Initial Server Startup Error Messages

Suppose that Apache has started up and, according to ps, it’s actually running. But when you go to the site, you experience the following problems or error messages:

•  No connection at all. Make sure that no firewalls are between you and the server that would filter out packets to the server. Second, try using telnet to the port you launched the Web server on—for example, telnet myhost.com 80. If you don’t get a Connected to myhost.com message back, your connection isn’t even making it to the server in the first place.

•  403 Access Forbidden. Your document root directory may be unreadable, or you might have something in your access.conf file that prevents access to your site from the machine where your Web browser is.

•  500 Server Error. Is your front page a CGI script? The script might be failing.

These are the most common errors made in initial server startups. If you can confirm that contact with the server is actually being made, the next best place to look for error information is in the ErrorLog.

Setting Up Apache-SSL

At this point, we’ll take a slight detour and discuss a variant of the Apache Web server, Apache-SSL, which can conduct secure transactions over the Secure Sockets Layer protocol. SSL is an RSA public-key-based encryption protocol developed by Netscape Communications for use in the Netscape Navigator browser and Netscape Web servers.

Until recently, the only option for doing SSL transactions on the World Wide Web has been to use a proprietary server, such as the Netscape Commerce server or the OpenMarket Secure server. Strongly encrypting versions of these servers haven’t been available outside the United States due to export restrictions in the states.

Eric Young, author of the widely used libdes package, with Tim Hudson wrote a library that implements SSL, eponymously named SSLeay. The SSLeay package has since expanded to become an all-purpose cryptography and certificate-handling library, while retaining the same name, SSLeay.

Ben Laurie, a member of the Apache Group, then took the SSLeay library and interfaced it with the Apache server, making his patches available to people on the Net. Sameer Parekh of Community ConneXion, Inc. (hereafter referred to as C2) then took Ben Laurie’s patches and built a package legal for use within the United States.

Because the RSA technology used by SSL in the United States is covered by patents owned by RSA Data Security, Inc. (RSADSI) (www.rsa.com), it isn’t legal to use the SSLeay package “out-of-the-box” within the United States. C2 licensed the RSA technology to make use of the package legal within the United States by using the “RSAREF” package, produced by RSADSI and Consensus Development Corporation (www.consensus.com).

Due to export restrictions, it isn’t legal for someone outside the United States to download and install the C2 Apache-SSL package. In fact, we couldn’t even put the SSL patches on the CD-ROM included with this book because the book would suddenly have earned the label “munition,” and clearance from the U.S. government to export the book would have been required!

To learn more about SSL and Apache, go to the URL http://www.apache-ssl.org.

From Here…

You can learn more details about setting up, configuring, and running the Apache Web server in the following chapters:

•  Chapter 36, “Configuring Apache,” discusses the configuration options for Apache in greater detail.

•  Chapter 37, “Managing an Internet Web Server,” teaches you how to make your server robust, efficient, automated, and secure.