// this handy one liner is used on any new webserver..
// puts apache into the users group to allow dev teams etc..

sed -i 's/users:x:1000:admin/users:x:1000:admin,wwwrun/' /etc/group

// block access to .svn dirs
// should be done server-wide if you can (another snippet)

<IfModule mod_rewrite.c>
  RewriteRule ^(.*/)?\.svn/ - [F,L]
  ErrorDocument 403 "Access Forbidden"
IfModule>

// protect ".svn" and "CVS" dirs (could add more)
// for server-wide protection; goes in httpd.conf
// there's a separate snippet for .htaccess-based code

<DirectoryMatch "^/.*/(\.svn|CVS)/">
  Order deny,allow
  Deny from all 
DirectoryMatch>

Go to terminal:

sudo apt-get install apache2 mysql-server php5 php5-odbc libapache2-mod-php5 php5-xsl php5-gd php-pear libapache2-mod-auth-mysql php5-mysql libmyodbc

Now hand edit (or create, if it does not exist already) /etc/odbc.ini

Here's an example odbc.ini:

[ODBC Data Sources]
odbcname     = MyODBC 3.51 Driver DSN

[odbcname]
Driver       = /usr/lib/odbc/libmyodbc.so
Description  = MyODBC 3.51 Driver DSN
SERVER       = my.database.server.com
PORT         =
USER         = USER
Password     = XXXXXX
Database     = DBNAME
OPTION       = 3
SOCKET       =

[Default]
Driver       = /usr/local/lib/libmyodbc3.so
Description  = MyODBC 3.51 Driver DSN
SERVER       = localhost
PORT         =
USER         = root
Password     =
Database     = test
OPTION       = 3
SOCKET       =

Remember to start and stop mysql and apache:

sudo /etc/init.d/mysql start
sudo /etc/init.d/apache2 start

sudo /etc/init.d/mysql stop
sudo /etc/init.d/apache2 stop
sudo /etc/init.d/mysql restart
sudo /etc/init.d/apache2 restart

There is currently an issue resulting from the fact that Apache on Mac OS X 10.5 is built as a 64 bit application. On Macs that support 64 bits (all current Mac models), Apache will run in 64 bit mode. This is incompatible with most ODBC drivers, including those currently available from Actual Technologies.
Until we can make 64 bit versions of our drivers available, we recommend a workaround to force Apache to run in 32 bit mode. Using the Terminal prompt, enter the following commands (this is for ppc machines, for intel switch ppc7400 to i386):

sudo mv /usr/sbin/httpd /usr/sbin/httpd.ub

sudo lipo -thin ppc7400 /usr/sbin/httpd.ub -output /usr/sbin/httpd.ppc7400

sudo ln -s /usr/sbin/httpd.ppc7400 /usr/sbin/httpd 

Now restart Web Sharing in the System Preferences, and continue with the instructions for "Invoking ODBC Functions from ODBC" below.
NOTE: if you ever need to restore Apache to 64 bit mode, just enter the following command:

sudo mv /usr/sbin/httpd.ub /usr/sbin/httpd

Pass all requests for non-existing files or directories to index.php

RewriteCond        %{REQUEST_FILENAME}        !-f                
RewriteCond        %{REQUEST_FILENAME}        !-d
RewriteRule        ^(.*)$                    index.php        [L]

Doing some work on your web site but you don't want other people to see what you're doing. Give them a redirect (like the flickr massage screen).
You need to use your own ip of course.

# redirect all visitors to alternate site but retain full access for you
ErrorDocument 403 http://www.alternate-site.com
Order deny,allow
Deny from all
Allow from 99.88.77.66

Perl script using shell command to get(/grep) the lastest file on directory for download.

Just Create .htaccess (DirectoryIndex .latest.cgi) for more automations, so to get the latest files, just point your download link to: "yoursite.com/files/"

#!/usr/bin/perl
#This is .latest.cgi
$|++; my @file = `ls -1 -t -p | grep -v -P '/'`; 
print "Location: $file[0]\n\n";
exit;

To reload conf files

To verify changes to .conf files parse OK.

apachectl -t

To issue soft restart (waits for connections to close)

apachectl graceful

Forced restart, dropping connections as necessary.

apachectl restart

Change directory listing / default files served when hitting a directory.

This can be placed directly within the VirtualHost directives.

<IfModule dir_module>
  DirectoryIndex index.html index.php
IfModule> 

// Forces incoming traffic to use SSL connection

 #Force SSL
 RewriteCond %{SERVER_PORT} !443
 RewriteRule ^(.*)$ https://securesiteurl.com/$1 [R=301,L]

In your .htaccess file (maybe only in a specific folder) add this line to parse a .htm as a php file. This works on TxD accounts.

AddType application/x-httpd-php .htm .php

// redirect domain.com to www.domain.com (or vice versa)
// helps substantially with delicious links and other SEO optimization
// see for discussion

RewriteEngine On
RewriteCond %{HTTP_HOST} ^domain.com$ [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [R=301,L]

.htaccess in home or other directory

Options +Indexes
IndexOptions FancyIndexing NameWidth=*

Put it in yr httpd.conf, or better yet, an included file. (that thing is monstrous as is)

<VirtualHost *:80>
        ServerName test.com
        DirectoryIndex index.html dispatch.fcgi
        DocumentRoot /domains/test.com/web/public
        RewriteEngine On
        RewriteRule ^(.*/)?.svn/ - [F,L]
        ProxyPass /images !
        ProxyPass /stylesheets !
        ProxyPass /javascripts !
        ProxyPass /examples !
        ProxyPass /map_data !
        ProxyPass /engine_files !
        ProxyPass /javascript !
        ProxyPass /feregions !
        ProxyPass / balancer://test/
        ProxyPassReverse / balancer://test
        ProxyPreserveHost On
        ErrorLog /opt/csw/apache2/var/log/test.com.error
        CustomLog /opt/csw/apache2/var/log/test.com common

        <Proxy balancer://test>
                BalancerMember http://127.0.0.1:8000
                BalancerMember http://127.0.0.1:8001
                BalancerMember http://127.0.0.1:8002
                BalancerMember http://127.0.0.1:8003
                BalancerMember http://127.0.0.1:8004
        Proxy>
</VirtualHost>

A nice commandline walkthrough. Replace 'eyebeam' with your org name

# setting up apache2 + SSL on FreeBSD
# a list of commands you can copy/paste!
# @author Jamie Wilkinson 
# ganked from 

# edit /etc/openssl.conf to set some nice defaults for location, org. name, etc.
# important! change the default dir ./demoCA to /root/sslCA


# setup
cd ~root/
mkdir sslCA
chmod 700 sslCA
cd sslCA
mkdir certs private newcerts
echo 1000 > serial
touch index.txt

# generate certs
openssl req -new -nodes -out eyebeam-req.pem -keyout private/eyebeam-key.pem -config /etc/ssl/openssl.cnf
openssl req -new -x509 -days 3650 -extensions v3_ca -keyout private/cakey.pem -out cacert.pem -config /etc/ssl/openssl.cnf
openssl ca -config /etc/ssl/openssl.cnf -out eyebeam-cert.pem -days 3650 -infiles eyebeam-req.pem 

# keep them somewhere handy
mkdir /etc/ssl/crt
mkdir /etc/ssl/key
cp ~root/sslCA/eyebeam-cert.pem /etc/ssl/crt
cp ~root/sslCA/private/eyebeam-key.pem /etc/ssl/key

# add below to an ssl.conf that you include in your httpd.conf
<VirtualHost *:443>
        ServerName colossus.eyebeam.org:443
        SSLEngine on
        SSLCertificateFile /etc/ssl/crt/eyebeam-cert.pem
        SSLCertificateKeyFile /etc/ssl/key/eyebeam-key.pem
        DocumentRoot /www
        CustomLog /var/log/httpd-ssl-access.log combined
        ErrorLog /var/log/httpd-ssl-error.log
VirtualHost>

// Always add the www.

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L] 

// Always eliminate the www prefix, use this htaccess code.

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.+)$
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]

// its a redirect [R] and it is is permanent (code is 301)

RewriteEngine On
RewriteBase   /the_directory

RewriteRule  ^(.*).html$ $1.php [R=301]

This is a little snippet I whipped up long ago to roll our logs, feel free to use...

#!/bin/sh

/usr/bin/grep CustomLog /usr/local/etc/apache2/httpd.conf |/usr/bin/grep -v \#|/usr/bin/awk '{print $2}'|/usr/bin/sort|/usr/bin/uniq|/usr/bin/grep -v /var/log > logfiles
/usr/bin/grep ErrorLog /usr/local/etc/apache2/httpd.conf |/usr/bin/grep -v \#|/usr/bin/awk '{print $2}'|/usr/bin/sort|/usr/bin/uniq|/usr/bin/grep -v /var/log >> logfiles
/usr/local/bin/weblog_rotate.pl --loglist logfiles --touchlog --restart_cmd "/usr/local/etc/rc.d/apache2.sh restart" --compress --days 120

The weblog_rotate.pl is a script from Uthe Urchin folk, available at http://download.urchin.com/support/weblog_rotate.pl

This took a little doing and some major tweaking. Assuming you have the LoadModule line already...

  AddHandler fcgid-script .php

  <Directory /home/elitesys/elite-systems.org/html>
    FCGIWrapper /home/elitesys/elite-systems.org/html/php.fcgi .php
  Directory>

  IPCConnectTimeout 20
  IPCCommTimeout 300

Add the handler for php files, specify the wrapper (in this case the file in the root of the site) and setup connect and communication timeouts. The timeouts are in seconds and you need to set it like that or higher or else file uploads will timeout and I have heard of issues with Wordpress if you don't increase it.

And in php.fcgi...

#!/bin/sh
PHPRC="/usr/php4/etc"
export PHPRC
PHP_FCGI_CHILDREN=4
export PHP_FCGI_CHILDREN
PHP_FCGI_MAX_REQUESTS=5000
export PHP_FCGI_MAX_REQUESTS
exec /usr/php4/bin/php

This should look familiar to another post...

There isn't a definition for suexec in terms of executable location. There doesn't have to be. Apache will automatically wrap it properly. This configuration is far easier than mod_fastcgi and works just as well. Probably easily expanded to work with ruby on rails although I havn't tried yet...