Real-World Windows 2000 Configuration: Getting Apache, PHP, MySQL, and phpMyAdmin to Work Together, Part 1 Page 2

By Scott Beatty (Send Email)
Posted Jul 31, 2002


The Web Server: Apache - Installation and Configuration

More than half of all Web sites use the Apache Web server. For years, the stable Apache version was 1.3.x, and for a shorter period of time, 2.0.x was in development. In April of this year, Apache 2.0.35 was released and declared stable. One of its benefits is better cross-platform compatibility, including compatibility with Windows.

The current stable release of Apache 2.0 is 2.0.39. Windows binaries for it can be obtained from http://www.apache.org/dist/httpd/binaries/win32/. At the time of this writing, only a non-SSL Apache 2.0.39 build is available. Also, a non-SSL version of Apache 1.3.26 is available from the same page. (SSL stands for for Secure Sockets Layer, a security protocol for Internet messages. When you see a URL in your browser beginning with https:// you are using SSL.) If you have Microsoft System Installer, version 1.2 or greater (and it probably is already installed on your system), then either of these versions should install easily by double-clicking the .msi file that you can download. Please refer to the download page, and the installation information included with the distribution.

If you want to utilize Mod_SSL in order to add SSL capability to your Web site, go to http://www.modssl.org/contrib/ftp/contrib/ and download Apache_1.3.26-Mod_SSL_2.8.10-OpenSSL_0.9.6d-Win32.zip (or later) and OpenSSL-0.9.6d-Win32.zip (or later). Also, download the sample config file, openssl.cnf, from http://www.tud.at/programm/openssl.cnf (right click the link, and select Save Target As... the filename openssl.cnf).

To install Apache with Mod_SSL, first create the directory C:\Apache. Then, extract the files in the Apache_1.3.26-Mod_SSL_2.8.10-OpenSSL_0.9.6d-Win32.zip file, using a program such as WinZip. Place these extracted files in the C:\Apache directory. Then, create a directory C:\Apache\openssl, and a subdirectory, C:\Apache\openssl\bin. Move the config file to C:\Apache\openssl\bin. Next, from the OpenSSL-0.9.6d-Win32.zip file, extract openssl.exe to C:\Apache\openssl\bin, and extract libeay32.dll and ssleay32.dll to C:\WINNT\system32.

To create a test certificate for using SSL, open a command prompt window, enter a change directory command:

    cd C:\Apache\openssl\bin

and then enter the following commands:

    openssl req -config openssl.cnf -new -out localhost.csr
    openssl rsa -in privkey.pem -out localhost.key
    openssl x509 -in localhost.csr -out localhost.cert -req -signkey localhost.key -days 5000
    openssl x509 -in localhost.cert -out localhost.der.crt -outform DER

(Our sidebar article, "Creating Your SSL Test Certificate" offers additional information for those looking to set up an SSL test certificate.)

Then create a C:\Apache\conf\ssl directory, and move localhost.key, localhost.cert, and localhost.der.crt into it.

Note: The selection of 5000 days to certificate expiration is arbitrary.

Apache 1.3.26 comes with a default configuration file, named httpd.default.conf. The actual configuration file that Apache uses is httpd.conf, which initially is the same as httpd.default.conf. These two files are found in C:\Apache\conf. Keep the httpd.default.conf file unchanged, as a reference, and make the actual configuration changes to httpd.conf.

The following are the significant changes I made to the httpd.conf file provided with Apache_1.3.26-Mod_SSL_2.8.10-OpenSSL_0.9.6d-Win32.zip. (Please note that forward slashes are used in the paths.) In some cases, the information is the same, but it is included here to answer any possible questions.

Changes to httpd.conf

ServerRoot "C:/Apache"

Listen 80
Listen 443

LoadModule ssl_module modules/mod_ssl.so
LoadModule php4_module C:/php/sapi/php4apache.dll

AddModule mod_ssl.c
AddModule mod_php4.c

# Port 80

ServerAdmin webmaster@localhost

ServerName localhost

DocumentRoot "C:/Apache/htdocs"

<Directory "C:/Apache/htdocs">

    UserDir "C:/Apache/users/"

    DirectoryIndex index.php index.htm index.html

#CustomLog logs/access.log common

CustomLog logs/access.log combined

ServerSignature Off

    Alias /icons/ "C:/Apache/icons/"

    <Directory "C:/Apache/icons">

    # Alias /manual/ "C:/Apache/htdocs/manual/"

    # <Directory "C:/Apache/htdocs/manual">
    #     Options Indexes FollowSymlinks MultiViews
    #     AllowOverride None
    #     Order allow,deny
    #     Allow from all
    # </Directory>

    # ScriptAlias /cgi-bin/ "C:/Apache/cgi-bin/"
    # ScriptAlias /php/ "C:/php/"

    # <Directory "C:/Apache/cgi-bin">
    #     AllowOverride None
    #     Options None
    #     Order allow,deny
    #     Allow from all
    # </Directory<

    AddType application/x-httpd-php .php
    # AddType application/x-httpd-php-source .phps

    # AddHandler cgi-script .cgi

# Action application/x-httpd-php "/php/php.exe"

<IfModule mod_setenvif.c>
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</ifmodule>

# see http://www.modssl.org/docs/2.8/ssl_reference.html for more info
SSLMutex sem
SSLRandomSeed startup builtin
SSLSessionCache none

SSLProtocol -all +SSLv3
SSLCipherSuite HIGH:MEDIUM

SSLLog logs/SSL.log
# SSLLogLevel info
SSLLogLevel warn

<virtualhost localhost:443>
SSLEngine On
SSLCertificateFile conf/ssl/localhost.cert
SSLCertificateKeyFile conf/ssl/localhost.key
</virtualhost>

<Directory C:/Apache/htdocs/phpMyAdmin>
SSLRequireSSL
</Directory>

Regarding running Apache from the command line:

To test the syntax of the httpd.conf file: at a command prompt in the C:\Apache directory enter the command:

    apache -t

To start Apache: in the C:\Apache directory enter the command:

    apache

To stop Apache: in a separate command prompt window in the C:\Apache directory enter the command:

    apache -k shutdown

For more information, see http://www.tud.at/programm/apache-ssl-win32-howto.php3.

If you are interested in running Apache as a Windows service, the online documentation is at http://httpd.apache.org/docs/win_service.html.

Your Web site home page goes in the C:\Apache\htdocs directory, as do the subfolders for your site.

To test your SSL connection when Apache is running enter the following URL in your browser's address field:

    https://localhost/

A local copy of the Apache manual is included with the software. It is located in the htdocs folder. If you leave it there it will be available through your Web site. The manual for version 1.3.x is also available online at http://httpd.apache.org/docs/. The online manual for version 2.0.x is at http://httpd.apache.org/docs-2.0/.

The Windows shareware program that I like to use for comparing two versions of a configuration file is Compare It!.

If your browser recognizes http://127.0.0.1/ but not http://localhost/, check your hosts file. For Windows 2000, go to the C:\WINNT\system32\drivers\etc directory, and open the hosts file (there's no extension to the filename) with a text editor. The uncommented line should read:

127.0.0.1       localhost

Discuss this article in the ServerWatch discussion forum.

Page 2 of 3


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.