Bottom of Page

Prerequisites for Internet Configuration:

shell account will work (but a SLIPP or PPP connection is better)
a PC running some version of Microsoft Windows
a modem

Configuring your server by two main areas of configuration:

Server configuration
Security configuration

HTTPd.cnf - main server configuration
Srm. cnf -- server resource map
Access.cnf -- global access or security configuration file
#haccess.ctl -- directory access or security configuration file

The Main Server Configuration file: c:\httpd\conf\httpd.cnf, is the general configuration file.

ServerRoot: c:\httpd

Port: is the software port number that Windows httpd is listening to.

the default port number is 80
use port 8080 for testing the server
using a number other than 80 disallows access to your server to any clients that do not specify the port number in the URL

Timeout: is the amount of time (in seconds) that the server will wait for a request after an intial connection is made

the default is 30 seconds
increase to 60-120 seconds

ServerAdmin: is an e-mail address that identifies the server's administrator (If your your domain name is parkweb.com use webmaster@park.com .

Server Resource Map: c:\httpd\conf\srm.cnf

Let the server know where to find files,programs, etc. to satisfy requests from clients

DocumentRoot: tells the server where the server's document root begins.

DirectoryIndex: identifies the default page for any and all directories in your server space

AccessFileName: defines the name of the access control file in any directory you want to protect. The default is #haccess.ctl

Redirect: if oyu used to have files on oyur server that have been moved to completely different site, you can have people automatically sent to the new location, no questions asked, using the Redirect directive

Alias: gives an alternative name to an exisiting item on your server

ScriptAlias: is similar to Alias except that it applies to scripts that your server can invoke

WinScriptAlias: is same as ScriptAlias except that it applies to the real location Windows server scripts

DefaultType: tells the server which file type to assume if there is no file name extension that identifies its type

AddType: defines the type of the specified file extension

FancyIndexing: if you want the server to automatically generate an HTML-formatted index, including icons, of any directory where there is no default page, give this the on value

IndexIgnore: to hide certain file names from people visiting your site.

File Type Mapping:

MIME stands for Multipurpose Internet Mail Extensions; the MIME standards were originally developed with e-mail in mind

When somone requests a document from your server, they don't necessarily know what type of file they are ong to get. When Windows HTTP serves a file, it attcahes an HTTP header that tells the Web browser what's coming so the browser will know what to do with it Access Control Configuration - Security

Two Types of Access Control Files known as ACFs
These set up rules for access. You give directives that the server knows how to use

Global Access Control limits who has access to the server and its files. The global
access rules are given in the file: c:http\conf\access.cnf

Directory Access Control #haccess.ctl in the individual directory to be controlled. The
access rules defined in a given directory apply to all the subdirectories of that directory
unless they have their own #haccess.ctl file. The #haccess.ctl files should not include the
<Directory> sectioning directive

Dsl Internet access is the new high-speed cable access like RoadRunner
Sectioning directives require you tonest other directive information within them

The global ACF, typically named c:\httpd\conf\access.cnf may have the following directive:
<Directory c:/httpd/htdocs>
Options Indexes
</Directory>

Access Control Directives
Directory identifies a directory within the server file space that is subject to access control

Options controls the availability of server features for any directory (and its subdirectories).

You can assign one of three values to this directive:

None disable all server features in the directory
All enable all server features in this directory
Indexes allow users to get a server-generated directory index

AllowOverride allows the global ACF to limit which controls can be overridden by a directory ACF. Here are the options you can use:

None completely disables ACFs
All permits directory ACFs to use all access control features
Options permits the use of the Options directive
FileInfo permits the use of the FileInfo directive
AuthConfig makes the following directives available to directory ACFs:
AuthName, AuthType, AuthUserFile & AuthGroupFile
Limit permits the use of the Limit sectioning directive

ReadmeName specifies the name of the file that contains description text for server-generated indexes

AddDescription allows you to add a descriptive comment in server-generated indexes for specified file types in the controlled directory. The usage is:

 
AddDescription 'a descriptive statement' fileidentifier for example

AddDescription 'A Guitar Chord file'.crd

AddDescription 'A Guitar Tablature File'.tab

AuthType sets the authorization type for the server or directory that you are controlling

AuthUserFile identifies the actual password file that will be used for user authentication on the server or in this directory. The usage is:

AuthUserFile passwordfile and here's an example directive:
AuthUserFile c:/httpd/conf/passwd.pwd

AuthGroupFile Identifies the "groups" file to use for user authentication in this directory

Limit A sectioning directive that controls who can access the server, a directory, server files, or server programs
here is a descripption of the subdirectives:


 deny This denies access to people accessing your server from certain Internet Hosts
 allow This permits access to people from specified host addresses
 require This allows you to limit access to specific users or groups
 order This specifies the order in which the server evaluates other sub-directives
 satisfy If you are using both the allow and require options, this adds a little more control

User Authentication

	Windows httpd provides a facility for issusing user names and password.
Additonally, you can create named groups that consist of a list of registered
users.This user/password facility is independent of any other password mecha-
nism currently on oyur system, and it works only with your server. You, the Web-
master, assign user names and passwords to your Web server in the same way a
system administartor does on a multi-user system.

Password Protection

Your Windows httpd server program comes with a DOS program called "htpasswd.exe".
If you plan on having controls put on individual directories, you have to create
a user/password mechanism that enforces your sever security policy. Keep in mind
that you will be issuing user names as well as passwords.

Groups

This is not mandatory at all; you can control access by listing
the individual user names in each of the configuration files.
However, if you start accumating a large number of users, maint-
enance of these files will become a nightmare if you don't orga-
nize these names into groups.

Access Control Examples

Any access control system will be specific to your site
because every server has a unique purpose.