Web Servers Checkpoint

Introduction

This checkpoint is intended to help you assess what you learned from our introductory articles to Web Servers, where we introduced practical implementations and popular options for configuring your web server. You can use this checkpoint to test your knowledge on these topics, review key terms and commands, and find resources for continued learning.

Web servers act as the intermediary between a request (such as a URL you enter into your browser) and a response to that request (such as the web pages that are tied to the specific URL). After you have installed a web server to handle requests, you will be able to build the stack needed to develop your web apps.

In this checkpoint, you’ll find three sections that synthesize the central ideas from the introductory articles: defining what a web server is, using the Linux command to configure and modify your web server, and understanding networking protocols. In each of these sections, there are interactive components to help you test your knowledge. At the end of this checkpoint, you will find opportunities for continued learning about security and web applications.

Resources

• Introduction to Web Servers.
• How To Install Apache.
• How To Install Nginx.
• Apache vs Nginx: Practical Considerations.
• How To Secure Apache with Let’s Encrypt.
• How To Secure Nginx with Let’s Encrypt.

What Is a Web Server?

A web server serves the files needed to render a web application in your browser through HTTP and HTTPS protocol. A web application is software that can be accessed through the browser and which end users can interact with.

To understand web servers, it’s important to have familiarity with several key computing and networking terms.

Installing a web server to serve files for your web apps is critical when building your apps. Web servers can handle both static and dynamic content, especially in response to HTTP requests that call on your site’s domain name. To ensure your web server can handle those requests, you can manage configuration settings with the command line.

Using the Command Line to Configure Your Web Server

You were introduced to using the Linux command line in the introduction to Cloud Servers. By installing and configuring web servers like Apache and Nginx, you have continued to navigate the command line by modifying config files, writing the files for web pages, and running startup scripts. You’ve also used the APT package manager to update your server.

You can now configure and update your web server using commands such as:

• chown to change file ownership.
• chmod to set or change the permissions for accessing files.
• curl to transfer data with a specified location (the URL).
• hostname to set or display the hostname and domain name.
• systemctl to control the systemd service.

You’ve also worked with systemd, which is an option for the initial process (init) that runs when a Linux system is booted up. For more on using systemd commands, review How To Use Systemctl to Manage Systemd Services and Units. System startup scripts are typically stored in the /etc/init.d directory, which requires root or sudo access, and logs can be found in /var/log.

You’ve also used Certbot with the --standalone option to handle certification from Let’s Encrypt for your domain.

Configuring Your Server Files

Config files provide the settings for web servers and can be customized to suit your needs.

You have installed and configured common, open-source web servers, Apache or Nginx, on your remote server. Together, they serve approximately 50% of all web traffic.

A firewall will run on top of your web server or any other application servers that you have running in order to manage incoming and outgoing traffic to your web app. The default firewall for Ubuntu is the uncomplicated firewall or ufw, which manages the iptables firewall. You can read more on What Is a Firewall and How To Choose an Effective Firewall Policy, knowing that Apache and Nginx offer these profiles for commonly used ports:

Using Apache

Apache uses .htaccess files for its decentralized configuration settings, which means that you can make configuration changes at the directory level. The .htaccess files provide granular options for customization beyond the main Apache configuration file.

You can check your knowledge about other aspects of Apache in the interactive components below.

Apache uses specific terminology to support its system setup. Assess your knowledge with the Apache terms to know:

Using Nginx

Nginx uses centralized uniform resource identifier (URI) pattern matching for its configuration files. A uniform resource identifier is a unique sequence of characters to differentiate resources.

You can check your knowledge about other aspects of Nginx in the interactive components below.

Nginx uses specific terminology to support its system setup. Assess your knowledge with the Nginx terms to know:

Understanding Network Communication and Security Protocols

Network communication protocols can often be layered, and a common combination is to use cryptography on top of TCP and UDP protocols. TCP stands for transmission control protocol, and TCP handles data communication through packet transfer in a three-way handshake. UDP stands for user datagram protocol and is also implemented for data transport.

TLS, or transport layer security (and its predecessor secure sockets layer, or SSL) is a cryptographic protocol that places normal traffic in a protected, encrypted wrapper.

For more on networking and inter-process communication, you can review What Is a Socket? and Understanding Sockets.

When operating your own web server, you handle the security yourself. In the resource tutorials for this section, you have enabled TLS encryption with Let’s Encrypt on both Apache and Nginx web servers using the Certbot client.

While you’ve used Certbot to configure an SSL certificate for your domain from Let’s Encrypt, you can also generate a self-signed certificate to encrypt communication between your server and any clients, using the following tutorials for your chosen web server:

• How To Create a Self-Signed SSL Certificate for Apache in Ubuntu 22.04
• How To Create a Self-Signed SSL Certificate for Nginx in Ubuntu 22.04

You can review the OpenSSL Essentials as a quick reference for working with SSL certificates, private keys, and certificate signing requests.

What’s Next?

With your web server in place, you can now create additional server blocks or virtual hosts as needed, modifying configuration files to suit the needs of your web apps. You could try configuring Nginx as a reverse proxy for Apache.

To build your understanding of firewalls or to reconfigure your web server’s firewall settings, try these tutorials:

• What is a Firewall and How Does It Work?
• How To Choose an Effective Firewall Policy to Secure your Servers
• How To Set Up a Firewall with UFW on Ubuntu 22.04
• How To Implement a Basic Firewall Template with Iptables on Ubuntu 20.04
• How the Iptables Firewall Works
• How Fail2Ban Works to Protect Services on a Linux Server
• How To Protect an Nginx Server with Fail2Ban on Ubuntu 22.04
• Recommended Security Measures to Protect Your Servers

You might also consider setting up a collection of open-source software commonly used together to serve web applications, such as the LAMP, LEMP, or LOMP stack:

• Collection of LAMP Stack Tutorials
• How To Install Linux, Nginx, MySQL, PHP (LEMP stack) on Ubuntu 20.04
• How To Install Linux, OpenLiteSpeed, MariaDB, PHP (LOMP stack) on Ubuntu 20.04

To start building your web apps, try following our How To Code series, including:

• How To Code in JavaScript
• How To Code in Python
• How To Code in Go
• How To Code in React.js
• How To Code in TypeScript
• How To Code in Ruby
• How To Code in Node.JS
• How To Code in PHP

With your newfound knowledge on web servers, you can also continue your cloud journey with databases, containers, and security. If you haven’t yet, check out our introductory articles on cloud servers.