a brief introduction to php and https in apache a
play

A brief introduction to PHP and HTTPS in Apache A practical - PowerPoint PPT Presentation

Feb 12, 2023 •168 likes •422 views

A brief introduction to PHP and HTTPS in Apache A practical approach in arch linux Prof. Rossano Pablo Pinto 2017 - v0.9.2 Prof. Rossano Pablo Pinto - http://rossano.pr 1 o.br Agenda Introduction Installation HTTP 1.1 protocol

  1. A brief introduction to PHP and HTTPS in Apache A practical approach in arch linux Prof. Rossano Pablo Pinto 2017 - v0.9.2 Prof. Rossano Pablo Pinto - http://rossano.pr 1 o.br

  2. Agenda ● Introduction ● Installation ● HTTP 1.1 protocol inspection ● Apache configuration – Arch Linux ● PHP ● HTTPS ● Tests Prof. Rossano Pablo Pinto - http://rossano.pr 2 o.br

  3. Introduction ● WEB servers ● Usually listens on port 80 (HTTP well-known-port) ● Uses HTTP protocol ● CLIENT/SERVER model WEB WEB Client HTTP Requests/responses Server (Usually a WWW browser Prof. Rossano Pablo Pinto - http://rossano.pr 3 o.br

  4. Installation ● pacman -S apache ● systemctl start httpd ● systemctl status httpd – Observe that it shows disabled . So enable it for this target: ● systemctl enable httpd.service Prof. Rossano Pablo Pinto - http://rossano.pr 4 o.br

  5. HTTP protocol Inspection ● Access some web server: telnet hypnos 80 Trying 192.168.200.52... Connected to hypnos.fatec.br. Escape character is '^]'. GET / HTTP/1.1 Host: hypnos 2 Enters Resposta no próximo slide... Prof. Rossano Pablo Pinto - http://rossano.pr 5 o.br

  6. HTTP protocol Inspection HTTP/1.1 200 OK Date: Tue, 20 Nov 2012 17:28:06 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Wed, 15 Aug 2012 00:19:52 GMT ETag: "1ed17b-547-e2b31a00" Accept-Ranges: bytes Content-Length: 1351 Content-Type: text/html; charset=ISO-8859-1 <HTML> Prof. Rossano Pablo Pinto - http://rossano.pr 6 <HEAD>.. o.br

  7. HTTP protocol Inspection ● “Emulate” a web server: ● Run http-dump program: scp aluno@MAQUINA-DO-PROFESSOR:http-dump . Example: scp aluno@192.168.80.45:/tmp/http-dump . ./http-dump 9999 ● Open firefox and type the following URL: http://localhost:9999/ Prof. Rossano Pablo Pinto - http://rossano.pr 7 o.br

  8. HTTP protocol Inspection ● Observe the http-dump output: Message received: GET / HTTP/1.1 Host: localhost:9999 User-Agent: Mozilla/5.0 (X11; Linux i686; rv:15.0) Gecko/20100101 Firefox/15.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: org.cups.sid=04e22f9a096c8e9570427c2febd7a56f Prof. Rossano Pablo Pinto - http://rossano.pr 8 o.br

  9. Directories and files ● /srv/http/ → document root ● /etc/httpd/ → config directory ● /etc/httpd/conf/httpd.conf → main configuration file ● /usr/lib/systemd/system/httpd.service → httpd systemd unit Prof. Rossano Pablo Pinto - http://rossano.pr 9 o.br

  10. Initial test ● echo '<html>Hi</html>' > /srv/http/index.html ● links http://localhost Prof. Rossano Pablo Pinto - http://rossano.pr 10 o.br

  11. Apache configuration A brief overview of file httpd.conf ServerRoot "/usr" -> install base dir (modules) - used when path names ● don't start with “/”. (See path examples with LoadModule) PidFile run/httpd.pid -> /var/run/httpd.pid (file that keeps the apache ● pid) Timeout 300 -> timeout in seconds for idle connections to be terminated ● KeepAlive On -> allow HTTP/1.1 to use it's ability to make several ● requests using a sinlge connection MaxKeepAliveRequests 100 -> maximun number of requests using a ● single connection KeepAliveTimeout 15 -> timeout in seconds for idle connections to be ● terminated Listen 80 -> server port to listen to connections ● Prof. Rossano Pablo Pinto - http://rossano.pr 11 o.br

  12. Apache configuration A brief overview of file httpd.conf Include file -> include other configuration files ● LoadModule -> load a module ● User apache -> User owner of the apache process ● Group apache -> Group owner of the apache process ● DocumentRoot "/srv/http" -> directory to host resources (htmls, ● image files, etc..) to be returned to requesters DirectoryIndex index.html index.html.var -> default file to be ● returned when asked for a resource using only a dir name AccessFileName .htaccess -> per directory configuration - useful for ● authentication (but not so secure nowadays) Prof. Rossano Pablo Pinto - http://rossano.pr 12 o.br

  13. Apache useful commands httpd -t - verify configuration files syntax ● httpd -S - test VirtualHost configuration ● apachectl stop ● apachectl start ● apachectl restart ● httpd -l - list available modules at server ● httpd -M - list loaded modules ● httpd -L - list directives and affected modules ● Prof. Rossano Pablo Pinto - http://rossano.pr 13 o.br

  14. PHP - Installing ● pacman -S php-apache Prof. Rossano Pablo Pinto - http://rossano.pr 14 o.br

  15. PHP - Enabling ● nano /etc/httpd/conf/httpd.conf #LoadModule mpm_event_module modules/mod_mpm_event.so LoadModule mpm_prefork_module modules/mod_mpm_prefork.so LoadModule php7_module modules/libphp7.so ... DirectoryIndex index.html index.php …. Include conf/extra/php7_module.conf systemctl restart httpd.service ● Create a php file to test: echo “ <?php phpinfo(); ?>” > /srv/http/info.php ● Test: links http://localhost/info.php ● Prof. Rossano Pablo Pinto - http://rossano.pr 15 o.br

  16. HTTPS ● URL starting with “ https:// ” uses SSL (Secure Sockets Layer) to secure communication between CLIENT and SERVER ● SSL runs in a separate layer under HTTP ● SSL is now known as TLS (Transport Layer Security) - BUT IT'S STILL POPULAR KNOWN AS SSL ● SSL 1.0 → SSL 2.0 → SSL 3.0 → TLS 1.0 → TLS 1.1 → TLS 1.2 → TLS 1.3 (draft) Prof. Rossano Pablo Pinto - http://rossano.pr 16 o.br

  17. HTTPS ● Steps to use SSL + HTTP: 1. Site owner generates PUBLIC and PRIVATE keys 2. Site owner generates a Certificate Signing Request (CSR) - Contains PUBLIC KEY + COMPANY NAME 3. Site owner sends the CSR to a Certificate Authority (CA) in order to be SIGNED 4. CA returns a SIGNED CERTIFICATE which contains: ● site PUBLIC KEY ● site COMPANY NAME ● CA “signature” Prof. Rossano Pablo Pinto - http://rossano.pr 17 o.br

  18. HTTPS ● Steps to use SSL + HTTP: ● Real example at wiki.locaweb.com.br/pt-br/SSL Prof. Rossano Pablo Pinto - http://rossano.pr 18 o.br

  19. HTTPS 1) Generate private key using RSA parameters: openssl genrsa -out ca.key 2048 2) Generate CSR (Certificate Signing Request) openssl req -new -key ca.key -out ca.csr 3) Generate x509 Self Signed Certificate (valid for 365 days) openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt This step emulates a Certificate Authority (CA) Prof. Rossano Pablo Pinto - http://rossano.pr 19 o.br

  20. HTTPS 4) Copy files to locations described in extra/httpd- ssl.conf (next slide): cp ca.crt /etc/httpd/conf/server.crt cp ca.key /etc/httpd/conf/server.key 5) nano /etc/httpd/conf/httpd.conf: find and load the following modules: ssl_module # SSL MODULE. Modules are used by SSL: log_config_module # Flexible logging of clients setenvif_module # Set internal environment variable socache_shmcb_module # Shared object cache provider (According to “Required modules:” in extra/httpd-ssl.conf) Prof. Rossano Pablo Pinto - http://rossano.pr 20 o.br

  21. HTTPS 6) Edit httpd.conf: uncomment line: Include conf/extra/httpd-ssl.conf 7) Restart apache systemctl restart httpd.service 8) Test: open a browser and type the url: links https://localhost More details: www.openssl.org/docs/apps/x509.html, httpd.apache.org/docs/current/mod/{mod_log_config.html, mod_socache_shmcb.html, mod_setenvif_module, mod_ssl.html} Prof. Rossano Pablo Pinto - http://rossano.pr 21 o.br

  22. HTTPS ● Viewing certificates at Firefox version 44.0.2 ● Type at the URL field: about:preferences#advanced – View Certificates (Tab Servers or Authorities) ● Authoritites – Select some certificate and click “View” – Select some certificate and click “Export” (use this file at the examples below - replace server.crt with the file you saved at this step) ● Viewing keys with openssl ● openssl rsa -in server.key -noout -text ● Viewing certificates with openssl ● openssl x509 -in server.crt -noout -text Prof. Rossano Pablo Pinto - http://rossano.pr 22 o.br

  23. HTTPS ● Calculating public key associated with a private key ● openssl rsa -in server.key -pubout ● Saving public key associated with a private key ● openssl rsa -in server.key -pubout -out server.pub.key Prof. Rossano Pablo Pinto - http://rossano.pr 23 o.br

  24. HTTPS only ● Previous configuration still allows http (port 80) connection ● To disable non-ssl connection comment line “ Listen 80 ” on file httpd.conf Prof. Rossano Pablo Pinto - http://rossano.pr 24 o.br

Recommend

What's New in Apache Syncope 1.2.0 Dr. Colm higeartaigh Speaker Introduction 11/14/14 2

What's New in Apache Syncope 1.2.0 Dr. Colm higeartaigh Speaker Introduction 11/14/14 2

What's New in Apache Syncope 1.2.0 Dr. Colm higeartaigh Speaker Introduction 11/14/14 2 Introduction to Apache Syncope Apache Syncope basics Identity Management solution at Apache Can retrieve and store users/roles/etc from/in

920 views • 25 slides
to work with Java 9 Jigsaw Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation

to work with Java 9 Jigsaw Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation

Challenges updating your code to work with Java 9 Jigsaw Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation Member uschindler@apache.org https://www.thetaphi.de, http://blog.thetaphi.de @ThetaPh1 SD DataSolutions GmbH ,

638 views • 52 slides
Riding Apache Camel on Cloud willem.jiang@gmail.com blog: https://willemjiang.github.io weibo:

Riding Apache Camel on Cloud willem.jiang@gmail.com blog: https://willemjiang.github.io weibo:

Riding Apache Camel on Cloud willem.jiang@gmail.com blog: https://willemjiang.github.io weibo: willemjiang 2019-03 About Me Open Source Developer in Huawei Apache Camel Committer since 2008 Apache Member Agenda Cloud native and Integration

296 views • 26 slides
Multi-tenant Machine Learning Apache Aurora &amp; Apache Mesos Stephan Erb

Multi-tenant Machine Learning Apache Aurora &amp; Apache Mesos Stephan Erb

Multi-tenant Machine Learning Apache Aurora &amp; Apache Mesos Stephan Erb serb@apache.org 2016.11.15 @ErbStephan Apache Aurora https://aurora.apache.org Mesos

325 views • 31 slides
Integrating Apache Camel with Apache Syncope Dr. Colm higeartaigh, Talend. Speaker

Integrating Apache Camel with Apache Syncope Dr. Colm higeartaigh, Talend. Speaker

Integrating Apache Camel with Apache Syncope Dr. Colm higeartaigh, Talend. Speaker Introduction Introducing Apache Syncope Apache Syncope basics Apache Syncope is an Open Source system for managing digital identities in enterprise

929 views • 33 slides
Testing your REST Server with Apache JMeter By Henry Chan June, 2015 hchan@apache.org Download:

Testing your REST Server with Apache JMeter By Henry Chan June, 2015 hchan@apache.org Download:

Testing your REST Server with Apache JMeter By Henry Chan June, 2015 hchan@apache.org Download: https://github.com/hchan/jmeterDemo What is JMeter good for? http://jmeter.apache.org/ What can I do with it? Apache JMeter may be used

569 views • 20 slides
Introduction to Apache Beam Dan Halperin JB Onofr Google Talend Beam podling PMC Beam

Introduction to Apache Beam Dan Halperin JB Onofr Google Talend Beam podling PMC Beam

Introduction to Apache Beam Dan Halperin JB Onofr Google Talend Beam podling PMC Beam Champion &amp; PMC Apache Member Apache Beam is a unified programming model designed to provide efficient and portable data processing pipelines What

667 views • 37 slides
What's coming next? Uwe Schindler SD DataSolutions GmbH / Apache Software Foundation thetaph1

What's coming next? Uwe Schindler SD DataSolutions GmbH / Apache Software Foundation thetaph1

Apache Lucene and Solr 8: What's coming next? Uwe Schindler SD DataSolutions GmbH / Apache Software Foundation thetaph1 https://www.thetaphi.de My Background Committer and PMC member of Apache Lucene and Solr - main focus is on

785 views • 37 slides
Introduction to Apache Spark Slides from: Patrick Wendell - Databricks What hat is is Sp

Introduction to Apache Spark Slides from: Patrick Wendell - Databricks What hat is is Sp

Introduction to Apache Spark Slides from: Patrick Wendell - Databricks What hat is is Sp Spark? rk? Fast st and Expr pressiv essive Cluster Computing Engine Compatible with Apache Hadoop Efficient ficient Usa sabl ble Rich APIs

1.18k views • 25 slides
Introduction to Apache Spark Slides from: Patrick Wendell - Databricks 1 What is Sp Spark?

Introduction to Apache Spark Slides from: Patrick Wendell - Databricks 1 What is Sp Spark?

Introduction to Apache Spark Slides from: Patrick Wendell - Databricks 1 What is Sp Spark? rk? Fast ast and Ex Expres essiv sive Cluster Computing Engine Compatible with Apache Hadoop Eff fficie cient nt Usabl able Rich APIs in

792 views • 31 slides
Apache Felix Web Console Carsten Ziegeler | cziegeler@apache.org ApacheCon NA 2014 About

Apache Felix Web Console Carsten Ziegeler | cziegeler@apache.org ApacheCon NA 2014 About

Apache Felix Web Console Carsten Ziegeler | cziegeler@apache.org ApacheCon NA 2014 About cziegeler@apache.org @cziegeler RnD Team at Adobe Research Switzerland Member of the Apache So fu ware Foundation Apache Felix and Apache

725 views • 26 slides
Bug hunting with Apache Lucene Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation

Bug hunting with Apache Lucene Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation

Bug hunting with Apache Lucene Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation Member uschindler@apache.org http://www.thetaphi.de, http://blog.thetaphi.de @ThetaPh1 SD DataSolutions GmbH , Wtjenstr. 49, 28213 Bremen,

859 views • 51 slides
How Apache works JB Onofr &lt;jbonofre@apache.org&gt; Who am I JB Onofr

How Apache works JB Onofr &lt;jbonofre@apache.org&gt; Who am I JB Onofr

How Apache works JB Onofr &lt;jbonofre@apache.org&gt; Who am I JB Onofr &lt;jbonofre@apache.org&gt; @jbonofre | http://blog.nanthrax.net Fellow /Software Architect at Talend Member of the Apache Software Foundation (started in 2004)

821 views • 45 slides
Foundations of streaming SQL or: how I learned to love stream &amp; table theory Slides:

Foundations of streaming SQL or: how I learned to love stream &amp; table theory Slides:

Foundations of streaming SQL or: how I learned to love stream &amp; table theory Slides: https://s.apache.org/streaming-sql-qcon-london Tyler Akidau Apache Beam PMC Software Engineer at Google @takidau Covering ideas from across the Apache

910 views • 73 slides
Apache Calcite for Enabling SQL Access to NoSQL Data Systems such as Apache Geode Christian

Apache Calcite for Enabling SQL Access to NoSQL Data Systems such as Apache Geode Christian

Apache Calcite for Enabling SQL Access to NoSQL Data Systems such as Apache Geode Christian Tzolov Whoami Christian Tzolov Engineer at Pivotal, Big-Data, Hadoop, Spring Cloud Dataflow, Apache Geode, Apache HAWQ, Apache Committer, Apache

796 views • 41 slides
Apache Lucene 5 New Features and Improvements for Apache Solr and Elasticsearch Uwe Schindler

Apache Lucene 5 New Features and Improvements for Apache Solr and Elasticsearch Uwe Schindler

Apache Lucene 5 New Features and Improvements for Apache Solr and Elasticsearch Uwe Schindler Apache Software Foundation | SD DataSolutions GmbH | PANGAEA My Background Committer and PMC member of Apache Lucene and Solr - main focus is on

1.09k views • 83 slides
Distributed Computation of with Apache Hadoop Tsz-Wo Sze Yahoo! Cloud Computing Apache

Distributed Computation of with Apache Hadoop Tsz-Wo Sze Yahoo! Cloud Computing Apache

Distributed Computation of with Apache Hadoop Tsz-Wo Sze Yahoo! Cloud Computing Apache Hadoop PMC Member Mapred2010 Dec 1 1 Agenda Introduction A New World Record How to Compute The n th Bits of ? Computing with

759 views • 52 slides
mod_rewrite Introduction to mod_rewrite Rich Bowen, Web Guy, Asbury College rbowen@apache.org

mod_rewrite Introduction to mod_rewrite Rich Bowen, Web Guy, Asbury College rbowen@apache.org

mod_rewrite Introduction to mod_rewrite Rich Bowen, Web Guy, Asbury College rbowen@apache.org aka DrBacchus http:/ /people.apache.org/~rbowen/ ApacheCon US, 2005 1 Outline Regex basics RewriteRule RewriteCond RewriteMap The evils of

1.03k views • 61 slides
Stream Processing with Apache Apex Thomas Weise Apache Apex PMC Chair thw@apache.org @thweise

Stream Processing with Apache Apex Thomas Weise Apache Apex PMC Chair thw@apache.org @thweise

Stream Processing with Apache Apex Thomas Weise Apache Apex PMC Chair thw@apache.org @thweise @atrato_io October 30, 2017, Dagstuhl Seminar Stream Processing with Apache Apex Real-time visualization, Transform / Analytics Data Sources Data

398 views • 22 slides
Apache Gearpump next-gen streaming engine Karol Brejna, Intel (karolbrejna@apache.org) Huafeng

Apache Gearpump next-gen streaming engine Karol Brejna, Intel (karolbrejna@apache.org) Huafeng

Apache Gearpump next-gen streaming engine Karol Brejna, Intel (karolbrejna@apache.org) Huafeng Wang, Intel (huafengw@apache.org) Apache: Big Data Europe 2016 Sevilla, Spain 14 November 2016 Agenda What is Gearpump? Why Apache

853 views • 60 slides
Analyzing Weather Data with Apache Spark Jeremie Juban Tom Kunicki Introduction Who we

Analyzing Weather Data with Apache Spark Jeremie Juban Tom Kunicki Introduction Who we

Analyzing Weather Data with Apache Spark Jeremie Juban Tom Kunicki Introduction Who we are Professional Services Division of The Weather Company What we do Aviation Energy Insurance Retail Apache

443 views • 19 slides
Apache Apex: Next Gen Big Data Analytics Thomas Weise &lt;thw@apache.org&gt; @thweise PMC Chair

Apache Apex: Next Gen Big Data Analytics Thomas Weise &lt;thw@apache.org&gt; @thweise PMC Chair

Apache Apex: Next Gen Big Data Analytics Thomas Weise &lt;thw@apache.org&gt; @thweise PMC Chair Apache Apex, Architect DataTorrent Apache Big Data Europe, Sevilla, Nov 14 th 2016 Stream Data Processing Real-time Data Delivery Transform /

632 views • 35 slides
Web Service development Talk Outline w ith Apache Axis2 and ODE Apache Axis2 Overview and

Web Service development Talk Outline w ith Apache Axis2 and ODE Apache Axis2 Overview and

Web Service development Talk Outline w ith Apache Axis2 and ODE Apache Axis2 Overview and Introduction Overview and Introduction Tutorial Installation &amp; Administration Bottom up Web Service development and deployment B

361 views • 6 slides
Fundamentals of Stream Processing with Apache Beam (incubating) Frances Perry &amp; Tyler Akidau

Fundamentals of Stream Processing with Apache Beam (incubating) Frances Perry &amp; Tyler Akidau

Google Docs version of slides (including animations): https://goo.gl/yzvLXe Fundamentals of Stream Processing with Apache Beam (incubating) Frances Perry &amp; Tyler Akidau @francesjperry, @takidau Apache Beam Committers &amp; Google Engineers

771 views • 58 slides

More recommend