Monitoring Server Activities




An Apache Web Server is a tempting target for someone with a desire to hijack a computer for bad purposes. There are many techniques you can use to secure your server (covered in Chapter 13), which range from SELinux to using certificates to controlling how scripts are run. Described here, however, are techniques for keeping an eye on the performance and security of your Apache Web Server. Watching your server carefully can often stop an attack before it gets anywhere. Apache provides two unique built-in methods to check the performance and status of your Web Server. The server-status handler can be configured to show information about server processes. The server-info handler can be configured to display a detailed summary of the Web Server’s configuration. You can activate these services by adding the following lines to the /etc/httpd/conf/httpd.conf file:


<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
<Location /server-info>
SetHandler server-info
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>


In this example, all users from the local computer can display the server-info and server-status pages. You can change 127.0.0.1 to the name of any domain or host that your Apache server is hosting.



Displaying Server Information


The Server Information (server-info) page contains the server version information and various general configuration parameters and breaks up the rest of the data by module. Each loaded module is listed, with information about all directives supported by that module, and the current value of any defined directives from that module.

The Server Information is usually quite verbose and contains much more information than can be displayed in Figure 20-3, which shows only the links to each module’s section and the general Server Settings section.



Displaying Server Status


The contents of the server-status page include version information for the server, the current time, a time stamp of when the server was last started, and the server’s uptime. The page also details the status of each server process, choosing from several possible states (waiting for a connection, just starting up, reading a request, sending a reply, waiting to read a request before reaching the number of seconds defined in the KeepAliveTimeout, performing a DNS lookup,
logging a transaction, or gracefully exiting).

The server-status page can also perform automatic updates to provide even closer monitoring of the server. If the URL http://localhost/server-status?refresh=40 is specified, the server-status page displayed in your browser will be updated every 40 seconds. This enables a browser window to be entirely devoted to continually monitoring the activities of the Web
Server.

By default, only basic status information is generated. If you would like to generate full status information, you need to turn on the ExtendedStatus directive by uncommenting the last line in the following code:

#
# ExtendedStatus: controls whether Apache will generate "full" status # information (ExtendedStatus On) or basic information (ExtendedStatus # Off) when the "server-status" handler is called. The default is Off.
#
#ExtendedStatus On



There are no comments on this page.
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki