https

Create an Apache Virtual Host

Creating Apache virtual hosts allow you to use a single IP address for many web servers. I use mine for general web serving as well as secure WebDav over HTTPS. The Apache web server is arguably the most popular web server on the internet and has been since 1996.

Ok let’s get started setting up your Apache virtual host. I am using Centos 5.x for our operating system. The apache server is the stock install using YUM.

Edit the /etc/httpd/conf/httpd.conf file. The virtual hosts section is towards the bottom.
Uncomment the NameVirtualHost *:80 directive If you want virtual hosts accessed over SSL you will need to add the NameVirtualHost *:443 directive as well.

For virtual hosts over SSL the virtual host containers should be added to the /etc/httpd/conf.d/ssl.conf file.

Almost any Apache directive may go into a VirtualHost container. Following is a sample virtual host container. Use the auth directives if you want authentication for your host. The users are set up with the htpasswd command. See man htpasswd for more info.

When apache receives a web site request on the IP address it looks to the configuration files
to determine if it has the host. If it has the host it then looks to the DocumentRoot of the host to determine what pages and directories are available and serves them to the client.

ServerAdmin  webmaster at www.luvlinux.net #email address on error pages
DocumentRoot /var/www/vhosts/luvlinux #where apache looks for web site documents
ServerName www.luvlinux.net #dns name of server (Web site host name)
ErrorLog logs/www.luvlinux.net-error_log #logs are located relative to serverroot
CustomLog logs/www.luvlinux.net-access_log common
#put options in here
Options Indexes Multiviews #shows an index of files if no index.html
# AuthType Basic #authentication type
# AuthName “My this site” #name that shows on login dialogue
# AuthUserFile /etc/httpd/webpass #name of the password file
# Require user engineer1 #name of authorized user(s)

ServerAdmin  webmaster at www.example.net
DocumentRoot /var/www/vhosts/example.net
ServerName www.example.net
ErrorLog logs/www.example.net-error_log
CustomLog logs/www.example.net-access_log common

Options Indexes Multiviews

Use the following command to check your virtual host configuration:
httpd -D DUMP_VHOSTS

You will get output similar to the following indicating that everything is ok.

VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
*:443  myhost.example.com (/etc/httpd/conf.d/ssl.conf:82)
*:80 is a NameVirtualHost
default server www.example.net (/etc/httpd/conf/httpd.conf:993)
port 80 namevhost www.example.net (/etc/httpd/conf/httpd.conf:993)
Syntax OK

Use the following to check the general syntax of your configuration files:
httpd -t
Syntax OK

Congratulations! You should now have your Virtual Host setup. Don’t forget to make your hosts and/or DNS entries for accessing your web server. Enjoy!

-j

Squid proxy server quick start

Here is a quick start plan for installing the squid-cache.org proxy server. Squid is a caching proxy server that uses HTTP, HTTPS and FTP for caching web pages from the internet. By caching web pages locally the squid server helps you save on bandwidth and increases page response time for web surfing.

When you first open the squid configuration file it can be overwhelming with over 4000 lines. Many of these are comments but there are still hundreds of configuration choices. I am going to reduce these down to a solid foundation which will get you up and running quickly. This will give you some time to study the other configuration choices that may be necessary for your use. For most people some form of the configuration entries that we use here will be enough to control and proxy your web access.

Squid can be installed on Linux, Unix or Windows. For our purposes here we are installing on Centos 5.x.

Let’s get started:

Install the Squid package
yum install squid

cd to the configuration directory
cd /etc/squid

The default squid config file contains over 4000 lines. Remove the comments so that the file
is a workable size
Copy the squid.conf file to dist.conf.squid to preserve the comments for reference
cp squid.conf dist.squid.conf
The following sed command edits the squid.conf file in place removing comments and empty lines
sed -i.tmp '/^#/d; /^$/d' squid.conf
This will produce a file that contains the following entries:


http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
coredump_dir /var/spool/squid


After doing this you will need to add some lines to the squid file for your environment

vim squid.conf
visible_hostname
acl our_networks src / /
as in 192.168.1.0/24 192.168.2.0/24
http_access our_networks

Save your changes and exit the squid.conf file.

Create the squid cache directories in /var/spool/squid
quid -z

Set squid to start on reboot
chkconfig squid on

Start squid
service squid start

This should work out of the box after pointing the clients to the correct proxy server and port.

Additional configuration directives can be issued through the /etc/sysconfig/squid file and the /etc/init.d/squid script.

I hope this helps you get squid up and running quickly. Enjoy!

-j