Installing Apache Server and PHP in Windows

Links PageDownloadsPeopleVideoGames MenuEducational
Introduction - The Scope of this Guide

This is a guide to allow someone who wishes to run Apache Web Server, with PHP installed, on a home computer running Windows.
We will cover using it locally on your home network, or optionally setting it up to use on the web, as a private web server.
With a private Web Server you can easily share files with friends and family around the world, or use it for personal access when you travel.
This guide will cover installation and a common configuration to get you up and running as quickly and painlessly as possible.
During this installation, you will be guided through optional configuration of each of the components yourself that most people would care about.
All the other mundane configuration options are done for you, in the httpd.conf, and php.ini files that are provided for you on this page.
You will be guided step by step through only the optional, minimal configuration changes you actually care about or are important!
This will allow you to create a custom tailored Server, and have the basic knowledge to administer your installation yourself!
The Default Configuration files provided "as is" are set to function on a Windows Computer, with a Static IP Address of 192.168.0.10 and with a Folder named www created on Drive C:  (C:\www) for the Servers hosted files.
Using those configuration files "as is", the Server will respond to requests at 192.168.0.10 on Port 80 (Port 80 is a Web Browsers default).
Preparation For Installation - Static IP Address - No IIS

Before you begin, you must make sure your computer has a "Static IP Address".
A Static IP Address is one that NEVER CHANGES!
Since you need to know where your Server is in order to access it, you will need to make sure it is always at one IP Address.
If you already have a Static IP Address (You have the same network IP Address EVERY time you boot your computer), you have options.
If you are using the configuration files provided below "as is", you will want to set your computers Static IP Address to 192.168.0.10.
If you wish to do some minimal editing of the configuration files provided, you can make it whatever suits you as long as it is Static (Never Changes).
If you have decided your option, and already have the appropriate Static IP Address for your choice, you may skip right to Installing Apache Server.
Many home users have a Router which acts as a DHCP Server, assigning them a different IP Address every time they log on.
This can be configured in your Routers Settings, or in your computers Network Settings , depending on your set up, and may require you to edit the settings of both.
If your Router is functioning as a DHCP Server, you will need to reserve an IP Address for your computers specific MAC Address.
This will insure that your computer will ALWAYS be assigned the same IP Address by your Router.

To determine your Computers MAC Address

To determine your computers MAC Address do the following:
Click "Start" >> "Accessories" >> "Command Prompt".
In the Terminal window type, or copy and paste    ipconfig /all
Press Enter on your keyboard.
Look for the "Ethernet adapter Local Area Connection" heading.
Under that heading look for "Physical Address.........:".
The Physical Address is Your MAC Address.
That Physical Address (example: 00-FF-FB-85-34-35) is what you want.
Don't use the example above, but use YOUR actual MAC Address.
The Physical Address number displayed in the Command Prompt Window under Ethernet adapter Local Area Connection is YOUR MAC Address!

Enter your Routers Settings, and Reserve an IP Address to your computers MAC Address, in the range of IP Addresses your Router is assigning.

There are too many Routers to cover setting up every one here, so you will have to determine how to do this for your specific Router, or at least make sure your computer always has the same IP Address, before continuing to "Installing Apache Server" below.

NO IIS

That's right you can not run Microsoft  IIS Server and Apache Server at the same time!
If you have IIS installed on your computer, you must remove it, or at least totally disable it! (Removal Recommended!)
This Apache Installation should run on Windows XP and newer Windows operating systems.
PHP Email will be provided by the addition of the Linux sendmail function to Windows. No IIS functions will not be required.

cgi-bin

Create a C:\cgi-bin directory on your Computer.
Open Windows Explorer and Browse to drive C:\ (the Root of drive C)
Right Click on the Right hand side of Windows Explorer, and go to "New", then from the menu that pops out, Left Click on "Folder".
Type "cgi-bin" without the quotes, and press "Enter on your keyboard".
This path will not be hosted by the server, and available to outsiders, so it is secure from hackers being able to drop malicious scripts in your servers cgi-bin directory, and execute them. It is also easy for you to access, when you are developing scripts for your server.
Installing Apache Server

1) Download the latest Apache Server msi file including OpenSSL for Windows, Here: Apache Server Download Page
If you are not sure which file to Download, Use this Direct Download Link to Download the file.

2) Double Click the file to Run the installation Program.

3) Click Next, and accept any license agreements, as you go, and select "Typical" installation type, until you get to the dialog box shown directly below.

4) A dialog box (shown directly below) will appear asking you for your domain name, server name as well as an email address and how to install shortcuts.

A) Where it says "localhost" for Network Domain, and Server Name in the example shown above, use the IP Address of the computer you are installing Apache Server on in both boxes for Network Domain and Server Name. The configuration files below are set to an IP Address of 192.168.0.10 If you have set your computer to a Static IP Address of 192.168.0.10 you WILL NOT need to edit that in the configuration files below for that later.
If you intend to edit the IP Address in the configuration files provided in order to use a different IP Address, you will need your computer to be on that IP Address now, and enter that IP Address in the Network Domain and Server Name boxes.

To determine your computers IP Address do the following:
Click "Start" >> "Accessories" >> "Command Prompt".
In the Terminal window type, or copy and paste    ipconfig
Press Enter on your keyboard.
Look for the "Ethernet adapter Local Area Connection" heading.
Under that heading look for "IP Address............:".
That IP Address number (example: 192.168.0.5) is what you want.
Don't use the number in the example above, use YOUR actual IP Address.
The IP Address number displayed in the Command Prompt Window under Ethernet adapter Local Area Connection is YOUR IP Address!

You can edit the configuration file httpd.conf later on, to change your Servers IP Address, if your Computers IP Address Changes.
B) Enter whatever email address you wish for the email address field.
The installer will use these values to create the default Apache configuration file "hhtp.conf" for you.
C) Choose also to install Apache with shortcuts to start it as a service for all users.

5) Click "Next", as you continue to accept defaults until you get to "Finish".

6) Click Finish.

Note A: After the installation is complete, Apache will Start! You should now notice icon like this in your system tray (by your clock).
This is the Apache Service Monitor. Double clicking it will open up a window, showing the status of your Apache Server, as well as offering you some control over it. This is very handy! When you minimize it it will go back to the tray, until the next time you need it.
If you do not see this icon, or you closed it, and wish to get it back, look in your "All Programs" menu (from your Start Button - Start >> All Programs) for "Apache HTTP Server 2.2".
In the "Apache HTTP Server 2.2" folder, you should see" Monitor Apache Servers".
Click that and the Apache Service Monitor should be back.

Note B: From this point on, expect to see a Warning Pop-Up from your Firewall and / or Antivirus programs, warning you that an application is attempting to access either the internet, or your network. This is to be expected! It will give you the options to Block the application or Allow the application. You MUST select ALLOW in order for your server to function!

7) Test your Installation, and then if all is well, proceed to Configuring Apache Server below!
Testing the Apache Installation

Open your Web Browser, and type your Computer / Servers IP Address in the address bar after http://
EXAMPLE of what to type in address bar:

http://192.168.0.10

where 192.168.0.10 is replaced with your computers IP Address, if you are setting it up to use a different one.

After entering the information in the Address bar, press "Enter".

When you press "Enter" after typing the Address in the Address bar you should see something like this:

If you see this, Congratulations!!! Apache is installed and functioning!!! It's not ready for use yet!!!
Now lets Install PHP so that the Configuration files for actual use will function, by following the instructions below!
Installing PHP

1) Download the latest VC 6 version of PHP for use with Apache 2 for Windows, Here: PHP for Windows Download Page
If you are not sure which file to Download, Use this Direct Download Link to Download the file.
You may need a file extraction utility to extract the zip file into the appropriate directory.
If you do not have a zip file extraction utility, CLICK HERE to download a zip file extraction utility.
If you just finished downloading the zip file extraction utility, install the zip file extraction utility before proceeding.
If you already have a zip file extraction utility installed, you may proceed with PHP installation.

2) Create a php folder in lower case letters, in the Root of Drive C: on the computer Apache Server is installed on ( C:\php ).

3) Run the zip file extraction utility.

4) Open the php zip file in the zip file extraction utility.

5) Extract the contents of the PHP zip file into the C:\php folder you just created.

6) Replace the php.ini file in the C:\php folder with the "Pre-Configured php.ini for Apache and PHP" provided for you to easily make below.

 
Pre-Configured php.ini for Apache and PHP

To use this preconfigured php.ini code for use with this Apache Server Installation:

1) Highlight and Copy all the Code in the box directly below.

php.ini

2) Open Notepad on your computer.

3) Paste the code into Notepad.

4) Save the file as php.ini

5) Replace the php.ini file in your C:\php folder with the php.ini file you just saved.

 

No additional configuration changes are needed for this file to work with your Apache Server. They have been done for you!

There are only a few options a home user may wish to change later if you intend to use PHP to send email.
Sending email with PHP would also require you to install a Mail Transport Agent.
How to modify the configuration settings in the php.ini file for use with a Mail Transport Agent, will be provided near the bottom of this page.
The other thing you may wish to do is change the Maximum size for HTTP File Uploads using PHP
I have already bumped the size the original php.ini gives you from 2Meg to 30Meg. and 30 files Max can be selected in 1 upload.
This should accommodate most users needs considering the size of mp3's photo's, and small videos.
The Upload Directory is the default temp Directory.
Adding Apache and PHP to your Computers Path Statement in Windows:

In order for the Extensions enabled in the php.ini to load with PHP at Start Up, your C:\php directory needs to be in the Windows Path.
In order to put C:\php in the Windows Path Statement, so that it will be in effect when Windows Starts do the following:

Highlight the following text below in bold, Right Click on it, and Click Copy:

;C:\Program Files\Apache Software Foundation\Apache2.2;C:\php

Click Start >> Control Panel >> System >> Advanced Settings >> Environment Variables

Under "System Variables" Scroll down to the Variable named "Path".

Click on "Path" to Highlight it, and Click "Edit".

Click in the box named "Variable Value" (you should see your cursor there, and the blue highlight should go away).

Press the "End" Key on your Keyboard.

Hold down the "Ctrl" (Control) Key on the Keyboard, and while still holding the "Ctrl" Key down, Press the "V" key once.

You should see ;C:\Program Files\Apache Software Foundation\Apache2.2;C:\php added to the end of the line of text in the box named "Variable Value".

Click "OK".

Re-Boot your Computer to insure the new Windows Paths will be loaded in the Windows Path.

Using the php.ini above, you will be able to enable additional optional Extensions, if you like, as well as install more features later.
There are already many of the most common Extensions enabled in the php.ini provided above.
Don't forget to Re-boot for the Windows Path to take effect!
Re-Booting your computer will also restart Apache, which will load PHP, and all the Extensions (once you overwrite the httpd.conf with the one provided below. We will get to that! Right now we just want the path loaded in Windows).
This will also happen when you re-start Apache, but not this time, because you need the httpd.conf provided below, before PHP will load in Apache.
Disabling QoS in Windows

Wimdows (Quality of Service Driver) QoS interrupts Apaches ability to Server Files, and also causes incomplete downloads.
Apache does not support the QoS extensions to the WinSock API.
To see if you are running QoS and disable it if necessary, do the following:

Be logged in as an administrator
Click Start and Select Run.
In the Run Box type or (copy and paste):

gpedit.msc

Click OK

When the "Group Policy Editor" opens, Expand "Computer Configuration".
Expand "Administrative Templates".
Expand "Network".
Double click "QoS Packet Scheduler" on the right.
Double click "Limit reservable bandwidth".
On the "Setting" Tab:
Click "Enabled".
Change to the Bandwidth limit from it's default of 20% to 0% to turn it off.
Click "OK"
Exit the Group Policy Editor, and Reboot your Computer for the changes to take effect.
Adding the Sendmail Function to PHP in Windows

Many of you may wish to send email from PHP, or scripts using your Apache Server.
You may already have pages, and scripts that uses the linux sendmail feature.
Many times these are purchased scripts, that are updated frequently, and editing them every time, for a different email sending solution is a hassle.
You need Sendmail in Windows!
This is what you need to add the sendmail function to PHP, for your Server running PHP in Windows:

Download the Sendmail Zip File Here!

Using your Zip File Extraction Utility, extract the sendmail.zip file to the Root of Drive C:
In other words extract right to Drive C
Do Not extract the contents to any folder, only extract to Drive C:
If you extracted sendmail.zip correctly, sendmail.zip will place a sendmail folder right in Drive C:
The path of the extracted sendmail folder will be this:  C:\sendmail
The preconfigured php.ini file provided above IS ALREADY CONFIGURED for Sendmail!
The only thing to do now is to configure sendmail to work with one of your email accounts.

Configuring The sendmail.ini file for your email service:

The configuration settings are identical to those used by an email client to access your email account.
I created a FREE Gmail Account for dedicated use with mine, but you can use any POP3 or IMAP accessible email account.
Configuration settings for FREE Gmail accounts is provided HERE for your convenience, or use the actual Gmail POP3 settings given below.
If you do use a FREE Gmail account, don't forget to enable POP3 and / or IMAP Access in
Gmail's "Mail Settings" under "Forwarding and POP/IMAP".

Open Notepad, and look in the sendmail folder for the sendmail.ini file.     C:\sendmail\sendmail.ini
Open the sendmail.ini file with Notepad.

Below I have a reference chart listing examples of the 3 possible sendmail.ini configurations:
Notice the use of semicolons in front of configuration settings.
Any line in the sendmail.ini beginning with a semicolon will be ignored / not used as a setting by sendmail.

The 3 possible sendmail.ini configurations
SMTP with NO Authentication SMTP with Authentication SMTP with POP before Authentication
[sendmail] [sendmail] [sendmail]
smtp_server=smtp.yourdomain.com smtp_server=smtp.yourdomain.com smtp_server=smtp.yourdomain.com
smtp_port=25 smtp_port=25 smtp_port=25
smtp_ssl=auto smtp_ssl=auto smtp_ssl=auto
default_domain=yourdomain.com default_domain=yourdomain.com default_domain=yourdomain.com
;error_logfile=error.log ;error_logfile=error.log ;error_logfile=error.log
;debug_logfile=debug.log ;debug_logfile=debug.log ;debug_logfile=debug.log
;auth_username= auth_username=you@yourdomain.com ;auth_username=
;auth_password= auth_password=mysecretpassword ;auth_password=
;pop3_server= ;pop3_server= pop3_server=pop.yourdomain.com
;pop3_username= ;pop3_username= pop3_username=you@yourdomain.com
;pop3_password= ;pop3_password= pop3_password=mysecretpassword
force_sender=you@yourdomain.com force_sender=you@yourdomain.com force_sender=you@yourdomain.com
;hostname= ;hostname= ;hostname=

smtp_ssl should be set to auto for SSLor TLS:    smtp_ssl=auto
If your mail server uses neither SSL or TLS then use:    smtp_ssl=none

For example, using the information provide by Gmail:

Gmail Settings - Substitute your Username and Password
Account Username youremailname@gmail.com
Account Password yourgmailpassword
SMTP Server smtp.gmail.com
POP3 Server pop.gmail.com
Server Requires Authentication YES
Outgoing email (SMTP) 465
This server requires a secure connection (SSL) YES
Incoming email (POP3) 995
This server requires a secure connection (SSL) YES

Your sendmail.ini configuration would contain this:

With actual Gmail Settings - Just substitute your Account Username and Password to make it work!
Pay attention to the semicolons in front of certain lines in the ini file, also shown in the settings below!
Setting Name Your Account Information Corresponding sendmail.ini Settings
SMTP Server smtp.gmail.com smtp_server=smtp.gmail.com
SMTP Port 465 smtp_port=465
Server Requires Secure Connection SSL SSL smtp_ssl=auto
Default Domain Mail is with gmail.com default_domain=gmail.com
Account Username myserver@gmail.com auth_username=myserver@gmail.com
Account Password yoursecretpassword auth_password=yoursecretpassword
POP3 Server pop.gmail.com ;pop3_server=pop.gmail.com
Account Username (again) myserver@gmail.com ;pop3_username=myserver@gmail.com
Account Password (again) yoursecretpassword ;pop3_password=yoursecretpassword
Effects the "Mail From" Command not From: on the message. myserver@gmail.com force_sender=myserver@gmail.com
Effect the "RCTP TO" Command, not To: on the message.

-

 ;force_recipient=
The ehlo/helo name. Not used is default.

-

 ;hostname=

If you have problems, uncomment the lines error_logfile and debug_logfile so you can trace what went wrong.
Note: The Error Log and Debug Log files will be created in folder C:\sendmail

Test your sendmail function by making some php pages utilizing sendmail yourself, or try this easy to use online php contact form generator.

I suggest adding the sendmail directory to your path statement for some (not all) pesky scripts, which have a hard time with the path to sendmail, on
a Windows machine. This allows you to reduce the path in your scripts to just   sendmail   and gets around Linux / Windows path issues.

In order to put C:\sendmail in the Windows Path Statement, so that it will be in effect when Windows Starts do the following:

Highlight the following text below in bold, Right Click on it, and Click Copy:

;C:\sendmail

Click Start >> Control Panel >> System >> Advanced Settings >> Environment Variables

Under "System Variables" Scroll down to the Variable named "Path".

Click on "Path" to Highlight it, and Click "Edit".

Click in the box named "Variable Value" (you should see your cursor there, and the blue highlight should go away).

Press the "End" Key on your Keyboard.

Hold down the "Ctrl" (Control) Key on the Keyboard, and while still holding the "Ctrl" Key down, Press the "V" key once.

You should see ;C:\Program Files\Apache Software Foundation\Apache2.2;C:\php added to the end of the line of text in the box named "Variable Value".

Click "OK".

Re-Boot your Computer to insure the new Windows Paths will be loaded in the Windows Path.
Configuring Apache Server for Use

Basic Information

The Apache Configuration File is called httpd.conf
Open up your httpd.conf file with Notepad, or even better, download a FREE text editor that indicates line numbers Here.
Line numbers are handy if you get an Error, because the Error message will tell you what line the error is on.
Notepad wont show you the line numbers. Notepad++ will!
Apache's configuration file is a text file named httpd.conf
The httpd.conf file is located here:
C:/Program Files/Apache Software Foundation/Apache2.2/conf
Note the conf (short for configuration) file is in Apache's "conf "directory.

Once the httpd.conf file is open, you will notice allot of text with # as the first character of each line.
The # is used to make comments, and is not actual configuration information that Apache uses.
Apache ignores the contents of any line beginning with a #.
Help information after a # is there for your benefit and is meant as a reminder.
The # is also handy to temporarily remove actual configuration information from the configuration until it is needed later.

Since Apache will ignore information after the #, configuration information for many features / modules that installed with Apache, but are not in use, are included in the default httpd.conf for your convenience. They are simply disabled by the addition of the #.
Should you desire to use them, you simply remove the #, then save the edited httpd.conf, and restart Apache for the changes to take effect.
You are not editing right now, so there is no need to save, or restart yet!

DO NOT remove the # from in front of everything, or even in front of all of the modules!!! You don't want all of the modules!!!
If you remove the # from in front of help information, you will create errors that will most likely crash Apache Server.
There may be additional configuration needed before you can run some of the modules with the # disabling them from loading when Apache starts.

Note: The slashes used in path statements in configuration files related to Apache and PHP may vary from the slashes in path statements for the SAME path in Windows. This may seem confusing, but it is normal. Paths in Apache or PHP are relative to a Unix / Linux environment, even though you are in running them in a Windows environment. If you see a path that appears to use the wrong slash, forward / for back \, or back \ for forward /, do not always assume it is wrong.  Likewise, if you are editing something, and have a path issue, do not always assume the slash is correct.

You have the option to use the Pre-Configured httpd.conf and php.ini files provided on this page, or you may follow the Step by Step procedure below the section, using the Pre-Configured file, to further customize the httpd.conf  file to suite your desired configuration needs.
Configure Apache Using Pre-Configured httpd.conf and php.ini Files
Pre-Configured httpd.conf for Apache and PHP

This is more than the httpd.conf that is provided when Apache Server is installed.
It has many of the most desirable configurations already done to it, including added code to integrate PHP into Apache Server, enabling the rewrite module, and giving your directory listings the best look, as well as automatically indexing, and resizing columns so that your file names wont be truncated, making sure folders are listed first, enabling the use of .htaccess files to customize and password protect your web directories / web folders, in addition files beginning with .ht will remain hidden from visitors, as well as the thumbs.db files that Windows automatically adds to any folders containing media. There are really only a few options that you may want to change to thoroughly enjoy the use of this configuration, and they are listed and explained directly below in this very section of the Installation instructions. They are IP Address, Port, the DocumentRoot, and the Server Administrators email address. If you wish to change any of these 4 things, instructions will be provided below.

To use this preconfigured httpd.conf code:

1) Highlight and Copy all the Code in the box directly below.

httpd.conf

2) Open Notepad on your computer.

3) Paste the code into Notepad.

4)  Edit any changes you desire to the IP Address, Port Number, Document Root, and email address as described below, using the simple instructions provided below, titled "Editing The Pre-Configured httpd.conf for Apache and PHP file".

5) If you did not change anything using the instructions below, just Save the file as httpd.conf  in the following location:
C:\Program Files\Apache Software Foundation\Apache2.2\conf
Overwrite the file that is there.
Apache creates a backup of the original httpd.conf file, in case you mess things up really badly.
The backup original of the original file is located in the C:\Program Files\Apache Software Foundation\Apache2.2\conf\original  folder.

6) Create the Document Root Folder on your Hard Drive. The un-edited httpd.conf given to you above is pre-configured to use C:\www as the Document Root. If you changed it using the instructions below, then use the path you configured the httpd.conf DocumentRoot for.

7) Test your httpd.conf file, by following these instructions :

Testing Configuration Changes, before you attempt to start Apache with them:

If you have made changes to your httpd.conf file, and saved them, you will want to test them prior to Starting Apache with them.
To test your configuration changes, the httpd.conf must be located in the C:\Program Files\Apache Software Foundation\Apache2.2\conf folder.
This means you MUST overwrite the file that is there before the test utility will be able to check it.
Apache creates a backup of the original httpd.conf file, in case you mess things up really badly.
The backup original of the original file is located in the C:\Program Files\Apache Software Foundation\Apache2.2\conf\original  folder.
To Test your new configuration before attempting to Starting Apache do the following:

Click Start >> All Programs >> Apache HTTP Server 2.2 >> Configure Apache Server >> Test Configuration.

If a Window pops up, quickly, saying OK, and closes instantly, your configuration has no errors.
If you made a mistake, it will open a window telling you there is an Error on Line X, where X represents a line number, and there will be a count down, until the window closes.
If there is an Error, you will want a text editor that indicates line numbers, especially if you made changes to more than 1 line.
You can get a FREE text editor that indicates line numbers, and is appropriate for this purpose HERE.

8) Be sure you have installed PHP and replaced the php.ini with the one provided as per the PHP installation instructions listed above.
This httpd.conf file is already configured to run PHP on your installation of Apache Server.
Once Apache and PHP are installed on your computer as described above, and your httpd.conf has the configuration you desire, and you have overwritten the original httpd.conf file with the configured httpd.conf file, and it tests OK, you are ready to try it.
In order for your configuration to take effect, you must Stop Apache.
After Apache Stops, Start Apache again, so that it can load the new configuration settings.

9)Test your Installation.

Create the test file using the instructions in the box below named Testing PHP, and place the file in your DocumentRoot Folder.
Type your http://192.168.0.10 or whatever IP Address you changed the DocumentRoot to, and press Enter on your keyboard.

Your Web Browser should be displaying the contents of your DocumentRoot Folder, with the test.php in it.
Do not be alarmed that it did not open the test.php file, the Server is configured to open index.htm and index.html and index.php files when ever a browser lands there, not test.php.
If you had an index.htm or index.html or index.php file there it would have displayed that page, instead of the folder contents.
Click on your test.php file to run it, and open its results in your browser.

You should see a PHP test page with allot of information.
If you see the PHP test page, Congratulations!!!
Not only is your server working correctly, but PHP is also functioning correctly.

Testing PHP

Testing Apache for PHP Support:
To test weather your php is installed correctly, create a test file named test.php using Notepad:

1) Open Notepad
2) Insert (Copy and Paste) the following line into the new file:

<?php phpinfo();?>

3) Save this file as test.php in your Servers Document Root.

4) Now access this page in your web browser using the address:  http://yourserverip/test.php

Example.

http://192.168.0.10/test.php


You should see a PHP Window with information about your Servers PHP in it.

 
Editing The Pre-Configured httpd.conf for Apache and PHP file

IP Address:
This copy and paste httpd.conf file below is set up for a computer with an IP Address of 192.168.0.10
There are 2 places in this configuration, where the IP Address is specified, and must be changed, if you wish to use a different IP Address than 192.168.0.10
Those lines in the httpd.conf configuration file are:

Listen 192.168.0.10:80

ServerName 192.168.0.10:80

The :80 at the end of the IP Address is the Port Number
192.168.0.10:80 indicates an IP Address of 192.168.0.10 on Port 80
There is a Colon separating the IP Address and the Port number. There are no spaces used between the IP Address and Port Number.
There is 1 space used between Listen and its IP Address, and 1 space used between ServerName and its IP Address.
You can change the IP Address and Port number by editing those 2 lines, but the IP Address and Port Number must be identical to one another on those 2 lines when you save the httpd.conf file. In other words any changes made to the IP Address or Port Number of Listen, must also be made to the IP Address or Port Number of ServerName.

Port:
The Port is set to 80 in this configuration. Port 80 is the default of web browsers. If you wish to use a different port, you must edit this file in one place. To change the Port, look for this:
Listen 192.168.0.10:80
Change the 80, at the end of this IP Address to the different port you desire.
Notice it is separated by a Colon, not a dot, like the rest of the IP Address.

There are 2 places in this configuration, where the Port Number is specified, and must be changed, if you wish to use a different Port Number than 80
Those lines in the httpd.conf configuration file are:

Listen 192.168.0.10:80

ServerName 192.168.0.10:80

The :80 at the end of the IP Address is the Port Number.
192.168.0.10:80 indicates Port 80 with  an IP Address of 192.168.0.10
There is a Colon separating the IP Address and the Port number. There are no spaces used between the IP Address and Port Number.
There is 1 space used between Listen and its IP Address, and 1 space used between ServerName and its IP Address.
You can change the IP Address and Port number by editing those 2 lines, but the IP Address and Port Number must be identical to one another on those 2 lines when you save the httpd.conf file. In other words any changes made to the IP Address or Port Number of Listen, must also be made to the IP Address or Port Number of ServerName.

 

DocumentRoot:
The Document Root is the Root location of the Files your server will host.
Files and directories placed in the Folder on your Hard Drive, designated as the Document Root will be viewable to any Web Browser that visits your computers IP Address.
This httpd.conf specifies C:\www as the Folder / Directory on your Hard Drive that will contain the files the Server will display to any Web Browser visiting your computers IP Address.
To Use this as your httpd.conf file, you MUST create a C:\www directory on your Drive C: before overwriting the original httpd.conf and restarting Apache. Note: The www is in lower case!
To use a different folder on your Hard Drive, or on another Drive on your computer as the Document Root, you must edit 2 lines in the httpd.conf file.
Those 2 lines in the httpd.conf configuration file are:

DocumentRoot "C:/www"

<Directory "C:/www">

The Directory (folder) path is contained in quotes.
There are no spaces between the quotes and the specified path.
C:/ represents Drive C on the computer
www represents the folder (directory).
Notice this uses a forward slash in the path and not a back slash.
When you create the folder on your hard drive, the path in Windows is indicated with a back slash.
When you enter the path in the httpd.conf, the path uses forward slashes.

Email Address:
There may come a time when you wish to edit the email address of the Server Administrator, indicated by your Server.
This is done in the httpd.conf file on one line.
The lines in the httpd.conf configuration file is:

ServerAdmin admin@mydomain.com

admin@mydomain.com is the default email address indicated by the httpd.conf configuration file.
There is a single space between ServerAdmin and the desired email address of your choice.
Just replace admin@mydomain.com with the email address you prefer, and save the httpd.conf file.

cgi-bin
The Copy and Paste  httpd.conf  is set up to use a C:\cgi-bin Folder on your Server.
This path will not be hosted by the server, and directly available to outsiders,
so it is secure from hackers being able to drop malicious scripts in your servers cgi-bin directory, and execute them.
It is also easy for you to access, when you are developing your own scripts for your server.
To use this preconfigured directory, create a C:\cgi-bin directory on your Computer.
Open Windows Explorer and Browse to drive C:\ (the Root of drive C)
Right Click on the Right hand side of Windows Explorer, and go to "New",
then from the menu that pops out, Left Click on "Folder".
Type "cgi-bin" without the quotes, and press "Enter on your keyboard".

If you do not wish to use the  C"/cgi-bin  directory, you may edit the httpd.conf file.
To edit the cgi-bin path in the httpd.conf file, open the httpd.conf file in Notepad, or your favorite text editor.
Scroll down and look for:

ScriptAlias /cgi-bin/ "C:/cgi-bin/"
Edit the C"/cgi-bin path to the Windows Path that you desire.

NextScroll down and look for:

<Directory "C:/cgi-bin/">
Edit the C"/cgi-bin path in  <Directory "C:/cgi-bin/">  to match the path you chose in ScriptAlias /cgi-bin/ "C:/cgi-bin/" above.
 

Testing Configuration Changes, before you attempt to start Apache with them:

If you have made changes to your httpd.conf file, and saved them, you will want to test them prior to Starting Apache with them.
To test your configuration changes, the httpd.conf must be located in the C:\Program Files\Apache Software Foundation\Apache2.2\conf folder.
This means you MUST overwrite the file that is there before the test utility will be able to check it.
You can back up that file by copying it to another location if you like.
To Test your new configuration before attempting to Starting Apache do the following:

Click Start >> All Programs >> Apache HTTP Server 2.2 >> Configure Apache Server >> Test Configuration.

If a Window pops up, quickly, saying OK, and closes instantly, your configuration has no errors.
If you made a mistake, it will open a window telling you there is an Error on Line X, where X represents a line number, and there will be a count down, until the window closes.
If there is an Error, you will want a text editor that indicates line numbers, especially if you made changes to more than 1 line.
You can get a FREE text editor that indicates line numbers, and is appropriate for this purpose HERE.

If this is a first time edit of the httpd.conf file, done as part of the installation process in step 4 of "Pre-Configured httpd.conf for Apache and PHP", then return to "Pre-Configured httpd.conf for Apache and PHP" directly above this section, and continue on step 5 of the instructions now.
If you have been running this installation for a while, and have returned to make some changes, then restart Apache, and Enjoy!!!
Getting your Apache Server on the Internet

To get access to your Apache Server from the Internet, once you have it set up and functioning, you will first need to set up Port Forwarding on your Router. You will need to access your Routers Configuration Settings, and find Port Forwarding.
Once you find Port Forwarding in your Routers Settings, set it to forward Port 80 (or the port you changed the httpd.conf to use) to your servers IP Address. Save those new settings in your Routers configuration.
Once that is done, any web browser that goes to your internet IP Address (NOT YOUR LOCAL NETWORK ADDRESS) will be forwarded to the Servers local network IP Address (The one you specified in the Port Forwarding settings in your Router).
Your internet address is the IP Address your Internet Service provider gives you when you log on.
The status page of your Router should tell you what your IP Address is on the internet.
As long as you are logged on with that internet IP Address, your friends and family will be able to point their Web Browsers at your Internet IP Address, and see what you have for them on your Apache Server.
If your Internet Service Provider always logs you on at the same IP Address (they give you a static IP Address), your server will always be right there. If your Internet IP Address changes, it should at least be the same as long as you are logged on.
Many people have service that is always on, and you can keep the same IP Address for a good amount of time.
This may be adequate for some people's occasional needs.
Other people will either need to get a static IP Address from their Internet Service Provider, or sign up for a forwarding service, that tracks your Internet IP Address changes, and provides you with a stable address that is always forwarded to whatever Internet IP address you currently have.
Many newer Routers have settings for these Services already built into them, that you can take advantage of.
Check your router for these settings, and you will find the names of some of these popular services already configured into it.
Password Protecting Directories / Folders Hosted by Apache

There is a simple way to password protect folders in your Apache Server Hosted Directory.
You will need to create a .htaccess file, and place it in the folders you wish to password protect.
Make sure you include the dot (.) at the beginning of the file name.

Creating an .htaccess file:
You can copy and paste the following into Notepad.
Edit the AuthName (If you desire), and AuthUserFile (to point to the path and filename you wish to store your User Names and Passwords in, then save the file as .htaccess in every directory/folder you wish to protect with those User Names and Passwords:

AuthName "Log In"
AuthType Basic
AuthUserFile C:\passwords\.htpasswd
require valid-user

AuthName is the Message the User Name and Password "Window" will display when asking users to log in.
AuthUserFile is the line with the path to the file that stores the usernames and encrypted passwords, that will be used for access to the folder you wish to password protect. The file does not have to be named .htpasswd, as in this example, but the .htaccess file in the folder you wish to password protect must point to it, and name it correctly. .htaccess can not be renamed. Apache looks for that specific file name.
For the sake of this guide, we will stick with the .htpasswd file name and the C:\passwords directory for it's location.
Notepad in Windows does not allow you to name the file .htaccess, and insists on naming it .htaccess.txt don't panic.
When you save the file in notepad, just put .htaccess in quotes ".htaccess" when saving it, and it will save it as .htaccess with no problem.
Use Windows Explorer to create a "passwords" folder on drive C:  ( C:\passwords ).
Open a Command Prompt window, and use the cd (change directory) command, to change directories to c:\passwords
By default command prompt should open on drive C: in your user folder.
If you are not on drive C:\  just type   C:   and press "Enter", to change drive letters to drive C:\.
Type   cd\   to return to the root of drive C:
At the C:\> prompt Type   cd passwords    to change to the   C:\passwords   folder you created.
Save the file with Notepad in the C:\passwords folder naming the file .htaccess using quotes ".htaccess"
If you can not name the file .htaccess for some reason, allow it to be named .htaccess.txt then using Command Prompt in the C:\passwords directory type:

ren .htaccess.txt .htaccess

and press "Enter".
ren is the command to rename a file. Your file is now named .htaccess
You can type dir to see the contents of the directory, and confirm the name of the file is now .htaccess
dir is the directory command, and it lists what is in the directory.
Since this is the first file in C:\passwords .htaccess should be easy to spot.
Next we will want to create our User Name and Password List (.htpasswd) file:

Creating the .htpasswd file:

The .htpasswd file contains the list of user names, and encrypted passwords to be used with your .htaccess file.
It is a good idea to keep the .htpasswd file in a folder that is NOT being hosted by Apache Server.

Go to the C:\Program Files\Apache Software Foundation\Apache2.2\bin  Folder on your computer, and copy the file named "htpasswd.exe" to your C:\WINDOWS Folder. This will insure that it is always in the path on your Windows computer. Now whenever you run htpasswd from a  command prompt, you can run it by simply typing htpasswd. Copying this file to WINDOWS only has to be done once!

Use Windows Explorer to create a "passwords" folder on drive C:  ( C:\passwords ) if you have not done so already.

Open a Command Prompt window, and use the cd (change directory) command,
to change directories to the one you wish  htpasswd to create your new .htpasswd file in ( c:\passwords ).

By default command prompt should open on drive C: in your user folder.
If you are not on drive C:\  just type   C:   and press "EnType   cd\   to return to the root of drive C:
At the C:\> prompt Type   cd passwords    to change to the   C:\passwords   folder.

Now we create a user name and password file!="left"> Now we create Place the User Name you wish to add to your user name and password list, on the end of the following command line, in place of "UserName" (without quotes), then enter the desired password when prompted.
To create a NEW .htpasswd file in the C:\passwords directory, where none exists use the -c option (create new, where Copy and Paste the following to "Terminal" at the prompt, and backspace/edit UserName (.htpasswd can also be edited/changed if you desire a different file name for your password list, but .htaccess must designate the same file name - handy if you have different access lists, for different directories. Always start the file name with .ht so that it will be hidden from visiting web browsers by Apache!)

htpasswd -c .htpasswd UserName

For examplewd -c .htpasswd UserName

htpasswd -c .htpasswd scott

Syntax: htpasswd optionalswitch path&filename username

Adding log ins to the .htpasswd file:

To ADD an additional login to an existing .htpasswd file open command prompt in the directory the .htpasswd file is in that you wish to add logins to.
Copy and Paste the following to command prompt at the cursor, and backspace/edit UserName
.htpasswd can also be a different .ht file name you created using the "Create New" procedure. created using the "Create New" procedure.
Notice the -c is NOT USED to add log ins to an existing .htpasswd file. The -c option creates a NEW file, containing only the first login.

This is what to type (or copy / paste /edit) to ADD a login to an existing .htpasswd file:

htpasswd .htpasswd UserName

Place the .htaccess file in the directory you wish to password protect with a path to the .htpasswd file.
.htpasswd can have other names, as long as the .htaccess file references it by the correct path and file name.
When .htaccess is placed in a folder/directory it password protects that dPassword Protection is done by adding a .htaccess file to the Folder you wish to add protection to.
There is another file .htaccess will reference typically named .htpasswd that can be named other names as desired.
Notice they both begin with a dot followed by ht (.ht). ice they both begin with a dot followed by ht (.ht).
Any file beginning with .ht will be hidden from view in any web browser viewing any folder containing it, by Apache Server.
The file will exist in the Folder, and be visible to you in Windows Explorer, or command prompt, but it will not be listed by Apache when anyone views the folder containing it, with any web browser. This is intentional!

There are many lines in the php.ini file that begin with a Semicolon.
Lines beginning with a Semicolon are ignored by PHP when it loads the php.ini file at start up.
This is much like the # in Apache Servers httpd.conf file.
The Semicolons are used to leave comments that are convenient to you, as well as disable, but store the code for optional features.
Optionally Installing PEAR

Adding PEAR to the default installation on this page is not very difficult.
When PHP was installed, it came with PEAR's installation, ready to install.
If you followed the default installation, look in your C:\php directory for the   go-pear.bat   file.
This go-pear.bat file is a batch file that does almost all of the installation of PEAR for you.
To install PEAR:

Double click the go-pear.bat file.
The setup will ask you some questions.
PEAR is to be installed in the    C:\php\PEAR    folder (Directory).
Next, after the batch file is done running, Double Click the newly generated PEAR_ENV.reg file that was created in the C:\php folder.
The PEAR Package Manager will be installed in the path, you specified during installation.
The php.ini file is already updated with the PATH to your PEAR Installation.
You may OPTIONALLY edit the php.ini file and remove the semicolon from in front of this line ;extension=php_dba.dll  if you want DBA for PEAR
You may OPTIONALLY edit the php.ini file and remove the semicolon from in front of this line ;extension=php_shmop.dll  if you want Shmop for PEAR. You may OPTIONALLY edit the php.ini file and remove the semicolon from in front of this line ;extension=php_ifx.dll  if you want informix extensions for PEAR. Just because you may optionally decide to load these modules with PHP for PEAR, does not necessarily mean you want them.
Restart (Stop / Start) Apache for changes to take effect.
PEAR is ready to go!
Optionally Installing Pearl
This is Optional
If you need Pearl for your Windows Installation, you can download it HERE.

Installing Pearl in Windows:

Download the appropriate Pearl installation from the link above, based on you 32 bit or 64 bit Server.
Double click the file to Run the installation.
Accept all the defaults.

Configure httpd.conf for your CGI Directory path and ScriptAlias.
If you are using the httpd.conf file provided on this page, you are already mostly configured for Pearl.
The only thing you may wish to change, to get Pearl working, is the paths for ScriptAlias and the CGI Directory.

If you used the httpd.conf provided it already has you set up to use C:\cgi-bin   (Which you created at the beginning of this Guide)
When you are developing scripts, this path provides the same security as C:\Program Files\Apache Software Foundation\Apache2.2\cgi-bin, but it is much more convenient to access, than C:\Program Files\Apache Software Foundation\Apache2.2\cgi-bin

Perl adds C:\Perl\bin to the beginning of your Servers Path, which allows you to begin your scripts with "#!perl" or "#!c:/perl/bin/perl.exe".

Re-Boot your Computer to insure the new Windows Path will be loaded in the Windows Path.

Testing CGI and Pearl
Copy and paste the code below into Notepad, and name it env.pl
Copy env.pl into the cgi-bin directory which should now be located here:

C:\cgi-bin

Note: You do not need to have a cgi-bin directory in the root of your web server, and any files placed there, would be ignored, anyway. You can adjust the ScriptAlias settings to change this behavior. The ScriptAlias setting makes /cgi-bin/ a virtual directory, mapped to a different path (C:/cgi-bin) , as currently set by the ScriptAlias setting if you use the provided httpd.conf. Yes, in the httpd.conf, the forward slash / is correct.
Note: the slashes may vary between a Windows path and an Apache path, for the same path.

Open a web browser, and from the root of localhost or your servers IP Address add:

/cgi-bin/env.pl

to the end of the address in the browsers address bar, and press enter.

(That is /cgi-bin/ the virtual directory path, plus env.pl the file name.)

Your web browser should display a page with your servers environment variables.

You should not have errors in your error log.

The "Copy and Paste" code is below this line:

 

#!c:/perl/bin/perl.exe
##
## Demo CGI program which displays the environment variables
##

print "Content-type: text/plain; charset=iso-8859-1\n\n";
foreach $var (sort(keys(%ENV))) {
$val = $ENV{$var};
$val =~ s|\n|\\n|g;
$val =~ s|"|\\"|g;
print "${var}=\"${val}\"\n";
}
If you rebooted, you can try the code below, in a file, with a .pl extension.
Notice the difference in this code is "#!pearl" instead of "C"/pearl/bin/pearl.exe".
Be sure to place this new .pl file in your
"C:\cgi-bin" directory.

The "Copy and Paste" code is below this line:

 

#!perl
##
## Demo CGI program which displays the environment variables
##

print "Content-type: text/plain; charset=iso-8859-1\n\n";
foreach $var (sort(keys(%ENV))) {
$val = $ENV{$var};
$val =~ s|\n|\\n|g;
$val =~ s|"|\\"|g;
print "${var}=\"${val}\"\n";
}

If CGI and Pearl are working on your Server, you will see your Servers Environment Variables / Configuration displayed in your web browser.
Pearl and CGI will process this code, and dynamically generate the page content. Your web browser will displayed it.
If this does not work, you will get either an error page, or you will see the page displayed as a text file, in which the web browser will simply display the pages code (The code you copied and pasted).

You may relocate your cgi-bin directory if desired. Just be sure to edit the ScriptAlias path, and the CGI <Directory> path statements in httpd.conf
Optional SSL / TLS Encryption - https Connection

Should you wish to add secure connections to your Server, in order to keep confidential data secure, or to perform financial transactions, you will want to enable ssl. The preconfigured httpd.conf file provided on this page already has most of the needed configuration done for you.
In order to activate ssl on your server, follow the instructions on the Installing SSL on Apache Server in Windows Page.
Optional MySQL and phpMyAdmin
This is Optional!!!
If you need MySQL for your Windows Installation, you can download it HERE.
Download the phpMyAdmin GUI for MySQL HERE.

Installing MySQL Database Server in Windows:

Run the MSI file and use the following settings

Typical Setup:
Skip Sign-Up
Make sure "Configure the mySQL Server now" box is checked.
"Detailed Configuration"
"Developer Machine"
"Multifunctional Database"
"InnoDB Tablespace Settings" - leave everything default
"Decision Support (DSS)/OLAP"
Make sure "Enable TCP/IP Networking" is checked
Leave the port number at 3306 (at this point, if you have a firewall, it will usually try to access itself on the localhost)
"Standard Character Set"
Check "Install As Windows Service".
Leave "Include Bin Directory in Windows PATH" checked.
Enter your root password.
Click "execute"
Wait while MySQL completes its installation and set up.

Then open up your php.ini in a text editor and search for:
;extension=php_mysql.dll
Remove the ; in front of extension=php_mysql.dll
Search for:
;extension=php_mbstring.dll
Remove the ; in front of extension=php_mbstring.dll
Without the mbstring extension phpMyAdmin is unable to split strings correctly, which may result in unexpected results.
Restart Apache and check your error log for any errors.
If there are errors for php_mysql.dll either your extension directory isn't correct or windows can't find libmysql.dll

Installing phpMyAdmin in Windows:
Extract all the files in the archive into a "phpmyadmin: folder located in the Document Root of Apache (Where the website files Apache is hosting are located on your computer).
The folder "phpmyadmin" should be all lower case.
Make sure the files get extracted right into this directory, and not into
"phpmyadmin\phpMyAdmin-1.2.3". (the phpMyAdmin-1.2.3 will be a different version on your computer)

If this happens, using "My Computer", browse to (Apache Document Root)\phpmyadmin\phpMyAdmin-1.2.3".
From the browse window
Click the "Edit" drop down, and Click "Select All".
Right Click the selected files, and select "Cut".
Browse back one directory (Apache Document Root)\phpmyadmin" and Right Click, then select "Paste".
Right Click the phpMyAdmin-1.2.3 directory and click "Delete".
Click "Yes" when the confirm delete dialog comes up.

Start Notepad and open the file "(Apache Document Root)\phpmyadmin\config.inc.php".
If your machine does not have this file, then create it.
On some computers, this file might look like a real mess.
If this happens, close Notepad and open Wordpad (usually found in "Start">"All Programs">"Accessories">"WordPad") Open the "config.inc.php" file.
Everything should now look readable.
Click "File">"Save" to save this better looking version of the file.
Now re-open the "config.inc.php" with Notepad.
Find the line: cfg['Servers'][$i]['auth_type'] = 'config';
Change the line so that it reads: $cfg['Servers'][$i]['auth_type'] = 'cookie';
Find the line: $cfg['blowfish_secret'] = ''; Inside ''
put any word you want, like "best".
The line should look like: $cfg['blowfish_secret'] = 'best';
Click the "File" drop down and select "Save".
Close Notepad.

After Configuring phpMyAdmin, login with your web browser at http://yourIPaddress/phpmyadmin
Use "root" as the Username, and the root password you chose when installing MySQL as the password.
Blocking User-Agent with "Deny from" Statements

This adds a layer of protection to your server. This is done in the Servers httpd.conf file. This blocks Hackers from exploiting your Server, when you have no Firewall Rule blocking them already in place. You can't always know the IP Address of your next hacker! As soon as you see them in your Server log, you will want to add, or modify a Firewall Block Statement to deal with them, so they wont reach your server ever again! Most of the hackers are automated bots, running a scripted search for your resources, and vulnerabilities, and their bots User-Agent identifiers are almost always different than the conventional web browsers, used by the legitimate users of your Server. This makes screening the majority of those that reach your Server relatively simple!
As a bonus, when the hacker/bot gets the 403 Forbidden response, from blocking its User-Agent, they tend give up, and to cut short running their script, most of the time.

If you used this Installing Apache Server and PHP in Windows Guide, you will already have some examples of real User-Agents being blocked using "Deny from" rules in your Apache httpd.conf file. It should look something like this:

# Sets up User Agent List that can be Blocked.
# Example: SetEnvIf User-Agent "BadUA" UA
# Replace BadUA with the User-Agent identifier you wish to Block.
# The UA at the end of the statement is a Variable that will be tested in the Deny from statement later.
#  NoCase Makes SetEnvIf Case-insensitive.
# The "_" and "-" below are User-Agents common with hack attempts.
#
SetEnvIf User-Agent "^$" UA
SetEnvIf User-Agent "^_" UA
SetEnvIf User-Agent "^-" UA
SetEnvIfNoCase User-Agent "ZmEu" UA
SetEnvIfNoCase User-Agent "Python-urllib" UA
SetEnvIfNoCase User-Agent "Morfeus" UA
SetEnvIfNoCase User-Agent "MSIE 6.0" UA
SetEnvIfNoCase User-Agent "Windows 98" UA
SetEnvIfNoCase User-Agent "Firefox/3" UA
#
#
Order allow,deny
Allow from all

Deny from env=UA
# Deny from 31.210
# Deny from 50.22.232.171

In this example, the User-Agent to be blocked is in quotes.
It uses the Set Environment Variable based on User-Agent in the SetEnvIf User-Agent part of the statement.
The variable it sets is the "UA" at the end of the statement.
It then later tests to see if UA was set in the Deny from env=UA Statement.
The result is that if a User-Agent in your list is detected, access to your Server will be denied, and 403 Forbidden will be returned.
These rules could also be placed in your htaccess files. I prefer mine in the httpd.conf file.
The few Rules in this example block pretty much everything that has ever attacked my Server, and they where created specifically for my attackers.

Note: SetEnvIf User-Agent "Python-urllib" UA will also block "Python-urllib/2.4", or other versions of Python-urllib, as long as Python-urllib is found in the User-Agent identifier, any request Will Be Blocked, and return a 403 Forbidden response to your un-invited guest.
With SetEnvIf User-Agent "Mozilla/4.0" UA the User-Agent identifier must match "Mozilla/4.0" specifically, if I do not wish to block other versions of Mozilla Firefox by only using "Mozilla". Version 4.0 is the only version that would match the rule, and be blocked.
Windows 98 using Internet Explorer 6.0 has been commonly used as an identifier in attempted hacks on my Server, and they are outdated, so, I block them.
Look in your access.log files for the User-Agent identifiers you are being hacked / attacked with.
Make sure that if the User-Agent identifier does not correspond to any potentially valid Web Browser used for valid access to Your Web Server, that you block that User-Agent from having any access!
When you see them in your access.log, also make sure to block their IP Address (or potential range of IP Addresses) in your Firewall, as well.
Blocking access to hackers with your Firewall is the best method, but if you can catch the ones that are not yet Blocked by the Firewall, by their bogus User-Agent, they will not have access to anything before you can block them with your Firewall. This adds another layer of Security.

Also Note:
^ proceeding a character will indicate that the character is literally located at the beginning of the line/string being tested.
$ after a character will indicate that the character is literally at the end of a line/string being tested.
The test string ^$ indicates a null string. The ^$ is used to test to see if User-Agent information is blank.

Here is a list of Potentially BAD User-Agents.
Enhancing Windows Firewall for your Server

If you run Apache Server on a Windows platform, you have probably noticed hacker attempts in your log file.
You have probably also noticed that in order to block hacker attempts you must add "Deny from" statements to your httpd.conf file, because Windows Firewall has NO realistic provision to do such a thing.
While adding "Deny from" statements may deny them access to the server, the server still must handle the requests, and sends back the 403 Forbidden notifications.
Many hacking attempts are scripted. They sometimes ignore errors, and keep on trying, as they seek accessible resources to exploit.
While they will never find any, it still uses your internet bandwidth, server bandwidth, and fills up your logs.
"Deny from" rules are still good to have in your Server's httpd.conf file for the list of User-Agents from the scripted hack attempts to your Server, as there is no way to know what IP Address your next hacker will be coming from. Blocking the User-Agent of the programs they use to hack your Server will keep them out, until you can block their range of possible IP Addresses.
A better solution than blocking IP Addresses in "Deny from" statements is to be able to block them with your Firewall, before their requests ever get to your Server!
You need a way to block inbound requests by IP Address.
Attempts may come from Dynamic IP Addresses. These change every time the hacker logs in to their service provider.
Service providers have blocks of sequential IP Addresses which they can assign to their users.
This means your hacker could have a new IP Address, by just logging back in.
You need to be able to determine what range of sequential IP Addresses their service provider has available to assign them, and block them ALL.
You also need to be able to define the entire sequential range of addresses for your Firewall to block, without having to enter them one at a time.
You will need to be able to do Packet Filtering in your Firewall by IP Address, and ranges of IP address.

THERE IS A SOLUTION!!!

Click Here!!!
Log Rotation

You will notice that your access and error logs grow over time, and eventually get rather large.
Having to append to the end of a large file, every time there is an event, slows down your Server.
For this reason many people remove the log file and start over with an empty log file, at an appropriate time.
This procedure is known as log rotation.
There are many methods of doing this, and any that works for you is acceptable.
The problem you may have on your Windows based Apache Server is that the built in log rotation feature is still buggy in Windows.
I have solved this for myself, by creating a log rotation batch file.
The batch file I created rotates my Apache Server, Filezilla FTP Server, and my Server Chat Logs all from one batch file.
You may only have the Apache Server logs to rotate. I have more.
I will share with you my batch file code as an example, and you may modify it to suit your personnel needs.

Copy and Paste the code below, into a text file, with a .bat extension:

After you have a functioning batch file for your use, you can use Windows Task Scheduler to schedule your batch file to run on a regular schedule.
I run mine once a day.
You will have to edit, at the very least, the path statements in this batch file to correspond to the correct paths on your computer.
You will probably also need to comment out, or remove the code related to my Chat and FTP Server as well. This is merely an example.
Archiving the Log Files

With daily Log Rotation, your server will accumulate many log files, and it will become desirable to archive the accumulated logs into a more manageable date stamped archive file.
The archive file will contain the many log files compressed into one date stamped archive file, which will take up much less hard drive space.
I archive my logs on a monthly schedule.
This results in a monthly date stamped zip file, containing a month worth of daily logs.
The original daily log files can then be deleted.
This is another task which can easily be automated, and scheduled.
To do so you will need a Command Line Zip Utility.
For my server I use the FREE IZArc Command Line Utility.
If you do not have a command line zip utility, get IZArc command line utility HERE.
Run the IZArcCL.exe file, and complete the installation.
The IZArc folder needs to be in the path for the command line utility to work.
In order to put IZArc in the Windows Path Statement, so that it will function when used, do the following:
Highlight the following text for your operating system, below in bold, Right Click on it, and Click Copy:

32 bit Windows:
;C:\Program Files\IZArc

64 bit Windows Path:
;C:\Program Files (x86)\IZArc

Click Start >> Control Panel >> System >> Advanced Settings >> Environment Variables

Under "System Variables" Scroll down to the Variable named "Path".

Click on "Path" to Highlight it, and Click "Edit".

Click in the box named "Variable Value" (you should see your cursor there, and the blue highlight should go away).

Press the "End" Key on your Keyboard.

Hold down the "Ctrl" (Control) Key on the Keyboard, and while still holding the "Ctrl" Key down, Press the "V" key once.

You should see ;C:\Program Files\IZArc or ;C:\Program Files (x86)\IZArc added to the end of the line of text in the box named "Variable Value".

Click "OK".

Re-Boot your Computer to insure the new Path will be loaded in the Windows Path.

Below is an example of a batch file I wrote to handle the monthly Log File Archiving task:

The batch file I created Archives my Apache Server, Filezilla FTP Server, and my Server Chat Logs all from one batch file.
You may only have the Apache Server logs to Archive. I have more.
I will share with you my batch file code as an example, and you may modify it to suit your personnel needs.

Copy and Paste the code below, into a text file, with a .bat extension:

After you have a functioning batch file for your use, you can use Windows Task Scheduler to schedule your batch file to run on a regular schedule.
I run mine once a month.
You will have to edit, at the very least, the path statements in this batch file to correspond to the correct paths on your computer.
Remember IZARCC does not allow Spaces in folder names in the path, so change the names to a truncated name with a ~1 at the end.
You will probably also need to comment out, or remove the code related to my Chat and FTP Server as well. This is merely an example.
Setting up Virtual Hosts

Guide to Setting Up Virtual Hosting on Apache Server in Windows

You may wish to host multiple domains, IP addresses, or Ports on your Apache Server.
Virtual Hosts allows you to host multiple sites with one Server.
You can configure as many as you need, provided your server hardware can handle the load.
There is a Guide to setting up Virtual Hosting, complete with copy and paste httpd-vhosts.conf file, and it is compatible with th httpd.conf file on this page. Simply follow the guide to set up the httpd-vhosts.conf provided, your Firewall and Router, and remove a hash # in your httpd.conf file.
Reboot Apache, and start setting up the site on your new virtual host.
Performance Tuning Apache Server

There is a Free Performance Benchmarking tool included with Apache Serer, which is useful for tweaking some settings in your httpd.conf file.
The tool is called ab. There is documentation for ab on Apache's web site, HERE.

Here is a sample command line instruction:
ab -n100 -c10 -k -e C:\abtest-k-128-10.csv http://192.168.0.10:80/index.htm

ab is the name of the executable file (ab.exe)

ab is located here:

C:\Program Files\Apache Software Foundation\Apache2.2\bin

The -n100 sets the total number of requests performed for the benchmarking session to 100.
In other words it will make 100 requests to the server, total, during the test.

The -c10 sets the number of multiple requests to send to the server at one time, to 10.
Note that this is a lower case "c". Do Not capitalize the "C", or you will be setting an entirely different parameter!

The -k tells ab to use the servers KeepAlive feature, during the tests.
Removing the -k will do the tests without the KeepAlive feature.
When tuning KeepAlive settings, you will definitely want the -k in your command string.

The -e causes ab to write a CSV file which contains for each percentage of the requests, the time (in milliseconds) it took to serve them.

The http://192.168.0.10:80/index.htm  contains 3 parameters. The address to be tested, followed by a colon , followed by the Port number to test on, and finally a / followed by the name of the file to request, and download, for the test to benchmark.
This command line instruction remains on the Local Area Network, as you can see by the address in the command line.
This eliminates traversing the routers firewall, and concentrates the test on only the Server.
The Internet IP Address can be substituted when you adjust settings in your router, for performance, although there are not many of those.
It could be helpful for troubleshooting router settings, though.

NOTE: ab will test Apache with a User Agent Identifier that is blocked by the current configuration in the httpd.conf file.
In order for ab to be able to perform these tests, you must add a hash # mark in front of the line:
Deny from env=UA
so it looks like this:  
#Deny from env=UA
Save httpd.conf with this change, and restart Apache, for the new setting to be effective.
Run your tests with ab, and then remove the # hash from the    Deny from env=UA   line, save httpd.conf, and restart Apache, again.
While the # hash is in place, in front of  Deny from env=UA, Apache will not block any bogus user agents.
The lack of the   Deny from env=UA   in httpd.conf, as a result of the # hash, leaves your server available to many hackers hacking attempts.
Only run Apache with the # hash in the httpd.conf in front of   Deny from env=UA   while testing with ab.

You can come up with many tests to have ab perform on your server, depending on your needs!
Other Handy FREE things to have with Apache

Apache Log Viewer is a great FREE Log Viewer to keep an eye on things with.
It can look at the real time live access and error log files, as well as backed up ones.
It has many features, that far surpass viewing the log files in notepad. Well worth having!!!
Keep in mind, that this is a log file viewer, not a log report generator.

Welant Log Analyzer Trends is a FREE Log Report generator.
It limits the results for its FREE version to a depth of the top 20, but may be adequate for personnel use.
It will analyze your Servers log files, allow you to add more log files later (so you can update your reports), and generate all the files which allow you to view your report in a web browser. The reports file is named index.html, and it will place it in a \trend\loganalysis folder.

Notepad++ is a handy tool for editing the many configuration text based files you will be managing, it lets you open tabbed text files, which is handy.

Filezilla FTP Server is a great way to add FTP access to your Server.
An FTP Server requires Forwarding of Port 21on your Router (the default FTP Port).

PHPFreeChat is a Chat Service you can add to your Server for FREE. Download it HERE.
It runs completely on your Server, and can be run with or without MySQL (NO SQL Required).
It can also be customized.
Configuring your php.ini file for a Mail Transport Agent

This is Optional, and not required in order to use Apache Server, or PHP. This also requires the installation of a Mail Transport Agent!
For most people the sendmail feature that was already part of the install above is what you need so that your server can send email from PHP.
For those who actually need a resident Mail Transport Agent, and own a Domain to associate with it, to get it functioning:
These are the lines in the php.ini file that you may wish to adjust regarding sending email with PHP on your Server.

 

[mail function]
; For Win32 only.
;SMTP = localhost
;mail.mydomain.com
;smtp_port = 25

; For Win32 only.
;sendmail_from = webmaster@mydomain.com

; For Unix only. You may supply arguments as well (default: "sendmail -t -i").
sendmail_path = C:\sendmail\sendmail.exe

; Force the addition of the specified parameters to be passed as extra parameters
; to the sendmail binary. These parameters will always replace the value of
; the 5th parameter to mail(), even in safe mode.
;mail.force_extra_parameters =

 

As you can see you can specify your SMTP Servers Domain or IP Address, as well as its Port Number, but there is no means of Authentication provided. That means, that there is no ability to log in to an email account with a User ID and Password.
The default installation already addresses this, with the addition of the sendmail function to Windows, much the same way you would add any other Mail Transport Agent to PHP in Apache. The lines of the php.ini file above, are the actual ones in use by the default installation provided on this web page. Notice the "For Win32 only." section IS NOT used, and the "sendmail_path =" in the "For Unix only." section IS being used, even though you are running Apache and PHP in Windows. The "sendmail_path =" line sets the path to the Mail Transport Agent that PHP will use.
The Mail Transport Agent handles the issue of Authentication (Usernames and Passwords - login).
If you have your own Domain, and MX Records, pointed at your IP Address, and wish to use your own Mail Server (Mail Transport Agent), you will want to point the path of the "sendmail_path =" line to your Mail Server (Mail Transport Agent) software.
If you do not have a Domain Name and MX Records pointing at your IP Address, then you will want to use the sendmail feature already added to the default installation provided on this web page. It will allow you to use the email service from your ISP or other email services, to send email.
Links PageDownloadsPeopleVideoGames MenuEducational
 Copyright © 2008  http://www.bestyoucanget.com All Rights Reserved See Terms of Use