Migrate an IBM® HTTP Server, Version 7 or 8 server,
to IBM HTTP Server 9.0. Because IHS 9.0 is based on Apache
2.4, you must modify your existing configuration.
Before you begin
This topic describes the changes necessary to use an existing configuration file from a prior release, which is an alternative
to applying your customizations on top of the current releases default configuration file.
For more information about the CHANGES
file, review New Features.
Application and module developers can view API changes in the API updates overview. To migrate from IBM HTTP Server 6.0, see Upgrading to 2.2 from 2.0 in the Apache documentation.
About this task
Manually migrate your existing configuration file from a prior release.
Procedure
-
Copy the httpd.conf configuration files from the prior release to the new installation path.
Update the paths, for example by using the sed command. Many absolute paths within the
configuration contain the installation root.
See the following
example:
cp /opt/IBM/IHSv9/httpd.conf /opt/IBM/IHSv9/httpd.conf.premigration
sed "s@/opt/IBM/IHSv8/@/opt/IBM/IHSv9/@" /opt/IBM/IHSv8/httpd.conf > /opt/IBM/IHSv9/httpd.conf
-
Replace all instances of
authz_default_module
module with
authz_core_module
.
For example, your code might contain the following
line:
LoadModule authz_default_module modules/mod_authz_default.so
After updating, the line has the following
changes:
LoadModule authz_core_module modules/mod_authz_core.so
If you do not replace the module, you receive a message similar to the following example:
httpd: Syntax error on line 141 of /IHS/install/path/conf/httpd22.conf: Can
not load modules/mod_authz_default.so into server: EDC5205S DLL module not
found. (errno2=0xC40B0025)
-
Complete one of the following steps to update access control:
-
Best practice: Replace the old access control directives, Order
,
Allow
, and Deny
with the Require
directive.
- Add the following line to load the
mod_access_compat
module:LoadModule access_compat_module modules/mod_access_compat.so
-
Add the following line to load the
mod_unixd
security module:
LoadModule unixd_module modules/mod_unixd.so
If you do not complete this step, you receive the following
error:
AH00136: Server MUST relinquish startup privileges before accepting connections.
Please ensure mod_unixd or other system security module is loaded.
-
Change the
LoadModule
line to update the Web Server Plug-ins from Apache 2.2 to Apache 2.4:
See the following
example:
LoadModule was_ap24_module /PLUGIN/install/path/mod_was_ap24_http.so
-
Update third-party modules to the Apache 2.4 versions. Contact the third-party module vendor
for specific instructions.
If modules are not compatible with Apache 2.4, the server cannot start. You receive an error that
references ap_my_generation
, or ap_log_error
, along with the
apr_dso_load
function.
-
Search your configuration for directives, such as
Include
,
AuthUserFile
, AuthGroupFile
, and KeyFile
, that
might point to files from the old installation root that need to be copied.
-
If you previously use the BFlagEscapeAllNonAlnum parameter, remove it from
RewriteOptions. The parameter is not needed for Version 9.
-
Add the following line to load the Event MPM:
LoadModule mpm_event_module modules/mod_mpm_event.so
-
Remove <IfModule worker.c> and update defaults
- If the configuration uses <IfModule worker.c> configuration sections, remove the opening and closing tags or update them from "worker.c" to "event.c".
- Update the
ServerLimit
to be at least 1.5 times as large as MaxClients
divided by ThreadsPerChild
.
-
Start the server with the updated configuration. Review the output of the start command and the
error_log to view any errors. Because only one error is detected at a time, you
might have to start the server several times as you fix errors.
If a directive was removed, or was moved to a new module, you might receive an error similar to
the following example:
AH00526: Syntax error on line 924 of /web1/httpd.conf:
Invalid command 'Foo', perhaps misspelled or defined by a module not included in the server configuration
- Optional:
If you are modifying a configuration file from a previous release instead of modifying the the
9.0 default configuration, review and apply the following changes to the your configuration file.
These changes can be viewed in context in the file
httpd.conf.default
in the new
release:
- ReportInterval is reduced to 300 seconds.
- TrackModules On, TrackHooks allhooks, SlowThreshold 60, TrackHooksOptions logslow are
added.
- mod_backtrace is loaded by default on some platforms, but it was omitted from previous
releases.
- More columns are appended for serviceability in the default
LogFormat
.
- The default configuration is updated to deny access to all directories by default and allow
access to the document root, icons, and CGI-BIN directories. See the following
example:
DocumentRoot /var/www/ihs1/htdocs
<Directory />
Options FollowSymLinks
AllowOverride None
FileETag All -INode
Require all denied
</Directory>
# Document Root:
<Directory "/var/www/ihs1/htdocs">
Options FollowSymLinks
AllowOverride None
Require all granted
</Directory>
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ~ "^\.ht">
Require all denied
Forbid
</Files>