You’ve come a long way in your study of Linux and you are now ready to look at one of the most popular applications of Linux: using the operating system as the basis for small and medium-sized Web servers.
In fact, Linux is widely used for deploying Web servers for a number of reasons:
- It provides the flexibility and manageability of Unix.
- It costs little or nothing to set up and run.
- It provides a wide breadth of tools for building fairly sophisticated Web sites
This information covers the basic of turning a Linux PC into a Web server for an intranet or Internet site. It starts with an overview of the job played by a Web server and then examines some of the major Web servers available for Linux.
It then provides detailed information about installing, configuring, and managing the Apache Web server, arguably the most popular Web server on the Internet and the one that currently ships with Red Hat Linux 7.1.
What Is a Web Server?
If you have used the Web at all, you have probably heard the term “Web server” bandied about, but you may not have a clear picture of what a Web server does.
While it is often the case that a term servers a dual purpose, referring to physical machines as well as the software they run, “Web server” correctly refers to the software that can be run to answer requests from Web clients such as Web browsers.
Web server software is designed to serve a simple purpose: to answer requests from clients, using the Hypertext Transfer Protocol(HTTP), for documents available from the Web site being handled by that software.
What happens is this: The client requests a document using a URL; the Web server receives the request, maps the URL to a physical file on the system (which could be an HTML file or any one of numerous other file types), and then, after making sure that client has permission to retrieve the file, returns the file to the client. In addition, the Web server generally keeps logs of who has requested which documents and how many times requests were made, allowing for the production of statistics used to determine how popular Web sites are.
More Than Just Retrieving Files
The description above is overly simplistic, but that explanation servers to describe the work done by the majority of Web servers most of the time.
Of course, when you browse the Web, you quickly become aware that the Web is more than simply a set of static documents that a Web server sends to Web browser on request. Forms can be used to request information from the server or provide information to the organization running the server. Products can be ordered, credit cards can be verified, and many other types of transactions can take place.
In order for all this interactivity to occur, modern Web servers must do more than simply answer HTTP requests. Web servers generally provide two mechanisms for interactions:
- The Common Gateway Interface (CGI)
- Server application program interfaces (APIs)
The Common Gateway Interface
CGI is the most widely deployed method for adding interactivity to a Web server. Under the CGI model, a very simple extension is added to the HTTP for requesting static files.
CGI provides a standardized method for causing a program to be run on the server and for data from a form to be passed to the program for processing. These programs can be written in almost any programming or scripting language – C, Perl, and Java are commonly used.
When a user requests a CGI program, possibly by submitting a form or by clicking a link to the program, the Web server passes the user’s data to the CGI program and waits for the program to return data. Any data returned by the program is passed straight back to the client in the same way that the contents of a static files are returned to a browser, It is the program’s job to produce valid content to be returned to the browser and to handle all contingencies so that valid content is return to the client.
Overall, the CGI concept has worked quite well. The simplicity of the way data is passed from the server to the CGI program, and the way in which the program needs to build the data it returns to the server, means that simple CGI programs can be written with little programming experience.
In addition, it is easy to change and test CGI programs, since popular scripting languages such as Perl can be used to write them.
The standard nature of the CGI interface also means that a CGI script or program written for one Linux Web server will likely function without alteration on any other Linux Web server and possibly on any other Unix server, if it is written using a language commonly found in all operating systems.
Still, for all its advantages, CGI suffers from some serious drawbacks that make it unattractive for some Web sites. Its two main weaknesses pertain to security and speed.
Since the emergence of the Web, significant holes in the CGI interface have been discovered that, if a script is poorly written, can allow a system running a Web server to be completely accessible to a knowledgeable hacker. This makes CGI less than desirable where the security of the data on the Web server is paramount, as it would be on most corporate Internet and intranet servers, and especially on sites offering online financial transactions and credit card sales.
In addition, the CGI interface is not very efficient. The Web server runs one or more processes that answer client requests. The browser then starts child processes for the CGI program, passing data to this new process and waiting for it to finish. On a busy site, this can lead to large numbers of new processes needing to start in short periods of time, especially where CGI scripts are being heavily used. Each request for a CGI program leads to a separate process for each request.
This is highly inefficient way to process large amounts of data and requests, and it’s the reason why many leading Web servers have implemented their own APIs for writing server-side programs.
Application Program Interfaces
APIs provide a way to write programs that integrate tightly into the Web server and generally don’t required new processes for each request. APIs have enabled the development of Web-based applications that are capable of handling large numbers of requests as compared to similar CGI-based solutions. In addition , API-based solutions have been the subject of less criticism with regard to security. API-based programs can generally do the same jobs as CGI programs do, such as processing information provided in forms, accessing data in databases, and verifying.