Offcode ltd logo
World-class examples brought to you by Offcode ltd
Getting started Upload to server Image server Image manipulation Image cache reCAPTCHA Front Page

Apache shell scripts for linux: startup tutorial

If Apache is not installed yet, try:

sudo apt-get install apache2

Configuring Apache

First of all, let's make sure cgid is enabled. The module may be enabled with the following command:

a2enmod cgid

Next, we'll change the cgi-bin dir to something nicer, such as 's':

root@server261583:/etc/apache2# cd /etc/apache2
root@server261583:/etc/apache2# grep ScriptAlias */*
conf-available/serve-cgi-bin.conf:              ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
conf-enabled/serve-cgi-bin.conf:                ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/

After the grep results you should be able to find the proper file. Note that the files under conf-enabled/ are just symbolic links to the real files. We use pico (or nano) as a sample text editor, but you can use any you wish. Edit this file:

root@server261583:/etc/apache2# pico conf-available/serve-cgi-bin.conf

Change the 'cgi-bin' references to 's'. Barely anyone uses the cgi-bin anymore. It may also be a target of automated bot attacks. After the change, the file in this location should look like this:

        <IfDefine ENABLE_USR_LIB_CGI_BIN>
                ScriptAlias /s/ /usr/lib/s/
                <Directory "/usr/lib/s">
                        AllowOverride None
                        Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                        Require all granted

Creating the script directory

We need to create this directory as well:

root@server261583:/etc/apache2# cd /usr/lib/
root@server261583:/usr/lib# mkdir s

Never disclose the added user into public! I'd expect you have disabled ssh root access so that the endless number of bots will not try to guess your passwords - and eventually get it right! Disclosing the user to the public means the bots will pick it and start guessing its passwords! Let's create a user whose access rights will be handling the requests, but don't pick this one below!

Add the script user

root@server261583:/usr/lib/s# adduser imageserviceagent
Adding user `imageserviceagent' ...
Adding new group `imageserviceagent' (1001) ...
Adding new user `imageserviceagent' (1001) with group `imageserviceagent' ...
Creating home directory `/home/imageserviceagent' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for imageserviceagent
Enter the new value, or press ENTER for the default
        Full Name []:
        Room Number []:
        Work Phone []:
        Home Phone []:
        Other []:

The scripts should now be created within the /usr/lib/s -directory:

root@server261583:/usr/lib# cd s/ 
root@server261583:/usr/lib/s# pico test

Changing the default Apache user

The default www-user has virtually no access rights. This may be changed by altering various usage rights but it maybe more coordinated to change the user altogether. Change www-user to imageaservicegent which we just added with the adduser command:

root@server261583:/usr/lib/s# pico /etc/apache2/envvars

Please don't use the imageserviceagent as your user! Pick your own instead.

# Since there is no sane way to get the parsed apache2 config in scripts, some
# settings are defined via environment variables and then used in apache2ctl,
# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc.
export APACHE_RUN_USER=imageserviceagent
export APACHE_RUN_GROUP=imageserviceagent

Applying the Apache changes

Eventually we need to restart apache2 to take the modifications in use:

service apache2 restart

You can start developing scripts under the /usr/lib/s directory. If you create a script called "test", you can access it the following way:

Testing with a simple script

Let's create a test script to verify all is okay:

root@euve261583:/usr/lib/s# pico test

Enter this below into the file. Please notice that the lines with echo "" are necessary.


/bin/echo "Content-type: text/html"
/bin/echo ""
/bin/echo "<html><h2>Thanks for testing!</h2></html>"
/bin/echo ""

Remember to give the permissions:

root@euve261583:/usr/lib/s# chmod a+x test

If you go to that address with your web browser, it should print out "Thanks for testing!".