Web Services

Question 1

What do HTTP and HTTPS stand for?

Answer 1

HyperText transfer protocol and Secure HTTP

Question 2

What does HTML stand for?

Answer 2

HyperText Markup Language

Question 3

HTTP status codes have the format 1xx, 2xx, 3xx, 4xx, 5xx - what types of messages do these number represent?

Answer 3

1xx - Informational messages
2xx - Success
3xx - Redirection
4xx - Client Error
5xx - Server Error

Question 4

What does SSL stand for?

Answer 4

Secure Sockets Layer

Question 5

What does TLS stand for and what is it?

Answer 5

TLS is Transport Layer security, it is the security layer applied to web traffic, the successor to SSL.

Question 6

Which port numbers do these services usually run on:
Web server (HTTP)
Secure Web server (HTTPS)
Squid Proxy Server

Answer 6

HTTP - 80
HTTPS - 443
Squid - 138

Question 7

There are a number of web service options available, which 3 web services does LPIC-2 focus on? Which is the most popular in Linux today?

Answer 7

Apache - Web Server (most popular)
Nginx - Web Server
Squid - Web Proxy Server

Question 8

Name some of the core features of the Apache web server

Answer 8

Loadable dynamic modules (that can be activated/deactivated on the fly)
Scalable Multi-Session Support
Limiting concurrent connections
Bandwidth Throttling
Web Caching (web proxy)
Load Balancing (reverse Proxy)
Common Gateway Interface (CGI) support
Virtual Hosting
User-Based Web Page Hosting

Question 9

In Web Hosting, what does CGI stand for? What does it do?

Answer 9

Common Gateway Interface. It allows programs to be run that can generate dynamic web content.

Question 10

What are the two main functions of the squid proxy server?

Answer 10

Web filtering and web caching

Question 11

What is nginx?

Answer 11

Nginx is a web server that is gaining popularity. It can act as either a web server or as a reverse proxy server that performs load balancing

Question 12

Where are Apache web documents generally stored?

Answer 12

/var/www/html/

Question 13

Which Apache utility allows you to control (stop, start, restart, status) the Apache service?

Answer 13

apachectl

Question 14

Unfortunately the configuration file location for Apache are not standard across distros. Which 2 places would you check on Debian based distros, which 2 places on Redhat based distros.

Answer 14

Debian:
/etc/apache2.conf
/etc/apache2/apache2.conf
Redhat:
/etc/httpd/httpd.conf
/etc/httpd/httpd2.conf

Question 15

Name the Apache directive that allows you to specify a port number to listen on and an optional IP address.

Answer 15

Listen

Question 16

Name the Apache directive that specifies the user account which should be used to start the service

Answer 16

User

Question 17

Name the Apache directive that allows you to specify a group for the Apache daemon service

Answer 17

Group

Question 18

Name the Apache directive that allows you to specify an email address for the Apache server administrator

Answer 18

ServerAdmin

Question 19

Name the Apache directive that allows you to specify a name for the Web server

Answer 19

ServerName

Question 20

Name the Apache directive that allows you to specify the base directory for the configuration files

Answer 20

ServerRoot

Question 21

Name the Apache directive that allows you to specify the base directory for the data files

Answer 21

DocumentRoot

Question 22

Name the Apache directive that allows you to specify a default file served when a client requests an index of a directory

Answer 22

DirectoryIndex

Question 23

Name the Apache directive that allows you to specify a file to serve when an error occurs

Answer 23

ErrorDocument

Question 24

Name the Apache directive that allows you to specify the log file location

Answer 24

ErrorLog

Question 25

Name the Apache directive that allows you to specify a file that lists restrictions on files in a folder

Answer 25

AccessFileName

Question 26

Name the Apache directive that allows you to specify another file to include in the configuration

Answer 26

Include

Question 27

Name the Apache directive that allows you to specify the number of servers to start to handle concurrent requests

Answer 27

StartServers

Question 28

Name the Apache directive that allows you to specify the maximum number of servers to handle concurrent requests

Answer 28

MaxClients

Question 29

Name the Apache directive that allows you to specify the minimum number of spare servers to have running

Answer 29

MinSpareServers

Question 30

Name the Apache directive that allows you to specify the maximum number of spare servers to have running

Answer 30

MaxSpareServers

Question 31

Name the Apache directive that allows you to load and enable special feature modules on the server

Answer 31

LoadModule

Question 32

What does an Apache conditional BLOCK directive look like?

Answer 32

directives

Question 33

What does an Apache conditional MODULE directive look like?

Answer 33

directives

Question 34

What does an Apache conditional DIRECTORY directive look like?

Answer 34

directives

Question 35

What are the two types of Apache logs?

Answer 35

Access logs and Error Logs

Question 36

The location of the Apache Error logs can be different on Debian based distros to that on Redhat based distros. What are the likely locations and files names on each?

Answer 36

Debian:
/var/log/apache2/error.log
Redhat:
/var/log/httpd/error_log

Question 37

The location of the Apache Access logs can be different on Debian based distros to that on Redhat based distros. What are the likely locations and files names on each?

Answer 37

Debian:
/var/log/apache2/access.log
Redhat:
/var/log/httpd/access_log

Question 38

Name the Apache directive that allows users to host their own files on a system

Answer 38

USERDIR
e.g
USERDIR public_html
http://localhost/~username/test.html

Question 39

What is named based virtual web hosting?

Answer 39

Where multiple hostnames point to a single IP address

Question 40

What does an Apache name based virtual hosting definition look like?

Answer 40

NameVirtualHost 192.168.10.1

ServerName www.example1.com
DocumentRoot /var/www/html/example1

Servername www.example2.com
DocumentRoot /var/www/html/example2

Question 41

What does an Apache IP based virtual hosting definition look like?

Answer 41

Listen 192.168.10.1
Listen 192.168.10.2

Servername www.example1.com
DocumentRoot /var/www/html/example1

Servername www.example2.com
DocumentRoot /var/www/html/example2

Question 42

There are a number of Apache access restriction modules, which is the most common

Answer 42

mod_auth

also known as mod_authn_file

Question 43

Name the Apache directive that allows you to specify a name for a mod_auth access restricted location

Answer 43

AuthName

Question 44

Name the Apache directive that allows you to specify an authentication type for a mod_auth access restricted location

Answer 44

AuthType

Question 45

Name the Apache directive that allows you to specify a file name for a mod_auth access restricted location

Answer 45

AuthUserFile

file can be created with the htpasswd utility

Question 46

What does a mod_auth restricted access configuration directive look like?

Answer 46

AuthName "Secure pages, restricted access"
    AuthType Basic
    AuthUserFile /etc/apache/passwords
    Require valid-user
    DocumentRoot /var/www/html/secure

Question 47

Which utility allows you to create a password file for a restricted access setup? How would you use it?

Answer 47

htpassed

#to create a new file
htpasswd -c /etc/apache/password jdoe

Question 48

What are the three methods of restricting access to content on an Apache server?

Answer 48

Using an authentication module, using .htaccess files or IP address based restrictions

Question 49

Name the Apache directive that allows users to specify configuration directives in a .htaccess file

Answer 49

AllowOverRide

Question 50

What does an IP based restriction configuration directive look like?

Answer 50

Order Deny,Allow
Deny from all
Allow from 192.168.10.0/255.255.255.0
DocumentRoot /var/www/html/secure

Question 51

Which two Apache directives do you need for any CGI configuration?

Answer 51

ScriptAlias
e.g. ScriptAlias /cgi-bin/ /var/www/cgi-bin/
AddHandler
e.g. AddHandler cgi-script .cgi .pl

Question 52

What are mod_perl, mod_php, mod_python, mod_ruby?

Answer 52

Commonly used installable Apache modules that can be with CGI to create dynamic web content.

Question 53

What are the 6 steps to setting up https on Apache?

Answer 53

1 Install Apache SSL module
2 Create server public/private key pair
3 Create a CSR
4 Have the CSR Signed
5 Copy Certificate and Keys into your Apache Setup
6 Configure Apache to use the certificate

Question 54

Using openssl, how would you create a public/private certificate key pair for your server

Answer 54

openssl genrsa -des3 -out server.key 2048

Question 55

Using openssl, how would you create a certificate signing request for your server key “server.key”

Answer 55

openssl req -new -key server.key -out newreq.pem

Question 56

There is a perl script that is part of the openssl-perl package that allows you to setup a certificate authority and self sign your CSR’s. What is the name and location of the perl script

Answer 56

/var/lib/ssl/misc/CA.pl

CA.pl -newca
CA.pl -signreq

Question 57

What is SNI

Answer 57

Server Name Indication - this is an extension of the TLS protocol in which the hostname is indicated during the handshake. This allows multiple signed hosts to run on a single web server.

Question 58

Name the Apache directive that turns on SSL capability

Answer 58

SSLEngine

e.g. SSLEngine on

Question 59

Name the Apache directive that defines an SSL certificate to use

Answer 59

SSLCertificateFile

e.g. SSLCertificateFile /etc/apache/certs/server.pem

Question 60

Name the Apache directive that defines an SSL certificate key

Answer 60

SSLCertificateKeyFile

e.g. SSLCertificateKeyFile /etc/apache/certs/server.key

Question 61

Name the Apache directive that defines the certificate authorities key file

Answer 61

SSLCACertificateFile

Question 62

Name the Apache directive that defines the certificate authorities key file path

Answer 62

SSLCACertificatePth

Question 63

Name the Apache directive that defines the a file that contains multiple concatenated certificate files for validating client files

Answer 63

SSLCertificateChainFile

Question 64

Name the Apache directive that allows the specification of versions of the TLS and SSL protocols

Answer 64

SSLProtocol

Question 65

Name the Apache directive that defines the supports SSL/TLS ciphers

Answer 65

SSLCipherSuite

Question 66

Where is the squid config file in
Redhat based distros?
Debian based distros?

Answer 66

Redhat
/etc/squid/squid.conf
Debian
/etc/squid3/squid.conf

Question 67

Only two directives are required for a basic Squid web caching setup, what are they?

Answer 67

http_port
Cache_dir

Example:
http_port 3128
cache_dir ufs /var/spool/squid3 100 16 256

100MB
16 top level cache folders
256 2nd level cache folders

More folders should equal better caching performance

Question 68

Name the Squid directive that defines an access control list

Answer 68

acl

Question 69

Name the Squid directive that specifies a program to authenticate users

Answer 69

auth_param

Question 70

Name the Squid directive that specifies a folder to cache web requests

Answer 70

cache_dir

Question 71

Name the Squid directive that specifies a rule for allowing or denying access for an ACL group

Answer 71

http_access

Question 72

Name the Squid directive that specifies the port on which the Squid service will listen on

Answer 72

http_port

Question 73

Name the Squid directive that specifies an external program where all web requests can be redirected to

Answer 73

redirect_program

Question 74

What does a squid acl directive look like?

Answer 74

acl ourhosts src 192.168.30.0/255.255.255.0

Question 75

What is the squid acl src directive?

Answer 75

allows you to specify source IP addresses

Question 76

What is the squid acl dst directive?

Answer 76

allows you to specify destination IP addresses

Question 77

What is the squid acl port directive?

Answer 77

allows you to specify a list of TCP ports

Question 78

What is the squid acl srcdomain directive?

Answer 78

allows you to specify a list of source domain names

Question 79

What is the squid acl dstdomain directive?

Answer 79

allow you to specify a list of destination domain names

Question 80

What is the squid acl time directive?

Answer 80

allows you to specify a list of days or time of day

Question 81

What is the squid acl proto directive?

Answer 81

allows you to specify a list of protocols

Question 82

What is the squid acl browser directive?

Answer 82

allows you to specify a list of browsers

Question 83

What is this squid configuration doing?

acl socialmedia dstdomain www.facebook.com www.twitter.com
acl lunch MTWHF 12:00-13:00
http_access allow socialmedia lunch
http_access deny socialmedia

Answer 83

The first acl defines a list of destination domains
The second acl defines an hour, monday - Friday called lunch
The first http_access directive allows access to the domains during lunch
The second http_access directive denies access to the domains (at any other time)

Question 84

Client authentication in squid uses which configuration directive?

Answer 84

auth_param

The same parameter is used in the config file to defines multiple settings, for example to use pam

auth_param basic /usr/lib/squid/pam_auth
auth_param basic children 5 startup=5 idle=1
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

acl ourhosts proxy_auth REQUIRED

Question 85

What is the benefits of Nginx over Apache?

Answer 85

Nginx doesn’t spawn a new program thread for each client request like Apache. It spawns client threads within the main application program. This has the benefit of using less memory and can therefore be useful in large scale websites.

The second benefit is the ability to use Nginx as a reverse proxy which can serve as a load balancer for backend applications

Question 86

Where is the nginx config file usually found and what is it called?

Answer 86

/etc/nginx/

nginx.conf

Question 87

Name the nginx config directive that specifies the port nginx should listen on

Answer 87

listen

e.g.
listen 80 default_server;

Question 88

Name the nginx config directive that specifies the location of the web content. What is the equivalent directive in Apache?

Answer 88

root

e.g.
root /var/www/html;

equivalent directive in Apache is DocumentRoot

Question 89

Name the nginx config directive that defines the default file to load. What is the equivalent directive in Apache?

Answer 89

index

e.g.
index index.htm index.html;

equivalent directive in Apache is DirectoryIndex

Question 90

Name the nginx config directive that specifies the web server name. What is the equivalent directive in Apache?

Answer 90

server_name

e.g.
server_name localhost;

equivalent directive in Apache is ServerName

Question 91

Name the nginx config directive that specifies the settings for specific locations on the server

Answer 91

location

e.g.
location / {
try_files $uri $uri/ =404;
}

Question 92

Which nginx directives are used to create a reverse proxy? What does a simple example look like?

Answer 92

The location directive with proxy_pass

location / {
proxy_pass http://www.someotherplace.com;
}

or using IP and port

location / {
proxy_pass 192.168.30.30:5100;
}