page
3

Lab 4.1 Choosing Web Server
Software


Web Server


Machine, that machine is our web server


Refer to software running on a machine


3 famous Web Servers


Apache


Microsoft IIS


Netscape Enterprise Server


Others


Free Powerpoint Templates

Page
4

Apache


Open Source


Multiple Platforms (UNIX and Microsoft)


Very powerful and configurable


Uses configuration files


Httpd.conf

Free Powerpoint Templates

Page
5

Apache Configuration


All configuration through configuration files


Directives define options


Directives are organised into sections:


Directory


DirectoryMatch


Files


FilesMatch


Location


LocationMatch

Free Powerpoint Templates

Page
6

Microsoft IIS


Easy to use, GUI oriented


Closed
-
proprietary


Microsoft Management Console


Extendable through ISAPI


DLL


ASP


Support for FrontPage extension

Free Powerpoint Templates

Page
7

IIS Configuration


IP address


TCP port


Home directory


Execute


Virtual directory


Default document


Directory browsing


Authentication control


Application mappings


Redirect to URL

Free Powerpoint Templates

Page
8

Netscape


Offers two Web servers


The Netscape Fast track Server


For small business or a workgroup Web Server


A scaled down version of Netscape Enterprise
Server


Provides for small number of users publishing
information


Netscape Enterprise Server


Designed to support hundreds or even thousand of
users


Available for Windows NT and UNIX

Free Powerpoint Templates

Page
9

Other servers


Java Web Server


Server written entirely in Java


Stronghold Server


Developed by C2Net is a secure server based on
Apache


Mostly widely used SSL Web server for UNIX


Website


Developed by O’Reilly Software


Provides excellent server
-
side programming
support


Good administration tools, security and other
features not found on IIS

Free Powerpoint Templates

Page
10

Evaluating Server Software


Evaluate your OS


Evaluate the performance benchmark


Important to find out as much about each
server as possible


How much can you sped?


Has the server been thoroughly tested in
real
-
world situations


What’s more important: ease of use or
speed and flexibility



Free Powerpoint Templates

Page
11

Installing a Web Server


In most cases you can download Web
Server software from the publisher


Once you’ve downloaded, you might need
to uncompress


Once you’ve got an executable to run, run
the installer program


Aside from choosing which directory to
install the server in , you shouldn’t have to
answer too many configuration questions
during the installation

Free Powerpoint Templates

Page
12

Why Web Server software
installation unsuccessful


No enough free disk space or RAM


Installation program has to run as a certain
user


Make sure that you have permission to the
directory in which you are installing the
server


Responded to one of the installer’s
questions incorrectly


One of the default answer was
inappropriate

Free Powerpoint Templates

Page
13

Solutions for Web Server


Install a patch or service pack before
installing


Make sure to have the latest and correct
version for the OS


Check the Technical Support


Free technical support


Available for demo versions

Free Powerpoint Templates

Page
14

Lab 4.2 Customizing your Web
Server


Configuration tools for the Web Servers


Apache


no management console application


IIS


provides a special configuration tool through a
MMC snap
-
in module


Netscape


provides a Web
-
based administration
tool accessible through any browser


Control the behavior of the Web Server


Apache


directives


Microsoft


properties



Netscape


resources

Free Powerpoint Templates

Page
15

General server options


These options are global to the entire
server, or at least to a specific HTTPD on
the server


User and Group
-

the owner of the Web server
process


BindAddress(IIS:IP Address). The HTTPD
listens for connections on this IP Address


Port(ISS:TCP Port. The port option specifies
which port the HTTPD should listen to. Port
80 is used

Free Powerpoint Templates

Page
16

Directory Options


These options are used to specify the
attributes of specific directories


DocumentRoot


UserDir


ScriptAlias


Alias


DirectoryIndex


Indexoptions, Indexes, and FancyIndexing

Free Powerpoint Templates

Page
17

Access Control


The following options are used to restrict access
to your site, or particular directories


AuthUserFile


AuthGroupFile


Require


Allow and deny


Other options


AddHandler


Redirect

Free Powerpoint Templates

Page
18

Lab 4.3 Controlling Access


In order for your Web server to make
documents available to clients


UNIX and NT offer the ability to control
access to files and directories


This ability is governed largely by the file
system


Free Powerpoint Templates

Page
19

User Access


Most documents on your Web server will
probably be available for anyone to read


It is possible, to restrict access to certain
pages


HTTP offers a simple authentication
protocol used to require a username and
password in order to access resources in
the server

Free Powerpoint Templates

Page
20

User Access
-
2


Basic authentication
-

little security


Digest authentication
-

relies on MD5
checksums to ensure integrity but it isn’t
very secure either


The best way to ensure secure
authentication is to use HTTPS

Free Powerpoint Templates

Page
21

User Access
-
3


The basic procedure for enabling user
authentication is the same on most Web
servers.


Determine which resources need to be
restricted


Determine users and groups


Create users and groups


Apply restrictions to resources(files and
directories)

Free Powerpoint Templates

Page
22

User Access
-
4


Steps describes as:


Evaluate the content


Determine which directories or files requires
authentication


Determine a list of users and/or groups that
should allow to view this resources


Depending on the Web server


IIS

create user account on OS


Netscape and others
-

create user accounts for
your Web server using the server administration
tools



Free Powerpoint Templates

Page
23

User Access
-
5(continue)


Apache
-
requires password and group files
containing information about usernames,
passwords and groups


Assign access permissions to your Web
resources


Free Powerpoint Templates

Page
24

Host Access


There are situations when denying access
to your server from a particular host or
domain may be desirable.


The default for most servers is to allow
access from any hosts.


To block access from a single host you
just need to change a single options, and
only that host or series of hosts will be
denied access

Free Powerpoint Templates

Page
25

Lab4.4 Secure Socket Layer
Configuration


By default, HTTP is not a secure protocol


The contents of a normal HTTP
transaction are not encrypted


Easy for interception and can view
unencrypted transactions


Free Powerpoint Templates

Page
26

Secure Socket Layer (SSL)


The most popular encryption protocol on
the Internet


Was developed by Netscape


Not limited to Web transactions, however it
has been used by other applications that
need to transfer data securely over a
network



Free Powerpoint Templates

Page
27

HTTPS


Is normal HTTP wrapped in SSL


Supported by Netscape and Internet
Explorer


To provide secure transactions for your
site, you will usually need to configure an
HTTPS server that runs alongside your
normal HTTP server

Free Powerpoint Templates

Page
28

HTTPS


A URL to a resource on an HTTPS server
uses a slightly different naming convention
than do normal URLS


Instead of the Http prefix, Https is used


Instruct the browser to attempt to a secure
connection to the server


Connect to the server at port 443

Free Powerpoint Templates

Page
29

Certificates


Document that contains information about
your site


A certificate authority digitally signs a
certificate


CA is a mutually trusted organization that
issues and verifies certificates


When a secure transaction initiates between a
client and your server, the client receives a
certificate

Free Powerpoint Templates

Page
30


CA is typically a well
-
known, trusted
organization


Two most popular CAS


Verisign


Thawte

Free Powerpoint Templates

Page
31

How to obtain certificate


To give well
-
known CA information about your
company and hosts


You need to provide a letter of authorization,
proof of your organization’s name, and proof to
use your domain name


Need to provide a certificate
-
signing request that
contains the public key for your Web server


Once the CA processes your request and
verifies your information, they generate a
certificate.

Free Powerpoint Templates

Page
32

CA Problems


They charge money for certificates


Some CA
-
issued certificates expire


Must be renewed each year for an
additional cost


Verisign and Thawte offer trial certificates
that can be used to test the functionality of
your server, but they are only good for a
short amount of time

Free Powerpoint Templates

Page
33

Lab 4.5 Virtual Hosts


To the average user it may seem that a
separate machine is needed to host each
domain


Virtual hosts


Since domain name simply points to an IP
address, a server can host many domains

Free Powerpoint Templates

Page
34


Two types of virtual hosts


Name
-
based


Doesn’t have a unique IP address


IP

based


Can have many names pointing at it


Have unique IP addresses


Instead of relying on the HTTP headers to
determine the destination, the HTTPD just listens
for requests on a particular IP address


Free Powerpoint Templates

Page
35