a brief introduction to php and https in apache a
play

A brief introduction to PHP and HTTPS in Apache A practical - PowerPoint PPT Presentation

Feb 12, 2023 •168 likes •422 views

A brief introduction to PHP and HTTPS in Apache A practical approach in arch linux Prof. Rossano Pablo Pinto 2017 - v0.9.2 Prof. Rossano Pablo Pinto - http://rossano.pr 1 o.br Agenda Introduction Installation HTTP 1.1 protocol

  1. A brief introduction to PHP and HTTPS in Apache A practical approach in arch linux Prof. Rossano Pablo Pinto 2017 - v0.9.2 Prof. Rossano Pablo Pinto - http://rossano.pr 1 o.br

  2. Agenda ● Introduction ● Installation ● HTTP 1.1 protocol inspection ● Apache configuration – Arch Linux ● PHP ● HTTPS ● Tests Prof. Rossano Pablo Pinto - http://rossano.pr 2 o.br

  3. Introduction ● WEB servers ● Usually listens on port 80 (HTTP well-known-port) ● Uses HTTP protocol ● CLIENT/SERVER model WEB WEB Client HTTP Requests/responses Server (Usually a WWW browser Prof. Rossano Pablo Pinto - http://rossano.pr 3 o.br

  4. Installation ● pacman -S apache ● systemctl start httpd ● systemctl status httpd – Observe that it shows disabled . So enable it for this target: ● systemctl enable httpd.service Prof. Rossano Pablo Pinto - http://rossano.pr 4 o.br

  5. HTTP protocol Inspection ● Access some web server: telnet hypnos 80 Trying 192.168.200.52... Connected to hypnos.fatec.br. Escape character is '^]'. GET / HTTP/1.1 Host: hypnos 2 Enters Resposta no próximo slide... Prof. Rossano Pablo Pinto - http://rossano.pr 5 o.br

  6. HTTP protocol Inspection HTTP/1.1 200 OK Date: Tue, 20 Nov 2012 17:28:06 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Wed, 15 Aug 2012 00:19:52 GMT ETag: "1ed17b-547-e2b31a00" Accept-Ranges: bytes Content-Length: 1351 Content-Type: text/html; charset=ISO-8859-1 <HTML> Prof. Rossano Pablo Pinto - http://rossano.pr 6 <HEAD>.. o.br

  7. HTTP protocol Inspection ● “Emulate” a web server: ● Run http-dump program: scp aluno@MAQUINA-DO-PROFESSOR:http-dump . Example: scp aluno@192.168.80.45:/tmp/http-dump . ./http-dump 9999 ● Open firefox and type the following URL: http://localhost:9999/ Prof. Rossano Pablo Pinto - http://rossano.pr 7 o.br

  8. HTTP protocol Inspection ● Observe the http-dump output: Message received: GET / HTTP/1.1 Host: localhost:9999 User-Agent: Mozilla/5.0 (X11; Linux i686; rv:15.0) Gecko/20100101 Firefox/15.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: org.cups.sid=04e22f9a096c8e9570427c2febd7a56f Prof. Rossano Pablo Pinto - http://rossano.pr 8 o.br

  9. Directories and files ● /srv/http/ → document root ● /etc/httpd/ → config directory ● /etc/httpd/conf/httpd.conf → main configuration file ● /usr/lib/systemd/system/httpd.service → httpd systemd unit Prof. Rossano Pablo Pinto - http://rossano.pr 9 o.br

  10. Initial test ● echo '<html>Hi</html>' > /srv/http/index.html ● links http://localhost Prof. Rossano Pablo Pinto - http://rossano.pr 10 o.br

  11. Apache configuration A brief overview of file httpd.conf ServerRoot "/usr" -> install base dir (modules) - used when path names ● don't start with “/”. (See path examples with LoadModule) PidFile run/httpd.pid -> /var/run/httpd.pid (file that keeps the apache ● pid) Timeout 300 -> timeout in seconds for idle connections to be terminated ● KeepAlive On -> allow HTTP/1.1 to use it's ability to make several ● requests using a sinlge connection MaxKeepAliveRequests 100 -> maximun number of requests using a ● single connection KeepAliveTimeout 15 -> timeout in seconds for idle connections to be ● terminated Listen 80 -> server port to listen to connections ● Prof. Rossano Pablo Pinto - http://rossano.pr 11 o.br

  12. Apache configuration A brief overview of file httpd.conf Include file -> include other configuration files ● LoadModule -> load a module ● User apache -> User owner of the apache process ● Group apache -> Group owner of the apache process ● DocumentRoot "/srv/http" -> directory to host resources (htmls, ● image files, etc..) to be returned to requesters DirectoryIndex index.html index.html.var -> default file to be ● returned when asked for a resource using only a dir name AccessFileName .htaccess -> per directory configuration - useful for ● authentication (but not so secure nowadays) Prof. Rossano Pablo Pinto - http://rossano.pr 12 o.br

  13. Apache useful commands httpd -t - verify configuration files syntax ● httpd -S - test VirtualHost configuration ● apachectl stop ● apachectl start ● apachectl restart ● httpd -l - list available modules at server ● httpd -M - list loaded modules ● httpd -L - list directives and affected modules ● Prof. Rossano Pablo Pinto - http://rossano.pr 13 o.br

  14. PHP - Installing ● pacman -S php-apache Prof. Rossano Pablo Pinto - http://rossano.pr 14 o.br

  15. PHP - Enabling ● nano /etc/httpd/conf/httpd.conf #LoadModule mpm_event_module modules/mod_mpm_event.so LoadModule mpm_prefork_module modules/mod_mpm_prefork.so LoadModule php7_module modules/libphp7.so ... DirectoryIndex index.html index.php …. Include conf/extra/php7_module.conf systemctl restart httpd.service ● Create a php file to test: echo “ <?php phpinfo(); ?>” > /srv/http/info.php ● Test: links http://localhost/info.php ● Prof. Rossano Pablo Pinto - http://rossano.pr 15 o.br

  16. HTTPS ● URL starting with “ https:// ” uses SSL (Secure Sockets Layer) to secure communication between CLIENT and SERVER ● SSL runs in a separate layer under HTTP ● SSL is now known as TLS (Transport Layer Security) - BUT IT'S STILL POPULAR KNOWN AS SSL ● SSL 1.0 → SSL 2.0 → SSL 3.0 → TLS 1.0 → TLS 1.1 → TLS 1.2 → TLS 1.3 (draft) Prof. Rossano Pablo Pinto - http://rossano.pr 16 o.br

  17. HTTPS ● Steps to use SSL + HTTP: 1. Site owner generates PUBLIC and PRIVATE keys 2. Site owner generates a Certificate Signing Request (CSR) - Contains PUBLIC KEY + COMPANY NAME 3. Site owner sends the CSR to a Certificate Authority (CA) in order to be SIGNED 4. CA returns a SIGNED CERTIFICATE which contains: ● site PUBLIC KEY ● site COMPANY NAME ● CA “signature” Prof. Rossano Pablo Pinto - http://rossano.pr 17 o.br

  18. HTTPS ● Steps to use SSL + HTTP: ● Real example at wiki.locaweb.com.br/pt-br/SSL Prof. Rossano Pablo Pinto - http://rossano.pr 18 o.br

  19. HTTPS 1) Generate private key using RSA parameters: openssl genrsa -out ca.key 2048 2) Generate CSR (Certificate Signing Request) openssl req -new -key ca.key -out ca.csr 3) Generate x509 Self Signed Certificate (valid for 365 days) openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt This step emulates a Certificate Authority (CA) Prof. Rossano Pablo Pinto - http://rossano.pr 19 o.br

  20. HTTPS 4) Copy files to locations described in extra/httpd- ssl.conf (next slide): cp ca.crt /etc/httpd/conf/server.crt cp ca.key /etc/httpd/conf/server.key 5) nano /etc/httpd/conf/httpd.conf: find and load the following modules: ssl_module # SSL MODULE. Modules are used by SSL: log_config_module # Flexible logging of clients setenvif_module # Set internal environment variable socache_shmcb_module # Shared object cache provider (According to “Required modules:” in extra/httpd-ssl.conf) Prof. Rossano Pablo Pinto - http://rossano.pr 20 o.br

  21. HTTPS 6) Edit httpd.conf: uncomment line: Include conf/extra/httpd-ssl.conf 7) Restart apache systemctl restart httpd.service 8) Test: open a browser and type the url: links https://localhost More details: www.openssl.org/docs/apps/x509.html, httpd.apache.org/docs/current/mod/{mod_log_config.html, mod_socache_shmcb.html, mod_setenvif_module, mod_ssl.html} Prof. Rossano Pablo Pinto - http://rossano.pr 21 o.br

  22. HTTPS ● Viewing certificates at Firefox version 44.0.2 ● Type at the URL field: about:preferences#advanced – View Certificates (Tab Servers or Authorities) ● Authoritites – Select some certificate and click “View” – Select some certificate and click “Export” (use this file at the examples below - replace server.crt with the file you saved at this step) ● Viewing keys with openssl ● openssl rsa -in server.key -noout -text ● Viewing certificates with openssl ● openssl x509 -in server.crt -noout -text Prof. Rossano Pablo Pinto - http://rossano.pr 22 o.br

  23. HTTPS ● Calculating public key associated with a private key ● openssl rsa -in server.key -pubout ● Saving public key associated with a private key ● openssl rsa -in server.key -pubout -out server.pub.key Prof. Rossano Pablo Pinto - http://rossano.pr 23 o.br

  24. HTTPS only ● Previous configuration still allows http (port 80) connection ● To disable non-ssl connection comment line “ Listen 80 ” on file httpd.conf Prof. Rossano Pablo Pinto - http://rossano.pr 24 o.br

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What's New in Apache Syncope 1.2.0 Dr. Colm higeartaigh Speaker Introduction 11/14/14 2

What's New in Apache Syncope 1.2.0 Dr. Colm higeartaigh Speaker Introduction 11/14/14 2

What's New in Apache Syncope 1.2.0 Dr. Colm higeartaigh Speaker Introduction 11/14/14 2 Introduction to Apache Syncope Apache Syncope basics Identity Management solution at Apache Can retrieve and store users/roles/etc from/in

920 views • 25 slides
to work with Java 9 Jigsaw Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation

to work with Java 9 Jigsaw Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation

Challenges updating your code to work with Java 9 Jigsaw Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation Member uschindler@apache.org https://www.thetaphi.de, http://blog.thetaphi.de @ThetaPh1 SD DataSolutions GmbH ,

638 views • 52 slides
Riding Apache Camel on Cloud willem.jiang@gmail.com blog: https://willemjiang.github.io weibo:

Riding Apache Camel on Cloud willem.jiang@gmail.com blog: https://willemjiang.github.io weibo:

Riding Apache Camel on Cloud willem.jiang@gmail.com blog: https://willemjiang.github.io weibo: willemjiang 2019-03 About Me Open Source Developer in Huawei Apache Camel Committer since 2008 Apache Member Agenda Cloud native and Integration

296 views • 26 slides
Multi-tenant Machine Learning Apache Aurora &amp; Apache Mesos Stephan Erb

Multi-tenant Machine Learning Apache Aurora &amp; Apache Mesos Stephan Erb

Multi-tenant Machine Learning Apache Aurora &amp; Apache Mesos Stephan Erb serb@apache.org 2016.11.15 @ErbStephan Apache Aurora https://aurora.apache.org Mesos

325 views • 31 slides
Integrating Apache Camel with Apache Syncope Dr. Colm higeartaigh, Talend. Speaker

Integrating Apache Camel with Apache Syncope Dr. Colm higeartaigh, Talend. Speaker

Integrating Apache Camel with Apache Syncope Dr. Colm higeartaigh, Talend. Speaker Introduction Introducing Apache Syncope Apache Syncope basics Apache Syncope is an Open Source system for managing digital identities in enterprise

929 views • 33 slides
Testing your REST Server with Apache JMeter By Henry Chan June, 2015 hchan@apache.org Download:

Testing your REST Server with Apache JMeter By Henry Chan June, 2015 hchan@apache.org Download:

Testing your REST Server with Apache JMeter By Henry Chan June, 2015 hchan@apache.org Download: https://github.com/hchan/jmeterDemo What is JMeter good for? http://jmeter.apache.org/ What can I do with it? Apache JMeter may be used

569 views • 20 slides
Introduction to Apache Beam Dan Halperin JB Onofr Google Talend Beam podling PMC Beam

Introduction to Apache Beam Dan Halperin JB Onofr Google Talend Beam podling PMC Beam

Introduction to Apache Beam Dan Halperin JB Onofr Google Talend Beam podling PMC Beam Champion &amp; PMC Apache Member Apache Beam is a unified programming model designed to provide efficient and portable data processing pipelines What

667 views • 37 slides
What's coming next? Uwe Schindler SD DataSolutions GmbH / Apache Software Foundation thetaph1

What's coming next? Uwe Schindler SD DataSolutions GmbH / Apache Software Foundation thetaph1

Apache Lucene and Solr 8: What's coming next? Uwe Schindler SD DataSolutions GmbH / Apache Software Foundation thetaph1 https://www.thetaphi.de My Background Committer and PMC member of Apache Lucene and Solr - main focus is on

785 views • 37 slides
Introduction to Apache Spark Slides from: Patrick Wendell - Databricks What hat is is Sp

Introduction to Apache Spark Slides from: Patrick Wendell - Databricks What hat is is Sp

Introduction to Apache Spark Slides from: Patrick Wendell - Databricks What hat is is Sp Spark? rk? Fast st and Expr pressiv essive Cluster Computing Engine Compatible with Apache Hadoop Efficient ficient Usa sabl ble Rich APIs

1.18k views • 25 slides
Introduction to Apache Spark Slides from: Patrick Wendell - Databricks 1 What is Sp Spark?

Introduction to Apache Spark Slides from: Patrick Wendell - Databricks 1 What is Sp Spark?

Introduction to Apache Spark Slides from: Patrick Wendell - Databricks 1 What is Sp Spark? rk? Fast ast and Ex Expres essiv sive Cluster Computing Engine Compatible with Apache Hadoop Eff fficie cient nt Usabl able Rich APIs in

792 views • 31 slides
Apache Felix Web Console Carsten Ziegeler | cziegeler@apache.org ApacheCon NA 2014 About

Apache Felix Web Console Carsten Ziegeler | cziegeler@apache.org ApacheCon NA 2014 About

Apache Felix Web Console Carsten Ziegeler | cziegeler@apache.org ApacheCon NA 2014 About cziegeler@apache.org @cziegeler RnD Team at Adobe Research Switzerland Member of the Apache So fu ware Foundation Apache Felix and Apache

725 views • 26 slides
Bug hunting with Apache Lucene Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation

Bug hunting with Apache Lucene Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation

Bug hunting with Apache Lucene Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation Member uschindler@apache.org http://www.thetaphi.de, http://blog.thetaphi.de @ThetaPh1 SD DataSolutions GmbH , Wtjenstr. 49, 28213 Bremen,

859 views • 51 slides
How Apache works JB Onofr &lt;jbonofre@apache.org&gt; Who am I JB Onofr

How Apache works JB Onofr &lt;jbonofre@apache.org&gt; Who am I JB Onofr

How Apache works JB Onofr &lt;jbonofre@apache.org&gt; Who am I JB Onofr &lt;jbonofre@apache.org&gt; @jbonofre | http://blog.nanthrax.net Fellow /Software Architect at Talend Member of the Apache Software Foundation (started in 2004)

821 views • 45 slides
Foundations of streaming SQL or: how I learned to love stream &amp; table theory Slides:

Foundations of streaming SQL or: how I learned to love stream &amp; table theory Slides:

Foundations of streaming SQL or: how I learned to love stream &amp; table theory Slides: https://s.apache.org/streaming-sql-qcon-london Tyler Akidau Apache Beam PMC Software Engineer at Google @takidau Covering ideas from across the Apache

910 views • 73 slides
Apache Calcite for Enabling SQL Access to NoSQL Data Systems such as Apache Geode Christian

Apache Calcite for Enabling SQL Access to NoSQL Data Systems such as Apache Geode Christian

Apache Calcite for Enabling SQL Access to NoSQL Data Systems such as Apache Geode Christian Tzolov Whoami Christian Tzolov Engineer at Pivotal, Big-Data, Hadoop, Spring Cloud Dataflow, Apache Geode, Apache HAWQ, Apache Committer, Apache

796 views • 41 slides
Apache Lucene 5 New Features and Improvements for Apache Solr and Elasticsearch Uwe Schindler

Apache Lucene 5 New Features and Improvements for Apache Solr and Elasticsearch Uwe Schindler

Apache Lucene 5 New Features and Improvements for Apache Solr and Elasticsearch Uwe Schindler Apache Software Foundation | SD DataSolutions GmbH | PANGAEA My Background Committer and PMC member of Apache Lucene and Solr - main focus is on

1.09k views • 83 slides
Embeddability amongst the countable models of set theory Joel David Hamkins The City University

Embeddability amongst the countable models of set theory Joel David Hamkins The City University

Introduction Universal structures Surreal numbers &amp; Hypnagogic digraph Proof of main theorem Further issues Embeddability amongst the countable models of set theory Joel David Hamkins The City University of New York College of Staten

1.04k views • 88 slides
Diagnostic Point of Care Ultrasound POCUS is the future of the physical exam Nima Afshar MD

Diagnostic Point of Care Ultrasound POCUS is the future of the physical exam Nima Afshar MD

Diagnostic Point of Care Ultrasound POCUS is the future of the physical exam Nima Afshar MD Associate Professor Trevor Jensen MD MS Assistant Professor Department of Medicine, UCSF Oct 2017 Mr. Hocus Intern: 49 year old man with no

502 views • 13 slides
Heart and Kidney Interactions: what are the challenges for prevention and progression Christoph

Heart and Kidney Interactions: what are the challenges for prevention and progression Christoph

Heart and Kidney Interactions: what are the challenges for prevention and progression Christoph Wanner, Wrzburg, Germany Wrzburg Daniel Meisner Heart &amp; 1586-1626 Kidney interactions: What are the England challenges Thomas

413 views • 18 slides
1 Tim.. Tim: the GPs perspective Tim thinks Mo is a nag Engagement Some tension

1 Tim.. Tim: the GPs perspective Tim thinks Mo is a nag Engagement Some tension

Presented by: Panel Webinar Dr Mary Emeleus, GP An interdisciplinary case study Dr Simon Kinsella, psychologist panel discussion Dr Peter Parry, psychiatrist DATE: Ann Garden, mental health nurse November 12, 2008 Adolescent

512 views • 5 slides
Breve introduo a User Dir e Senhas no Apache Uma abordagem prtica (aka crash course on User

Breve introduo a User Dir e Senhas no Apache Uma abordagem prtica (aka crash course on User

Breve introduo a User Dir e Senhas no Apache Uma abordagem prtica (aka crash course on User Dir and Directory Authentication on Apache) Prof. Rossano Pablo Pinto Novembro/2012 - v0.1 Abril/2013 - v0.3 (em construo) Prof. Rossano

197 views • 18 slides
Simulation Discrete-Event System Simulation Dr. Mesut Gne Computer Science, Informatik

Simulation Discrete-Event System Simulation Dr. Mesut Gne Computer Science, Informatik

Computer Science, Informatik 4 Communication and Distributed Systems Simulation Discrete-Event System Simulation Dr. Mesut Gne Computer Science, Informatik 4 Communication and Distributed Systems Chapter 5 Random-Number Generation

525 views • 29 slides
The Office Pokmon GO IV Calculator imacat imacat@mail.imacat.idv.tw 2017/2/4 The Office

The Office Pokmon GO IV Calculator imacat imacat@mail.imacat.idv.tw 2017/2/4 The Office

The Office Pokmon GO IV Calculator imacat imacat@mail.imacat.idv.tw 2017/2/4 The Office Pokmon GO IV Calculator is created by imacat (Yang Shih-Ching), and licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported

1.21k views • 99 slides
Malaysian Healthy Ageing Society L ondon C ollege of C linical H ypnosis (Asia) Hypnosis and

Malaysian Healthy Ageing Society L ondon C ollege of C linical H ypnosis (Asia) Hypnosis and

Organised by: Co-Sponsored: Malaysian Healthy Ageing Society L ondon C ollege of C linical H ypnosis (Asia) Hypnosis and Insomnia Sheila Menon Peter Mabbutt What is hypnosis? Waking Hypnosis You experience waking hypnosis several times

440 views • 18 slides

More recommend