WEB SERVER

OVERVIEW HTTP
HTTP An Introduction
HTTP The Hypertext Transfer Protocol
The protocol used between web clients (browsers) and web servers.
Web browsers resource from the server, who
returns the content

HTTP uses request-response architecture

Uniform Resource Locator (URL)

Anatomy of a URL:

http://internet.rutgers.edu:80/ITI520/index.html

Protocol Hostname Port Number Path To File

What do HTTP Requests Look Like?
GET /images/penguin.gif HTTP/1.0
User-Agent: Mozilla/0.9.4 (Linux 2.2.19)
Host: www.kernel.org
Accept: text/html, image/gif, image/jpeg
Accept-Encoding: gzip
Accept-Language: en
Accept-Charset: iso-8859-1,*,utf-8
Cookie: B=xh203jfsf; Y=3sdkfjej
<cr><lf>

Messages are in ASCII (human-readable)

Carriage-return and line-feed indicate end of headers
Headers may communicate private information
(e.g., browser, OS, cookie information, etc.)
What Kind of Requests are there?
Called Methods:
GET: retrieve a file (95% of requests)
HEAD: just get meta-data (e.g., mod time)
POST: submitting a form to a server
PUT: store enclosed document as URI
DELETE: removed named resource
LINK/UNLINK: in 1.0, gone in 1.1

CONNECT: used by proxies for tunneling (1.1)

OPTIONS: request for server/proxy options (1.1)
What Do Responses Look Like?
HTTP/1.0 200 OK
Server: Tux 2.0
Content-Type: image/gif
Content-Length: 43
Last-Modified: Fri, 15 Apr 1994 02:36:21 GMT
Expires: Wed, 20 Feb 2002 18:54:46 GMT
Date: Mon, 12 Nov 2001 14:29:48 GMT
Cache-Control: no-cache
Pragma: no-cache
Connection: close
Set-Cookie: PA=wefj2we0-jfjf
<cr><lf>

Similar format to requests (i.e., ASCII)

What Responses are There?
1XX: Informational ( in 1.0, used in 1.1)
100 Continue, 101 Switching Protocols
2XX: Success
200 OK, 206 Partial Content
3XX: Redirection
301 Moved Permanently, 304 Not Modified
4XX: Client error
400 Bad Request, 403 Forbidden, 404 Not Found
5XX: Server error
500 Internal Server Error, 503 Service
Unavailable, 505 HTTP Version Not Supported
WEB ADMINISTRATION
Siapakah Web Master itu?
Webmaster adalah seseorang yang bertanggung jawab
atas konten dan/atau mengelola Website dan/atau
Webserver.
Peranan Webmaster
Web Designer membuat unsur grafis dan menentukan
layout Website

Content Provider Membuat dan mengedit dokumen

HTML

Web Developer menulis program CGI, Java, JavaScript.

ASP, PHP dan skrip aplikasi lainnya yang ditujukan untuk
menyampaikan konten dinamis
Peranan Webmaster
Administrator Bertanggung jawab mengelola aplikasi
web server, mungkin juga Sistem Operasi dan perangkat
keras.

Untuk organisasi besar biasanya tugas-tugas tersebut di

delegasikan ke ahlinya.
Planning Your Server
Bagaimana dan dimana akan di hosting?
Spesifikasi hardware?
Sistem operasi yang digunakan?
Aplikasi Web server yang akan digunakan?
Apa nama domainnya?
Untuk menjawab pertanyaan diatas biasanya
di tentukan juga oleh masalah keuangan,
sumberdaya manusian, atau infrastruktur
yang tersedia dalam organisasi
Hosting Your Server
Shared hosting
Free Page Site For personal use, limited space and tools, adds
advertisements. (examples: Yahoo, Tripod, Xoom, etc.)
Berbayar : rumahweb, idwebhost

VPS/Dedicated server
Digitalocean
Linode
Hosting Your Server: Do It Yourself:
Networking Options
Intranet Server diimplementasikan pada LAN (local area
network).

Internet Server server dapat diakses melalui internet

Hosting Your Server: Hardware Options
Perlu memilih arsitektur (i.e Intel
Compatible PC, Sun, Macintosh G4).
Kecepatan dan jumlah prosesor.
RAM dan Disk Space.
NIC card.
Harga bisa sampai puluhan juta.
Hosting Your Server: Operating System
Options
Commercial Versions of Unix (i.e. Solaris, Irix, HP-UX, AIX,
MacOS X).

Free Versions of Unix (i.e. Linux, FreeBSD).

Microsoft Windows (9x, NT, Windows 2000).

Novell NetWare

Windows vs. Unix raises issues of easy of use, stability,

scalability, open source, and pricing.
Hosting Your Server: Web Server
Software Options
Web Server Software Options: Apache

Originally based on NCSA httpd code.

Can be installed under most Unix variants and Windows.

Binary versions available for many operating systems.

Uses file-based configuration, although GUI tools are also

available.
Introduction to Apache, .

Unix versions very stable. Windows version less mature

(beta-level code).

Very Fast and uses resources efficiently.

Freely distributed source code. Can be modified for

commercial or non-commercial use.

Price: Free

See http://www.apache.org for more information.

Netscape iPlanet Server, .

Uses Web-based administration.

Can be resource intensive.
Price: $1495 per processor for Enterprise Server
See
http://www.iplanet.com/products/infrastructure/web_serv
ers for more information.
Web Server Software Options: Microsoft
Internet Information Server
Most popular for NT-based web servers.

Runs only under Windows NT Server.

GUI-based administration. Web-based administration

available as well.

May not scale well.

Important Notes about Web Server
Hardware
Web Servers need fast disk access and a lot of RAM to
handle high-volumes of traffic.
Not unusual to see web servers with 1GB of RAM and 10,000RPM
hard drives.

Processor speed and performance becomes very important

when delivering dynamic content via CGI scripts, Server
Side Includes or other web applications.
VIRTUAL HOST
Virtual Host
Mekanisme yang memungkinkan beberapa situs dengan
domain berbeda di-hosting pada mesin yang sama

Tiap virtual host punya root folder berbeda

Semua script dan file pendukungnya ditaruh pada root

folder tersebut
Ilustrasi Virtual Host
APACHE2
CONFIGURATION
Installation
The Apache2 web server is available in Ubuntu Linux. To
install Apache2:

At a terminal prompt enter the following command:

sudo apt-get install apache2

Configuration File
Global Configuration
/etc/apache2/apache2.conf
Ports configuration
/etc/apache2/ports.conf
Virtual Host configuration
/etc/apache2/sites-available/
/etc/apache2/sites-enabled/
Virtual Host Config Step by Step
Buat nama domain

Copy file konfigurasi dari default config

sudo cp /etc/apache2/site-available/000-default.conf
/etc/apache2/site-available/nama_domain.conf

Ubah konfigurasi

Aktifkan site :
sudo a2ensite siam.adser.com.conf
Vitual Hosts Configuration
/etc/apache2/sites-available/siam.adser.com.conf

<VirtualHost *:80> //IP add and port

ServerAdmin admin@gmail.com
ServerName siam.adser.com
ServerAlias www.siam.adser.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
KONFIGURASI HTTPS
PADA APACHE2
Security
TLS/SSL
TLS, or transport layer security, and its predecessor SSL,
secure sockets layer, are secure protocols created in order
to place normal traffic in a protected, encrypted wrapper.

Enable ssl
sudo a2enmod ssl
 Generate Key
sudo openssl req -x509 -nodes -days 365 -newkey
rsa:2048 -keyout /etc/apache2/ssl/apache.key -out
/etc/apache2/ssl/apache.crt
openssl: This is the basic command line tool provided by
OpenSSL to create and manage certificates, keys, signing
requests, etc.
req: This specifies a subcommand for X.509 certificate
signing request (CSR) management.
-x509: This option specifies that we want to make a self-
signed certificate file instead of generating a certificate
request.
nodes: This option tells OpenSSL that we do not wish
to secure our key file with a passphrase.
-days 365: This specifies that the certificate we are
creating will be valid for one year.
-newkey rsa:2048: The rsa:2048 tells OpenSSL to
generate an RSA key that is 2048 bits long.
-keyout: This parameter names the output file for the
private key file that is being created.
-out: This option names the output file for the certificate
that we are generating.
 Configure host ssl
/etc/apache2/sites-available/default-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin admin@example.com
ServerName your_domain.com
ServerAlias www.your_domain.com
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Configure host ssl
Enable SSL configuration on site
sudo a2ensite default-ssl.conf
Restart apache service
sudo service apache2 restart
Open your site
https://server_domain_name_or_IP
Certificate Provider
Paid
Google
DigiCert
VeriSign

Free
Letsencrypt
sslforfree
Any question?