[MacPorts] Apache2.4.x modified

Mon Oct 23 02:56:10 UTC 2017

Page "Apache2.4.x" was changed by whmagill
Diff URL: <https://trac.macports.org/wiki/Apache2.4.x?action=diff&version=3>
Revision 3
Comment: almost done
Changes:
-------8<------8<------8<------8<------8<------8<------8<------8<--------
Index: Apache2.4.x
=========================================================================

--- Apache2.4.x (version: 2)
+++ Apache2.4.x (version: 3)
@@ -13,9 +13,9 @@
 MacPorts includes the following versions of Apache:
 
 * '''apache2''': Apache HTTP Server v2.4.x. This is the current, recommended port to use, and will install if you simply type:
-{{{
-$ sudo port install apache2
-}}}
+
+ '''$ sudo port install apache2'''
+
 Apache2-2.4.x has a different directory layout from apache2, so none of the other ports that use apache2 can use apache2.4-.x without modifications.
 
 This page shows how to install and use the apache2-2.4.x  port on High Siarra (OSX 10.13.x).
@@ -65,17 +65,14 @@
 It is found at `/etc/apache2`; there is no "GUI" way to turn it on (or off), only via the command line.
 It is not turned on, or configured, in a default High Sierra installation.
 
-{{{
-$ sudo apachectl stop
-}}}
+ '''$ sudo apachectl stop'''
+
 === OS X Server ===
 Launch Server Manager and turn off the web server.
 
 = Step 2: '''Install Apache''' = #apache
 
-{{{
-$ sudo port install apache2
-}}}
+ '''$ sudo port install apache2'''
 
 A sample configuration file is provided in '''''/opt/local/etc/apache2/httpd.conf.orig'''''.
 
@@ -87,9 +84,9 @@
 
 =  Step 3:  '''Verify your config file''' =
 Verify any changes you have made to the config file: /opt/local/etc/apache2/httpd.conf
-{{{
-$ /opt/local/sbin/apachectl -t
-}}}
+
+ '''$ /opt/local/sbin/apachectl -t'''
+
 This will return either "Syntax OK" or a specific line by line error listing. Note that this check is strictly a syntax check. 
 Logic is not verified. 
 
@@ -99,9 +96,7 @@
 =  Step 4: '''Activate Apache2''' =
 Activate your Apache installation so that it starts now and every time you boot your machine: 
 
-{{{
-$ sudo port load apache2
-}}}
+ '''$ sudo port load apache2'''
 
 If when you issue this command, you immediately receive the message:
 
@@ -109,29 +104,24 @@
 
 This means that the Launch Daemon believes that it has successfully started Apache.  You probably did not shut it down in step 1 above:
 
-{{{
-$ sudo port unload apache2
-}}}
+ '''$ sudo port unload apache2'''
 
 to stop apache (even though it is not running) and then start it using
 
-{{{
-$ sudo port load apache2
-}}}
+ '''$ sudo port load apache2'''
 
 to start it again.
 
-* type localhost in the address bar, and press enter. You should see '''It Works! ''' displayed in the browser window.
+* type 'localhost' in the address bar of Safari, and press enter. You should see '''It Works! ''' displayed in the browser window.
 
 If the web server  is NOT running at this point, a configuration error is your most likely problem. 
 
 Verify your config file as above.
 
 After correcting any config errors and saving the updated config file, again run:
-{{{
-$ sudo port unload apache2
-$ sudo port load apache2
-}}}
+
+ '''$ sudo port unload apache2'''\\
+ '''$ sudo port load apache2'''
 
 The default log file location is: `opt/local/var/log/apache2/'` The shutdown and startup attempt will be logged in "'''error_log'''"
 
@@ -140,11 +130,10 @@
 
 After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
 
-{{{
-$ /opt/local/sbin/apachectl -t
-$ sudo port unload apache2
-$ sudo port load apache2
-}}}
+ '''$ /opt/local/sbin/apachectl -t'''\\
+ '''$ sudo port unload apache2'''\\
+ '''$ sudo port load apache2'''\\
+
 In Apache documentation (including this page), you will see the use of "''apachectl -k restart''" described as the method to cause the config file to be re-read.
 
 However under OSX, the purpose of ''launchd'' is to notice processes that stop without its knowledge, and to restart them. 
@@ -154,15 +143,11 @@
 
 If the sever name is not set properly in the configuration file, `/opt/local/etc/apache2/httpd.conf`, you will encounter the warning below. 
 
-{{{
-httpd: Could not reliably determine the server's fully qualified domain name, using <Computer-Name>.local for ServerName
-}}}
+ '''''httpd: Could not reliably determine the server's fully qualified domain name, using <Computer-Name>.local for ServerName'''''
 
 Where `<Computer-Name>` refers to the name of your computer as specified in the System Preferences Sharing pane.  To resolve the warning, edit the configuration file and set the server name appropriately.  For personal use, `localhost` is sufficient.
 
-{{{
-ServerName localhost:80
-}}}
+ '''''ServerName localhost:80'''''
 
 To verify Apache is now running, point your browser to http://localhost/ (you may need to reload the page). You should see a page that says '''It works! '''
 
@@ -170,28 +155,39 @@
 
 === User directories === #userdir
 
-If you would like to be able to access web pages in the Sites directory of your home directory, edit `/opt/local/etc/apache2/httpd.conf` and locate the following line:
-
-{{{
+If you would like to be able to access web pages in the 'Sites' directory of your users' home directories, edit `/opt/local/etc/apache2/httpd.conf` and locate the following lines:
+
+{{{
+#LoadModule userdir_module lib/apache2/modules/mod_userdir.so
+#LoadModule socache_shmcb_module lib/apache2/modules/mod_socache_shmcb.so
 #Include conf/extra/httpd-userdir.conf
 }}}
 
-Uncomment it by removing the "`#`" at the start of the line so that it reads:
-
-{{{
-Include conf/extra/httpd-userdir.conf
-}}}
-This file:   ''"/opt/local/etc/apache2/extra/httpd-userdir.conf"'' will activate the "Sites" sub-directory for all ~users on your system. (''"/Users/*/Sites"'') and contains initial, basic restrictions for access to the contents of that directory.
-
-After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
-
-{{{
-$ /opt/local/sbin/apachectl -t
-$ sudo port unload apache2
-$ sudo port load apache2
-}}}
+Uncomment them by removing the "`#`" at the start of the line so that it reads:
+
+ '''Include conf/extra/httpd-userdir.conf'''\\
+ '''LoadModule userdir_module lib/apache2/modules/mod_userdir.so'''\\
+ '''LoadModule socache_shmcb_module lib/apache2/modules/mod_socache_shmcb.so'''\\
+
+Then copy the file '''/opt/local/etc/apache2/extras/httpd-userdir.conf.orig''' to '''/opt/local/etc/apache2/extras/httpd-userdir.conf'''
+
+ '''$ cd /opt/local/etc/apache2/extras/'''
+ '''$ sudo cp httpd-manual.conf.orig httpd-userdir.conf'''
+ '''$ sudo chmod og+r httpd-userdir.conf'''
+
+In its default state, '''httpd-userdir.conf''' permits access to all users '''public_html''' directory.\
+To enable a users '''Sites''' directory, change both occurrences of "public_html" to '''Sites'''
+
+This file:   ''"/opt/local/etc/apache2/extra/httpd-userdir.conf"'' will then activate the "Sites" sub-directory for all users on your system. (''"/Users/*/Sites"'') and contains initial, basic restrictions for access to the contents of that directory.
+
+After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
+
+ '''$ /opt/local/sbin/apachectl -t'''\\
+ '''$ sudo port unload apache2'''\\
+ '''$ sudo port load apache2'''\\
 
 You can then view your personal pages by accessing http://localhost/~username/, where "username" is your Mac OS X account's short name.
+ '''Note:''' On a clean install of High Sierra, users will need to create their own Sites directory
 
 === Local Apache manual === #manual
 
@@ -204,18 +200,15 @@
 
 So that it reads like this:
 
-{{{
-Include conf/extra/httpd-manual.conf
-}}}
+ ''I'nclude conf/extra/httpd-manual.conf'''
 
 Then copy the file '''/opt/local/etc/apache2/extras/httpd-manual.conf.orig''' to ''/opt/local/etc/apache2/extras/httpd-manual.conf'' 
-{{{
- $ cd /opt/local/etc/apache2/extras/
- $ sudo cp httpd-manual.conf.orig httpd-manual.conf
- $ sudo chmod og+r httpd-manual.conf
-}}}
-
-At this point: 
+
+ '''$ cd /opt/local/etc/apache2/extras/'''\\
+ '''$ sudo cp httpd-manual.conf.orig httpd-manual.conf'''\\
+ '''$ sudo chmod og+r httpd-manual.conf'''\\
+
+At this point a syntax check:  
  $ /opt/local/sbin/apachectl -t
 will return the error:
 
@@ -228,21 +221,18 @@
 
 After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
 
-{{{
-$ /opt/local/sbin/apachectl -t
-$ sudo port unload apache2
-$ sudo port load apache2
-}}}
+ '''$ /opt/local/sbin/apachectl -t'''\\
+ '''$ sudo port unload apache2'''\\
+ '''$ sudo port load apache2'''\\
 
 You can then view the manual by accessing http://localhost/manual/.
 
-= Not yet updated below here
 = ''' Apache SSL/TLS Encryption (aks Secure Sockets  or https)'''  = #ssl
 '''Note:''' Establishing Secure Sockets is a fairly extensive process. One should first read the current Apache2 documentation found in the Apache2 manual:
 {{{
-http://httpd.apache.org/docs/2.2/ssl/
-}}}
-==== Generate a self-signed certificate ====
+http://httpd.apache.org/docs/2.4/ssl/
+}}}
+=== Generate a self-signed certificate ===
 The following instructions are to generate a "self-signed" certificate.\\
 This is simply a shortcut for testing purposes (a self-signed certificate is not recommended for production!).\\
 The complete dialog is listed here for reference. The commands necessary are prefixed as "$ sudo", with comments prefixed with a #.\\
@@ -257,7 +247,6 @@
 e is 65537 (0x10001)
 Enter pass phrase for server.key:
 Verifying - Enter pass phrase for server.key:
-
 
 $ sudo openssl req -new -key server.key -out server.csr
 # 
@@ -300,68 +289,85 @@
 Enter pass phrase for server.key.bak:
 writing RSA key
 
-$ sudo cp server.crt /opt/local/apache2/conf/
-$ sudo cp server.key /opt/local/apache2/conf/
-}}}
-'''Note:''' Certificate generation can be accomplished in any directory. If you did so in ''"/opt/local/apache2/conf"'' the last two copy commands are redundant, and will generate the following  errors respectively:
-{{{
-cp: /opt/local/apache2/conf/server.crt and server.crt are identical (not copied).
-cp: /opt/local/apache2/conf/server.key and server.key are identical (not copied).
-}}}
-
-Then enable the following in {{{/opt/local/apache2/conf/httpd.conf}}}
-
-{{{
-LoadModule ssl_module modules/mod_ssl.so
-
-# Secure (SSL/TLS) connections
-Include conf/extra/httpd-ssl.conf
-}}}
-After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
-{{{
-$ /opt/local/apache2/bin/apachectl -t
-$ sudo port unload apache2
-$ sudo port load apache2
-}}}
+$ sudo cp server.crt /opt/local/etc/apache2/
+$ sudo cp server.key /opt/local/etc/apache2/
+}}}
+'''Note:''' Certificate generation can be accomplished in any directory. If you did so in ''"/opt/local/etc/apache2/"'' the last two copy commands are redundant, and will generate the following  errors respectively:
+{{{
+cp: /opt/local/etc/apache2/server.crt and server.crt are identical (not copied).
+cp: /opt/local/etc/apache2//server.key and server.key are identical (not copied).
+}}}
+
+=== Activate SSL ===
+Enable (uncomment) the following in {{{/opt/local/etc/apache2/httpd.conf}}}
+
+ '''LoadModule ssl_module modules/mod_ssl.so'''
+
+ # Secure (SSL/TLS) connections\\
+ '''Include conf/extra/httpd-ssl.conf'''
+
+Then copy the file '''/opt/local/etc/apache2/extras/httpd-ssl.conf.orig''' to ''/opt/local/etc/apache2/extras/httpd-ssl.conf'' 
+{{{
+ $ cd /opt/local/etc/apache2/extras/
+ $ sudo cp httpd-ssl.conf.orig httpd-ssl.conf
+ $ sudo chmod og+r httpd-ssl.conf
+}}}
+
+A syntax check at this point will yield:
+{{{
+/opt/local/sbin/apachectl -t
+AH00526: Syntax error on line 92 of /opt/local/etc/apache2/extra/httpd-ssl.conf:
+SSLSessionCache: 'shmcb' session cache not supported (known names: ). Maybe you need to load the appropriate socache module (mod_socache_shmcb?).
+}}}
+
+Then enable (uncomment) the following in {{{/opt/local/etc/apache2/httpd.conf}}}
+
+ '''LoadModule authn_socache_module lib/apache2/modules/mod_authn_socache.so'''
+
+After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
+
+ '''$ /opt/local/sbin/apachectl -t'''\\
+ '''$ sudo port unload apache2'''\\
+ '''$ sudo port load apache2'''\\
 
 The most likely error you will receive is:
 {{{
-Syntax error on line 120 of /opt/local/apache2/conf/extra/httpd-ssl.conf:
-SSLCertificateFile: file '/opt/local/apache2/conf/server.crt' does not exist or is empty
+Syntax error on line 120 of /opt/local/etc/apache2/extra/httpd-ssl.conf:
+SSLCertificateFile: file '/opt/local/etc/apache2/server.crt' does not exist or is empty
 }}}
 If so, simply revisit the instructions above to create a self-signed certificate.
 
-==== Verify your success ====
+=== Verify your success ===
 
 type ''"https://<your server address>"'' in Safari. \\
 Safari should return the pop-up: "Safari can't verify the identity of the website "<your server address>" \\
 At which point you can view the details of your certificate and select your appropriate actions.
 
-==== Configure your "Virtual Host" ====
+=== Configure your "Virtual Host" ===
 While you have verified your certificate, you will discover that you have no access to your server - ''"You don't have permission to access.... on this server."''\\
-This is because the SSL Virtual Host has not been configured in ''"/opt/local/apache2/conf/extra/httpd-ssl.conf"''
-
-Edit ''"/opt/local/apache2/conf/conf/extra/httpd-ssl.conf"'' and moved down to the section:
+This is because the SSL Virtual Host has not been configured in ''"/opt/local/etc/apache2/extra/httpd-ssl.conf"''
+
+Edit ''"/opt/local/etc/apache2//extra/httpd-ssl.conf"'' and moved down to the section:
 {{{
 #   General setup for the virtual host
-DocumentRoot "/opt/local/apache2/htdocs"
-ServerName www.example.com:443
-ServerAdmin you at example.com
-ErrorLog "/opt/local/apache2/logs/error_log"
-TransferLog "/opt/local/apache2/logs/access_log"
+DocumentRoot "/opt/local/www/apache2/html"
+ServerName www.mcgillsociety.org:443
+ServerAdmin magill at icloud.com
+ErrorLog "/opt/local/var/log/apache2/error_log"
+TransferLog "/opt/local/var/log/apache2/access_log"
 }}}
 Configure this section appropriately. \\
 Assuming you wish to implement SSL on your entire server, ''DocumentRoot'' and ''ServerName'' should match the values in ''"/opt/local/apache2/conf/httpd.conf"''\\
 As there are many optional ways of configuring security on your web server, consult the Apache2 manual for details.
 {{{
-http://httpd.apache.org/docs/2.2/ssl/
-}}}
-
-After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
-{{{
-$ /opt/local/apache2/bin/apachectl -t
-$ sudo port unload apache2
-$ sudo port load apache2
-}}}
+http://httpd.apache.org/docs/2.4/ssl/
+}}}
+
+After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
+
+ '''$ /opt/local/apache2/bin/apachectl -t'''\\
+ '''$ sudo port unload apache2'''\\
+ '''$ sudo port load apache2'''
+
 
 [wiki:howto <- Back to the HOWTO section]
-------8<------8<------8<------8<------8<------8<------8<------8<--------

--
Page URL: <https://trac.macports.org/wiki/Apache2.4.x>
MacPorts <https://www.macports.org/>
Ports system for macOS

This is an automated message. Someone added your email address to be
notified of changes on 'Apache2.4.x' page.
If it was not you, please report to admin at macports.org.
