Top 34 Apache Webserver (level 2) Interview Questions You Must Prepare 26.May.2022

Yes, it’s possible by specifying the port number in Listen directive.

For ex: to make Apache listen on 9000 port to 10.10.10.10 IP address.

Listen 10.10.10.10:9000

You can use “Options -Indexes” in respective directory directive.
Ex:

        Options -Indexes

<Directory />
       Options -Indexes
</Directory>

 

Often needed when you are troubleshooting the issue and wish to capture more details. You can change the logging level to debug by ensuring the following in httpd.conf file.

LogLevel debug

DocumentRoot directive is the configuration where you can specify the folder location from where the static files will be served. It’s also called as Web Root.

Default DocumentRoot location is /var/www/html

You got to speak the truth but to given you an idea you can use GoAccess, SumoLogic or few mentioned here.

This is doable by adding User & Group directive in httpd.conf file

  • User apache
  • Group apache

Above configuration example will ensure it starts with “apache” user. You must ensure user exist on the server before configuring it.

You can use a tool like ApacheBench, SIEGE to perform the load test on web servers including Apache. Another option to perform stress test online to see the overall how web application performs under load.

There are two popular log files created;

access.log – all request details with the status code.

error.log – capture all the errors within apache or connecting in backend.

You can use a mod_proxy module to use as a proxy server. The mod_proxy module can be used to connect to the backend server like Tomcat, WebLogic, WebSphere, etc.

There are three possible ways to get this installed.

Using source code – you can download the source and compile it.

YUM repository – if your server is connected to the Internet or have internal repository then you can use yum to install it.

yum install httpd

RPM – You can download the necessary RPM package and use rpm command.

rpm -ivh packagename.rpm

You can explain based on your experience, however, typically for Internet-facing applications it would be in Internet DMZ network and for intranet, core network.
But again this will differ based on application/organization.

Add the following in httpd.conf file and restart the web server

ServerTokens Prod
ServerSignature Off

This will hide the version and show Server as “Apache” Only.

Add the following in httpd.conf file and restart the instance

TraceEnable off

If running Linux, then you can put a script in /etc/init.d/ and enable to start on boot using chkconfig command

Let’s say you create a file called apache and put under /etc/init.d

chkconfig --add apache

chkconfig apache on

if on Windows, then ensure startup type is selected “Automatic”

Both are categorized as a Web Server and here are some of the main differences.

  • Nginx is event-based web server where Apache is process based
  • Nginx is known for better performance than Apache
  • Apache supports wide range of OS where Nginx doesn’t support OpenVMS and IBMi
  • Apache has large number of modules integration with backend application server where Nginx is still catching up
  • Nginx is lightweight and capturing the market share rapidly. If you are new to Nginx then you may be interested to check out my articles on Nginx.

httpd –t will help you to verify the syntax.

[root@lab httpd]# /usr/sbin/httpd -t

Syntax OK

[root@lab httpd]#

Alternatively, you may use apachectl command as well.

[root@lab ~]# /usr/sbin/apachectl configtest

Syntax OK

[root@lab ~]#

There is multiple ways to find this but more accurately would be;

  • Login to web server
  • Go to apache instance and bin folder
  • Executed httpd with -v to get the version details.

[root@lab sbin]# ./httpd -v

Server version: Apache/2.2.15 (Unix)

Server built:   Jul 18 2016 15:24:00

[root@lab sbin]#

Alternatively, you can also use the rpm command to check the installed version:

[root@lab ~]# rpm -qa |grep httpd

httpd-2.2.15-54.el6.centos.x86_64

httpd-tools-2.2.15-54.el6.centos.x86_64

[root@lab ~]#

  • 200 – content found and served OK
  • 403 – tried to access restricted file/folder
  • 503 – server is too busy to serve the request and in another word – service unavailable.

IBM HTTP Server – known as IHS and often used with IBM WebSphere Application Server

Oracle HTTP Server- known as OHS often used with Oracle Weblogic server

httpd.conf is the main configuration file used in Apache.

The default port for HTTP is 80 and HTTPS 44@Checkout default ports for other applications listed here.

You can restart by going to Apache instance location >> bin folder and execute apachectl script.

./apachectl stop

./apachectl start

You may also use script located in /etc/init.d/. Mostly it will be named either “apache” or “httpd”

/etc/init.d/apache stop

/etc/init.d/apache start

Another procedure would be using services

httpd stop

service httpd start

mod_rewrite is responsible for the redirection and this must be uncommented in httpd.conf file.

LoadModule rewrite_module modules/mod_rewrite.so

I am afraid, Apache is a Web Server and Java based application deployment is not possible with it. However, you can integrate Java application server like WebLogic, WebSphere, JBoss where you can deploy war, ear files.

The default configuration is set to “warn” however, the following is possible too.

  • debug
  • info
  • warn
  • notice
  • crit
  • alarm
  • emerg
  • error

Virtual Hosting in Apache allows you to host multiple websites on a single instance. You can either create IP based or Name based in virtual hosting.

You can either use the following OpenSSL command or generate CSR online.

To create new CSR with private key

openssl req -out geekflare.csr -newkey rsa:2048 -nodes -keyout geekflare.key

Check out OpenSSL cheat sheet for more commands.

There are multiple ways to find this.

  1. Login to web server and grep for “httpd” process

          ps -ef |grep httpd

  1. Check for any alert in your monitoring dashboard.
  2. Check if your apache IP:port is accessible in the browser

Ex: http://yourapacheserver.com

  1. Check if configured IP and port is listening on the server with netstat

          netstat -anlp |grep 80

The mod_ssl module must be uncommented prior to SSL implementation.

LoadModule auth_basic_module modules/mod_ssl.so

This is often needed when you have multiple IPs on the server. In order to ensure Apache listen only on specified IP then you need to explicitly mention IP and port in Listen directive.

Ex:

Listen 10.10.10.10:80

There are multiple ways to secure the Apache web server including the following.

  • Implementing SSL
  • Integrating with WAF (Web Application Firewall) like ModSecurity, etc.
  • Using cloud-based security provider

netstat would be useful to troubleshoot the port conflict issue. If running multiple instances on a single server then it would be recommended to have absolute IP:Port configured in Listen directive.

Apache is an Open Source web server so there is no enterprise level support however, you can raise a bug report or ask a question on Stack Overflow.

mod_was_ap22_http.so must be added in httpd.conf file to integrate with IBM WAS.