Reviewer: Crouse
Website: http://www.usalug.org
The Book:
Apache Cookbook
By Ken Coar & Rich Bowen
254 pages
1st Edition November 2003
ISBN: 0-596-00191-6
Book Link: http://www.oreilly.com/catalog/apacheckbk/
This book is a must have for anyone with an understanding of the Apache Web
Server. It is basically a compilation of about 100 real life problems and the
answers dealing with the Apache Web Server. Page after page of interesting
problems and the solutions, all written in an easy to understand format.
Starting with the preface, this book is very informative, and just keeps
getting better as you read. Even those not very familiar with the Apache Web
Server, would be able to understand most of what is written, it is explained
that well.
Alot of ground is covered in these 254 pages. Everything from installing Apache
from source, to more advanced topics, like "Sharing Load Between Servers using
mod_proxy". While it isn't meant to be read cover to cover, and is more
a "reference" for making the Apache Web Server do what you want it to do, it is
a very easy to read book. If you want alot of knowledge of Apache, in a concise
package, this book provides it in abundance. One of the few "reference" type
books that I can actually read cover to cover, even though it's not really meant
to be.
The book doesn't just cater to those running their own web servers. Many of
the applications listed in the book can be very useful to those webmasters stuck
in private directories on someone else's server. This is because of the
wonderful properties of the .htaccess file. Many of the scenarios listed in the
book can be applied by using the .htaccess file. So if your a webmaster, this
book is useful for you too, if you have a web host that use's Apache. You don't
even have to be a Linux nut like me.
What's in the book? Well the chapter titles say alot.
Chapter 1. Installation
Chapter 2. Adding Common Modules
Chapter 3. Logging
Chapter 4. Virtual Hosts
Chapter 5. Aliases, Redirecting, and Rewriting
Chapter 6. Security
Chapter 7. SSL
Chapter 8. Dynamic Content
Chapter 9. Error Handling
Chapter 10. Proxies
Chapter 11. Performance
Chapter 12. Miscellaneous Topics
The appendix's could very well have been just two more chapters. They have an
abundance of information themselves.
Appendix A. Using regular expressions
Appendix B. Troubleshooting
I believe Chapter 6, alone, is worth the price of this entire book. This was by
far and away the most interesting section of this book for me. Maybe because
security is job #1 when running a web server. This chapter covers alot of
ground and answers alot of questions when it comes to security. This is the one
section that I wish the author had alloted even more space to. Even so, this
particular section of the book was extremely informative.
6. Security
6.1 Using System Account Information for Web Authentication
6.2 Setting Up Single-Use Passwords
6.3 Expiring Passwords
6.4 Limiting Upload Size
6.5 Restricting Images from Being Used Off-Site
6.6 Requiring Both Weak and Strong Authentication
6.7 Managing .htpasswd Files
6.8 Making Password Files for Digest Authentication
6.9 Relaxing Security in a Subdirectory
6.10 Lifting Restrictions Selectively
6.11 Authorizing Using File Ownership
6.12 Storing User Credentials in a MySQL Database
6.13 Accessing the Authenticated Username
6.14 Obtaining the Password Used to Authenticate
6.15 Preventing Brute-Force Password Attacks
6.16 Using Digest Versus Basic Authentication
6.17 Accessing Credentials Embedded in URLs
6.18 Securing WebDAV
6.19 Enabling WebDAV Without Making Files Writable by the Web User
6.20 Restricting Proxy Access to Certain URLs
6.21 Protecting Files with a Wrapper
6.22 Protecting All Files Except a Subset
6.23 Protecting Server Files from Malicious Scripts
6.24 Setting Correct File Permissions
6.25 Running a Minimal Module Set
6.26 Restricting Access to Files Outside Your Web Root
6.27 Limiting Methods by User
6.28 Restricting Range Requests
Ever want to know how to do any of the above? It's in there. A complete listing
of the Table of Contents is located here :
http://www.oreilly.com/catalog/apacheckbk/toc.html So if you use Apache, and
aren't an Apache guru,or even if you are, this book is a must have. I know I
won't be parting with my copy any time soon.
This book gets the maximum 5/5 bigrins
|
