ServerBuddies Support Blog

How to verify Apache web server status - Parallels Plesk Panel for Linux/Unix.

The name of Apache 2 binary on Debian and SuSE OSes is “apache2,” not “httpd” as it is on Red Hat-based Linux distributions or FreeBSD.

If not, try to start Apache from Plesk CP or via command line. If you get an error, check /var/log/httpd/error_log (/var/log/apache2/error_log on SuSE and Debian, /usr/local/psa/apache/logs/error_log on FreeBSD)

Make sure that Apache is listening on the both HTTP and HTTPS ports (80/443) on all needed IP addresses:

Customizing apache web logs

Custom formats for apache web logs, to record more information or to make them easier to read.

LogFormat

Apache’s “LogFormat” directive is what lets you define your own access log setup. Let’s look at how that directive would be used to define the combined log format (CLF):

That first argument, in quotes, is the string that describes the log format. The last argument, “combined”, gives a nickname to the format that can be used by CustomLog later on.

That format string contains a bunch of placeholders that describe the data to be included in the log. That first one, for example, is “%h” and represents the IP address of the visitor (the identifier for their host). A bit further on, “%t” represents the time of the request.

Apache Security: Hide Apache Web Server Version number

Apache Web Server Version number with ServerSignature and ServerTokens directives

Open your httpd.conf file using text editor such as vi:

There are two config directives that controls Apache version. The ServerSignature directive adds a line containing the Apache HTTP Server server version and the ServerName to any server-generated documents, such as error messages sent back to clients. ServerSignature is set to on by default. The ServerTokens directive controls whether Server response header field which is sent back to clients includes a description of the generic OS-type of the server as well as information about compiled-in modules.

Append/modify config directive as follows:

Save and close the file. Restart Apache web server:

To make a domain secure Web content available in Plesk

After migration, secure Web content (available via the https protocol) become unavailable. The reason is that in Parallels Plesk Panel, secure Web content can be stored either in a directory different from the directory with common Web content (default option), or in the same directory.

To make a domain secure Web content available, enable the Use a single directory for housing SSL and non-SSL content option.

Go to the domain Home page > Web site: Web Hosting Settings > Preferences: Use a single directory for housing SSL and non-SSL content checkbox.

Hide apache web server version

It is possible to hide apache web server version and other information. This is done for security reasons. It is not a good idea to broadcast the version of the software that you are running on the server. You should have noticed the following details(or something similar) when an error page is displayed.

Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8b mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.6 Server at XXX.com Port 80

Add/Edit the two entries in the apache configuration file(httpd.conf)

ServerSignature Off : tells apache not to display the server version on error pages, or other pages it generates.
ServerTokens Prod : tells apache to only return Apache in the Server header, returned on every page request.

Restart the webserver.