• Get application security done the right way! Detect, Protect, Monitor, Accelerate, and more…
  • Apache is the most popular Web Server, and if you intend to work as a Middleware/System/Web administrator, then you must be familiar with it. Apache HTTP is an open-source Web Server for Windows & UNIX.

    A few days back, I wrote about WebSphere Interview Questions, and many of you requested to write about Apache Web Server so here you go.

    The following questions are often asked in an interview from beginner to expert level. Most of the organization will have Web Server managed by Middleware/System administrator along with Application Server and other components.

    Let’s get started with real-time interview questions & answers

    1. How to stop/start Apache Web Server?

    You can restart by going to Apache instance location >> bin folder and execute apachectl script.

    ./apachectl stop
    ./apachectl start

    You may also use a script located in /etc/init.d/. Mostly it will be named either “apache” or “httpd”

    /etc/init.d/apache stop
    /etc/init.d/apache start

    Another procedure would be using services

    httpd stop
    service httpd start

    2. What is the default port for HTTP and HTTPS?

    The default port for HTTP is 80 and HTTPS 443. Checkout default ports for other applications listed here.

    3. Can you tell me the important configuration file name?

    httpd.conf is the main configuration file used in Apache.

    4. How to check the version of running Apache Web Server?

    There are multiple ways to find this but more accurately would be;

    • Login to a web server
    • Go to apache instance and bin folder
    • Executed httpd with -v to get the version details.
    [[email protected] sbin]# ./httpd -v
    Server version: Apache/2.2.15 (Unix)
    Server built:   Jul 18 2016 15:24:00
    [[email protected] sbin]#

    Alternatively, you can also use the rpm command to check the installed version.

    [[email protected] ~]# rpm -qa |grep httpd
    httpd-2.2.15-54.el6.centos.x86_64
    httpd-tools-2.2.15-54.el6.centos.x86_64
    [[email protected] ~]#

    5. How to know if a web server is running?

    There are multiple ways to find this.

    1. Login to a web server and grep for “httpd” process
    ps -ef |grep httpd
    1. Check for any alert in your monitoring dashboard.
    2. Check if your apache IP:port is accessible in the browser

    Ex: http://yourapacheserver.com

    1. Check if configured IP and port is listening on the server with netstat
    netstat -anlp |grep 80

    6. How to install Apache HTTP?

    There are three possible ways to get this installed.

    Using source code – you can download the source and compile it.

    tar xvf  httpd-1.2.3.tar
    gzip -d httpd-1.2.4.tar.gz
    •  Navigate to where you extracted the source via the cd command and configure it using the  ./configure  command on the terminal
    • Then compile it using the make command.
    • Finally, use the make install command to install it.

    If you want to find out more options on how to configure it, you can make use of the configure --help command.

    YUM repository – if your server is connected to the Internet or has an internal repository then you can use yum to install it.

    yum install httpd

    RPM – You can download the necessary RPM package and use the rpm command.

    rpm -ivh packagename.rpm

    7. How to ensure Apache listens to only one IP address on the server?

    This is often needed when you have multiple IPs on the server. To ensure Apache listens only on specified IP then you need to explicitly mention IP and port in Listen directive.

    Ex:

    Listen 10.10.10.10:80

    8. How to ensure the Apache run with non-root/nobody user?

    This is doable by adding User & Group directive in httpd.conf file

    User apache
    Group apache

    The above configuration example will ensure it starts with “apache” user. You must ensure users exist on the server before configuring it.

    9. How do I disable directory indexing?

    You can use “Options -Indexes” in the respective directory directive.

    Ex:

    <Directory />
           Options -Indexes
    </Directory>

    10. Which module is required to have redirection possible?

    mod_rewrite is responsible for the redirection, and this must be uncommented in httpd.conf file.

    LoadModule rewrite_module modules/mod_rewrite.so

    11. Can you change the listening port from default to something else?

    Yes, it’s possible by specifying the port number in the Listen directive.

    Ex: to make Apache listen on 9000 port to 10.10.10.10 IP address.

    Listen 10.10.10.10:9000

    12. How to secure a Website hosted on Apache Web Server?

    There are multiple ways to secure the Apache webserver including the following.

    13. What are the log files generated by Apache?

    There are two popular log files created;

    • access.log – all request details with the status code
    • error.log – capture all the errors within apache or connecting to the backend

    14. How to create a CSR?

    You can either use the following OpenSSL command or generate CSR online.

    To create new CSR with a private key

    openssl req -out geekflare.csr -newkey rsa:2048 -nodes -keyout geekflare.key

    Check out the OpenSSL cheat sheet for more commands.

    15. What is Virtual Hosting?

    Virtual Hosting in Apache allows you to host multiple websites on a single instance. You can either create IP based or Name based on virtual hosting.

    16. What module is needed to connect to WebSphere?

    mod_was_ap22_http.so must be added in httpd.conf file to integrate with IBM WAS.

    17. How to put Log level in Debug mode?

    Often needed when you are troubleshooting the issue and wish to capture more details. You can change the logging level to debug by ensuring the following in httpd.conf file.

    LogLevel debug

    18. Which module is required to enable SSL?

    The mod_ssl module must be uncommented before SSL implementation.

    LoadModule auth_basic_module modules/mod_ssl.so

    19. What’s the WebLogic module name?

    mod_wl_22.so

    20. What is the log level available in Apache?

    The default configuration is set to “warn” however, the following is possible too.

    • debug
    • info
    • warn
    • notice
    • crit
    • alarm
    • emerg
    • error

    21. What is DocumentRoot?

    DocumentRoot directive is the configuration where you can specify the folder location from where the static files will be served. It’s also called as WebRoot.

    Default DocumentRoot location is /var/www/html

    22. How to deploy war or JAVA applications in Apache?

    I am afraid, Apache is a Web Server, and Java-based application deployment is not possible with it. However, you can integrate Java application servers like WebLogic, WebSphere, JBoss where you can deploy war, ear files.

    23. What’s a difference between Apache Web Server and Apache Tomcat?

    Apache Web is an HTTP server to serve static contents where Tomcat is a servlet container to deploy JSP files.

    You can always integrate Apache HTTP with Tomcat, however, based on the requirement you need to choose either one. If you need a proper web server, then Apache HTTP else Tomcat for JSP-Servlet Container.

    24. How can Apache act as a Proxy Server?

    You can use a mod_proxy module to use as a proxy server. The mod_proxy module can be used to connect to the backend server like Tomcat, WebLogic, WebSphere, etc.

    25. How to configure Apache log, so it captures the time taken to serve a request?

    You can add “%D” in httpd.conf file under LogFormat directive to capture the response time taken to serve the request. It will show time in microseconds.

    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" combined

    Restart the Apache web server, and you can see the results.

    182.19.197.23 - - [02/Oct/2016:10:32:25 +0000] "GET / HTTP/1.1" 403 4961 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 1515
    182.19.197.23 - - [02/Oct/2016:10:32:25 +0000] "GET /icons/apache_pb.gif HTTP/1.1" 304 - "http://lab.geekflare.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 424
    182.19.197.23 - - [02/Oct/2016:10:32:25 +0000] "GET /icons/poweredby.png HTTP/1.1" 304 - "http://lab.geekflare.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" 472

    26. What tool do you use for log analysis?

    You got to speak the truth but to give you an idea you can use GoAccess, SumoLogic or few mentioned here.

    27. What are the Web Servers you’ve worked on along with Apache?

    Again, you better tell the truth but to make you aware, there are many web servers in the market including the following.

    • Nginx
    • Microsoft IIS
    • LiteSpeed
    • GWS

    28. How to verify httpd.conf file to ensure no configuration syntax error?

    httpd –t will help you to check the syntax.

    [[email protected] httpd]# /usr/sbin/httpd -t
    Syntax OK
    [[email protected] httpd]#

    Alternatively, you may use the apachectl command as well.

    [[email protected] ~]# /usr/sbin/apachectl configtest
    Syntax OK
    [[email protected] ~]#

    29. How to perform Apache performance benchmark?

    You can use a tool like ApacheBench, SIEGE to perform the load test on web servers including Apache. Another option to perform stress test online to see the overall how web application performs under load.

    30. How to get support for Apache Web Server if something wrong?

    Apache is an Open Source web server, so there is no enterprise-level support. However, you can raise a bug report or ask a question on Stack Overflow.

    31. How to ensure the webserver is getting started after a server reboot?

    If running Linux, then you can put a script in /etc/init.d/ and enable to start on boot using chkconfig command

    Let’s say you create a file called apache and put under /etc/init.d

    chkconfig --add apache
    chkconfig apache on

    if on Windows, then ensure startup type is selected “Automatic.”

    32. what is a difference between Apache and Nginx web server?

    Both are categorized as a Web Server and here are some of the main differences.

    • Nginx is event-based web server where Apache is process based
    • Nginx is known for better performance than Apache
    • Apache supports a wide range of OS where Nginx doesn’t support OpenVMS and IBMi
    • Apache has a large number of modules integration with backend application server where Nginx is still catching up
    • Nginx is lightweight and capturing the market share rapidly. If you are new to Nginx, then you may be interested in checking out my articles on Nginx.

    33. How would you kill the Apache if graceful-stop doesn’t work?

    If running on Linux, then can use kill command.

    Find out the PID of Apache by using ps -ef |grep http

    Then kill it

    kill $PIDNUMBER

    if normal kill doesn’t work then try kill -9

    kill -9 $PIDNUMBER

    If on Windows, then end the Apache task from Task Manager.

    34. How to find httpd.conf file if you don’t know the installation location?

    In Linux, you can use find command.

    Let’s assume, you know it must be in /apps file system then you can use the following command.

    find /apps -name httpd.conf

    But if you are not sure about which file system then you can do find on / file system but keep it in mind it may take a long time based on the overall file system size.

    find / -name httpd.conf

    35. What are the different flavors of Apache webserver you know?

    • IBM HTTP Server – known as IHS and often used with IBM WebSphere Application Server
    • Oracle HTTP Server- known as OHS often used with Oracle Weblogic server

    36. Where is the Apache located in the data center location?

    You can explain based on your experience, however, typically for Internet-facing applications, it would be in the Internet DMZ network and for intranet, core network.

    But again this will differ based on application/organization.

    37. How to hide server version details in the HTTP response header?

    Add the following in httpd.conf file and restart the webserver

    ServerTokens Prod
    ServerSignature Off

    This will hide the version and show the Server as “Apache” Only.

    38. What does 200, 403 & 503 HTTP error codes mean?

    • 200 – content found and served OK
    • 403 – tried to access restricted file/folder
    • 503 – the server is too busy to serve the request and in other words – service unavailable.
    • Refer HTTP Response Code infographic for more.

    39. How to disable trace HTTP requests?

    Add the following in httpd.conf file and restart the instance

    TraceEnable off

    40. How to troubleshoot port conflict issue?

    netstat would be useful to troubleshoot the port conflict issue. If running multiple instances on a single server then it would be recommended to have absolute IP:Port configured for Listen directive.

    41. How to install the third-party module?

    You can make use of Apache Toolbox. Once downloaded, extract it using the tar utility.

    tar  -xf   Apachetoolbox-1.5.72.tar.gz

    Navigate to the folder Apachetoolbox-1.5.72 using the cd command and run the command below to select modules for your Apache server.

    ./install.sh

    It provides modules such as  mod_ip_forwarding, mod_auth_mysql and mod_auth_samba to compile with the Apache webserver. Although you can include these modules manually, it is easier with Apache Toolbox.

    42. How to assign multiple names to virtual hosts?

    You can make use of the ServerAlias directive as shown below.

    ServerName  example.com  
    ServerAlias    awesome.com  fantastic.com

    43. How to limit upload size?

    I have a web application that allows users to upload files such as word documents, pdf and so on.  How do I limit file upload by users?

    You can make use of the LimitRequestBody directive to limit upload file size.

    <Directory "usr/local/apache2/uploads"> 
    LimitRequestBody 9000 
    </Directory>

    The value assigned to the LimitRequestBody allows Apache to accept and store file uploads of 9000 bytes by users. You can adjust the value based on the requirement.

    44. How to restrict access by IPs?

    You may want some of the context root to be accessible by allowed IPs. To do so, you can make use of mod_authz_core or mod_authz_host modules to restrict access using the Require directive.

    Require 10.0.0.2 10.0.0.4 192.168.34.23 192.168.34.23
    

    By doing above, Apache will serve requests only if requests are made from the listed IPs.

    You need to specify the Require directive within the directory where you want to allow or deny access to resources.

    Conclusion

    I hope the above questions and answer help you to prepare for a web server administrator interview.