Linux HOWTOs

About | Home | Search


HOWTO: apache
Description: Apache and several modules
Click here for ChangeLog
NOTE: I use GNU tar >= 1.13.25 so it's -j for .tar.bz2 files,
it's safe to assume that make, gcc, binutils, fileutils/coreutils, gawk, sed, and grep are prerequisites for almost everything


# Apache 1.3.39 + modules
# =============
# Prerequisites (other than "obvious" ones):
# Perl
# OpenSSL
# MySQL (if installing PHP)

# mod_frontpage used to be covered here to get Apache working with FrontPage
# Server Extensions.  FrontPage has been discontinued by Micro$oft, they've
# pulled the docs and downloads.  More info is currently available here, but
# it may dissappear at some point:
# http://rtr.com/fpsupport/

# TODO (maybe):
# Add lingerd - http://www.iagora.com/about/software/lingerd/
# Add mod_throttle - http://www.snert.com/Software/mod_throttle/

# Create directories for backup, tarball, and source:
mkdir -p -m 0700 ~/installed/apache ~/src/apache

# Make sure the perl CPAN module (and it's prerequisites) is current and
# configured:
su -c "perl -MCPAN -e 'install Bundle::CPAN'"


# mm 1.4.2 (memory management library used by Apache)
# ========
cd
test -f installed/apache/mm-1.4.2.tar.gz &&
 mv installed/apache/mm-1.4.2.tar.gz .
test ! -f mm-1.4.2.tar.gz &&
 wget ftp://ftp.ossp.org/pkg/lib/mm/mm-1.4.2.tar.gz
cd src/apache
find -maxdepth 1 -type d -name "mm-*" -exec rm -r {} \; 2> /dev/null
tar xzvf ~/mm-1.4.2.tar.gz
cd mm-1.4.2
test $UID = 0 && chown -R root:root .
./configure
make
make test

# Become root to install it
su

rm -f /usr/local/lib/libmm.so.*
make install
ldconfig

# Become yourself again
exit

cd
rm -f installed/apache/mm-*.tar.*
mv mm-1.4.2.tar.gz installed/apache/


# Apache 1.3.39
# =============
cd
test -f installed/apache/apache_1.3.39.tar.bz2 &&
 mv installed/apache/apache_1.3.39.tar.bz2 .
test ! -f apache_1.3.39.tar.bz2 &&
 wget http://www.apache.org/dist/httpd/apache_1.3.39.tar.bz2

# Verify tarball w/ md5sum:
echo "5e812a19df4d0aecd72af3765920445f  apache_1.3.39.tar.bz2" | md5sum -c

# Verify tarball w/ sha1sum:
# (this came from my gpg-verified tarball)
echo "45be8313f5540ffec7eb00aa32b7a497129e86c0  apache_1.3.39.tar.bz2" | \
 sha1sum -c

# Verify tarball w/ gpg:
( gpg --list-keys 08C975E5 > /dev/null 2>&1 || gpg --recv-keys 08C975E5 ) &&
 wget -nc http://www.apache.org/dist/httpd/apache_1.3.39.tar.bz2.asc &&
  gpg --verify apache_1.3.39.tar.bz2.asc && rm apache_1.3.39.tar.bz2.asc

cd src/apache
find -maxdepth 1 -type d -name "apache_*" -exec rm -r {} \; 2> /dev/null
tar xjvf ~/apache_1.3.39.tar.bz2
cd apache_1.3.39
test $UID = 0 && chown -R root:root .
cd
rm -f installed/apache/apache_*.tar.*
mv apache_1.3.39.tar.bz2 installed/apache/


# mod_ssl 2.8.30
# ==============
cd
test -f installed/apache/mod_ssl-2.8.30-1.3.39.tar.gz &&
 mv installed/apache/mod_ssl-2.8.30-1.3.39.tar.gz .
test ! -f mod_ssl-2.8.30-1.3.39.tar.gz &&
 wget http://www.modssl.org/source/mod_ssl-2.8.30-1.3.39.tar.gz

# Verify tarball w/ md5sum:
# (this came from my gpg-verified tarball)
echo "66c1ad26954cb1abe59b42dab54d2cd1  mod_ssl-2.8.30-1.3.39.tar.gz" | \
 md5sum -c

# Verify tarball w/ sha1sum:
# (this also came from my gpg-verified tarball)
echo "adfdf1a01867cfe3e2c5147d3e023c54d2d435e4  \
mod_ssl-2.8.30-1.3.39.tar.gz" | sha1sum -c

# Verify tarball w/ gpg:
( gpg --list-keys 26BB437D > /dev/null 2>&1 || gpg --recv-keys 26BB437D ) &&
 wget -nc ftp://ftp.modssl.org/source/mod_ssl-2.8.30-1.3.39.tar.gz.asc &&
  gpg --verify mod_ssl-2.8.30-1.3.39.tar.gz.asc &&
   rm mod_ssl-2.8.30-1.3.39.tar.gz.asc

cd src/apache
find -maxdepth 1 -type d -name "mod_ssl-*" -exec rm -r {} \;
tar xzvf ~/mod_ssl-2.8.30-1.3.39.tar.gz
cd mod_ssl-2.8.30-1.3.39
test $UID = 0 && chown -R root:root .
./configure --with-apache=../apache_1.3.39
cd
rm -f installed/apache/mod_ssl-*.tar.*
mv mod_ssl-2.8.30-1.3.39.tar.gz installed/apache/


# mod_perl 1.30
# =============
# Note: mod_perl 2.0.3 is out, but that's for Apache 2.x

# Install/update perl modules required by mod_perl.  The Bundle::LWP
# one should take care of it, the rest are just in case.
su -c "perl -MCPAN -e shell"
o conf prerequisites_policy follow
o conf make_install_arg UNINST=1
install Bundle::CPAN
install Bundle::LWP
install CGI
install LWP::UserAgent
install HTML::HeadParser
exit

cd
test -f installed/apache/mod_perl-1.30.tar.gz &&
 mv installed/apache/mod_perl-1.30.tar.gz .
test ! -f mod_perl-1.30.tar.gz &&
 wget http://perl.apache.org/dist/mod_perl-1.30.tar.gz

# Verify tarball w/ md5sum:
# (this came from my gpg-verified tarball)
echo "bfd6f6cff1ab1cc3dbb58a236701d169  mod_perl-1.30.tar.gz" | md5sum -c

# Verify tarball w/ sha1sum:
# (this also came from my gpg-verified tarball)
echo "43e96a1a3656a2b0f9d7c5b0147a02309e0d75fb  mod_perl-1.30.tar.gz" |
 sha1sum -c

# Verify tarball with gpg:
( gpg --list-keys 88C3A5A5 > /dev/null 2>&1 || gpg --recv-keys 88C3A5A5 ) &&
 wget -nc http://perl.apache.org/dist/mod_perl-1.30.tar.gz.asc &&
  gpg --verify mod_perl-1.30.tar.gz.asc && rm mod_perl-1.30.tar.gz.asc

cd src/apache
find -maxdepth 1 -type d -name "mod_perl-*" -exec rm -r {} \;
tar xzvf ~/mod_perl-1.30.tar.gz
cd mod_perl-1.30
test $UID = 0 && chown -R root:root .
perl Makefile.PL EVERYTHING=1 APACHE_SRC=../apache_1.3.39 USE_APACI=1 \
 PREP_HTTPD=1 DO_HTTPD=1
make
su -c "make install ; chmod -R u+w ."
cd
rm -f installed/apache/mod_perl-*.tar.*
mv mod_perl-1.30.tar.gz installed/apache/


# Compile Apache 1.3.39
# =====================
# If you don't use the default OpenSSL prefix of /usr/local/ssl and yours is
# installed into /usr, replace "SSL_BASE=/usr/local/ssl" below with
# "SSL_BASE=SYSTEM"
#
# Leave off these if you're not installing mod_ssl:
# --enable-module=ssl \
# --disable-rule=SSL_COMPAT \
# --enable-rule=SSL_SDBM \
# --enable-rule=SSL_EXPERIMENTAL \
# --enable-rule=SSL_VENDOR \
#
# Leave these off if you're not installing mod_perl:
# --activate-module=src/modules/perl/libperl.a \
# --enable-module=perl
#
# Add --enable-module=headers if you're going to use DAV with Windblows XP
# (see mod_encoding below)

cd src/apache/apache_1.3.39
SSL_BASE=/usr/local/ssl EAPI_MM=SYSTEM ./configure \
 --prefix=/usr/local/apache \
 --enable-module=rewrite \
 --enable-module=so \
 --enable-module=ssl \
 --disable-rule=SSL_COMPAT \
 --enable-rule=SSL_SDBM \
 --enable-rule=SSL_EXPERIMENTAL \
 --enable-rule=SSL_VENDOR \
 --activate-module=src/modules/perl/libperl.a \
 --enable-module=perl
make

# If Apache is already installed and you're upgrading it, do something
# like this to back it up, stop it, move the old one out of the way, copy
# old files over, start up the new one.  Read through this _carefully_ and
# DO NOT blindly run it.
#
# If apache is not already installed, skip this part.


# Become root
su

# Back up the existing apache directory, minus bin, icons, include, and
# other files you can get/build from the tarball, as
# ~/backup/apache/apache-yyyymmdd.tar.bz2:
TMPFILE=`mktemp -q /tmp/apachebackup.XXXXXXXXXX ||
 ( echo "/tmp/apachebackup.$$"
   touch "/tmp/apachebackup.$$"
   chmod 600 "/tmp/apachebackup.$$" )`
tar cjv \
 --exclude=usr/local/apache/bin \
 --exclude=usr/local/apache/icons \
 --exclude=usr/local/apache/include \
 --exclude=usr/local/apache/libexec \
 --exclude=usr/local/apache/man \
 -f "$TMPFILE" /usr/local/apache
test -s "$TMPFILE" &&
 ( mkdir -p -m 0700 ~/backup/apache
   mv -f "$TMPFILE" ~/backup/apache/apache-`date +%Y%m%d`.tar.bz2 )
unset TMPFILE

# If you like, so there's no downtime between stopping the old one and
# starting the new one, you can do this to create a temporary copy:
cp -a /usr/local/apache /usr/local/apache-tmp
( cd /usr/local/apache-tmp
  cp conf/httpd.conf conf/httpd.conf.orig
  cat conf/httpd.conf | \
   sed 's%/usr/local/apache%/usr/local/apache-tmp%' > conf/httpd.conf.new
  test -s conf/httpd.conf.new &&
   mv -f conf/httpd.conf.new conf/httpd.conf )
# Then you can start the temporary copy after stopping the copy that we're
# upgrading.  See below.

# Stop your old copy of Apache:
/usr/local/apache/bin/apachectl stop
sleep 5
killall -9 httpd

# If you created a temporary copy, start it (use 'start' if you don't have
# mod_ssl installed):
/usr/local/apache-tmp/bin/apachectl startssl

# Move old version(s) out of the way, reinstall the old SSL certs, install it,
# move the old logs into the new /usr/local/apache, etc.:
test -d /usr/local/apache-old2 && rm -r /usr/local/apache-old2
test -d /usr/local/apache-old &&
 mv -f /usr/local/apache-old /usr/local/apache-old2
test -d /usr/local/apache &&
 mv -f /usr/local/apache /usr/local/apache-old
make certificate TYPE=existing \
 CRT=/usr/local/apache-old/conf/ssl.crt/server.crt \
 KEY=/usr/local/apache-old/conf/ssl.key/server.key
make install
cd /usr/local
cp -f apache/cgi-bin/printenv apache/cgi-bin/test-cgi apache-old/cgi-bin/
cp -f apache-old/conf/httpd.conf /usr/local/apache/conf/
mv apache/cgi-bin apache/cgi-bin.orig
mv apache/htdocs apache/htdocs.orig
mv apache/logs apache/logs.orig
mv -f apache-old/cgi-bin apache-old/htdocs apache-old/logs apache/
test -d apache-old/perl && mv -f apache-old/perl /usr/local/apache/

# Become yourself again
exit

# Now skip down to PHP installation below (or something after that if you're
# not going to install PHP...).  If you're done, skip down to the bottom.


# If this is a new installation, do this:
make certificate TYPE=custom

# Become root
su
make install

mkdir /usr/local/apache/perl

## Add this to httpd.conf just below the /icons/ alias:
#    Alias /perl/ /usr/local/apache/perl/
#
#    <Location /perl>
#      SetHandler perl-script
#      PerlHandler Apache::Registry
#      Options ExecCGI
#      AllowOverride AuthConfig
#      allow from all
#      PerlSendHeader On
#    </Location>

# If you have logrotate installed (Slackware >= 8.1, RedHat, etc.) add a
# /etc/logrotate.d/apache like this:
cat << EOF > /etc/logrotate.d/apache
/usr/local/apache/logs/access_log /usr/local/apache/logs/error_log
 /usr/local/apache/logs/ssl_engine_log
 /usr/local/apache/logs/ssl_request_log {
    rotate 6
    daily
    sharedscripts
    postrotate
    #    #/usr/bin/killall -HUP httpd
        /usr/local/apache/bin/apachectl restart 1> /dev/null
    endscript
    create 0640 root wheel
}
EOF
chmod 600 /etc/logrotate.d/apache

# Add Apache's bin directory to your PATH and man pages to your MANPATH, if
# you're root:
cat << EOF > /etc/profile.d/apache.sh
#!/bin/sh
if [ "$UID" -eq 0 ]; then
  echo \$PATH | grep -q "/usr/local/apache/bin" ||
   export PATH="\$PATH:/usr/local/apache/bin"
  echo \$MANPATH | grep -q "/usr/local/apache/man" ||
   export MANPATH="\$MANPATH:/usr/local/apache/man"
fi
EOF
chmod +x /etc/profile.d/apache.sh

# Become yourself again
exit


# =-=-=-= PHP as a DSO =-=-=-=

# Remove the gd patch we used with PHP 4.2.3:
rm -f ~/installed/apache/php-4.2.3-gd-2.0.8.patch

# See the mysql howto if you need to install MySQL for PHP (the build
# instructions below for PHP assume that it's already installed)

# Everything here other than PHP itself is optional.  If you don't know what
# you need to build into it, write me for an educated guess ;-)

# GD support for PHP
# ==================
# gd is a library that lets you create jpegs, pngs, etc. (depending on
# how you build it).  If you don't install it, leave out --with-gd,
# --with-jpeg-dir, and --with-zlib-dir when building PHP.  If you want
# to build the version of gd that now comes with PHP use it as shown below.
# If you want to use the 'real' GD, pass the gd directory to it.  No idea
# how/if that will work.
#
# GD has it's own HOWTO

# libjpeg support for PHP
# =======================
# This will build libjpeg support into PHP.  If you don't want to build it
# in, leave out --with-jpeg-dir
#
# libjpeg has it's own HOWTO

# gettext support for PHP
# =======================
# This will build gettext support into PHP.  Not positive, but I think this
# was required for --enable-mime-magic.
#
# gettext has it's own HOWTO

# IMAP support for PHP
# ====================
# This is most commonly required by IMP or another webmail application.  If
# you don't install this, leave out --with-imap and --with-imap-ssl when
# building PHP.
#
# uw-imap has it's own HOWTO

# LDAP support for PHP
# ====================
# This will build LDAP support into PHP via the OpenLDAP libraries.
#
# OpenLDAP has it's own HOWTO

# net/ucd-snmp support for PHP
# ============================
# Note: ucd-snmp and net-snmp are SNMP tools.  ucd-snmp is the 4.x and
# lower versions, net-snmp is the 5.x versions.  If you don't want to build
# ucd/net-snmp support into PHP, leave out --with-snmp and
# --enable-ucd-snmp-hack
#
# ucd-snmp has it's own HOWTO and
# net-snmp has it's own HOWTO

# mcrypt support for PHP
# ======================
# This will build mcrypt encryption support into PHP.  Pass --with-mcrypt to
# enable this.
#
# mcrypt has it's own HOWTO

# DOM support for PHP
# ===================
# DOM support requires libxml.  Pass --with-dom to enable this.
#
# libxml has it's own HOWTO

# iconv support for PHP
# =====================
# glibc itself supports iconv and of course so does libiconv.  Pass
# --with-iconv to enable this.
#
# libiconv has it's own HOWTO


# PHP 4.4.7
# =========
# Version 4.4.6 failed to build for me with imap 2004g installed.  It was OK
# with 2006f.

cd
test -f installed/apache/php-4.4.7.tar.bz2 &&
 mv installed/apache/php-4.4.7.tar.bz2 .
test ! -f php-4.4.7.tar.bz2 &&
 wget http://www.php.net/distributions/php-4.4.7.tar.bz2

# Verify tarball with md5sum:
echo "3f21b44d37a57ca3876d3aea713c700d  php-4.4.7.tar.bz2" | md5sum -c

cd src/apache
find -maxdepth 1 -type d -name "php-*" -exec rm -r {} \;
tar xjvf ~/php-4.4.7.tar.bz2
cd php-4.4.7
test $UID = 0 && chown -R root:root .

# Become root to build and install it
# Normally we'd become root after make, before install, but apxs has to be
# run by root
su

# If you're building PHP for use with IMP, you may want to pass these
# options to configure.  Ones on the first line are mandatory, the second
# line is for IMAP and IMAP + SSL support, the third line is for UTF-8
# support, and the rest are other miscellaneous options you may want to use
# (see Horde's docs/INSTALL).  You'll also want to enable mysql, ldap, or
# whatever is appropriate for your setup.
# --with-gettext --with-dom
# --with-imap --with-imap-ssl
# --with-iconv --enable-mbstring
# --with-mcrypt --with-mime-magic

# Pay close attention to the configure options listed here and leave out any
# that you do not have/want installed.
./configure \
 --with-apxs=/usr/local/apache/bin/apxs \
 --disable-cgi \
 --with-openssl=/usr/local/ssl \
 --with-gd --with-jpeg-dir=/usr/lib --with-zlib-dir=/usr/lib \
 --with-gettext=/usr \
 --with-imap --with-imap-ssl \
 --with-ldap \
 --with-mime-magic \
 --with-mysql=/usr/local/mysql \
 --with-mm \
 --with-snmp --enable-ucd-snmp-hack \
 --enable-sockets \
 --with-dom --with-iconv --with-mbstring --with-mcrypt
make
make install

# Backup your current php.ini, view a diff of your old one against the new
# sample one:
test -f /usr/local/lib/php.ini &&
 ( mkdir -p -m 0700 ~/backup/apache
   cp -a /usr/local/lib/php.ini ~/backup/apache/php.ini-$(date +%Y%m%d)
   diff -u /usr/local/lib/php.ini php.ini-dist | less )

# We had to configure, make, make install as root, so we have to change the
# ownership to your non-root user (if you use one) so you'll be able to
# remove the source directory later)
chown -R $USER .

# Become yourself again
exit

cd
rm -f installed/apache/php-*.tar.*
mv php-4.4.7.tar.bz2 installed/apache/

## Set These in your httpd.conf before you start up Apache:
#
#    # Add or uncomment these lines, add .php3 to the first line
#    AddType application/x-httpd-php .php .php3
#    AddType application/x-httpd-php-source .phps
#
#    # add index.php index.php3 to DirectoryIndex like so:
#    DirectoryIndex index.php index.php3 index.html

# =-=-=-= end of PHP section =-=-=-=


# mod_dav (as a DSO)
# ==================
# Note: last time I tried this was apache 1.3.26

cd
test -f installed/apache/mod_dav-1.0.3-1.3.6.tar.gz &&
 mv installed/apache/mod_dav-1.0.3-1.3.6.tar.gz .
test ! -f mod_dav-1.0.3-1.3.6.tar.gz &&
 wget http://www.webdav.org/mod_dav/mod_dav-1.0.3-1.3.6.tar.gz
cd src/apache
find -maxdepth 1 -type d -name "mod_dav-*" -exec rm -r {} \;
tar xzvf ~/mod_dav-1.0.3-1.3.6.tar.gz
cd mod_dav-1.0.3-1.3.6
test $UID = 0 && chown -R root:root .
./configure --with-apxs=/usr/local/apache/bin/apxs
make
su -c "make install"
cd
rm -f installed/apache/mod_dav-*.tar.*
mv mod_dav-1.0.3-1.3.6.tar.gz installed/apache/

# Add this to httpd.conf at the global level (outside of any Directory or
# Location directives):
#
# DAVLockDB /usr/local/apache/var/DAVLock
#
# Add this to any Directory or Location directive to enable WebDAV for that
# location/directory and it's subdirectories:
#
# <Directory /usr/local/apache/htdocs/blah>
#   DAV On
# </Directory>


# mod_encoding
# ============
# Grab this one if you'll be using DAV with Windows XP, which is
# broken (wow, really?!).

cd
test -f installed/apache/mod_encoding-20021209.tar.gz &&
 mv installed/apache/mod_encoding-20021209.tar.gz .
test ! -f mod_encoding-20021209.tar.gz &&
 wget http://webdav.todo.gr.jp/download/mod_encoding-20021209.tar.gz
cd src/apache
find -maxdepth 1 -type d -name "mod_encoding-*" -exec rm -r {} \;
tar xzvf ~/mod_encoding-20021209.tar.gz
cd mod_encoding-20021209
test $UID = 0 && chown -R root:root .
./configure --with-apxs=/usr/local/apache/bin/apxs
make
su -c "make install"
cd
rm -f installed/apache/mod_encoding-*.tar.*
mv mod_encoding-20021209.tar.gz installed/apache/

## In your httpd.conf, add these where the other LoadModule lines are:
# LoadModule headers_module  libexec/mod_headers.so
# LoadModule encoding_module libexec/mod_encoding.so
## and add these where the other IfModule sections are:
# 
#     Header add MS-Author-Via "DAV"
# 
#
# 
#     EncodingEngine on
#     NormalizeUsername on
# 



# Apache::ASP
# ===========
# Note: last time I tried this was apache 1.3.26

su -c "perl -MCPAN -e shell"
o conf prerequisites_policy follow
install Bundle::Apache::ASP
exit

## Add this to httpd.conf to turn on asp for just the /asp URI
# <Location /asp/>
#   SetHandler perl-script
#   PerlHandler Apache::ASP
#   PerlSetVar Global /tmp
# </Location>

## or add this for .asp files to work everywhere:
# <Files ~ (\.asp)>
#   SetHandler perl-script
#   PerlHandler Apache::ASP
#   PerlSetVar Global /tmp
# </Files>

# And if you use the examples in site/eg/ (see the tarball or
# ~/.cpan/build/Apache-ASP-*/) make sure AllowOverride AuthConfig is
# set for either that dir or for the whole htdocs dir


# auth_ldap 1.6.0
# ===============
# There is a version 1.6.1, but it totally broke authentication for me and I
# wasn't able to find out why before I had to downgrade to 1.6.0

cd
test -f installed/apache/auth_ldap-1.6.0.tar.gz &&
 mv installed/apache/auth_ldap-1.6.0.tar.gz .
test ! -f auth_ldap-1.6.0.tar.gz &&
 wget http://www.rudedog.org/auth_ldap/auth_ldap-1.6.0.tar.gz
cd src/apache
find -maxdepth 1 -type d -name "auth_ldap-*" -exec rm -r {} \;
tar xzvf ~/auth_ldap-1.6.0.tar.gz
cd auth_ldap-1.6.0
test $UID = 0 && chown -R root:root .

# Become root
su

./configure \
 --with-apxs=/usr/local/apache/bin/apxs \
 --with-ldap-sdk=openldap \
 --with-sdk-headers=/usr/local/include \
 --with-sdk-libs=/usr/local/lib \
 --with-activate
make LIBS="-lldap -llber -lresolv"
make install
chown -R $USER .

# Become yourself again
exit

cd
rm -f installed/apache/auth_ldap-*.tar.*
mv auth_ldap-1.6.0.tar.gz installed/apache/


# mod_security 1.9.4
# ==================
# There is a mod_security 2.x, but that appears to only be for Apache 2.x
# This version will probably not be updated any more.

cd
test -f installed/apache/modsecurity-apache_1.9.4.tar.gz &&
 mv installed/apache/modsecurity-apache_1.9.4.tar.gz .
test ! -f modsecurity-apache_1.9.4.tar.gz &&
 wget http://www.modsecurity.org/download/modsecurity-apache_1.9.4.tar.gz

# Verify tarball w/ md5sum:
echo "74d2317781bab619cd7b6b376b978107  modsecurity-apache_1.9.4.tar.gz" | \
 md5sum -c

# Verify tarball w/ sha1sum:
# (this one came from my gpg-verified tarball)
echo "8f34540a8dfa8374d9b2446cf9b17c4acc69e59f  modsecurity-apache_1.9.4.\
tar.gz" | sha1sum -c

# Verify tarball w/ gpg:
( gpg --list-keys 971B7E08 > /dev/null 2>&1 || gpg --recv-keys 971B7E08 ) &&
 wget -nc http://www.modsecurity.org/download/\
modsecurity-apache_1.9.4.tar.gz.asc &&
  gpg --verify modsecurity-apache_1.9.4.tar.gz.asc &&
   rm modsecurity-apache_1.9.4.tar.gz.asc

cd src/apache
find -maxdepth 1 -type d -name "modsecurity-apache-*" -exec rm -r {} \;
find -maxdepth 1 -type d -name "modsecurity-apache_*" -exec rm -r {} \;
find -maxdepth 1 -type d -name "modsecurity-?.*" -exec rm -r {} \;
tar xzvf ~/modsecurity-apache_1.9.4.tar.gz
cd modsecurity-apache_1.9.4
test $UID = 0 && chown -R root:root .
cd apache1

# Become root to install it
su

/usr/local/apache/bin/apxs -cia mod_security.c
chown -R $USER .

# Now 'cd ..' and look through httpd.conf.example-minimal for configuration
# examples and read the manual in doc.

# Become yourself again
exit

cd
rm -f installed/apache/modsecurity-*.tar.*
mv modsecurity-apache_1.9.4.tar.gz installed/apache/


# Testing your configuration, (re)starting Apache
# ===============================================
# Become root
su

# Make any additional changes in httpd.conf that you still need to.  When
# you're done, make sure that Apache doesn't have any complaints about it's
# configuration by running this:
/usr/local/apache/bin/apachectl configtest

# If the newly upgraded copy of Apache is still running (if so, it may be
# barfing errors), stop it:
/usr/local/apache/bin/apachectl stop

# If you created a temporary copy, stop it and zap it:
test -d /usr/local/apache-tmp &&
 ( /usr/local/apache-tmp/bin/apachectl stop
   sleep 2
   killall httpd > /dev/null 2>&1
   sleep 2
   killall -9 httpd > /dev/null 2>&1
   rm -r /usr/local/apache-tmp )

# And (re-)start it with SSL turned on (use 'start' if you didn't install
# mod_ssl):
/usr/local/apache/bin/apachectl startssl

# Become yourself again
exit

Back to the list


Last updated: Tue, 07 Aug 2018 12:06:17 -0400
Jason Englander <jason at englanders dot us>