1 / 35

Free Powerpoint Templates

Chapter 4- Server Configuration. Free Powerpoint Templates. Objectives. Choosing Web Server software Customizing your web server Controlling access Secure socket layer configuration Virtual hosts. Lab 4.1 Choosing Web Server Software. Web Server Machine, that machine is our web server

sheadon
Download Presentation

Free Powerpoint Templates

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 4- Server Configuration Free Powerpoint Templates

  2. Objectives • Choosing Web Server software • Customizing your web server • Controlling access • Secure socket layer configuration • Virtual hosts

  3. Lab 4.1 Choosing Web Server Software • Web Server • Machine, that machine is our web server • Refer to software running on a machine • 3 famous Web Servers • Apache • Microsoft IIS • Netscape Enterprise Server • Others

  4. Apache • Open Source • Multiple Platforms (UNIX and Microsoft) • Very powerful and configurable • Uses configuration files • Httpd.conf

  5. Apache Configuration • All configuration through configuration files • Directives define options • Directives are organised into sections: • Directory • DirectoryMatch • Files • FilesMatch • Location • LocationMatch

  6. Microsoft IIS • Easy to use, GUI oriented • Closed-proprietary • Microsoft Management Console • Extendable through ISAPI • DLL • ASP • Support for FrontPage extension

  7. IIS Configuration • IP address • TCP port • Home directory • Execute • Virtual directory • Default document • Directory browsing • Authentication control • Application mappings • Redirect to URL

  8. Netscape • Offers two Web servers • The Netscape Fast track Server • For small business or a workgroup Web Server • A scaled down version of Netscape Enterprise Server • Provides for small number of users publishing information • Netscape Enterprise Server • Designed to support hundreds or even thousand of users • Available for Windows NT and UNIX

  9. Other servers • Java Web Server • Server written entirely in Java • Stronghold Server • Developed by C2Net is a secure server based on Apache • Mostly widely used SSL Web server for UNIX • Website • Developed by O’Reilly Software • Provides excellent server-side programming support • Good administration tools, security and other features not found on IIS

  10. Evaluating Server Software • Evaluate your OS • Evaluate the performance benchmark • Important to find out as much about each server as possible • How much can you sped? • Has the server been thoroughly tested in real-world situations • What’s more important: ease of use or speed and flexibility

  11. Installing a Web Server • In most cases you can download Web Server software from the publisher • Once you’ve downloaded, you might need to uncompress • Once you’ve got an executable to run, run the installer program • Aside from choosing which directory to install the server in , you shouldn’t have to answer too many configuration questions during the installation

  12. Why Web Server software installation unsuccessful • No enough free disk space or RAM • Installation program has to run as a certain user • Make sure that you have permission to the directory in which you are installing the server • Responded to one of the installer’s questions incorrectly • One of the default answer was inappropriate

  13. Solutions for Web Server • Install a patch or service pack before installing • Make sure to have the latest and correct version for the OS • Check the Technical Support • Free technical support • Available for demo versions

  14. Lab 4.2 Customizing your Web Server • Configuration tools for the Web Servers • Apache no management console application • IIS provides a special configuration tool through a MMC snap-in module • Netscape  provides a Web-based administration tool accessible through any browser • Control the behavior of the Web Server • Apache  directives • Microsoft  properties • Netscape  resources

  15. General server options • These options are global to the entire server, or at least to a specific HTTPD on the server • User and Group- the owner of the Web server process • BindAddress(IIS:IP Address). The HTTPD listens for connections on this IP Address • Port(ISS:TCP Port. The port option specifies which port the HTTPD should listen to. Port 80 is used

  16. Directory Options • These options are used to specify the attributes of specific directories • DocumentRoot • UserDir • ScriptAlias • Alias • DirectoryIndex • Indexoptions, Indexes, and FancyIndexing

  17. Access Control • The following options are used to restrict access to your site, or particular directories • AuthUserFile • AuthGroupFile • Require • Allow and deny • Other options • AddHandler • Redirect

  18. Lab 4.3 Controlling Access • In order for your Web server to make documents available to clients • UNIX and NT offer the ability to control access to files and directories • This ability is governed largely by the file system

  19. User Access • Most documents on your Web server will probably be available for anyone to read • It is possible, to restrict access to certain pages • HTTP offers a simple authentication protocol used to require a username and password in order to access resources in the server

  20. User Access-2 • Basic authentication- little security • Digest authentication- relies on MD5 checksums to ensure integrity but it isn’t very secure either • The best way to ensure secure authentication is to use HTTPS

  21. User Access-3 • The basic procedure for enabling user authentication is the same on most Web servers. • Determine which resources need to be restricted • Determine users and groups • Create users and groups • Apply restrictions to resources(files and directories)

  22. User Access-4 • Steps describes as: • Evaluate the content • Determine which directories or files requires authentication • Determine a list of users and/or groups that should allow to view this resources • Depending on the Web server • IIS—create user account on OS • Netscape and others- create user accounts for your Web server using the server administration tools

  23. User Access-5(continue) • Apache-requires password and group files containing information about usernames, passwords and groups • Assign access permissions to your Web resources

  24. Host Access • There are situations when denying access to your server from a particular host or domain may be desirable. • The default for most servers is to allow access from any hosts. • To block access from a single host you just need to change a single options, and only that host or series of hosts will be denied access

  25. Lab4.4 Secure Socket Layer Configuration • By default, HTTP is not a secure protocol • The contents of a normal HTTP transaction are not encrypted • Easy for interception and can view unencrypted transactions

  26. Secure Socket Layer (SSL) • The most popular encryption protocol on the Internet • Was developed by Netscape • Not limited to Web transactions, however it has been used by other applications that need to transfer data securely over a network

  27. HTTPS • Is normal HTTP wrapped in SSL • Supported by Netscape and Internet Explorer • To provide secure transactions for your site, you will usually need to configure an HTTPS server that runs alongside your normal HTTP server

  28. HTTPS • A URL to a resource on an HTTPS server uses a slightly different naming convention than do normal URLS • Instead of the Http prefix, Https is used • Instruct the browser to attempt to a secure connection to the server • Connect to the server at port 443

  29. Certificates • Document that contains information about your site • A certificate authority digitally signs a certificate • CA is a mutually trusted organization that issues and verifies certificates • When a secure transaction initiates between a client and your server, the client receives a certificate

  30. CA is typically a well-known, trusted organization • Two most popular CAS • Verisign • Thawte

  31. How to obtain certificate • To give well-known CA information about your company and hosts • You need to provide a letter of authorization, proof of your organization’s name, and proof to use your domain name • Need to provide a certificate-signing request that contains the public key for your Web server • Once the CA processes your request and verifies your information, they generate a certificate.

  32. CA Problems • They charge money for certificates • Some CA-issued certificates expire • Must be renewed each year for an additional cost • Verisign and Thawte offer trial certificates that can be used to test the functionality of your server, but they are only good for a short amount of time

  33. Lab 4.5 Virtual Hosts • To the average user it may seem that a separate machine is needed to host each domain • Virtual hosts • Since domain name simply points to an IP address, a server can host many domains

  34. Two types of virtual hosts • Name-based • Doesn’t have a unique IP address • IP –based • Can have many names pointing at it • Have unique IP addresses • Instead of relying on the HTTP headers to determine the destination, the HTTPD just listens for requests on a particular IP address

More Related