The additional fields are the referring page, which linked to or contained the information requested ( http://www.fedorabook.com/index.html ), and the user agent header, which describes the client software (Firefox on a Fedora system in this case). The user agent information is interesting, but the referrer information is critical if you want to analyze where your visitors are coming from, which pages they visit first, and how they progress through your web site.
The error logfile contains entries like this:
[Tue Feb 28 22:01:33 2006] [error] [client 24.43.223.54] File does not exist: /var/www/html/favicon.ico
This indicates the date and time, the fact that this is an error, the client IP address, and the detail of the error.
7.5.3.2. ...using a more secure authentication scheme than Basic?
The problem with basic authentication is that the user ID and password travel in plain text across the network. Anyone snooping on the network can see the password.
A slightly better approach is to use digest authentication, which hashes the password before sending it across the network. This is still not nearly as secure as encrypting the connection.
To use digest authentication, use the same authentication configuration as you would for basic authentication, but substitute Digest for the AuthType :
AuthType Digest
AuthName " prices "
AuthUserFile /var/www/digest
Require valid-user
Create the password file using the htdigest command instead of htpasswd . htdigest requires one additional argument in front of the username, called the realm ; copy the value from the AuthName directive and use it for the realm. Here is an example:
# htdigest -c /var/www/digest prices chris
Adding password for chris in realm prices.
New password:
confidentialpassword
Re-type new password:
confidentialpassword
# htdigest /var/www/digest prices diane
Adding user diane in realm prices
New password:
bigsecret
Re-type new password:
bigsecret
htdigest does not accept the -b option used with htpasswd.
7.5.4. Where Can I Learn More?
The Apache documentation from the Apache Software Foundation is on their web site at http://httpd.apache.org/docs/2.2/ and on the web server of any Fedora system at http://<hostname>/<manual> (to disable access to the manual, remove /var/www/manual ).
The manpages for httpd , htpasswd , htdigest , and httpd_selinux.
7.6. Configuring the sendmail Server
sendmail is a robust email server. Like Apache, it has an enormous number of configuration options to handle many different service scenarios, even though many of these scenarios are pretty rare. With a small amount of configuration, sendmail can be configured to handle most mail-serving tasks.
7.6.1. How Do I Do That?
Fedora's default sendmail configuration wilclass="underline"
Start the sendmail service at each boot
Accept mail from local users for local mailboxes and place it in those mailboxes
Accept mail from local users for remote systems, place it in a queue, and attempt to deliver it directly to the remote mail hosts
This configuration may or may not work for you, depending on how you are connected to the Internet.
7.6.1.1. Preparing to configure sendmail and activating changes
To configure sendmail easily, install the sendmail-cf package:
# yum install sendmail-cf
Changes to the sendmail configuration are made to the file /etc/mail/sendmail.mc . However, this isn't the sendmail configuration file! Instead, it's a file that is used to generate the sendmail configuration file, /etc/mail/sendmail.cf .
To generate a new sendmail.cf file:
# cd /etc/mail
# make
This must be done after each change is made to sendmail.mc . Reload the sendmail server to make your changes take effect:
# service sendmail reload
(You can also use the Restart button in the Services tool.)
7.6.1.2. Configuring sendmail to use a mail relay
Some Internet Service Providers (ISPs) block email traffic to all mail servers except their own. This is intended to block viruses that set themselves up as a mail server, but it also interferes with Fedora's default sendmail configuration, which expects to be able to send email directly to the destination system.
To configure sendmail to send your outbound email through your ISP's mail server, find the line in /etc/mail/sendmail.mc that contains the word SMART_HOST :
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl define(\QSMART_HOST',\Qsmtp.your.provider ')
In this file, dnl means discard to newline , which effectively turns this line into a comment. Uncomment the SMART_HOST line by removing the dnl and then replace smtp.your.provider with the name of your ISP's mail server:
define(\QSMART_HOST',\Qmailserver.yourisp.com ')
7.6.1.3. Configuring sendmail to accept inbound email
Fedora's standard sendmail configuration does not accept email from remote systems, a feature that must be enabled if the system is going to act as an Internet email host.
To enable remote inbound connections, locate the line in sendmail.mc that contains the loopback address 127.0.0.1:
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.