12 Chapters and 10 Appendices in 873 Pages.

Contents

Chapters
 

        1    Apache and the Internet
        2    Getting Started with Apache
        3    Building Apache the Way You Want It
        4    Configuring Apache the Way You Want It
        5    Deciding What The Client Needs
        6    Delivering Dynamic Content
        7    Hosting More Than One Web Site
        8    Improving Apache's Performance
        9    Monitoring Apache
        10  Securing Apache 
           11  Improving Web Server Security
        12  Extending Apache

Appendices

        A  Useful RFCs
        B  Apache Variants
        C  The Apache License
        D  Environment Variables
        E  Server Side Includes
        F  Regular Expressions
        G  Third Party Apache Modules
        H  HTTP Headers and Status Codes
        J  Directives by Module
        K  Directives by Name
        Index

Synopsis

This is an amazingly thorough coverage of the Apache web server software. For those not in the know, Apache is the server which powers more web servers across the globe than any other piece of software, including MS IIS. With the introduction of OS-specific Multi-Processing Modules (MPMs) and the Apache Portable Runtime, Apache 2.0 runs on more platforms with greater ease.  Generally, when features are put into web server software, it's Apache that gets a new feature first. Apache is multi-platform software, and it is truly industrial-strength software.  A great deal of work went into the production and testing of Apache 2.0.  I went to more than one Apache Convention myself [Richard] and I can can tell you that Apache gets more testing than most Boeing 747s or any other peice of complex engineering such as trains or bridges.  When a new major release comes along you can rely on it to run your web server or large parts of the internet.   The first Wrox Apache book written by Peter Wainright was quite good.  This second edition which describes the internals of Apache 2.0 is a definite must have and the kind of thing that will turn people green with envy when they see you reading it.

Having gone through this book, the reader will find themselves able to bend Apache to their every whim. Creating dynamic sites, secure shopping environments, setting up virtual servers, fault-tolerance and clustering are all advanced topics covered by this book, and covered well. All concepts are described with great clarity, and it is hard to imagine a computer-literate person being unable to do something having read this book.

Calling this book 'Professional Apache 2.0' hints at some of the powerful techniques uncovered within: certainly, the majority of people running a small to medium size internet / intranet web server will find that many parts of this book are irrelevant to them; not because the book itself is irrelevant in places, but because of the range of services that this book will show you how to implement. For example, many people will not set up their Apache system in a secure mode, using encrypted protocols. However, if you are setting up an internet shopping site encrypted protocols are essential. In short, there is nothing that you can do with Apache that is not covered, in some form, in this book.

Review

Profesional Apache 2.0 starts out by outlining all the common internet technologies used in web servers, and some of the not so common ones. Networking concepts are discussed quite extensively in the first chapter - this includes technologies that have not yet made it into the mainstream, such as IPv6, the next generation of internet protocol. Having shown Apache to be a multi-platform system, the author quickly makes it clear, however, that UNIX of some form is by far the best choice to run this software. Examples of network configuration then take a distinctly UNIX flavour - for example, ifconfig is described, along with the other standard tools: netstat, ping, etc. We then start to get down and dirty with the HTTP protocols - HTTP/1.1 is described, along with the various headers and some of the methods used by the HTTP protocol. By now, you'll have realised that if you're not setting up a serious web server, this book is probably not for you.

Unlike some other books, hardware is also discussed at a very early stage. Solutions like Sun Cobalt's Cude and RaQ (a server system that comes in a rack-mount format, generally 4U high, but often as small as 1U) are focussed on, to the detriment of 'traditional' big-box servers. 

Installation of Apache is covered to an extent, although the reader is assumed to have a great deal of knowledge, which I think is fair in this case. [Alex] The administrator of the system should be familiar with command lines, and also au fait with the more technical side of setting up and maintaining networks. Configuration of Apache is introduced early on, and useful tools such as Comanche (a graphical configuration manager for Apache) are shown in enough depth for the reader to make a value judgement between the different tools, enter into rudimentary use of them and extend their knowledge further. Be warned: the author makes it quite clear that the GUI tools have their limits, and quite explicitly recommends the use of the command line. By now, the installation, configuration, recompilation and maintenance of the Apache server should be familiar concepts to the reader.

The book puts a lot of emphasis on understanding the interaction between server and client at a very low level. This is indeed a good tactic: a sysadmin can't hope to configure Apache into a complex configuration without understanding the way Apache talks to those programs it serves. The paves the way for discussion of the configuration system of Apache in great detail. As is usual with UNIX, concepts familiar to Computer Scientists such as Regular Expressions (regexs) and regex matching will need to be fully understood: for example, without understanding regex matching you won't be able to use features of Apache such as rewrite rules, redirection rules, etc.

Dynamic content is what everyone is after these days. And dynamic sites are springing up everywhere, sites with shopping baskets, sites with configurable news, and the ever-present 'portal'. CGI scripting is the most common method of 'activating' a site, and again it's assumed that the reader has basic programming knowledge, as well as other related skills. This is a book for professionals, remember, and if you're not a professional administrator, you may find yourself out of depth in places. Of course, this doesn't exclude the 'professional amateur' by any means, but although a lot of the ideas in the book can be picked up quite quickly, you will need a fairly well-rounded knowledge of networking in general, programming and UNIX administration to get the most out of this book. Note also, that the section of the book covering dynamic content is not just a load of scripts piled into a chapter: indeed, there are very few examples of actual CGI scripts that one would use to make a site dynamic in some way. The concentration is, as it should be, on configuring Apache to run sites in a dynamic fashion, which is harder than one might expect if you want to do it properly.

By chapter seven we start getting into some of the really hairy stuff: virtual hosting. If you're a sysadmin contemplating enabling virtual hosting, you more than likely have a web server that is already sprawling out like some great leviathon, and it'll be on the verge of getting much bigger. To be honest, I closed my eyes for part of this chapter and started praying that it wasn't going to be something that I'll ever have to understand: having multiple sites on one machine is the domain of ISPs, horribly complicated and not something I'd want to do: my preferred solution is, of course, to stick another machine on the network! However, that said, this chapter is as well written as the others, and while there are hoops a plenty to jump through to put Apache into a configuration like this, you'll be glad to have this book to hand.

Hopefully, most of you will remember the Mindcraft hoo-ha a while ago, when they released benchmarks showing Windows NT/IIS beating Apache on Linux. I remember reading those, and thinking that if I had so many hits on my site that my server couldn't cope I probably wouldn't be complaining a great deal. Let's face it, Apache is quick, but it'll take some hammering to make it slow down. But, this is a professional book, and professionals are the ones running the high-load web servers, so this book covers high-performance web serving. And you'll need to know about Apache if you want to implement a high-performance server - the great hope for Linux high-performance web serving is phttpd, and for the moment that requires another httpd, such as Apache.

There's a lot of this book that I [Alex] can only cover briefly: the section on monitoring Apache, for example, is essential reading for the sys admin who likes to keep a close eye on their network. There's also a section on Secure Serving, which again is essential reading if you're interested in doing anything where encryption is necessary. And then there's all the bits on Apache modules, whereby you can extend the base Apache system to do just about anything you please - setting it up in proxy configuration, for example.

In all, this book is great reading if you want to setup a web server in anything other than a trivial configuration. I certainly learned a heck of a lot reading it, and this is coming from someone who's written his own web server software! Apache is the de facto standard in web serving, and if you're considering a Windows NT/ IIS/.Biz solution, forget it: Apache/Linux will be more featureful, more extensible and all round better. And this book will tell you all about it - the writing is clear, the examples excellent and the layout and flow sound. I've not read a better book on configuring a web server to this level of detail, and I believe that anyone managing an Apache system will benefit from reading it. Not only that, but they probably won't need to buy another book!

Review by Alex Hudson and Richard Ibbotson