Apache HTTP Server

Apache HTTP Server is one of the most widely used open-source web servers in the world. It has been in continuous development since 1995 and is used in various environments due to its rich features and high extensibility.

Overview

Apache HTTP Server is web server software that processes HTTP requests and delivers web pages and other content to clients. Developed and maintained by the Apache Software Foundation, it is adopted as the default web server in many Linux distributions.

Technical Features

Architecture

• Process/Thread-based Model: Concurrent request processing with multiple processes or threads
• Multi-Processing Modules (MPM): Customizable request processing with different operation modes
• Modular Design: Ability to select and incorporate only necessary features

Performance

• Stability-focused: Design prioritizing stability during long-term operation
• Resource Efficiency: Lightweight operation with controlled memory usage
• Load Distribution: Load balancing features via mod_proxy_balancer

Advantages

Rich Features

• Numerous Modules: Over 500 official and third-party modules
• Virtual Hosts: Host multiple websites on a single server
• Detailed Access Control: Flexible configuration via .htaccess files

Stability and Reliability

• Long-term Support: Over 20 years of development and maintenance track record
• Comprehensive Documentation: Detailed and comprehensive official documentation
• Security: Regular security updates

Compatibility

• Platform Support: Supports Linux, Windows, macOS, Solaris, and many others
• Language Support: Multi-language support including PHP, Perl, Python, Ruby
• Protocol Support: HTTP/1.1, HTTP/2, WebSocket support

Disadvantages

Performance

• Concurrent Connection Limits: Performance challenges with massive concurrent connections
• Memory Usage: Less memory-efficient than Nginx for static file delivery
• Response Time: Increased response time under high load

Configuration Complexity

• High Learning Cost: Configuration complexity due to rich features
• Configuration Files: Difficulty managing settings distributed across multiple files
• Troubleshooting: Time-consuming problem identification in some cases

Basic Code Examples

Basic Configuration (httpd.conf)

# Server root configuration
ServerRoot "/etc/httpd"

# Port configuration
Listen 80
Listen 443 ssl

# User and group configuration
User apache
Group apache

# Document root configuration
DocumentRoot "/var/www/html"

# Directory access configuration
<Directory "/var/www/html">
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

Virtual Host Configuration

# Name-based virtual host
<VirtualHost *:80>
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot "/var/www/example.com"
    
    # Log configuration
    ErrorLog logs/example.com_error.log
    CustomLog logs/example.com_access.log combined
    
    # Directory configuration
    <Directory "/var/www/example.com">
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

# SSL virtual host
<VirtualHost *:443>
    ServerName secure.example.com
    DocumentRoot "/var/www/secure"
    
    SSLEngine on
    SSLCertificateFile "/etc/ssl/certs/example.com.crt"
    SSLCertificateKeyFile "/etc/ssl/private/example.com.key"
    
    # Security headers
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
    Header always set X-Frame-Options DENY
    Header always set X-Content-Type-Options nosniff
</VirtualHost>

.htaccess Example

# URL rewriting
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA,L]

# Cache control
<FilesMatch "\.(css|js|png|jpg|jpeg|gif|ico|svg)$">
    ExpiresActive On
    ExpiresDefault "access plus 1 month"
</FilesMatch>

# Gzip compression
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/x-javascript
</IfModule>

Docker Compose Configuration

version: '3.8'
services:
  apache:
    image: httpd:2.4
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./website:/usr/local/apache2/htdocs/
      - ./httpd.conf:/usr/local/apache2/conf/httpd.conf
      - ./ssl-certs:/usr/local/apache2/conf/ssl/
    environment:
      - APACHE_LOG_LEVEL=info
    restart: unless-stopped
    
  # PHP-FPM integration
  php-fpm:
    image: php:8.2-fpm
    volumes:
      - ./website:/var/www/html
    depends_on:
      - apache

Proxy Configuration

# Reverse proxy configuration
<VirtualHost *:80>
    ServerName app.example.com
    
    ProxyPreserveHost On
    ProxyPass / http://localhost:3000/
    ProxyPassReverse / http://localhost:3000/
    
    # WebSocket support
    ProxyPass /ws/ ws://localhost:3000/ws/
    ProxyPassReverse /ws/ ws://localhost:3000/ws/
</VirtualHost>

# Load balancing configuration
<VirtualHost *:80>
    ServerName lb.example.com
    
    ProxyPreserveHost On
    
    <Proxy balancer://mycluster>
        BalancerMember http://server1:8080
        BalancerMember http://server2:8080
        BalancerMember http://server3:8080
        ProxySet lbmethod=byrequests
    </Proxy>
    
    ProxyPass / balancer://mycluster/
    ProxyPassReverse / balancer://mycluster/
    
    # Balancer manager interface
    ProxyPass /balancer-manager !
    <Location "/balancer-manager">
        SetHandler balancer-manager
        Require local
    </Location>
</VirtualHost>

Security Configuration

# Security configuration
ServerTokens Prod
ServerSignature Off

# Security headers
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
Header always set X-XSS-Protection "1; mode=block"
Header always set Referrer-Policy "strict-origin-when-cross-origin"

# Directory traversal prevention
<Directory />
    Options -Indexes -Includes -ExecCGI
    AllowOverride None
    Require all denied
</Directory>

# Sensitive file access control
<FilesMatch "^\.">
    Require all denied
</FilesMatch>

<FilesMatch "\.(conf|log|sql|bak)$">
    Require all denied
</FilesMatch>

# ModSecurity configuration (WAF)
LoadModule security2_module modules/mod_security2.so
<IfModule mod_security2.c>
    SecRuleEngine On
    SecDataDir /tmp
    Include /etc/modsecurity/modsecurity.conf
    Include /etc/modsecurity/owasp-crs/*.conf
</IfModule>

Reference Links

• Apache HTTP Server Official Site
• Apache HTTP Server Documentation
• Apache Module Registry
• Apache Security Tips
• Apache Performance Tuning