Book Review: Administering Apache

"Administering Apache," by Mark Arnold, Jeff D. Almeida, and Clint Miller, is the latest addition to the "Administering" series from the Osborne Media Group. With the numerous Apache books now available, this book differentiates itself from its competitors by approaching the task of setting up a web server from a management perspective, by explaining the management issues involved, guiding the users through the initial stage of planning, and setting up the necessary policies after taking into account the concerns and major considerations for various strategies.

Its target audience comprises Internet Service Providers who aim to provide more secure services, web developers, applications programmers, right up to the corporate system administrator. The book's written in a straightforward manner, presented with clarity and numerous diagrams plus tables for illustrating complex concepts, not to mention its eye-pleasing fonts and layouts. All this helps to make it an easy to understand, light and pleasurable read, but not very suitable as a quick reference book due to its narrative style.

In addition to Apache, this book also provides information on some UNIX administration tasks including instructions to help the reader configure a firewall and FTP. For those unfamiliar with UNIX, step-by-step instructions are provided for day-to-day UNIX tasks such as killing processes. Detailed explanations are given for UNIX commands such as "ps" and "grep".

Like many other Apache books, this book is task-oriented and has 12 chapters. One must not skip the first chapter (Planning Ahead), as this is its "book map" as a "site map" is to a web site. This chapter guides you along your initial planning stage to defining your policies and strategies on implementing a web server and determining your server's capabilities. It then directs you to the relevant chapters or sections of the book according to your decisions, while highlighting the sections for system administrator and web development team based on chosen strategies.

There are eight strategies aimed at four categories: the corporation, small business, large ISP and small ISP. Discussion on concerns and considerations for various strategies tend to appear occasionally, especially in chapters three, seven, and nine, which outline the definition and segregation of the responsibilities and access of the webmaster and system administrator, the design of the structure for hosting homepage web sites, and the decision of setting up a "forward" or "reverse" proxy.

Chapters two to ten deal with the usual tasks of setting up, configuring, securing and day-to-day running of an Apache web server. These chapters cover topics from installing, compiling and configuring the basic Apache Web server to securing the server by using a firewall or adding SSL. In passing, the troubleshooting section covers status reporting, configuration reporting, benchmarking, and performance tuning, including load balancing.

Overall, the book is meant for those on UNIX platform but it tries to cover other platforms as well by devoting chapter eleven solely to using Apache on Windows 95/NT. For those interested in developing their own modules for Apache, the final chapter would be a good launching pad as it presents an overview of the subject, although it is not to be taken as the bible for programming Apache.

On the subject of securing Apache, readers are given the alternative of using either mod_ssl or Apache-SSL as detailed instructions are provided for building OpenSSL, SSLeay, mod_ssl and Apache-SSL. The sentence "SSLeay is an application programmer interface to the OpenSSL library" indicates a confusion over the relationship between SSLeay and OpenSSL as in truth, OpenSSL is based on the excellent SSLeay library and not vice-versa. It also fails to mention that OpenSSL has replaced SSLeay as one of the prerequisites for Apache-SSL and currently SSLeay libraries are no longer maintained.

Apart from the above SSL third-party modules, other Apache plug-ins such as mod_perl are only mentioned briefly but ample references are given for further reading. One interesting point to note is that it does not encourage Front Page support on Apache and if you are determined to install Front Page Server Extensions, it recommends that you move those sites requiring Front Page to some other web servers instead.

Although "Administering Apache" is hot off the press, the same cannot be said of its contents. Inconsistencies on the version of Apache used can be found throughout the book, with mentions of apache_1.3.6 in a few chapters and apache_1.3.9 in others. The sequence of some sections could do with a rearrangement to closely reflect the "real world" tasks. For example, chapter two's section on removing existing servers comes before the downloading and building Apache Server sections, whilst an 'upgrading or migrating' section is sorely missing. In the same chapter, the instruction to remove all web servers before installing the Apache Web Server seems very conservative and unnecessary, as it is possible to have numerous web servers running on the same machine especially for testing purposes.

As Apache directives appear under their respective functions, an exhaustive list should be provided for reference but is not. Typographical conventions used are not explained and it is most unsettling to come across four question marks (sometimes three question marks) appended to the directives like these - "AddAlt????" and "AddIcon????" staring at you. This is not an oversight of the proofreaders, it just means that "????" or "???" is a sort of "variable" and "AddIcon????" refers to all directives beginning with the word AddIcon such as AddIconByType and AddIconByCoding. They could do well to warn us beforehand.

Despite a few noticeable shortcomings, this book is a good companion for beginners to UNIX, web servers in general, and the Apache web server as it offers a good introduction to setting up web servers and services, and an overall picture of Apache including its source codes. It is easy to comprehend, not too dry to read on its own without having to sit in front of a computer and might even be interesting for leisure or bedtime reading. If you have only a faint idea of what web servers, UNIX and Apache are all about (but of course you must be computer literate), then this book is a good starting point for its span though wide is shallow with lots of references provided for further reading.

For professional web administrators or experienced Apache users, this book will not add much to your already in-depth knowledge of Apache, but you might still be attracted to read it for its strategies, server management tips, and policies - as well as for its entertaining qualities.