Apache 1.3.26 Released
The Apache Software Foundation and The Apache Server Project are pleased to announce the release of version 1.3.26 of the Apache HTTP Server. This Announcement notes the significant changes in 1.3.26.
This version of Apache is principally a security and bug fix release. A summary of the bug fixes is given at the end of this document. Of particular note is that 1.3.26 addresses and fixes the issues noted in CAN-2002-0392 (mitre.org) [CERT VU#944335] regarding a vulnerability in the handling of chunked transfer encoding. We would like to thank Mark Litchfield of ngssoftware.com for discovering and reporting the vulnerability.
기본적으로 RedHat Advanced Server 2.1을 설치하면
Apache1.3.24, PHP4.0.6이 설치된다.
Apache1.3.24는 참을만했으나, PHP4.0.6은 참을 만하지 못하다.
그리고 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0392 를 방문해 보면
Apache1.3.24도 참을만 한것 같지는 않다..
구체적인 내용은 http://www.apache.kr.net/info/security_advisory-02.txt 를 참고하라..
잘 기억은 안나지만 Apache1.3.26(+PHP4.2.2)으로 업그레이드를 정리한다.
나중에 Archi 아니 Arch 서버가 들어오면 긴요하게 쓰일 수도 있을것 같아서...
Good Luck
The Apache Software Foundation and The Apache Server Project are pleased to announce the release of version 1.3.26 of the Apache HTTP Server. This Announcement notes the significant changes in 1.3.26.
This version of Apache is principally a security and bug fix release. A summary of the bug fixes is given at the end of this document. Of particular note is that 1.3.26 addresses and fixes the issues noted in CAN-2002-0392 (mitre.org) [CERT VU#944335] regarding a vulnerability in the handling of chunked transfer encoding. We would like to thank Mark Litchfield of ngssoftware.com for discovering and reporting the vulnerability.
기본적으로 RedHat Advanced Server 2.1을 설치하면
Apache1.3.24, PHP4.0.6이 설치된다.
Apache1.3.24는 참을만했으나, PHP4.0.6은 참을 만하지 못하다.
그리고 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0392 를 방문해 보면
Apache1.3.24도 참을만 한것 같지는 않다..
구체적인 내용은 http://www.apache.kr.net/info/security_advisory-02.txt 를 참고하라..
잘 기억은 안나지만 Apache1.3.26(+PHP4.2.2)으로 업그레이드를 정리한다.
나중에 Archi 아니 Arch 서버가 들어오면 긴요하게 쓰일 수도 있을것 같아서...
[root@urban tmp]# [root@urban tmp]# cp /etc/httpd/conf/httpd.conf /home/sylee/backup/ [root@urban tmp]# /etc/rc.d/init.d/httpd stop [root@urban tmp]# cp /usr/local/apache/conf/httpd.conf /home/kan [root@urban tmp]# /etc/rc.d/init.d/httpd stop httpd 를 정지함: [ 확인 ] [root@urban tmp]# /etc/rc.d/init.d/mysqld stop Killing mysqld with pid 1194 만약에 /usr/local/apache에 설치되어 있다면 [root@urban tmp]# mv /usr/local/apache /usr/local/apache_old [root@urban tmp]# cd apache_1.3.26 [root@urban apache_1.3.26]# ./configure --prefix=/usr/local/apache --enable-module=so --enable-rule=SHARED_CORE --enable-shared=max [root@urban apache_1.3.26]# make [root@urban apache_1.3.26]# make install [root@urban apache_1.3.26]# ls /usr/local/ apache apache_old doc games include libexec sbin src bin etc imap lib mysql share apache 디렉토리 생성확인 [root@urban apache_1.3.26]# cd ../php-4.2.2 [root@urban php-4.2.2]# ./configure --with-apxs=/usr/local/apache/bin/apxs --with-apache-install=/usr/local/apache --with-config-file-path=/usr/local/lib --with-mysql=/usr/local/mysql --with-pdflib=no --enable-track-vars --enable-magic-quotes --enable-modules=so [root@urban apache_1.3.26]# make [root@urban apache_1.3.26]# make install [root@urban apache_1.3.26]# cp php.ini-dist /usr/local/lib/php.ini [root@urban apache_1.3.26]# /usr/local/apache/bin/apachectl start /usr/local/apache/bin/apachectl stop: httpd started 이렇게 나오면 OK [root@urban apache_1.3.26]# /usr/local/apache/bin/apachectl stop /usr/local/apache/bin/apachectl stop: httpd stopped httpd.conf를 조절하기위해 stop [root@urban apache_1.3.26]# vi /usr/local/apache/conf/httpd.conf ServerRoot "/usr/local/apache" ServerAdmin www@urban.knu.ac.kr ServerName urban.knu.ac.kr DocumentRoot "/usr/local/apache/htdocs" Options SymLinksIfOwnerMatch MultiViews IncludesNoExec AllowOverride FileInfo AuthConfig LImit Order allow,deny Allow from all 취향에 맞게 수정 DirectoryIndex index.html BrowserMatch "RealPlayer 4.0" force-response-1.0 BrowserMatch "Java/1.0" force-response-1.0 BrowserMatch "JDK/1.0" force-response-1.0 추가 BrowserMatch "WebZIP" no_access BrowserMatch "Teleport" no_access BrowserMatch "NamoWebEditor" no_access BrowserMatch "WebTrack-HTTPP" no_access BrowserMatch "WebSymmetrix" no_access AddType application/x-tar .tgz 추가 AddType application/x-httpd-php .php .php3 .html .inc AddType application/x-httpd-php-source .phps AddHandler cgi-script .cgi NameVirtualHost 155.230.175.52:80 ServerAdmin www@urban.knu.ac.kr DocumentRoot /home/city/html ServerName city.knu.ac.kr ServerAlias city.knu.ac.kr ErrorLog logs/city.error_log TransferLog logs/city.access_log ##################################################################### /etc/rc.d/init.d/httpd ---------httpd 시작---------------------------------------------------- #!/bin/bash # # Startup script for the Apache Web Server # # chkconfig: - 85 15 # description: Apache is a World Wide Web server. It is used to serve # HTML files and CGI. # processname: httpd # pidfile: /var/run/httpd.pid # config: /etc/httpd/conf/access.conf # config: /etc/httpd/conf/httpd.conf # config: /etc/httpd/conf/srm.conf # Source function library. . /etc/rc.d/init.d/functions # This will prevent initlog from swallowing up a pass-phrase prompt if # mod_ssl needs a pass-phrase from the user. INITLOG_ARGS="" # Path to the apachectl script, server binary, and short-form for messages. apachectl=/usr/local/apache/bin/apachectl # 경로 수정 httpd=/usr/local/apache/bin/httpd # 경로 수정 prog=httpd RETVAL=0 # Find the installed modules and convert their names into arguments httpd # can use. moduleargs() { moduledir=/usr/local/apache/libexec # 경로 수정 moduleargs=` /usr/bin/find ${moduledir} -type f -perm -0100 -name "*.so" | env -i tr '[:lower:]' '[:upper:]' | awk '{ gsub(/.*//,""); gsub(/^MOD_/,""); gsub(/^LIB/,""); gsub(/.SO$/,""); print "-DHAVE_" $0}'` echo ${moduleargs} } # The semantics of these two functions differ from the way apachectl does # things -- attempting to start while running is a failure, and shutdown # when not running is also a failure. So we just do it the way init scripts # are expected to behave here. start() { echo -n $"Starting $prog: " daemon $httpd `moduleargs` $OPTIONS RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/httpd return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc $httpd RETVAL=$? echo [ $RETVAL = 0 ] && rm -f /var/lock/subsys/httpd /var/run/httpd.pid } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) status $httpd ;; restart) stop start ;; condrestart) if [ -f /var/run/httpd.pid ] ; then stop start fi ;; graceful|help|configtest) $apachectl $@ RETVAL=$? ;; *) echo $"Usage: $prog {start|stop|restart|condrestart|status|fullstatus|graceful|help|configtest}" exit 1 esac exit $RETVAL ---------httpd 끝------------------------------------------------------ ##################################################################### /etc/logrotate.d/apache ---------apache 시작-------------------------------------------------- /usr/local/apache/logs/access_log /usr/local/apache/logs/error_log{ missingok sharedscripts postrotate /bin/kill -HUP `cat /usr/local/apache/logs/httpd.pid 2>/dev/null` 2> /dev/null || true endscript } ---------apache 끝---------------------------------------------------- ##################################################################### /usr/local/lib/php.ini 적당히 수정. 끝. |
Good Luck