Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
Topic: Apache 2.2.4 Minor Update To 2.2.14 |
|
Author |
|
jethogan
Joined: 30 Oct 2009 Posts: 4
|
Posted: Fri 30 Oct '09 10:30 Post subject: Apache 2.2.4 Minor Update To 2.2.14 |
|
|
1. Advise from apache experts will be greatly appreciated.
2. I am learning and testing apache, php, and mysql on a xp pro home computer. Initially I had to make small changes in configuration and ini files. These changes required a considerable amount of googling and trials. For this reason alone, I am quite wary of upgrading from Apache 2.2.4 to 2.2.14 .
3. I understand from another post in this forum, that it may be possible to do a minor upgrade just by copy and pasting a few sub-folders from 2.2.14 to the 2.2.4.
a. apache\bin
b. apache\bin\iconv
c. apache\modules
4. My queries are -
a. Will the above method produce a truly functional Apache 2.2.14 server.
b. What are the pros and cons of this method.
c. Other suggestions.
All expert opinions will be appreciated. |
|
Back to top |
|
glsmith Moderator
Joined: 16 Oct 2007 Posts: 2268 Location: Sun Diego, USA
|
Posted: Fri 30 Oct '09 11:45 Post subject: |
|
|
3. Yes to a, b and c.
4a. Yes
4b.
Con: The description of Apache in your services window will not change.
Pro: It's a nice quick simple way to do it that works perfect except for above con.
4c. Make backup copy of all 2.2.4 files/folders before you start.
The fix for the con is to simply uninstall then reinstall the service, that is if you care what the description says in the services window to begin with.
If you run Apache as a user other than it's default (SYSTEM), and you do un/reinstall, the user that Apache runs under will revert back to SYSTEM so you would have to make the change manually again back to whatever it's proper user is. |
|
Back to top |
|
James Blond Moderator
Joined: 19 Jan 2006 Posts: 7355 Location: Germany, Next to Hamburg
|
Posted: Fri 30 Oct '09 11:50 Post subject: |
|
|
Hi!
You figured out the right way to update apache. For that works a long time with minor updates.
As long as you update inside the 2.2.x version there is no disadvantage.
+ Fast update
+ easy to keep your config.
+- However you should make a backup of your files.
- does not with the MSI installer |
|
Back to top |
|
jethogan
Joined: 30 Oct 2009 Posts: 4
|
Posted: Tue 10 Nov '09 10:57 Post subject: Apache 2.2.4 Minor Update To 2.2.14 |
|
|
@ glsmith and James Bond
1. Please excuse my unforeseen delay in this thread. I was totally internet and computer-free the past week, not intentionally. Again, my apologies.
2. You are right ! After minor-upgrading to 2.2.14 the above way, Secuniar Security Inspector still sees me as using 2.2.4 and keeps reminding me to upgrade to the latest Apache 2.2.14 !!
3.
Quote: | If you run Apache as a user other than it's default (SYSTEM), and you do un/reinstall, the user that Apache runs under will revert back to SYSTEM so you would have to make the change manually again back to whatever it's proper user is.
|
I hope you will bear with my lack of Apache competency. I am learning php, mysql, javascript, htaccess, etc and test some scripts and simple designs on my home computer. Frankly, I do not understand your phrase *run apache as a user other than its default (SYSTEM)* . But I am eager to understand it if you will kindly put it in simple English, if at all possible. I hope you can.
4. I am not very familiar with web hosting. Am I correct to say that most web hosts may not necessarily use the latest Apache version for compatibility and continuity reasons ? Will I be wasting time doing tests with Apache 2.2.14 now only to put my site later on a web-host who uses an earlier version ?
5. Is mastering Apache more relevant only for those who want to host their own websites ?
Again, thanks for your knowledgeable insight and patience. |
|
Back to top |
|
glsmith Moderator
Joined: 16 Oct 2007 Posts: 2268 Location: Sun Diego, USA
|
Posted: Wed 11 Nov '09 5:44 Post subject: |
|
|
1. Me too soon possibly.
2. Most likely due in part to #3. Guess I need to add Secunia to the list.
4. Not only hosting co's., Linux Distros as well (which may be why the host co. does), They patch old versions to secure them at least.
5. Anyone who is going to be hosting a website on an Apache server, whether it be their Apache or their hosting providers.
Now to #3 and hopefully without making a 1200 line post.
I will assume you understand user accounts (your using one now) and that non-administrator accounts are not able to do everything like an Admin can. I'm no authority but as far as I can wrap my head around this from observation, things I've read over time, and make it simple, SYSTEM is one of your Windows user accounts, for use by Windows itself. SYSTEM has just about the same rights/permissions to do just about anything as an admin. Only thing I know of is it cannot access "shares" from other computers on your local network, at least Apache cannot under user SYSTEM. That said, it has read/write/execute permissions on the entire system as far as I know. The Apache service by default runs under such user. Do a ctrl+alt+del, choose task manager, click the processes tab and have a look at what the httpd.exe items are listed as.
[Sorry for the long paragraph Mario.]
Some people do what is called "Jailing Apache" and run Apache as a user other than SYSTEM. This allows you (on XP & 2k pro at least) to limit what it can do and where on the hard drive it can do it. What one tries to accomplish is NOT allowing Apache to write and execute in the same place together. Therefore joe haxhead cannot write something onto the hard drive with, and then use Apache to also execute it, metaphorically place a stick of dynamite then go and light it
Pesky #2:
Since you obviously do not do the above there is nothing for you to worry about as far as removing/reinstalling the service. My first guess is assuming Secunia looks in the Services registry key and grabs the version from there. It's obviously not reading directly from Apache's exe/dlls itself.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Apache2.2\Description
My second guess is the other things that did not get updated that do carry the version number and are typically included for building modules by the apache.org distributions.
Apache2.2/include/ap_release.h
Apache2.2/lib/libhttpd.lib (anymore anyone?)
So first shutdown Apache and from your Apache's bin directory at the command line, simply remove and then install
Code: | httpd -k uninstall
httpd -k install |
Start Apache again.
Check Secunia. If not, replace the lib and include folders as well. If not then ask Secunia why |
|
Back to top |
|
jethogan
Joined: 30 Oct 2009 Posts: 4
|
Posted: Wed 11 Nov '09 12:33 Post subject: |
|
|
1. Me too soon possibly - I do not own a lap top, neither does my elderly mum who stays in a prehistoric town. If you do not have a similar situation like me, I do not know how you are going to do it !
2. I have tried changing the registry key below as you suggested. Secunia seemed to ignore it.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Apache2.2\Description
3. I also tried *httpd -k uninstall* and *httpd -k install* . I think Secunia still did not see the new version 2.2.14. Next I copied and pasted the lib and include folders from 2.2.14 to 2.2.4. Now Secunia does not detect any Apache at all even though it is functional right now. No worries though, cos Apache service is running without problem as far as I can see.
4. While running the command httpd -k install , I noticed the following message below. Could you please elaborate on it. Should I do anything to correct it ?
Installing the Apache2.2 service.
The Apache2.2 service is successfully installed.
Testing httpd.conf ...
Errors reported here must be corrected before the service can be started.
(OS 10048) Only one usage of each socket address (protocal/network address/port) is normallly permitted. : make_sock: could not bind to address 0.0.0.80
No listening sockets available, shutting down
Unable to open logs.
4. Thanks for explaining user and SYSTEM in simple English and in just 15 lines instead of 1200 lines. Much appreciated. I managed to understand a new and important concept today. |
|
Back to top |
|
James Blond Moderator
Joined: 19 Jan 2006 Posts: 7355 Location: Germany, Next to Hamburg
|
Posted: Wed 11 Nov '09 17:53 Post subject: |
|
|
Quote: |
make_sock: could not bind to address 0.0.0.80
|
Did you stop the server?
correct would be
Code: |
httpd -k stop
httpd - unsintall
httpd -k install
httpd -k start
|
|
|
Back to top |
|
glsmith Moderator
Joined: 16 Oct 2007 Posts: 2268 Location: Sun Diego, USA
|
Posted: Wed 11 Nov '09 22:20 Post subject: |
|
|
1. Because I have to move. It'll just be temporary for a couple weeks. I will have access, just not my server. |
|
Back to top |
|
jethogan
Joined: 30 Oct 2009 Posts: 4
|
Posted: Thu 12 Nov '09 16:56 Post subject: Apache Minor Upgrade |
|
|
@ James Bond
1. Did you stop the server?
You guess correctly. I did not stop the server before running httpd -k uninstall.
I have just run the 4 commands you provided, httpd -k stop, httpd -k uninstall, httpd -k install and httpd -k start . Everything went smoothly, no error messages. Thanks.
@ glsmith
2. Regardless of Secunia, phpinfo says I am using apache 2.2.14
3. Are you upgrading yourself ? I am not sure whether you are moving to a bigger house or moving your server somewhere else or both. Regardless, wish you a smooth transition and thanks for helping out in my apache minor upgrade. |
|
Back to top |
|
|
|
|
|
|