Internet Express Version 6.7 for Tru64 UNIX: Internet Express for Tru64 UNIX Administration Guide
Chapter 7 Web Services Administration
The Internet Express
Administration utility lets you manage the following Web service components:
The Secure Web Server (powered
by Apache) is an implementation of the Apache Software Foundation's
(ASF) Apache HTTP server for Tru64 UNIX. It contains a packaged,
integrated, and tested version of many of the popular components
of the Apache Web Server (Open-SSL, mod_ssl, PHP, fastcgi, and others)
and the modules that are used with it. The Secure Web Server integrates
other features beyond the core modules supplied by the ASF, including:
Support for Dynamic Shared Objects (DSO)
Support for SSL connections (https) using a DSO module
Support for APXS, which allows third party modules
to be built against and used with an installed Secure Web Server
SUexec enabled in the server (additional configuration
required to enable it)
Support for the Atalla hardware accelerator cards
In addition, all modules (except for auth_digest) are provided with the Apache code base are
built in or provided as a DSO.
The Secure Web Server provides a Web-based administration
interface that allows an administrator to perform common management
tasks on the Web server. You access these administration pages from
your Web browser, as described in Section : Accessing the Secure Web Servers.
Managing the Secure Web Server involves the following
Accessing the Secure Web Servers
The Secure Web Server provides
the following servers for managing Internet services:
The public Web server uses a configured instance
of the Secure Web Server on Port 80, the default Web server port.
The installation procedure lets you select this port for the public
Web server based on Apache Version 2.0 or Apache Version 1.3. If you
choose to install both Apache versions for public Web servers, you
can use Port 80 for only one server instance and must select a different
port for the other. You can use the Administration Web Server to toggle
The Administration Web Server, based on Apache Version
1.3, is installed and configured on Port 8081.
The SSL-enabled Secure Web Server is configured on
The Internet Monitor Administration Server is installed
and configured on Port 8086.
Table 7-1 summarizes
the ports on which the administration accounts are installed by default,
and shows the URLs for accessing these accounts. In the URLs listed, host.domain.name represents the fully qualified host
name of the local system (the system on which Internet Express is
installed). For information on how to allow access from a remote system
when running the Secure Web Server, see the Secure Web Server Administration
Table 7-1 Internet Express Ports and URLs
|80||Public Web Server listening on the default http: port (if configured)|
|8081||Administration Web Server|
Socket Layer (SSL) Web Server|
|8086||Internet Monitor Administration Server|
To access the Secure Web Servers, follow these
From an HTML-based Web browser, enter the URL, indicating
either port 80 or 8081, as described in Table 7-1.
The Administration Web Server
is initially accessible from the local system only. For information
on how to allow access from a remote system, see the Secure Web Server Administration
Enter a user name and password.
user name for the Web server administration account is admin. During installation, the system administrator set a password to
be used for the Web server administration accounts. To change the
password for ports 80 or 8081, see the Secure Web Server Administration
When you access the Web server, you are given access
to privileged files and can perform system management tasks until
exiting the browser. Do not leave an Administration session unattended.
Limit access to the admin account to those individuals
authorized to perform Internet system management tasks.
In a TruCluster Server environment, the Secure
Web Server runs on all cluster members concurrently. Connections
are distributed among the cluster members based on how the cluster
alias has been configured. See the cluamgr(8) reference page.
Web Server Management
All Web server management operations are performed
using port 8081, the Administration Web Server. All activity is recorded
in the associated log files described in the Secure Web Server Administration
Management tasks available from the Secure Web
Server administration menus include the following items. Steps for
performing these tasks are described in the Secure Web Server Administration
Guide, unless otherwise noted.
Change configuration parameters, including tuning
parameters, access control entries, listening ports and addresses,
virtual hosts, URL defaults, HTML directory aliases, CGI directory
aliases, and logging and reporting parameters.
Manage user accounts, displaying status and viewing
information for the public Web server.
Allow remote access to the Administration Web Server.
View server activity reports, access log files and
error log files, and refresh these files.
Start and stop Web servers.
Change the password for the Administration Web Server.
Use the Secure Socket Layer (SSL) with the Secure
Changing Configuration Parameters
A configuration parameter is specified by a directive and is stored
in one of the configuration files listed in Table 7-2.
Table 7-2 Configuration Files for Secure Web Servers
|Public Web Server 1.3 (based
on Apache Version 1.3)|
|Public Web Server 2.0 (based on Apache
|Administration Web Server|
|Internet Monitor Administration Server|
You can specify the following types of configuration
parameters using the Administration utility. (See the Secure Web Server Administration
Guide for detailed information on specifying each configuration
Listening ports and addresses
Logging and reporting parameters
The Secure Web Server configuration files are read
in the following order:
If you specify the same directive in more than
one configuration file, the first directive found takes precedence.
In the tables in the following sections, a directive
enclosed in angle brackets can be defined using multiple lines and
must be delimited by a <directive>...</directive> pair (where directive is the directive name). The following example shows the proper syntax
for a multiple-line directive:
<Limit GET POST>
deny from all
allow from host1.domain.name domain2.name<
Through the Change Configuration Parameters menu
for each server, theSecure Web Server Administration utility allows you
to set many of the frequently used configuration parameters. If you
want to take advantage of more specializedWeb Server functionality,
you must manually edit the configuration files listed in Table 7-2. Avoid modifying
the configuration parameters that are handled by the Administration
utility when manually editing these files.
For a complete listing of Secure Web Server directives,
visit the following Web site:
Changing the Password for the Administration Web Server
To change the password used for the Administration
Web Server, follow these steps:
Under Web on the Manage Components menu, choose Secure Web Server.
From the Secure Web Server Administration menu, choose
Change Passwords for All Administration Servers.
Enter the new password in the New Password field and
again in the Verify New Password field.
Click on Submit.
The new password takes effect immediately.
If you decide not to change the password, cancel
the operation by clicking on one of the following:
The Clear button at the bottom of the form
One of the links on the navigation bar at the top
of the form to go to another Administration menu
Allowing Remote Access to the Internet Monitor Administration
The installation procedure installs the Internet Monitor Administration
Server on port 8086, and initially allows access to the server from
the local system only.
To allow access to the Internet Monitor Administration
Server from remote systems, follow these steps:
From the Administration utility Main menu, choose
Under Web on the Manage Components menu, choose Secure
From the Secure Web Server Administration menu, choose
Manage the Internet Monitor Administration Server.
From the Manage the Internet Monitor Administration
Server menu, choose Change Configuration Parameters.
From the Change Internet Monitor Administration Server
Configuration Parameters menu, choose Change Access Control Entries.
On the Change Internet Monitor Administration Server
Access Control Entries form, choose Directory /usr/internet/monitor/web from the Existing Access Control Entries list box, then click on
Modify. The Modify Internet Monitor Administration Server Access
Control Entry form then displays.
In the Hosts Allowed Access field, enter one of the
host.domain.name for a
.domain.name for a specific
Click on Submit.
On the confirmation page, click on Submit to reload
the Web server configuration file.
The ht://Dig search tool is a complete World Wide Web
index and search system for a domain or an Intranet. The tool does
not replace the need for powerful Internet-wide search systems like
Lycos, Infoseek, Google, and AltaVista. Rather, ht://Dig covers the
search needs for a single company, campus, or subsection of a Web
site. In contrast with a WAIS-based or Web server-based search engine,
ht://Dig can easily span several Web servers. The type of Web server
does not matter, as long as the server understands common protocols
Internet Express provides a version of ht://Dig
in the IAEHTDIG subset, which requires the Apache
Web Server subset (IAEAPCH). See the Internet Express Installation Guide for information on installing
After installation, the Internet Express Installation
script informs you that the search engine and indexer have been successfully
installed, then instructs you to create the search index (Section : Creating the Search Index) and
begin the search (Section : Searching the Index). You can perform either of these functions
from the Internet Express Administration utilityTru64 UNIX or the
Creating the Search Index
Internet Express provides a link from the Manage Components menu
for creating a search index using ht://Dig. Perform the following
From the Administration
utility Main menu, choose Manage Components
Under Web on the Manage
Components menu, choose Ht://Dig Index and Search System. The Ht://Dig
Indexing and Search Administration page is displayed (Figure 7-1).
Figure 7-1 Ht://Dig Indexing and Search Administration Page
To check if the Public Web
Server is running, click on Start/Stop the Public Web Server which
connects to the Web Server Administration page. If the Public Web
Server is not running, you can start it at this time from the Web
Server Administration page.
Click on the htdig symlink
button to enable the search function. This action makes the ht://Dig
files available from the document root.
The form refreshes with a link to the ht://Dig search page on your
server (Figure 7-2).
Figure 7-2 Link to Ht://Dig Search Index Page
Click on the documents symlink
button to enable indexing. This action makes the Internet Express
documents available from your document root.
To update the ht://Dig configuration
file (/usr/internet/www/conf/htdig.conf) to specify
a start URL or exclude URLs from the search, enter the URL information
in the respective fields and click on Update Ht://Dig configuration. Figure 7-3 shows the lower
part of the Ht://Dig Indexing and Search Administration page with
a message that the configuration information has been updated.
Figure 7-3 Updated Ht://Dig Configuration File Message
You can also configure the ht://Dig search index
and run a search fromTru64 UNIX the command shell. After installing
ht://Dig, the Internet Express installation script displays the following
message, prompting you to create a search index on the server:
To create an index of this server, review the configuration in
/usr/internet/www/conf/htdig.conf and run /usr/internet/www/bin/rundig
For example, to configure ht://Dig to index the
Internet Express documentation, follow these steps:
Create a symlink to the Internet Express documentation
and the ht://dig documents in /usr/internet/httpd/htdocs, as follows:
# cd /usr/internet/httpd/htdocs
# ln -s /usr/internet/docs/IASS documents
# ln -s /usr/internet/www/htdocs/htdig htdig
Edit the /usr/internet/www/conf/htdig.conf file and change the value of start_url“”,
replacing hostname with your system's host name:
Create the search index, as follows:
# /usr/internet/www/bin/rundig -v
Searching the Index
creating the search index (Section : Creating the Search Index), search the index by opening the search
From the Ht://Dig Indexing and Search Administration
page, click on the Ht://Dig Search Page link.
Alternately, from your Web browser, enter the following
“”where hostname is your system's
for ht://Dig is installed in the /usr/internet/docs/htdig/ directory and is also available at http://www.htdig.org.