HTTP Server

Each time you make a configuration change to the Apache server you must restart (or at the very least reload) the http service. Remember to start apache for the first time do:

systemctl start httpd.service

systemctl reload httpd.service

systemctl restart iptables.service

Now get the web server running...

Apache allows you do have a URL which starts with /~username. This redirects the server to look for files in /home/username/public_html/. So for instance http://machine/~dave/hello.html would look for a file in /home/dave/public_html/hello.html.

To get this feature enabled you have to hunt for the configuration statements which control UserDir. Sometimes this is in /etc/httpd/conf/httpd.conf, but in Centos7 this is in /etc/httpd/conf.d/userdir.conf. Find the line:

  UserDir disable

Remove this line, or better yet put a # infront of it (which comments the line out). Then look on a little further on to find:

    #UserDir public_html

Now create a user called "dave", create a public_html directory in dave's home directory, and create a file hello.html in the public_html. The contents of this file should be:

<html>
<body>
<h1>HOST</h1>
<p>
I am clever
</p>
</body>
</html>

The best way to ensure that "dave" files and directories are all owned by dave is to "su - dave", make the files and directories, then CTRL-D back to root. Otherwise do "chown -R dave.dave /home/dave". The "/home/dave" and "/home/dave/public_html" must be executable by others, and the "/home/dave/public_html/hello.html" file must be readable by other. More generous permissions or permission changes on owner or group from the default will be marked incorrect.

You can direct your browser to see this page by using the URL

http://yourmachinename/~dave/hello.html

[root@host-19-17 dave]# hostname
host-19-17.linuxzoo.net

Finally, SELinux is currently enabled in enforcing mode. This means you need even more security to overcome (configure). You need to make sure that the SELinux boolean httpd_read_user_content is enabled. By default SELinux is forbidden from reading any file in /home. Check with

getsebool  httpd_read_user_content

setsebool -P httpd_read_user_content 1

Create the following directories, each of which must be executable for other:

• /home/dave/public_html/web
• /home/dave/public_html/vm

In each of these new directories create a file called "hello.html", which are copies of hello.html from /home/dave/public_html, except in "web/hello.html" replace the word HOST with WEB. In "vm/hello.html" replace the word HOST with VM. Case is important.

You need to create a number of virtual hosts in your virtual machine. These should go into a new file somewhere in /etc/httpd/conf.d. For the purposes of this tutorial, create and use the file "/etc/httpd/conf.d/zvirtual.conf".

Using <VirtualHost> create two VirtualHosts in the file /etc/httpd/conf.d/zvirtual.conf. Below is an example of a VirtualHost definition which may help you remember what is needed.

<VirtualHost *:80>
    ServerAdmin me@grussell.org
    DocumentRoot /home/gordon/public_html/grussell.org
    ServerName sql.grussell.org
    ErrorLog logs/sql-error_log
    CustomLog logs/sql-access_log common
</VirtualHost>

The names of your virtual hosts have to be worked out by yourself from your current hostname. Type in the command "hostname" and you will get something like:

host-3-2.linuxzoo.net

Your machine is known by this name in DNS. It is also known by two other names, where the word "host" has been replaced with "web" and "vm". In this example of host-3-2, this machine is also known as:

web-3-2.linuxzoo.net
vm-3-2.linuxzoo.net

IMPORTANT: Do not just copy this example, as your machine number is likely to be entirely different. Use "hostname" and work your machine names out for yourself. Note too that your hostname can change each time you reboot, so double check each time you reboot!

Once you have your web and vm machine names, create two virtual host entries, one for each of web-?-?.linuxzoo.net and vm-?-?.linuxzoo.net, so that the DocumentRoot of web is /home/dave/public_html/web and the DocumentRoot of vm is /home/dave/public_html/vm.

Each VirtualHost tagged area (you need 2) needs to be configured, with their own ServerName and DocumentRoot. like: The other fields are not important in this question.

It is easy to make a syntax error in the config file. If you have problems you can check for syntax errors using the command:

httpd -t

Once again you can verify this works manually by pointing your browser to web-?-?.linuxzoo.net or the vm equivalent (remembering to put the right things in for the "?" characters). This is important, as in an assessment you may need to verify this yourself.

Add to the VirtualHost tag area for the "vm-?-?.linuxzoo.net" virtual host a ServerAlias for "host-?-?.linuxzoo.net". Remember to replace the ? characters with the details for YOUR machine. Once again, you can remind yourself of what this is by running the hostname command. After doing this the use of host-?-? should also use the virtual host information for vm-?-?.

Add to the end of the VirtualHost tag area for vm-?-? a rewrite rule, such that any use of host-?-?.linuxzoo.net gets an external redirection to rewrite it to vm-?-?.linuxzoo.net.

Modify the rewrite rules for the previous question with an additional condition, so that host-?-?.linuxzoo.net always gets rewritten using an external redirect to vm-?-?.linuxzoo.net unless the URI starts with a /~dave. Thus:

http://host-?-?.linuxzoo.net/hello.html   -> rewritten to -->  http://vm-?-?.linuxzoo.net/hello.html 
http://host-?-?.linuxzoo.net/~dave/hello.html   -> not rewritten and handled normally