httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From InHisGrip <>
Subject [users@httpd] Apache Compile 2.0.50.tar.gz - successful...... But.................
Date Thu, 29 Jul 2004 17:58:09 GMT
Hi Nick, or everyone who may want to lend a helping

After constant testing, trying to figure out how the
compile might work this time around, finally it did! 

Thanks to you, Scot Harris and others who have
contributed in some way. Thanks guys!!!

However, I have questions as a followup for this
successful compile. Please see below, here is the
summary of the steps that I did for the nth time

--- Nick Kew <> wrote:

On Sat, 24 Jul 2004, InHisGrip wrote:

1. Downloaded the httpd-2.0.50.tar.gz at the site.


2. Moved the tarball into a convenient location,

That's unconventional, but harmless.

3. Issued the following commands from /usr/local/src:

You missed the important security step: verify the PGP
signature on it.

# tar -vzxf httpd-2.0.50.tar.gz
# cd httpd-2.0.50
# ./configure --prefix=/usr/local/apache2
--enable-mods-shared=all (this one, I added)

# make
# make install

That's fine for what you're doing, but to have a
useful webserver you
would of course want to customise it a bit more:-)

Nick Kew

After the stuffs above: did the following too...

# cd /usr/local/apache2/bin
# ./apachectl start
# ./apachectl stop
# ./apachectl restart

No errors from here, after this, I edited the
/etc/init.d/httpd wherein I have changed the default
directory paths to the correct one, i.e.
/usr/local/apache2 and so on.... which worked.

Now, here are my questions folks:

1. Please advise if these commands are okay or
necessary after the ./apachectl restart?

# chkconfig --add httpd
# chkconfig --level 2345 httpd on
# chkconfig --list

2. You mentioned that I missed out the most important
part which is verifying the PGP signature which is
correct. However, I tried verifying the tarball by
following the howto on site but
unfortunately could not verify the signature and file

I know that I need to go and get the checksum or the
key from a trusted source at the main site and then
download the tarball from the nearest site.... when I
did an md5checksum httpd-2.0.50-tar.gz.asc to verify
this and compare the figures I couldn't. Is there a
way to do this file and signature verification

3. Now, since my compile settings was somehow
successful. When I tried accessing the site, through
my browser whether from my local home network or
internet. I get this error 403 message:


You don't have permission to access / on this server.

Apache/2.0.50 (Unix) DAV/2 Server at Port 5688

Now, I presume root cannot be world readable and this
is security reasons. Is there a workaround this? I
tried chmod 755
/usr/local/apache2/htdocs/ but to
no avail. I also did make a symbolic link by typing in
the same working directory, 

# ln -s index.htm index.html

No luck yet....

Since we are talking about security, I will be posting
another email on this issue of securing apache so that
you may give some of your own expert opinion from your
own standpoint.

Again, thanks very much for looking into this. I
couldn't have done the initial process without the
generous replies of all the people who replied to this
thread such as yourself.

Thanks in advance.


Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage! 

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message