Configuring Apache

Locate and open your Apache configuration file.

With administrative account access (i.e., write/read permissions), open your Apache configuration file in a text editor. To locate this file, please refer to the table below for your specific OS.

Version	Path
RedHat	`/etc/httpd/conf/httpd.conf`
Debian	`/etc/apache2/apache2.conf`

Review Apache's ServerName setting

Within this file, locate the ServerName section and verify that the server's name resolves correctly. For example, if your Connect Server uses the domain name www.myConnectServer.com, use the following setting:

ServerName www.myConnectServer.com

Turn off Apache's UseCanonicalName setting

Locate the line that states UseCanonicalName and verify that it is set to off.

UseCanonicalName off

Review and/or modify your Web UI settings

Add the following section at the end of the configuration file:

#BEGIN_ASPERA
<Directory /opt/aspera/var/webtools>
   AllowOverride All
   Allow from all
</Directory>
<Directory /opt/aspera/var/webtools/scripts>
   AddHandler cgi-script .pl
   SetHandler cgi-script
   Options +ExecCGI
   AllowOverride All
</Directory>
ScriptAlias /aspera/scripts/ "/opt/aspera/var/webtools/scripts/"
Alias /aspera/ "/opt/aspera/var/webtools/"
#END_ASPERA

Enable Apache's cgi and the dir modules

Your Apache web server must have both the cgi and the dir modules enabled. To do so, run the commands listed in the table below for your specific version of Apache.

Apache Version	Instruction
2.2	Run the following commands to enable the requisite modules: `$` sudo a2enmod dir `$` sudo a2enmod cgi `$` sudo a2enmod cgid Important: These commands do not work on RHEL or CentOS. You must edit the Apache configuration file as described below for Apache 1.3 and 2.0.
1.3, 2.0	In Apache's configuration file, add or un-comment the following lines: LoadModule dir_module modules/mod_dir.so LoadModule cgi_module modules/mod_cgi.so

Apache Version

Instruction

2.2

Run the following commands to enable the requisite modules:

$ sudo a2enmod dir
$ sudo a2enmod cgi
$ sudo a2enmod cgid

Important: These commands do not work on RHEL or CentOS. You must edit the Apache configuration file as described below for Apache 1.3 and 2.0.

1.3, 2.0

In Apache's configuration file, add or un-comment the following lines:

LoadModule dir_module modules/mod_dir.so
LoadModule cgi_module modules/mod_cgi.so

(Optional) Configure SSL

For instructions on generating an RSA Private Key, Certificate Signing Request (CSR) and optional self-signed certificate using OpenSSL, please refer to the topic Create an SSL Certificate (Apache). Then, once you have created your private key and Certificate (or you are using the unsigned Certificate provided by Aspera), please refer to the topic Enable SSL (Apache) for instructions on enabling SSL on your system.

Disable SELinux (ONLY RedHat, CentOS and Fedora)

SELinux (Security-Enhanced Linux), an access control implementation, may affect Web UI access. Please refer to the topic Disabling SELinux for instructions on disabling SELinux.

Restart your Apache web server

After modifying the Apache configuration file, save and close it. Then, based on your version of Apache, use the following commands to restart it:

Version	Command
Apache 2.2	`$` /etc/init.d/apache restart Note: This command does not work on RHEL or CentOS. You must use the command described below for Apache 1.3 and 2.0.
Apache 1.3, 2.0	`$` /etc/init.d/httpd restart

Version

Command

Apache 2.2

$ /etc/init.d/apache restart

Note: This command does not work on RHEL or CentOS. You must use the command described below for Apache 1.3 and 2.0.

Apache 1.3, 2.0

$ /etc/init.d/httpd restart

Enable system-level security

Enabling system-level security allows the Web UI to accurately display the users' files and show or hide controls depending on users' permissions (this includes the delete and make directory functions). To enable system-level security, run the following command (as root) in a Terminal window:

$ sudo /opt/aspera/sbin/enablesecure enable

Once the script is executed, you will be prompted to input the name of the Apache user.

User running apache (default apache):

Based on your input, the script generates text similar to the following. Use visudoers to copy and paste the generated text into your /etc/sudoers file. In the following example output, apache is the account that is running Apache and /opt/aspera is the Aspera installation directory.

# BEGIN Aspera Connect Server
# The user account that runs the web server will impersonate
# the logged-in user to present that user's files and folders.
Defaults env_keep += "SERVER_NAME REQUEST_URI REQUEST_METHOD REMOTE_USER QUERY_STRING CONTENT_LENGTH SESSION_ID CSRF_TOKEN"
Defaults:apache !requiretty
apache ALL=(ALL) NOPASSWD: /opt/aspera/var/webtools/scripts/aspera-dirlist.pl,
SETENV: /opt/aspera/var/webtools/scripts/aspera-dirlist.pl
# END Aspera Connect Server

Note: Once secure permissions are enabled, users will see the Delete and Create Folder buttons, allowing then to remove files and create directories on the server (within their docroot). You may hide the Delete and Create Folder buttons by updating the Web UI configuration parameters EnableDelete and EnableCreateFolder, respectively. Please refer to Configuring your Web UI Settings for details.

To disable the secure permissions, run the enablesecure script again with the argument "disable."

$ sudo /opt/aspera/sbin/enablesecure disable

(On client computers) Verify that cookies are enabled in Web browser

Ensure that your client users have cookies enabled within their browsers before attempting to log in. Failure to do so may result in an error message as they attempt to access the Connect Server Web UI.