Module Soup

Apache's 'modular' architecture makes is possible for anyone to add new functions to the server. In fact, most of the code that comes as part of the Apache distribution is in the form of modules, and can be removed or replaced. For example, if the 'asis' function is never needed, the asis module (mod_asis) can be removed, making the server executable smaller and potentially reducing the load on the server host.

There are a large number of modules now written for Apache. Besides those included with the distribution, modules are also written to add functions not already in the code, or to do things which are needed on some sites but are not of widespread use. Some of these modules are written by Apache developers. Most of them, however, are written by other users of Apache who want to adapt its functionality for their needs.

In this article, we will look at a range of Apache modules which can be added to the server. First though, we show how to add a new module.

It is easy to add a module to Apache:

• Obtain the module source code file and place in the Apache src directory
• Add the module definition to the Apache 'Configuration'
• Re-compile Apache
• Install the server executable and re-start the server

So first you need to download the new module. Most modules come as a single source file, called mod_something.c. Place this file in Apache's src directory. If the module comes as more than one file (for example, the PHP/FI module) follow the instructions that come with the module.

Having got the module source, Apache needs to be configured so that it will compile this code. To do this, edit the Configuration file in the src directory, and add a suitable Module line. This will have the format

  Module    name_module    mod_something.o

The first argument, name_module, must match the name given in the module's source code - look for the 'module definition' near the end of the file, which will look like this:

  module name_module = {
     NULL,
     ...
  };

The name_module text in the Configuration file must match the name_module text in the module source exactly. The second argument on the Module line is the filename of the module, with the final .c replaced by .o.

After editing Configuration, re-compile Apache by running

  ./Configure
  make

Finally, stop your current server (with kill -TERM pid), install the new httpd executable, and start it running (e.g. ./httpd -d /usr/local/httpd).

If you have not looked at the standard modules which come with Apache, you might be missing some functions you could find useful. In addition, you might be compiling in some things you never use. All the standard Apache modules are listed in the Configuration file.

The next release of Apache will come with a few more standard modules, such as a module to rewrite URLs on the fly, and a module to add PICS content-rating labels to responses.

Modules can be found in several different places:

• In the Apache 'src' directory
• In the Apache 'contrib/modules' directory
• In the 'Module Registry'
• Other sites (try a search engine and look for "Apache Module").

To simplify finding modules to do what you want, here is the Apache Week guide to add-on modules by function. These are taken from all the above sources, and are presented as an example of what is available. We cannot guarantee that these modules with do what they say they do, or even that they work with all versions of Apache. If a module named below is not a link, then that module is distributed with Apache 1.1.1. Otherwise the link will take you to that module (if the link is to a .c or .tar file, save it to a file, else the link goes to an HTML page or FTP directory).

• Authentication
  There are a whole range of options for different authentication schemes. The usernames and passwords can be stored in flat files (with the standard mod_auth), or in DBM or Berkeley-DB files (with mod_auth_dbm or mod_auth_db respectively).

  For more complex applications, usernames and password can be stored in mSQL, Postgres95 or DBI-compatible databases, using mod_auth_msql, mod_auth_pg95 or mod_auth_dbi.

  If passwords cannot be stored in a file or database (perhaps because they are obtained at run-time from another network service), the mod_auth_external.c module lets you call an external program to check whether the given username and password is valid. If your site uses Kerebos, mod_auth_kerb allows Kerebos-based authentication. For LDAP authentication, see mod_auth_ldap.

  The mod_auth_anon module can be used to allow an 'anonymous-ftp' style access to authenticated areas, where users give an anonymous username and a real email address as password.

  There are also modules to hold authentication information in cookies, and to authenticate against standard /etc/passwd and NIS password services. See the Module Registry.

• Blocking Access
  mod_block.c blocks access to pages based on the 'referer' field. This can be used to help prevent (for example) your images being used on other people's pages.

  For more complex cases, mod_rewrite can be used to implement blocking based on arbitrary headers (e.g. referer and user-agent), as well as on the URL itself.

• Counters
  There are a number of counter modules available, including mod_counter.c and mod_cntr. Some server-side scripting languages, such as PHP/FI can also provide access counters.

• Faster CGI Programs
  Perl CGIs can be sped up considerably by using the mod_perl modules, which build a perl interpreter into the Apache executable, and optionally allows scripts to start up when the server starts.

  Alternatively, the mod_fastcgi module implements FastCGI on Apache, giving much better performance from a CGI-like protocol.

• Languages and Internationalisation
  The Russian Character Set (RCS) module provides support for Russian character sets, while mod_fontxlate can translate characters in single-byte character sets, for countries with multiple non-standard character sets.

• Miscellaneous
  mod_speling.c attempts to fix mis-capitalised URLs, by comparing with files and directories in a case-insensitive manner. A module which makes your ftp archive into web pages is available at mod_conv.tar.gz.

• Server-Side Scripting
  There are several different modules which allow simple (or not so simple) scripts to be embedded into HTML pages. XSSI is an extended version of standard SSI commands, while PHP and NeoScript are more powerful scripting languages.

• Throttling connections
  mod_simultaneous.c limits the number of simultaneous accesses to particular directories, which could be a way of implementing limits for images directories. mod_bandwidth provides a similar service. mod_throttle can be used to slow down responses for users who exceed a given "bytes per second" download rate.

• URL rewriting
  The mod_rewrite module is a powerful (and complex) way of mapping the request URL onto a new URL on the fly, using regular expressions and optionally mapping files in text or DBM format. It can also implement conditional rewrites based on other request headers (e.g. User-Agent).