The Apache HTTP Server Project is an effort to develop and maintain anopen-source HTTP server for modern operating systems including UNIX andWindows. The goal of this project is to provide a secure, efficient andextensible server that provides HTTP services in sync with the current HTTPstandards.
- Apache Web Server Linux
- Apache Web Server Vulnerabilities
- Apache Web Server Windows
- Apache Web Server Versions
Simple Playbooks for Install Apache Web Server. GitHub Gist: instantly share code, notes, and snippets. I'm running an Apache web server and was wondering what's the best way to deploy changes (from github) to the web server? /var/www/ right now is only writable by root. Should I have my git project directly in /var/www/? (so it creates /var/www/.git/?).
The Apache HTTP Server ('httpd') was launched in 1995 and it has been the most popular web server on the Internet sinceApril 1996. It has celebrated its 25th birthday as a project in February 2020.
The Apache HTTP Server is a project of The Apache SoftwareFoundation.
The Apache Software Foundation and the Apache HTTP Server Project arepleased toannounce therelease of version 2.4.46 of the Apache HTTP Server ('httpd').
This latest release from the 2.4.x stable branch represents the best availableversion of Apache HTTP Server.
Apache HTTP Server version 2.4.43 or newer is required in order to operate a TLS 1.3 web server with OpenSSL 1.1.1.
Download | ChangeLog for2.4.46 | Complete ChangeLog for2.4 | New Features in httpd2.4
As previously announced, the Apache HTTP Server Project has discontinuedall development and patch review of the 2.2.x series of releases.
The Apache HTTP Server Project had long committed to provide maintenancereleases of the 2.2.x flavor through June of 2017. The final release 2.2.34was published in July 2017, and no further evaluation of bug reports orsecurity risks will be considered or published for 2.2.x releases.
Great! We have updated our download page in an effort tobetter utilize our mirrors. We hope that by making it easier to use our mirrors, we will be able to provide a better download experience.
Please ensure that you verify your downloads usingPGP or MD5 signatures.
Awesome! Have a look at our current 'Help Wanted' listings then:
Last month I posted about hosting a git server under IIS by using GitAspx. While this is certainly one way to host a git server on windows, I wouldn’t recommend this in a production environment.
An alternative (and somewhat more stable) approach is to use the native implementation of git-http-backend that ships with msysgit along with Apache.
Step 1: Install Git
Apache Web Server Linux
Firstly you’ll need to install msysgit. The current stable version is 1.7.0.2, but this process should also work with the 1.7.1 beta. Be sure to select Run git from the Windows Command prompt when the installer asks you if you want to modify your PATH variable.
Once installed, you’ll need to tweak the installation slightly. By default, the git http server is located at C:Program Files (x86)Gitlibexecgit-coregit-http-backend.exe (on x64 systems). If you try and run git-http-backend.exe you’ll get the message that the application couldn’t be started because libiconv2.dll is missing:
In order to fix this, copy libiconv2.dll from C:Program Files (x86)Gitbin to C:Program Files (x86)Gitlibexecgit-core
Now when you run git-http-backend.exe from a command prompt, the application should run and you should see an HTTP 500 server error:
Step 2: Install Apache
Next you’ll need to install the Apache webserver. I’m using the 2.2.16 installer which can be found here. I ran through the installation using the default options so my Apache instance is running on port 80.
If you visit http://localhost at this point you should be greeted with Apache’s standard “It works!” message.
Step 3: Create Repositories Directory
Create the directory where you want to store your git repositores. I’m using C:Repositories. For testing purposes I created an empty test repository:
You’ll also need to put some content in this test repositor
Step 4: Modify Apache Configuration
Next, you’ll need to modify the Apache configuration file so that it forwards requests to git-http-backend.exe. This is done by editing httpd.conf in C:Program Files (x86)Apache Software FoundationApache2.2conf
At the bottom of httpd.conf, add the following lines:
The first line tells git where your repositories are located. The second line tells git that all repositories in this directory should be published over http (by default, git will only publish those repositories that contain a file named “git-daemon-export-ok”). The final lines tell apache to route git-specific URLs to the git http server.
Finally, if you want to be able to clone from the server without authentication, then you’ll need to tell Apache to allow anonymous access by adding the following lines into httpd.conf:
After saving the changes, restart the Apache service.
Step 5: Clone the test repository
Next, clone the test repository that you crated in step 3 by issuing the command git clone http://localhost/Test.gitIf all goes well, you should see the following output:
At this point, you can now clone repositories from the server without any authentication.
Apache Web Server Vulnerabilities
Step 6: Authentication
If you try to push changes to the repository you cloned in step 5, you’ll receive an error:
This is because by default, you can only pull from repositories anonymously, while pushing requires authentication to be enabled.
Scenario 1: Allow anonymous pushes
Sometimes you may want to allow users to push to your repositories without authentication, for example when using an internal, privately hosted server.
To enable this scenario, edit the config file in C:RepositoriesTest.git on the server and add the following lines to the bottom of the file:
This will allow git to accept pushes from anonymous users.
Note that you’ll have to add this to every repository that you create. I’ll show a nicer way to do this later in the tutorial.
Scenario 2: Anonymous pull, authenticated push
This is the default scenario. Git will only allow users to push if they have been authenticated with apache.
There are several ways to enable user accounts with apache. The most basic is to use .htaccess files, although you can also configure integration with Windows user accounts and Active Directory by using mod_authnz_ldap. Configuring these is outside the scope for this tutorial, but there are plenty of examples on the internets.
Once authentication is set up, you’ll need to ensure that you clone your repositories with the username in the URL, as git will not prompt you for a username by default:
git clone http://MyUserName@mygitserver/Test.git
Git will then prompt you for a password every time that you try to push. You can also hard code the password in the URL (somewhat insecure) if you want to avoid this prompt:
git clone http://MyUserName:Password@mygitserver/Test.git
To make this more secure, you could enable SSL on the server and require authenticated traffic to go over HTTPS. Although configuring OpenSSL with apache is outside the scope for this tutorial, I will point out that once configured, you will need to disable the SSL verification on your git client by running:
git config --global http.sslverify false
If you don’t do this, you’ll get an error saying “error setting certificate verify locations” every time you try to clone/push/pull over HTTPS.
Step 7: A prettier UI
At this point, you should be able to clone, pull from and push to the server. However, creating new repositories requires that you connect remotely to the server and run git init from a command prompt on the server.
A nicer alternative is to use a web-based front for the creation of repositories. For this I’ll be using GitPhpHomepage which is a small collection of PHP scripts that I ported from GitAspx's ASP.NET-based UI to PHP in order to get it working under Apache.
First, you’ll need to install PHP on the server. I’ll be using the PHP 5.3.3 Windows binaries that can be found at http://windows.php.net/download/. The download page is somewhat confusing, offering both thread-safe and non-thread-safe versions compiled with both VC6 and VC9. For use with Apache 2.2 be sure to select the VC6 x86 Thread Safe zip package. Here’s a direct link.
Apache Web Server Windows
Unzip the contents of this package to C:PHP on the server and add this directory to Windows’ PATH environment variable:
Next, rename the php.ini-production file to just php.ini and edit the following settings:
Apache Web Server Versions
Uncomment and edit the “extension_dir” (about half way through the file) so that it says the following:
Next, edit your Apache configuration file (C:Program Files (x86)Apache Software FoundationApache2.2confhttpd.conf) and add the following lines to the bottom of the file:
This tells Apache to map .php file extensions to the PHP5 apache module located in C:php.
You’ll also need to tell Apache to look for index.php as a default index file. This can be done by searching for the lines that look like this:
…and changing them to this:
Be sure to restart the Apache server once you’ve made these changes.
To see whether this is working, create a file called phpinfo.php in C:Program Files (x86)Apache Software FoundationApache2.2htdocs and place in it the following content:
Now, visiting http://mygitserver/phpinfo.php should display a page containing PHP configuration information.
Now that PHP is configured, download the GitPhpHomepage files from http://github.com/JeremySkinner/GitPhpHomepage and unzip them into C:Program Files (x86)Apache Software FoundationApache2.2htdocs
Be sure to edit the config.php file so that it accurately reflects both the git installation directory and your repositories directory.
At this point, visiting http://mygitserver should display a page where you can view and create repositories:
Pressing the “Create a new bare repository” button will open a dialog where you can create a new repository, including the option to enable anonymous pushes:
Obviously, if you’re thinking of using this on a public-facing server you should enable authentication so that not just anyone can create repositories on your server.