Web publication service (HTTP)

Introduction to HTTP

The Web [1] is one of the most common services on the Internet, to the extent that it has become the “public face” of the Internet for most users. This service is based on web page transfer using the HTTP protocol.

HTTP (Hypertext Transfer Protocol) [2] is a request and response protocol. The client, also known as the User Agent, makes a request to access a resource on a HTTP server. The server with the requested resource processes it and gives a response with the resource, this can be an HTML web page, image or any other file that is generated dynamically - based on a series of request parameters. These resources are identified by using URLs (Uniform Resource Locators) [3] , identifiers usually know as web site addresses.

A client request follows this format:

  • Initial line with <method> <URL> <HTTP version>. For example, the GET /index.html HTTP/1.1 requests the resource /index.html using GET and by using the HTTP/1.1 protocol.
  • A line, with headers, such as Host, Cookie, Referer or User-Agent amongst others. For example Host: zentyal.com informs that a request is made to the domain zentyal.com.
  • A blank line.
  • A body with optional format, used, for example, to send data to the server using the POST method.

The Host header is used to specify which domain you need to send the HTTP request. This allows different domains with different web pages to exist on the same server. The domains, therefore, will be resolved to the same IP address of the server - after reading the Host header the server can designate the virtual host or domain to which the request is addressed.

There are several methods that clients can use to request data, although the most common ones are GET and POST:

GET:
Requests a resource. It is a harmless method as far as the server is concerned and does not cause any changes to the hosted web applications.
HEAD:
Requests data from a resource, like GET, but the response will not include the the body, only the header. Hence, it allows you to obtain metadata from the resource without downloading it.
POST:
Sends data to a resource that the server must process, through a web form, for instance. The data is included in the body of the request.
PUT:
Sends an item to be stored on a specific resource. It is used, for example, by WebDAV [4], a set of HTTP protocol methods which allow collaboration between users when editing and managing files.
DELETE:
Deletes the specified resource. Also used by WebDAV.
TRACE:
Informs the server that it must return the header sent by the client. This is useful to see whether the request has been modified on its way to the server, for example by an HTTP Proxy.

The server response has the same structure as the client request, except for the first line. The first line contains <status code> <text reason>, which is the response code and textual explanation of it.

The most common response codes are:

200 OK:
The request has been processed correctly.
403 Forbidden:
The client does not have permission to access the requested resource.
404 Not Found:
The requested resource was not found.
500 Internal Server Error:
Server error has occurred, preventing the correct processing of the request.
_images/http.png

Request schema and HTTP response

By default, HTTP uses the TCP port 80 and HTTPS uses the TCP port 443. HTTPS is the HTTP protocol sent via SSL/TLS connection to guarantee encrypted communication and authentication of the server.

The Apache [5] HTTP server is the most widely used on the Internet, hosting more than 54% of all web pages. Zentyal uses Apache for its HTTP server module and for its administrative interface.

[1]http://en.wikipedia.org/wiki/World_Wide_Web
[2]http://en.wikipedia.org/wiki/HTTP
[3]http://en.wikipedia.org/wiki/URL
[4]http://en.wikipedia.org/wiki/WebDAV
[5]http://httpd.apache.org/

HTTP server configuration with Zentyal

You can access to the HTTP server configuration through the Web server menu.

_images/webserver.png

Configuration of Web server module

In the General Configuration you can modify the following parameters:

Listening port:
HTTP port, by default port 80, the default port of the HTTP protocol.
SSL listening port:
HTTPS port, by default port 443, the default port of the HTTPS protocol. You must enable the certificate for this service and change the Zentyal administrative interface port to another port if you want to use the port 443.
Enable the public_html per user:
If the users have a subdirectory called public_html in their personal directory, this option allows them to access it via the URL http://<zentyal>/~<user>/.

Virtual servers or Virtual hosts is where you can define different domains associated to certain web pages. When you use this option to define a new domain, if the DNS module is installed, then the top level domain will be created. If a subdomain does not already exist, then it will be added. This domain or subdomain creates a pointer to the address of the first internal interface configured with a static address - although you can modify the domain later if necessary.

Besides being able to enable and disable each domain of the HTTP server, if SSL has already been configured, you can fix HTTPS connections to a domain or even force all the connections to work over HTTPS.

The DocumentRoot or root directory for each page is in the /srv/www/<domain>/ directory. In addition, it is possible to apply a customised Apache configuration to each Virtual host by adding a file to the /etc/apache2/sites-available/user-ebox-<domain>/ directory.