Web server Archives

Basic password auth

1 April 202426 March 2024 by Chris Taylor

Updated: 26 March 2024

Create a password file for user mrfoo

sudo htpasswd -c /etc/apache2/.htpasswd mrfoo

In the Virtual Host definition, set the directory for protection and require a valid user

<VirtualHost *:80>
    ServerAdmin chris@christaylordeveloper.co.uk
    ServerName example.com
    DocumentRoot /var/www/example.com/public
    <Directory "/var/www/example.com/public">
        AuthType Basic
        AuthName "Private area"
        AuthUserFile /etc/apache2/.htpasswd
        Require valid-user
    </Directory>
</VirtualHost>

Lighttpd

1 April 202422 October 2023 by Chris Taylor

Updated: 22 October 2023

Install on Ubuntu

sudo apt install lighttpd
# check version
lighttpd -v

Check if lighttpd is running

ps aux | grep lighttpd
# or
systemctl status lighttpd

Basic help

lighttpd --help

Stop the webserver (will restart when system is rebooted)

sudo systemctl stop lighttpd

Start the webserver

sudo systemctl start lighttpd

Prevent lighttbd from starting on system boot

sudo systemctl disable lighttpd

Backup the config file

sudo mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.original.backup
sudo touch /etc/lighttpd/lighttpd.conf

A config for testing

server.document-root = "/var/www/servers/www.example.org/pages/" 
server.port = 3000

# If running lighttpd earlier than lighttpd 1.4.71 add the following:
mimetype.assign = (
  ".html" => "text/html", 
  ".txt" => "text/plain",
  ".jpg" => "image/jpeg",
  ".png" => "image/png" 
)

Check the conf file

lighttpd -tt -f /etc/lighttpd/lighttpd.conf

lighttpd will bind to all interfaces by default and will listen for HTTP requests on the port specified in server.port. lighttpd will then serve files from the server.document-root specified. The files in document root have to be readable by the user starting the web server.

Start the server for testing

lighttpd -D -f lighttpd.conf

Web server log format

1 April 202410 September 2022 by Chris Taylor

Updated: 10 September 2022

Logs to
/var/log/apache2

Use directive
CustomLog ${APACHE_LOG_DIR}/access.log chrisdebug

example

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{Host}i\" \"%{User-agent}i\"" chrisdebug

example

LogFormat "\nNEW ENTRY:\nReferer: \"%{Referer}i\"\nHost: \"%{Host}i\"\nX-Forwarded-Host: \"%{X-Forwarded-Host}i\"\nX-Forwarded-For: \"%{X-Forwarded-For}i\"\nX-Forwarded-Proto: \"%{X-Forwarded-Proto}i\"\nX-Forwarded-Port: \"%{X-Forwarded-Port}i\"" chrisdebug

GoAccess

1 April 202416 January 2022 by Chris Taylor

Updated: 16 January 2022

A visual web log analyzer.

https://goaccess.io/

Connect to your webserver via ssh and pipe the access log to goaccess running locally. Create a report in html format.

ssh user@ \
'cat /var/log/apache2/example.com-le-ssl.conf/access.log' | \
goaccess -a -o /home/chris/report.html --log-format=COMBINED --html-report-title="example.com logs" -

htaccess

1 April 20249 May 2021 by Chris Taylor

Updated: 09 May 2021

Redirect everything to https

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Apache

1 April 202424 January 2021 by Chris Taylor

Updated: 22 March 2024

Webserver configuration might be found at

/etc/apache2

Start and stop

sudo service apache2 restart
sudo systemctl reload apache2

Enable and disable a site

sudo a2ensite example.com.conf
sudo a2dissite example.com.conf