====== Topic 208: Web Services ====== Perteneciente a [[informatica:certificaciones:lpic:lpic-2|LPIC-2]] Deberás poder instalar y configurar un servidor web. Configurar un servidor web para proporcionar HTTPS e instalar y configurar un servidor proxy, incluidas las políticas de acceso, la autenticación y el uso de recursos. Por último, deberás poder instalar y configurar un servidor proxy inverso, Nginx. Se incluye la configuración básica de Nginx como servidor HTTP. Módulos: * [[informatica:certificaciones:lpic:lpic-2:208_web_services:208.1_implementing_a_web_server|208.1 Implementing a web server]] (4) * [[informatica:certificaciones:lpic:lpic-2:208_web_services:208.2_apache_configuration_for_https|208.2 Apache configuration for HTTPS]] (3) * [[informatica:certificaciones:lpic:lpic-2:208_web_services:208.3_implementing_a_proxy_server|208.3 Implementing a proxy server]] (2) * [[informatica:certificaciones:lpic:lpic-2:208_web_services:208.4_implementing_nginx_as_a_web_server_and_a_reverse_proxy|208.4 Implementing Nginx as a web server and a reverse proxy]] (2) ===== Recomendaciones ===== De cara al examen, habría que tener claro: * Configuración un servidor Apache básico. * Conocer las principales directivas de Apache. * Configuración hosts virtuales. * Configuración la autentificación de usuarios. * Conocer los conceptos de certificados digitales. * Configurar un sitio web seguro con SSL. * Configuración básica del servidor proxy squid. * Configuración un servidor web Nginx. * Configuración un proxy reverso con Nginx. ===== Tests ===== **There is a restricted area in an Apache site, which requires users to authenticate against the file /srv/www/security/site-passwd. Which command is used to CHANGE the password of existing users, without losing data, when Basic authentication is being used.** * ''htpasswd -c /srv/www/security/site-passwd user'' * ''htpasswd /srv/www/security/site-passwd user'' (**Solución**) * ''htpasswd -n /srv/www/security/site-passwd user'' * ''htpasswd -D /srv/www/security/site-passwd user'' * None of the above. Con la primera opción estaríamos creando el fichero de nuevo, cargándonos el existente. **When Apache is configured to use name-based virtual hosts:** * it's also necessary to configure a different IP address for each virtual host. * The Listen directive is ignored by the server. * it starts multiple daemons (one for each virtual host). * it's also necessary to create a VirtualHost block for the main host. (**Solución**) * only the directives ServerName and DocumentRoot may be used inside a block **Which of the following lines in the Apache configuration file would allow only clients with a valid certificate to access the website?** * SSLCA conf/ca.crt * AuthType ssl * IfModule libexec/ssl.c * SSLRequire * SSLVerifyClient require (**Solución**) **In which Apache context should SSL support be activated?** * In a VirtualHost directive (**Solución**) * In a Location directive * In a Directory directive which is set to / * In a SSLHost directive **Which of the following is recommended to reduce Squid's consumption of disk resources?** * Disable the use of access lists. * Reduce the size of cache_dir in the configuration file. (**Solución**) * Rotate log files regularly. * Disable logging of fully qualified domain names. * Reduce the number of child processes to be started in the configuration file. **Which ACL type in Squid's configuration file is used for authentication purposes?** * proxyAuth * proxy_auth (**Solución**) * proxy_passwd * Auth * auth_required **When trying to reverse proxy a web server through Nginx, what keyword is missing from the following configuration sample?** location / { __________ http://proxiedserver:8080; } * ''remote_proxy'' * ''reverse_proxy'' * ''proxy_reverse'' * ''proxy_pass'' (**Solución**) **With Nginx, which of the following directives is used to proxy requests to a FastCGI application?** * ''fastcgi_pass'' (**Solución**) * ''fastcgi_proxy'' * ''proxy_fastcgi'' * ''proxy_fastcgi_pass'' **Name the two kinds of virtual hosts that can be configured in Apache.** * name-based, ip-based (**Solución**) * public, private * None of the above * internal, external **The command 'htpasswd -c /etc/httpd/passswd user' would:** * Copy the ''/etc/passwd'' file to ''/etc/httpd/passwd'' and add the ''user'' account to it * None of the above * Create a new password file in ''/etc/httpd'' and prompt for a password for the ''user'' account to add to it (**Solución**) * Remove the ''user'' account for the password file at ''/etc/httpd/passwd'' **Which of the following directories is the default site content directory (initial installation configuration)?** * ''/var/www/html'' (**Solución**) * ''/var/www'' * ''/var/html'' * ''/usr/share/html'' **The 'mod_ssl' module provides the ability for you to generate an SSL certificate for use within your website** * Verdadero * Falso (**Solución**) **When installing the Apache web server, the primary configuration file can be called either 'httpd.conf' or 'apache2.conf' depending on the distribution type and version.** * Verdadero (**Solución**) * Falso