Apache : Get internal information about it

>First of all it is almost a default web server glue with open system( read GNU/Linux).And we are so very accustomed with that that we never look around.But having said that one should if time and situation require.Couple of alternatives might be nginx and lighthttpd.

But in this article I will focus only Apache internal information one can get..so here we go:

Get the module information:

We usually add so many module in the web server(Apache) along with the default module come along with that.Here we will look in how to get the module built with it.How do you do that? Like this:

bhaskar@bhaskar-laptop_19:37:24_Sat Oct 02:/etc/httpd/conf> sudo /usr/sbin/httpd -M

Password:

Loaded Modules:

core_module (static)

mpm_prefork_module (static)

http_module (static)

so_module (static)

php5_module (shared)

authn_file_module (shared)

authn_dbm_module (shared)

authn_anon_module (shared)

authn_dbd_module (shared)

authn_default_module (shared)

authz_host_module (shared)

authz_groupfile_module (shared)

authz_user_module (shared)

authz_dbm_module (shared)

authz_owner_module (shared)

authnz_ldap_module (shared)

authz_default_module (shared)

auth_basic_module (shared)

auth_digest_module (shared)

file_cache_module (shared)

cache_module (shared)

disk_cache_module (shared)

mem_cache_module (shared)

dbd_module (shared)

dumpio_module (shared)

ext_filter_module (shared)

include_module (shared)

filter_module (shared)

substitute_module (shared)

deflate_module (shared)

ldap_module (shared)

log_config_module (shared)

log_forensic_module (shared)

logio_module (shared)

env_module (shared)

mime_magic_module (shared)

cern_meta_module (shared)

expires_module (shared)

headers_module (shared)

ident_module (shared)

usertrack_module (shared)

unique_id_module (shared)

setenvif_module (shared)

version_module (shared)

proxy_module (shared)

proxy_connect_module (shared)

proxy_ftp_module (shared)

proxy_http_module (shared)

proxy_scgi_module (shared)

proxy_ajp_module (shared)

proxy_balancer_module (shared)

ssl_module (shared)

mime_module (shared)

dav_module (shared)

status_module (shared)

autoindex_module (shared)

asis_module (shared)

info_module (shared)

suexec_module (shared)

cgi_module (shared)

cgid_module (shared)

dav_fs_module (shared)

vhost_alias_module (shared)

negotiation_module (shared)

dir_module (shared)

imagemap_module (shared)

actions_module (shared)

speling_module (shared)

userdir_module (shared)

alias_module (shared)

rewrite_module (shared)

Syntax OK

So here we pass the “M” flag with httpd binary.

Syntanx check of config file:

Next how to find the systax of the configuration file of Apache is alright,here is what you have to do:

bhaskar@bhaskar-laptop_19:38:30_Sat Oct 02:/etc/httpd/conf> sudo /usr/sbin/httpd -t

Syntax OK

Check in the compiled module:

Here is the steps to find it:

bhaskar@bhaskar-laptop_19:42:59_Sat Oct 02:/etc/httpd/conf> sudo /usr/sbin/httpd -l

Compiled in modules:

core.c

prefork.c

http_core.c

mod_so.c

Check how the Apache server compiled:

If we want to know the Apache server built initially,then we migth do the following:

bhaskar@bhaskar-laptop_19:43:30_Sat Oct 02:/etc/httpd/conf> sudo /usr/sbin/httpd -V

Server version: Apache/2.2.16 (Unix)

Server built: Aug 17 2010 12:52:36

Server’s Module Magic Number: 20051115:24

Server loaded: APR 1.4.2, APR-Util 1.3.9

Compiled using: APR 1.4.2, APR-Util 1.3.9

Architecture: 32-bit

Server MPM: Prefork

threaded: no

forked: yes (variable process count)

Server compiled with….

-D APACHE_MPM_DIR=”server/mpm/prefork”

-D APR_HAS_SENDFILE

-D APR_HAS_MMAP

-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)

-D APR_USE_SYSVSEM_SERIALIZE

-D APR_USE_PTHREAD_SERIALIZE

-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT

-D APR_HAS_OTHER_CHILD

-D AP_HAVE_RELIABLE_PIPED_LOGS

-D DYNAMIC_MODULE_LIMIT=128

-D HTTPD_ROOT=”/etc/httpd”

-D SUEXEC_BIN=”/usr/sbin/suexec”

-D DEFAULT_PIDLOG=”/var/run/httpd/httpd.pid”

-D DEFAULT_SCOREBOARD=”logs/apache_runtime_status”

-D DEFAULT_LOCKFILE=”/var/run/httpd/accept.lock”

-D DEFAULT_ERRORLOG=”logs/error_log”

-D AP_TYPES_CONFIG_FILE=”conf/mime.types”

-D SERVER_CONFIG_FILE=”conf/httpd.conf”

How to check VirtualHost config check:

If we have so many virtualhost built inside into Apache then we must check the configuration(one of the source of not starting the server properly)beforehand.

bhaskar@bhaskar-laptop_19:48:11_Sat Oct 02:/etc/httpd/conf> sudo /usr/sbin/httpd -S

VirtualHost configuration:

Syntax OK

What are the configuration directives available to the server?

Let’s find out what are the directives we can manipulate for this web server…to unveiled it do the following:

bhaskar@bhaskar-laptop_19:48:54_Sat Oct 02:/etc/httpd/conf> sudo /usr/sbin/httpd -L

<Directory (core.c)

Container for directives affecting resources located in the specified directories

Allowed in *.conf only outside , or

<Location (core.c)

Container for directives affecting resources accessed through the specified URL paths

Allowed in *.conf only outside , or

<VirtualHost (core.c)

Container to map directives to a particular virtual host, takes one or more host addresses

Allowed in *.conf only outside , or

<Files (core.c)

Container for directives affecting files matching specified patterns

Allowed in *.conf anywhere and in .htaccess

when AllowOverride isn’t None

<Limit (core.c)

Container for authentication directives when accessed using specified HTTP methods

Allowed in *.conf anywhere and in .htaccess

when AllowOverride isn’t None

<LimitExcept (core.c)

Container for authentication directives to be applied when any HTTP method other than those specified is used to access the resource

Allowed in *.conf anywhere and in .htaccess

when AllowOverride isn’t None

<IfModule (core.c)

Container for directives based on existance of specified modules

Allowed in *.conf anywhere and in .htaccess

when AllowOverride isn’t None

<IfDefine (core.c)

Container for directives based on existance of command line defines

Allowed in *.conf anywhere and in .htaccess

when AllowOverride isn’t None

<DirectoryMatch (core.c)

Container for directives affecting resources located in the specified directories

Allowed in *.conf only outside , or

<LocationMatch (core.c)

Container for directives affecting resources accessed through the specified URL paths

Allowed in *.conf only outside , or

<FilesMatch (core.c)

Container for directives affecting files matching specified patterns

Allowed in *.conf anywhere and in .htaccess

when AllowOverride isn’t None

AuthType (core.c)

An HTTP authorization type (e.g., “Basic”)

Allowed in *.conf only inside , or and in .htaccess

when AllowOverride includes AuthConfig

AuthName (core.c)

The authentication realm (e.g. “Members Only”)

Allowed in *.conf only inside , or and in .htaccess

when AllowOverride includes AuthConfig

Require (core.c)

Selects which authenticated users or groups may access a protected space

Allowed in *.conf only inside , or and in .htaccess

when AllowOverride includes AuthConfig

Satisfy (core.c)

access policy if both allow and require used (‘all’ or ‘any’)

Allowed in *.conf only inside , or and in .htaccess

when AllowOverride includes AuthConfig

AddDefaultCharset (core.c)

The name of the default charset to add to any Content-Type without one or ‘Off’ to disable

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes FileInfo

AcceptPathInfo (core.c)

Set to on or off for PATH_INFO to be accepted by handlers, or default for the per-handler preference

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes FileInfo

AccessFileName (core.c)

Name(s) of per-directory config files (default: .htaccess)

Allowed in *.conf only outside , or

DocumentRoot (core.c)

Root directory of the document tree

Allowed in *.conf only outside , or

ErrorDocument (core.c)

Change responses for HTTP errors

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes FileInfo

AllowOverride (core.c)

Controls what groups of directives can be configured by per-directory config files

Allowed in *.conf only inside , or

Options (core.c)

Set a number of attributes for a given directory

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes Options

DefaultType (core.c)

the default MIME type for untypable files

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes FileInfo

FileETag (core.c)

Specify components used to construct a file’s ETag

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes FileInfo

EnableMMAP (core.c)

Controls whether memory-mapping may be used to read files

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes FileInfo

EnableSendfile (core.c)

Controls whether sendfile may be used to transmit files

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes FileInfo

Protocol (core.c)

Set the Protocol for httpd to use.

Allowed in *.conf only outside , or

AcceptFilter (core.c)

Set the Accept Filter to use for a protocol

Allowed in *.conf only outside , or

Port (core.c)

Port was replaced with Listen in Apache 2.0

Allowed in *.conf only outside , or

HostnameLookups (core.c)

“on” to enable, “off” to disable reverse DNS lookups, or “double” to enable double-reverse DNS lookups

Allowed in *.conf anywhere

ServerAdmin (core.c)

The email address of the server administrator

Allowed in *.conf only outside , or

ServerName (core.c)

The hostname and port of the server

Allowed in *.conf only outside , or

ServerSignature (core.c)

En-/disable server signature (on|off|email)

Allowed in *.conf anywhere and in .htaccess

when AllowOverride isn’t None

ServerRoot (core.c)

Common directory of server-related files (logs, confs, etc.)

Allowed in *.conf only outside , or

ErrorLog (core.c)

The filename of the error log

Allowed in *.conf only outside , or

ServerAlias (core.c)

A name or names alternately used to access the server

Allowed in *.conf only outside , or

ServerPath (core.c)

The pathname the server can be reached at

Allowed in *.conf only outside , or

Timeout (core.c)

Timeout duration (sec)

Allowed in *.conf only outside , or

ContentDigest (core.c)

whether or not to send a Content-MD5 header with each request

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes Options

UseCanonicalName (core.c)

How to work out the ServerName : Port when constructing URLs

Allowed in *.conf anywhere

UseCanonicalPhysicalPort (core.c)

Whether to use the physical Port when constructing URLs

Allowed in *.conf anywhere

Include (core.c)

Name of the config file to be included

Allowed in *.conf anywhere

LogLevel (core.c)

Level of verbosity in error logging

Allowed in *.conf only outside , or

NameVirtualHost (core.c)

A numeric IP address:port, or the name of a host

Allowed in *.conf only outside , or

ServerTokens (core.c)

Determine tokens displayed in the Server: header – Min(imal), OS or Full

Allowed in *.conf only outside , or

LimitRequestLine (core.c)

Limit on maximum size of an HTTP request line

Allowed in *.conf only outside , or

LimitRequestFieldsize (core.c)

Limit on maximum size of an HTTP request header field

Allowed in *.conf only outside , or

LimitRequestFields (core.c)

Limit (0 = unlimited) on max number of header fields in a request message

Allowed in *.conf only outside , or

LimitRequestBody (core.c)

Limit (in bytes) on maximum size of request message body

Allowed in *.conf anywhere and in .htaccess

when AllowOverride isn’t None

LimitXMLRequestBody (core.c)

Limit (in bytes) on maximum size of an XML-based request body

Allowed in *.conf anywhere and in .htaccess

when AllowOverride isn’t None

RLimitCPU (core.c)

Soft/hard limits for max CPU usage in seconds

Allowed in *.conf anywhere and in .htaccess

when AllowOverride isn’t None

RLimitMEM (core.c)

Soft/hard limits for max memory usage per process

Allowed in *.conf anywhere and in .htaccess

when AllowOverride isn’t None

RLimitNPROC (core.c)

soft/hard limits for max number of processes per uid

Allowed in *.conf anywhere and in .htaccess

when AllowOverride isn’t None

LimitInternalRecursion (core.c)

maximum recursion depth of internal redirects and subrequests

Allowed in *.conf only outside , or

ForceType (core.c)

a mime type that overrides other configured type

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes FileInfo

SetHandler (core.c)

a handler name that overrides any other configured handler

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes FileInfo

SetOutputFilter (core.c)

filter (or ; delimited list of filters) to be run on the request content

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes FileInfo

SetInputFilter (core.c)

filter (or ; delimited list of filters) to be run on the request body

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes FileInfo

AddOutputFilterByType (core.c)

output filter name followed by one or more content-types

Allowed in *.conf anywhere and in .htaccess

when AllowOverride includes FileInfo

AllowEncodedSlashes (core.c)

Allow URLs containing ‘/’ encoded as ‘%2F’

Allowed in *.conf only outside , or

PidFile (core.c)

A file for logging the server process ID

Allowed in *.conf only outside , or

ScoreBoardFile (core.c)

A file for Apache to maintain runtime process management information

Allowed in *.conf only outside , or

LockFile (core.c)

The lockfile used when Apache needs to lock the accept() call

Allowed in *.conf only outside , or

MaxRequestsPerChild (core.c)

Maximum number of requests a particular child serves before dying.

Allowed in *.conf only outside , or

CoreDumpDirectory (core.c)

The location of the directory Apache changes to before dumping core

Allowed in *.conf only outside , or

AcceptMutex (core.c)

Valid accept mutexes for this platform and MPM are: default, flock, fcntl, sysvsem, pthread.

Allowed in *.conf only outside , or

MaxMemFree (core.c)

Maximum number of 1k blocks a particular childs allocator may hold.

Allowed in *.conf only outside , or

TraceEnable (core.c)

‘on’ (default), ‘off’ or ‘extended’ to trace request body content

Allowed in *.conf only outside , or

User (prefork.c)

Effective user id for this server

Allowed in *.conf only outside , or

Group (prefork.c)

Effective group id for this server

Allowed in *.conf only outside , or

ChrootDir (prefork.c)

The directory to chroot(2) into

Allowed in *.conf only outside , or

ListenBacklog (prefork.c)

Maximum length of the queue of pending connections, as used by listen(2)

Allowed in *.conf only outside , or

Listen (prefork.c)

A port number or a numeric IP address and a port number, and an optional protocol

Allowed in *.conf only outside , or

SendBufferSize (prefork.c)

Send buffer size in bytes

Allowed in *.conf only outside , or

ReceiveBufferSize (prefork.c)

Receive buffer size in bytes

Allowed in *.conf only outside , or

StartServers (prefork.c)

Number of child processes launched at server startup

Allowed in *.conf only outside , or

MinSpareServers (prefork.c)

Minimum number of idle children, to handle request spikes

Allowed in *.conf only outside , or

MaxSpareServers (prefork.c)

Maximum number of idle children

Allowed in *.conf only outside , or

MaxClients (prefork.c)

Maximum number of children alive at the same time

Allowed in *.conf only outside , or

ServerLimit (prefork.c)

Maximum value of MaxClients for this run of Apache

Allowed in *.conf only outside , or

GracefulShutdownTimeout (prefork.c)

Maximum time in seconds to wait for child processes to complete transactions during shutdown

Allowed in *.conf only outside , or

KeepAliveTimeout (http_core.c)

Keep-Alive timeout duration (sec)

Allowed in *.conf only outside , or

MaxKeepAliveRequests (http_core.c)

Maximum number of Keep-Alive requests per connection, or 0 for infinite

Allowed in *.conf only outside , or

KeepAlive (http_core.c)

Whether persistent connections should be On or Off

Allowed in *.conf only outside , or

LoadModule (mod_so.c)

a module name and the name of a shared object file to load it from

Allowed in *.conf only outside , or

LoadFile (mod_so.c)

shared object file or library to load into the server at runtime

Allowed in *.conf only outside , or

Now get few information from your browser,most probably you are running headless server(as the norm in the production environment or data center as I have had worked for)YMMV..here is the screenshot of it how it look like with “lynx” commandline browser:

Apache Server Status

Apache Server Info

Specifically the info thing shows lot of internals.I have snipped the picture for only one window,it might consist of serveral window full of information.

Now for those two information one has to have two module must loaded into the Apache server,otherwise it won’t be accissible like I showed.So the evidence of those two modules are below:

mod_status:

bhaskar@bhaskar-laptop_20:11:24_Sat Oct 02:/etc/httpd/conf> sudo grep “mod_status” /etc/httpd/conf/httpd.conf

LoadModule status_module modules/mod_status.so

And

mod_info:

bhaskar@bhaskar-laptop_20:11:40_Sat Oct 02:/etc/httpd/conf> sudo grep “mod_info” /etc/httpd/conf/httpd.conf

LoadModule info_module modules/mod_info.so

Plus one has to have an entry in main apache main configuration file for those two module to show up on the browser like below:



SetHandler server-status

Order deny,allow

Deny from all

Allow from 127.0.0.1

SetHandler server-info

Order deny,allow

Deny from all

Allow from 127.0.0.1

One can put the server ip or name of the host where the apache server running with Allow from directive.

Last but not the least for heaven’s sake please look into apache log file if you find any inconsistencies.Generally those are located in /var/log directory as apache/apache2/httpd/httpd2,because different distro maintain different name for that dir.Now basically it consists of few files like this:

access.log,error.log…… and name signifies it.Looking for the logs if something goes wrong considered to be a good starting point and practice.

Hope this will help.

Cheers!

Bhaskar

About unixbhaskar
GNU/Linux Consultant

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: