Apache

Starting or stopping apache
Disabling Directory Listings
Named Virtual Hosting
Password protect a web subdirectory in Apache

Starting or stopping apache

To start automatically during system boot on init levels 2 3 4 5 

 # chkconfig --level 2345 on

To start or stop apache manually 

 # service httpd [start | stop | restart]
                or
 # apachectl [ start | stop | restart]

Disabling Directory Listings

By default, apache lists all the contents of the files in the sub directory if it can't find the index.html file. You can disable the directory listing by using a -Indexes option in the <Directory> directive for the DocumentRoot 

 <Directory "/home/www/*">
  ...
  ...
 Options MultiViews -Indexes SymLinksIfOwnerMatch IncludesNoExec

Virtual Hosts

Sample virtual Host configuration 

 <VirtualHost *:80>
    ServerAdmin webmaster@abc.com
    DocumentRoot /www/abc.com/
    ServerName abc.com
    ServerAlias abc.com www.abc.com
    ErrorLog logs/abc.com-error_log
    CustomLog logs/abc.com-access_log common

        <Directory "/www/abc.com">
        Options Indexes FollowSymLinks
        AllowOverride None
        Order allow,deny
        Allow from all
        </Directory>
 </VirtualHost>

Password protect a directory

Both the main and subdirectories of DocumentRoot can be password protected using apache's htpasswd password utility. This utility is used to create username/password combinations. It is recommended to place the passwrod file in /etc/httpd/conf directory, away from the DocumentRoot tree.

01. Creathe .htpassword file using htpasswd command. If "-c" option specified, it creates new .htpasswd file 

   # htpasswd -c /etc/httpd/conf/.htpasswd xyz  
   New password:
   Re-type new password:
   Adding password for user xyz

02. Make it readable for all users 

    # chmod 644 /etc/httpd/conf/.htpasswd

03. Create a .htaccess file in the directory which need to be password protected 

    AuthUserFile /etc/httpd/conf/.htpasswd
    AuthGroupFile /dev/null
    AuthName "Private directory" 
    AuthType Basic
    require user admin

Remember this password protects the directory and all its subdirectories. The AuthUserFile tells Apache to use the .htpasswd file. The require user statement tells Apache that only user admin in the .htpasswd file should have access. If you want all .htpasswd users to have access, replace this line with require valid-user. AuthType Basic instructs Apache to accept basic unencrypted passwords from the remote users' Web browser.

04. Change the .htacces file permissions 

    # chmod 644 /var/www/.htaccess

05. Make sure apache config file has an AllowOverride statement in a <Directory> directive for the directory to be password protected 

    <Directory /home/www/*>
    AllowOverride AuthConfig
    </Directory>