Red Hat ENTERPRISE LINUX 3 Reference Manual

Also see for ENTERPRISE LINUX 3 - SECURITY GUIDE: Tuning guide Installation guide Installation guide Installation guide Manual

Contents

156 Chapter 10. Apache HTTP ServerOne aspect of SSL enhanced HTTP transmissions is that they are more resource intensive than thestandard HTTP protocol, so a secure server cannot serve as many pages per second. For this reason itis often a good idea to minimize the information available from the secure server, especially on a hightraffic Web site.ImportantDo not use name-based virtual hosts in conjunction with a secure Web server as the SSL handshakeoccurs before the HTTP request identifies the appropriate name-based virtual host. Name-basedvirtual hosts only work with the non-secure Web server.The configuration directives for the secure server are contained within virtual host tags in the/etc/httpd/conf.d/ssl.conf file.By default, both the secure and the non-secure Web servers share the same DocumentRoot. It isrecommended that the DocumentRoot be different for the secure Web server.To stop the non-secure Web server from accepting connection, comment the line in httpd.confwhich reads Listen 80 by placing a hash mark (#) at the beginning of the line. When finished, it theline looks like the following example:#Listen 80For more information on configuring an SSL enhanced Web server, refer to the chapter titled ApacheHTTP Secure Server Configuration in the Red Hat Enterprise Linux System Administration Guide.For advanced configuration tips, refer to the Apache Software Foundation documentation availableonline at the following URLs:• http://httpd.apache.org/docs-2.0/ssl/• http://httpd.apache.org/docs-2.0/vhosts/10.9. Additional ResourcesTo learn more about the Apache HTTP Server, refer to the following resources.10.9.1. Useful Websites• http://httpd.apache.org/ — The official website for the Apache HTTP Server with documentationon all the directives and default modules.• http://www.modssl.org/ — The official website for mod_ssl.• http://www.apacheweek.com/ — A comprehensive online weekly newsletter about all thingsApache.10.9.2. Related Books• Apache Desktop Reference by Ralf S. Engelschall; Addison Wesley — Written by ASF memberand mod_ssl author Ralf Engelschall, the Apache Desktop Reference provides a concise but com-prehensive reference guide to using the Apache HTTP Server at compilation, configuration, andrun time. This book is available online at http://www.apacheref.com/.