HomeOracle Page 5 - Directives, Access, and More with the Oracle HTTP Server
Obtaining the HTTP Server Status - Oracle
In our fifth article of a five-part series that covers managing the Oracle HTTP Server (OHS), you will learn how to handle aliases, index directories, find out the status of the server, and more. It is excerpted from chapter five of the book Oracle 10g Application Server Exam Guide, written by Sam Alapati (McGraw-Hill, 2006; ISBN: 0072262710).
You can use the Status module, which lets you check OHS Server performance statistics though an HTML page. You use the Location directive, to specify whether you want to allow the generation of server status reports from a specific IP address (or symbolic machine name). In the Location directive, for the Allow from attribute, you must provide the IP address/machine name, as shown in the following example:
<Location /server-status> SetHandler server-status Order deny,allow Deny from all Allow from ntl-alapatisam.netbsa.org </Location>
Figure 5-4. The HTTP Server Status Page
The Location directive shown in the foregoing example allows server status reports only for browsers from the ntl-alapatisam.netbsa.org domain.
Once you set up the Location directive as shown here, you can access the server status reports using the following URL:
Figure 5-4 shows the server status page for the HTTP Server.
Introduction to the Oracle HTTP Server
The Oracle HTTP Server (OHS) is based on the Apache 1.3 Web Server.
The following three OHS components run within a single OHP process: the HTTP listener, the modules, and the Perl Interpreter.
OHS modules extend the functionality of the OHS server.
There are two types of OHS modules: standard Apache modules and OracleAS specific modules.
In a UNIX/Linux system, the main http process runs as the root user and the other processes under a less-privileged user.
On Windows server, there's a multithreaded implementation of the HTTP Server processes, with a single control process and a child process.
The httpd.pid file contains the process ID of the parent server process.
You must not keep sensitive information in the htdocs directory.
The main configuration file of the Oracle HTTP Server is called the httpd. conf file.
The recommended way to modify the OHS configuration is through editing the httpd.conf file through the Application Server Control Console.
The httpd.conf file is a server configuration file, read only when you start or restart the Oracle HTTP Server.
The httpd.conf file contains directives, which are configuration instructions as well as pointers to other configuration files.
The "other" configuration files include the mod_oc4j.conf, mime.types, and the oracle_apache_conf file.
There are three types of directives: server-level, container, and per-directory directives.
The default name of the per-directory configuration file is .htaccess.
You control the directives that can be placed in the .htaccess file by using the AllowOverride directive.
Directives are always applied in a hierarchical manner.
If you set UseCanonicalName to ON, the HTTP Server will use the ServerName and Port directives to construct the canonical name for the server.
If you don't set the Listen directive, the Port directive specifies the default port.
If you set the Listen directive, the Port directive is used only for redirection.
Managing the Oracle HTTP Server
You use the opmnctl and dcmtl command-line utilities to manage the Oracle HTTP Server.
You can edit the httpd.conf file from the Application Server Control Console.
When you modify the httpd.conf file using the Application Server Control Console, the HTTP Server is bounced automatically.
The error_log file contains OHS error messages, and you can change the name of this file with the ErrorLog directive.
The access_log contains a detailed account of all HTTP Server access.
If the error_log grows too big, you should reset the log file rather than try to remove it (or move it).
By default, all HTTP log files are in the Common Log Format (CLF).
OHS Configuration Directives
You can classify directives into various classes, based on the following types of contexts: Server config, Virtual directory, Directory, and .htaccess.
Server Config context directives can't be used in the <Directory> or <VirtualHost> containers or in the .htaccess files.
Directives in the . htaccess file are applied in the order in which they appear.
Global directives are applicable only outside of container directives.
You can use per-directory class directives anywhere.
Container directives limit the scope of a directive.
Containers can't be included in another container, except the <VirtualHost> container.
Block directives specify the conditions under which a directive will take effect.
Virtual host directives take precedence over the main server directives, since virtual host directives are processed later.
Directory containers are processed from the shortest component to the longest.
Virtual hosting is the maintenance of multiple Web servers on a single machine.
You can define IP-based or name-based virtual hosts using the VirtualHost directive.
Under name-based hosting, there are multiple Web sites for each IP address.
Under IP-based virtual hosting, you'll have a separate IP address for each Web site.
The NameVirtualHost directive is required when you configure name-based virtual hosts.
You use the Options directive to specify features that the HTTP Server will allow.
The default parameter for the Options directive is All, meaning that all options are allowed by default.
The AllowOverride directive determines which of the directives in a directory .htaccess file can override the server configuration.
You use the IndexIgnore directive to prevent all files in a directory from showing up in file listings.
The Alias directive lets you store documents in directories other than that specified by the DocumentRoot directive.
The AliasMatch directive works like the Alias directive but uses standard regular expressions instead of simple prefix matching.
You can change the name of the .htaccess file in a directory in your path, with the help of which of the following directives?
The AllowOverride directive is valid only in
A. Server containers
B. Virtual Hosts
C. Directory containers
D. File containers
The IndexIgnore directive
A. Prevents users from finding backups of CGI scripts.
B. Is not a good idea because users can find backups of CGI scripts.
C. Helps list all available files.
D. Keeps users from seeing any file listing at all.
The default name for the per-directory configuration file is
Which of the following can be used by specifying the AllowOverride directive?
A. .htaccess files
D. Server log files
The Oracle HTTP Server processes all section groups in the order in which they appear in the configuration files, with the exception of
A. The <Files> container
B. The <FilesMatch> container
C. The <Location> container
D. The <Directory> container
What’s the difference between the Alias and AliasMatch directives?
A. AliasMatch uses standard regular expressions instead of simple prefix matching.
B. AliasMatch uses simple prefix matching instead of standard regular expressions.
C. AliasMatch allows the use of CGI scripts.
D. Only AliasMatch allows you to create aliases outside of the directory specified by DocumentRoot.
If you set UseCanonicalName directive to ON,
A. The HTTP server will use only the Port directive.
B. The HTTP server will use only the ServiceName directive.
C. The HTTP server will use neither the Port nor the ServiceName directives.
D. The HTTP server will use the Port and ServiceName directives.
Self Test Answers
A is correct. If you want to call your .htaccess file by a different name, you can do so by using the AccessFileName directive.
B and C are incorrect because they refer to nonexistent directives. D is incorrect because the AccessConfig directive doesn't allow you to change the .htaccess filename.
C is correct. The AllowOverride directive is valid only in the <Directory> containers.
A, B, and D are incorrect because the AllowOverride directive can't be used in those containers.
A is correct because you use the IndexIgnore directive to keep users from accessing various files, including the backups of CGI scripts.
B is incorrect because users can't find backups of CGI scripts when you use the IndexIgnore directive. C is incorrect because the IndexIgnore directive helps you prevent all available files from being listed. D is incorrect because users can see all files that you don't restrict with the IndexIgnore directive.
B is correct because .htaccess is the default name for the per-directory configuration file.
A is incorrect because .access is a made up filename. C and D are incorrect because they are configuration files for the HTTP Server and for the SSO Server.
A is correct because you use the AllowOverride directive to control the contents of the .htaccess files.
B, C, and D are incorrect because the AllowOverride directive isn't meant to control the contents of those three entities.
D is correct because in the case of the <Directory> container, the HTTP Server processes from the shortest directory to the longest, not in the order they appear in the configuration files.
A, B, and C are incorrect because they are all processed in the order in which they appear in the configuration files.
A is correct because the AliasMatch directive uses standard regular expressions instead of simple prefix matching for filenames.
B is incorrect because the AliasMatch directive uses regular expressions, not prefix matching. C is incorrect because AliasMatch has nothing to do with CGI scripts. D is incorrect because the AliasMatch doesn't give you the right to create aliases outside the directory specified by the DocumentRoot directive.
D is correct because the HTTP Server will use both the Port and ServiceName directives when you set the UseCanonicalName directive to ON.
A, B, and C are incorrect because the HTTP Server will use the values specified by both the Port and ServiceName directives.