Upgrading Apache for Applications Manager
Article ID: 245180
Updated On: 01-12-2023
Products
Issue/Introduction
How to upgrade Apache for Applications Manager
Environment
Release: 9.3, 9.4
Component: APPLICATIONS MANAGER
Resolution
Apache can be installed or upgraded to the 2.4 version.
Apache can be upgraded and should work as before with Applications Manager. We ship with a base version of Apache for use by our customers. The upgrade of Apache on the server will need to be performed by your system administrator. Apache is not supported directly by Broadcom so should you have issues with the Apache upgrade you will need to resolve them with the assistance of your systems administrators.
The information Applications Manager adds for the webserver is in the httpd.conf file in the apache conf directory. It is recommended you take a backup of this file before any changes are made. Please note that Apache configuration may be different between versions of Apache.
Note that in Apache 2.4, the "Order allow, deny" option should be replaced with "Require all granted". There are 2 places in the httpd.conf file that needs to be changed
Access control
In 2.2, access control based on the client hostname, IP address, and other characteristics of client requests was done using the directives Order, Allow, Deny, and Satisfy.
In 2.4, such access control is done in the same way as other authorization checks, using the new module mod_authz_host. The old access control idioms should be replaced by the new authentication mechanisms, although for compatibility with old configurations, the new module mod_access_compat is provided.
Here are some examples of old and new ways to do the same access control.
In this example, all requests are denied.
2.2 configuration:
Order deny, allow
Deny from all
2.4 configuration:
Require all denied
In this example, all requests are allowed.
2.2 configuration:
Order allow, deny
Allow from all
2.4 configuration:
Require all granted
In the following example, all hosts in the example.org domain are allowed access; all other hosts are denied access.
2.2 configuration:
Order Deny, Allow
Deny from all Allow from example.org
2.4 configuration:
Require host example.org
Made the following change to the httpd.conf file.
# Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other
# <Directory> blocks below.
#
<Directory />
AllowOverride none
Require all granted (changed from Require all denied)
</Directory>
Feedback
