Book Review: Linux Apache Web Server Administration, 2nd Ed.
Title: Linux Apache Web Server Administration (Second Edition)Author: Charles AuldsPublisher: SybexISBN: 0-7821-4137-4
I needed to learn how to use Apache, because I needed to maintain a web site at work. I've been using Apache for years, but I never spent the time to read a good description of it. Basically, I ended up maintaining Apache by the seat of my pants. From past experience, I knew it would be useful to understand what a program is able to do, and this book provides a detailed description of the features available to maintain an Apache web server.
This nearly 600-page book contains a wealth of information and covers a wide range of topics: building an installing apache, virtual hosting, server-side includes, scripting (via CGI.pm, FastCGI, PHP and Tomcat/Java servlets), aliasing and redirection, logging, performance tuning and proxying.
I found the writing style to be lucid and relatively easy to follow. The book provides detailed recipes for installing everything, such as a description of how to install RPM files, including their untarring, configuring and making. It also has an extensive index (27 pages), a 9-page table of contents and a number of useful appendices. One appendix that I wish was available on-line details various resources on the Web. And new to the second edition is coverage of Apache 2, which I recently started to use.
One bad point is the author constantly uses the root account to demonstrate things. As an experienced UNIX user (over 20 years), I've adopted the practice of using root only when necessary. Indeed, most of the examples could be cast to use non-root accounts.
Another problem came in the discussion of the mod_env module, demonstrated on p. 203. The author uses
When I tried it, however, I couldn't get it to work. After doing some homework on the Web and a cursory code inspection, it appears these environment variables cannot be changed. ApacheWeek discusses the fact that comments in the code demonstrate this, but the comments are wrong--it was considered a documentation bug. It would be nice if the author tried code changes prior to describing them. On Usenet, people previously discussed this particular problem, and the answer appears to be you modify the path before running Apache.
I had problems with other examples being incorrect as shown in the book. Some examples seemed to be fundamentally wrong, like the SetEnv example above. All of them indicated the book was not proofread with the intent of confirming the examples. Alternatively, the author might have used a very customized version of standard software. In addition, it would be nice if the Sybex web site contained a tree of files with special httpd.conf examples that you can simply run. Instead, this process is something I'm doing now--I guess making a custom tree sans executables is left as an exercise to the reader. In addition, the files often reference other files, some of which are included and some of which are not. All the files are named with a concatenation of the filename and the example number. In addition, whenever a web site is needed, instead of specifying "localhost", it specifies the author's example web site in the book. It's up to the user to determine "good" errors from "bad" errors, that is, intentionally missing files or misconfiguration of your server.
I knew nothing about MySQL when I started this book. The examples appeared to be good; they discuss CGI forms to look up zip codes. They offer various ways to access the zip code database with CGI.pm, FastCGI, PHP and Tomcat. But when I was ready to try the examples, there was no zip code database in the download from the publisher's web site. The examples are useless without this. A query to the publisher got me the zip code database in a few days. (I searched the Web, but I couldn't find a database similar to the one the author used). This amazed me; what good are database examples without a database?
But the example in the book to insert the zip code table into MySQL is wrong. MySQL is case sensitive for data items (tables and columns), not SQL items. But on page 217, the book mixed the case. When I typed it in exactly as specified, it didn't work. I spent an inordinate amount of time understanding why I couldn't get the examples to work until I looked at some references on the Web.
Another glaring error is on page 64, when the author discusses stripping the httpd binary to save memory in the executable image. He devotes almost a page to the wonders of saving space by stripping binaries (and usefully points out you can't run debugging tools after stripping). But the savings are only in disk space. He thinks the saving are in the runnable image, and if you run multiple copies of httpd, which is normally the case, the savings compound. That's not the way executable images in computers are loaded. I couldn't believe that got past the technical review stage; in fact, I began to wonder if there was a technical review stage. Looking at the preface, where the author generally gives credit to his technical review staff, I noticed a glaring omission--no credits to anyone. The author also doesn't post his e-mail address (the publisher forwards messages), and the errata on the publishers web site contains only one entry.
In conclusion, I did get a lot of useful information from the book. But because of the careless errors in the examples, I can't give it a strong recommendation. I still have some resources and examples to work through, and I liked the cookbook nature--when it is right. I guess the motto "no pain, no gain" is appropriate here: I gained a lot of knowledge, but I experienced much more pain than I wanted. In short, this would be a very good book with a careful proofreading/correction cycle.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- The US Government and Open-Source Software
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide