Apache's 'modular' architecture makes is possible for anyone
to add new functions to the server. In fact, most of the code
that comes as part of the Apache distribution is in the form
of modules, and can be removed or replaced. For example, if
the 'asis' function is never needed, the asis module
(mod_asis) can be removed, making the server executable
smaller and potentially reducing the load on the server host.
There are a large number of modules now written for Apache.
Besides those included with the distribution, modules are
also written to add functions not already in the code, or to
do things which are needed on some sites but are not of
widespread use. Some of these modules are written by Apache
developers. Most of them, however, are written by other users
of Apache who want to adapt its functionality for their
needs.
In this article, we will look at a range of Apache modules
which can be added to the server. First though, we show how
to add a new module.
It is easy to add a module to Apache:
-
Obtain the module source code file and place in the Apache
src directory
-
Add the module definition to the Apache 'Configuration'
-
Re-compile Apache
-
Install the server executable and re-start the server
So first you need to download the new module. Most modules
come as a single source file, called mod_something.c.
Place this file in Apache's src directory. If the
module comes as more than one file (for example, the PHP/FI
module) follow the instructions that come with the module.
Having got the module source, Apache needs to be configured
so that it will compile this code. To do this, edit the
Configuration file in the src directory, and add a
suitable Module line. This will have the format
Module name_module mod_something.o
The first argument, name_module, must match the name
given in the module's source code - look for the 'module
definition' near the end of the file, which will look like
this:
module name_module = {
NULL,
...
};
The name_module text in the Configuration file must
match the name_module text in the module source
exactly. The second argument on the Module line is the
filename of the module, with the final .c replaced by .o.
After editing Configuration, re-compile Apache by running
./Configure
make
Finally, stop your current server (with
kill -TERM pid),
install the new httpd executable, and start
it running (e.g. ./httpd -d /usr/local/httpd).
If you have not looked at the standard modules which come
with Apache, you might be missing some functions you could
find useful. In addition, you might be compiling in some
things you never use. All the standard Apache modules are
listed in the Configuration file.
The next release of Apache will come with a few more standard
modules, such as a module to rewrite URLs on the fly, and a
module to add PICS content-rating labels to responses.
Modules can be found in several different places:
-
In the Apache 'src' directory
-
In the Apache 'contrib/modules'
directory
-
In the 'Module
Registry'
-
Other sites (try a search engine and look for "Apache
Module").
To simplify finding modules to do what you want, here is the
Apache Week guide to add-on modules by function. These are
taken from all the above sources, and are presented as an
example of what is available. We cannot guarantee that these
modules with do what they say they do, or even that they work
with all versions of Apache. If a module named below is not a
link, then that module is distributed with Apache 1.1.1.
Otherwise the link will take you to that module (if the link
is to a .c or .tar file, save it to a file,
else the link goes to an HTML page or FTP directory).
-
Authentication
There are a whole range of options for different
authentication schemes. The usernames and passwords can be
stored in flat files (with the standard mod_auth), or in
DBM or Berkeley-DB files (with mod_auth_dbm or mod_auth_db
respectively).
For more complex applications, usernames and password can
be stored in mSQL, Postgres95 or DBI-compatible
databases, using mod_auth_msql, mod_auth_pg95 or mod_auth_dbi.
If passwords cannot be stored in a file or database
(perhaps because they are obtained at run-time from
another network service), the
mod_auth_external.c module lets you call an external
program to check whether the given username and password
is valid. If your site uses Kerebos,
mod_auth_kerb allows Kerebos-based authentication.
For LDAP authentication, see
mod_auth_ldap.
The mod_auth_anon module can be used to allow an
'anonymous-ftp' style access to authenticated areas,
where users give an anonymous username and a real email
address as password.
There are also modules to hold authentication information
in cookies, and to authenticate against standard
/etc/passwd and NIS password services. See the Module
Registry.
-
Blocking Access
mod_block.c blocks access to pages based on the
'referer' field. This can be used to help prevent (for
example) your images being used on other people's pages.
For more complex cases, mod_rewrite can be used to
implement blocking based on arbitrary headers (e.g.
referer and user-agent), as well as on the URL itself.
-
Counters
There are a number of counter modules available, including
mod_counter.c and mod_cntr.
Some server-side scripting languages, such as PHP/FI can also provide
access counters.
-
Faster CGI Programs
Perl CGIs can be sped up considerably by using the mod_perl modules, which
build a perl interpreter into the Apache executable, and
optionally allows scripts to start up when the server
starts.
Alternatively, the mod_fastcgi module
implements FastCGI on Apache, giving much better
performance from a CGI-like protocol.
-
Languages and Internationalisation
The Russian
Character Set (RCS) module provides support for Russian
character sets, while mod_fontxlate
can translate characters in single-byte character sets, for
countries with multiple non-standard character sets.
-
Miscellaneous
mod_speling.c attempts to fix mis-capitalised URLs, by
comparing with files and directories in a case-insensitive
manner. A module which makes your ftp archive into web
pages is available at
mod_conv.tar.gz.
-
Server-Side Scripting
There are several different modules which allow simple (or
not so simple) scripts to be embedded into HTML pages. XSSI
is an extended version of standard SSI commands, while PHP and NeoScript are
more powerful scripting languages.
-
Throttling connections
mod_simultaneous.c limits the number of simultaneous
accesses to particular directories, which could be a way of
implementing limits for images directories.
mod_bandwidth provides a similar service. mod_throttle
can be used to slow down responses for users who exceed a
given "bytes per second" download rate.
-
URL rewriting
The mod_rewrite module is a powerful (and complex) way of
mapping the request URL onto a new URL on the fly, using
regular expressions and optionally mapping files in text or
DBM format. It can also implement conditional rewrites
based on other request headers (e.g. User-Agent).