HowTo: Configure Apache Web Server To Use NFS Shared HTML+PHP5 Files

Image may be NSFW.
Clik here to view.

The Apache web server is responsible for providing access to dynamic content via the HTTP or HTTPS protocol. In this example, I’m going to install and use the Apache 2 web server + php5 safely and set DocumentRoot to vm05:/exports/html mounted at /var/www/html. You need to type the following commands on vm02 having an IP address 192.168.1.11.

Configure NFS client

Use the yum command to install required NFS client packages:
# yum groupinstall "Network file system client"
OR just install nfs clients:
# yum install nfs-utils nfs4-acl-tools
Turn on the NFSv4 client services:
# chkconfig rpcbind on
# chkconfig rpcidmapd on
# chkconfig nfslock on

/etc/idmapd.conf nfs client configuration

Edit /etc/idmapd.conf, enter:
# vi /etc/idmapd.conf
Make sure it is set as per NFS server domain name:

Domain = cyberciti.biz

[Mapping]

Nobody-User = nobody
Nobody-Group = nobody

Save and close the file. Start all nfs client services, enter:
# /sbin/service rpcbind start
# /sbin/service rpcidmapd start
# /sbin/service nfslock start

Mount file system

Type the following command:
# showmout -e vm05
OR
# showmout -e 192.168.1.14
Sample outputs:

Export list for v.txvip1:
/exports/html     192.168.1.10,192.168.1.11
/exports/static   192.168.1.10,192.168.1.11

Mount /exports/html nfs file system at /var/www/html, enter:
# /bin/mount -t nfs4 -orsize=32768,wsize=32768,intr,hard,proto=tcp,sync vm05:/exports/html /var/www/html/
OR
# /bin/mount -t nfs4 -orsize=32768,wsize=32768,intr,hard,proto=tcp,sync 192.168.1.14:/exports/html /var/www/html/

Mounting NFS file systems using /etc/fstab

Edit /etc/fstab, enter:
# vi /etc/fstab
Append the entry, enter:

vm05:/exports/html    /var/www/html  nfs4   orsize=32768,wsize=32768,intr,hard,proto=tcp,sync

Save and close the file. Make sure netfs service is turned on:
# chkconfig netfs on
Finally, verify that apache user can see files, enter:
# su - apache
$ ls /var/www/html/
$ exit
#
Please note that root user or any other user may not able to see /var/www/html due to security policy. This is default and only apache user must access DocumentRoot.

Install Apache software

Install the Apache 2 package using yum command, enter:
# yum install httpd

Install required php5 and modules

Type the following command to install php5 and other modules that can provide access to mysql, graphics and much more:
# yum install -y php-pear php-common php-bcmath php-mbstring php-cli php-pdo php-php-gettext php-mcrypt php-gd php-xml php-pecl-apc
php php-mysql php-xmlrpc

Install memcached support for php5

In order to access the memcached server installed on vm3 you need to install memcache server for php:
# yum install -y php-pecl-memcache

Configure Apache

Edit /etc/httpd/conf/httpd.conf, enter:
# vi /etc/httpd/conf/httpd.conf
Add or correct the following directives (DocumentRoot must point to nfs location mounted on /var/www/html):

# allow proxy server communication over lan
Listen 192.168.1.11:80
# default security avoid info leakage
ServerTokens Prod
ServerSignature Off

# Set DocumentRoot
DocumentRoot "/var/www/html"

   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
   Options Indexes FollowSymLinks
   AllowOverride All
   Order allow,deny
   Allow from all

Save and close the file.

PHP5 configuration

PHP is a widely used server-side scripting language. Edit /etc/httpd/conf.d/php.conf, enter:
# cat /etc/httpd/conf.d/php.conf
Sample outputs:

#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
#

  LoadModule php5_module modules/libphp5.so


  LoadModule php5_module modules/libphp5-zts.so


#
# Cause the PHP interpreter to handle files with a .php extension.
#
AddHandler php5-script .php
AddType text/html .php

#
# Add index.php to the list of files that will be served as directory
# indexes.
#
DirectoryIndex index.php

#
# Uncomment the following line to allow PHP to pretty-print .phps
# files as PHP source code:
#
#AddType application/x-httpd-php-source .phps

See how to secure and optimize php 5 for more information.

Extract real source IP for forwarded HTTP requests

Install mod_extract_forwarded package to get real source IP for forwarded HTTP requests (turn on EPEL repo):
# yum -y install mod_extract_forwarded package
Edit /etc/httpd/conf.d/mod_extract_forwarded.conf, enter:
# vi /etc/httpd/conf.d/mod_extract_forwarded.conf
Add or correct as follows:

## Accept real ip from our nginx reverse proxy  at 192.168.1.1 ##
MEFaccept 192.168.1.1

Save and close the file. Reload apache web server:
# service httpd reload

Configure iptables to allow access to the web server

Edit /etc/sysconfig/iptables. Add the following lines, ensuring that they appear before the final LOG and DROP lines for the INPUT chain:

## allow only access from lan ##
-A INPUT -m state --state NEW -p tcp -s 192.168.1.0/24 --dport 80 -j ACCEPT

Save and close the file. Restart the iptables service, enter:
# /sbin/service iptables restart
# /sbin/iptables -L -v -n

Turn on Apache

Start the Apache 2 web server, enter:
# chkconfig httpd on
# service httpd start
Fire a webborwser and type the url:
http://192.168.1.11/

A note about MySQL database and Memcached server

You need to use mysql database server IP address 192.168.1.13 and tcp port 3306 in your PHP applications:

/* Sample php config */
/* The name of the database for WordPress */
define('DB_NAME', 'foo');

/* MySQL database username */
define('DB_USER', 'bar');

/* MySQL database password */
define('DB_PASSWORD', 'mypassword');

/* MySQL hostname */
define('DB_HOST', '192.168.1.13');

You need to use memcached server IP address 192.168.1.12 and tcp port 11211 in your PHP applications:

/* sample php code */
                if ( isset($memcached_servers) )
                        $buckets = $memcached_servers;
                else
                        $buckets = array('default' => array('192.168.1.12:11211'));

OR

$config['Datastore']['class'] = 'myApp_MemCached;
$i = 0;
$i++;
$config['Misc']['memcacheserver'][$i]           = '192.168.1.12';
$config['Misc']['memcacheport'][$i]             = 11211;
$config['Misc']['memcachepersistent'][$i]       = true;
$config['Misc']['memcacheweight'][$i]           = 1;
$config['Misc']['memcachetimeout'][$i]          = 1;
$config['Misc']['memcacheretry_interval'][$i] = 15;

The post HowTo: Configure Apache Web Server To Use NFS Shared HTML+PHP5 Files appeared first on nixCraft.