Product

What other products are necessary for starting the *ADMIN server and using the IBM Web Administration?

Apache

Is the IBM i version of Apache's source code available?

Is it the same as the EBCDIC open-source Apache?

How do I find out the version of Apache Server running on my IBM i?

Setting up your server

How do I setup language support for an HTTP server?

What are valid characters in a server name?

How do I enable the SSL port for the *ADMIN server?

Can directive or Alias contain spaces in the directory path?

How can I avoid the "Cross Site Tracing" vulnerability?

Startup

Why won't my server start?

Authentication

What can I do when HTTP server is not accepting Kerberos Authorization?

CGI

How can I have HTTP server prestart CGI jobs for CGI program in an IASP ?

Can the Server Side Include (SSI) echo directive display the values of standard CGI variables?

Do I need to modify my CGI programs running on other Apache platforms to run under IBM i?

Can I run CGI in more than one language using only one HTTP server?

How do I avoid the HTTP server doing any conversions of data passed to and from a CGI program?

How do I compile a CGI program in UTF-8 mode?

How do I allow the HTTP server to handle invalid escapes in POST data for a CGI program not compiled in UTF-8 mode?

How can I improve the performance of my CGI program?

How can I change the library list for my CGI program?

High Available Web server

How do I enable the HTTP server to be HA?

Proxy

Is it possible to do Proxy chaining with authentication?

Is it possible to block specific HTTPS requests when using Apache Proxy instance?

Additional support

How do I get Java Servlet support?

Does IBM i Apache support Java?

Can I run ASPs (Active Server Pages)on IBM i?

Why do I need Websphere (what is it anyway)?

General

What characters are valid in a URL?

How can I change the CCSID attribute for all my IFS files?

How can I improve the performance from my HTTP server?

What basic things should I review using QNTC file system?

How can I monitor the number of hits to my web site?

The *ADMIN server and IBM Web Administration are part of DG1 product and require a few additional products. If you don't have these products installed, you will not have full functionality and the *ADMIN server may not start. To see if you have all the required products on your IBM i system, type:

GO LICPGM

This will take you to the work with licensed programs page. Choose number 10. Display Installed Licensed Programs. Look for one of the following 5761JV1(IBM i 7.1) and 5770JV1(IBM i 7.2) options. 

5761JV1 Option 12 Java SE 6 32 bit
5770JV1 Option 11 Java SE 6 32 bit

In addition, the following product options are necessary.

5770SS1 Option 3 Extended Base Directory Support
5770SS1 Option 12 Host Servers
5770SS1 Option 30 Qshell
5770SS1 Option 33 Portable App Solutions Environment

No, the IBM i source code is not published.

No, the IBM i source code contains integration items optimized for IBM i and will only run on an IBM i.

You can display the version using the -V option of the STRTCPSVR command. For example:

STRTCPSVR SERVER(*HTTP) HTTPSVR(APACHEDFT '-V')

Your IBM i CCSID/codepage settings should be correctly configured for your primary language environment. To do this you must consider two settings:

The correct values can be found by looking in Information Center Default system values for national language versions.

1. Click on the language/feature code you will be testing.

2. Run the CL command CHGHTTPA and specify the value for the Internet CCSID. For example, to run in English:

CHGHTTPA CCSID(819)

3. Run the CL command CHGSYSVAL SYSVAL(QCCSID) and specify the value found for the QCCSID value. For example, to run in English:

CHGSYSVAL SYSVAL(QCCSID) VALUE(37)

When creating a new server, enter a name that does not contain any special characters. Some products or applications that use the server name such as Digital Certificate Manager cannot handle the use of special characters.   A server name must begin with an alphabetic character and must not be longer than ten characters.

Follow the instructions given in the Information Center at Set up SSL for the administration (ADMIN) server for HTTP Server.

Yes. You must enclose the directory path in quotes.

To turn this vulnerability off for HTTPS, add the following set of Rewrite directives both globally and in a  context.

RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]

If your server won't start, you can usually find the reason in the JOBLOG. To view JOBLOGs of server jobs that have ended abnormally, enter the command:
WRKSPLF SELECT(QTMHHTTP)

The most common reasons for the server failing to start are:

There are many possible problems that can occur when using Kerberos Authentication. Many of these are outside the IBM i environment (for example, Windows platform, Active Directory directory service, as well as network issues). The following steps cover some of the most frequent problems in the Microsoft Windows environment.

More troubleshooting and information about Windows based single signon can be found in the Red book Windows-based Single Signon and the EIM Framework on the IBM eServer IBM i Server

An example scenario of single signon with the IBM i HTTP server can be found in Red bookIBM HTTP Server (powered by Apache): An Integrated Solution for IBM eServer iSeries Servers (PDF, 10.1MB) (Chapter 6, Section 6.3)

The StartCGI/StartThreadedCGI directives have been enhanced to allow an IASP name to be specified as the 3rd parameter so the prestart CGI jobs can be used for CGI programs in the IASP. For example:
StartCGI 6 QTMHHTP1 myiasp

In this example, 6 CGI jobs that run under user profile QTMHHTP1 will be prestarted and used for executing CGI programs in the myiasp IASP.

Note: if no IASP name is specified, the prestart CGI jobs can only be used for CGI program in system ASP.

Required PTFs:
IBM i 7.2: SI55722
IBM i 7.1: SI55746

Yes. Use the echo directive to display the value for specified environment variables (including the standard CGI variables) using the var tag. If a variable is not found, a (None) is displayed. Both the set of standard CGI variables and the SSI specific environment variables that can be displayed using echo are listed in Environment Variables on HTTP Server.

Yes. To port your CGI programs to IBM i you'll need to recompile them and move your data libraries and directories.

You can run CGI in various languages using one server. Customize your directory container using directives CGIJobCCSID, DefaultNetCCSID (allowed in a container), and CGIConvMode. There are two different methods you might want to consider for doing this. You can use a different library for each separate language or use the URI to determine the language of the user. See UTF-8 CGI programming example.

Any CGI program with a name that begins with nph_ is considered a no-parse header CGI program. This means that the server does no conversions on the data and adds no headers back in the response from the CGI program. The CGI programmer is in total control and is responsible for parsing the request and then sending all of the necessary headers back with the response.

See Installing and running a UTF-8 ILE C CGI - Example.

If you have, for example, an XML file containing a "%" which does not indicate an escaped character, (for example, you have text such as "discount is 10%") or you have POST data that you do not want to fail because of invalid escape sequences, follow these conditions:

The performance of your CGI program is dependent on the characteristics of your CGI program as well as how the request is handled by the server.

One way to improve the performance of your CGI program is to specify a named activation group on the compile rather than taking the default. For more information, see CGI programs and activation groups in the Information Center.

The following contains information about improving the performance of CGI request handling by your server.

By default, if not running in the PASE environment, the CGI server job sets both the current directory and current library for each CGI request. The current directory is the path name of the CGI program library, for example, /QSYS.LIB/MYLIB.LIB/ and the current library is the library containing the CGI program, for example MYLIB. Once the CGI request has completed, the current library is changed to QHTTPSVR. These two actions can degrade the performance of each CGI request.

Starting in V5R4, you can improve the performance of each request with the following configuration changes.

This can be done using the SetEnv directive with the QIBM_CGI_LIBRARY_LIST environment variable and a list of the libraries. Be sure to uppercase the library names and separate them by semi-colons. For example:

SetEnv QIBM_CGI_LIBRARY_LIST "MIME;CGIURL;CGILIBL"

The listed libraries replace the libraries in the user part of the library list. When the CGI program has finished processing, these libraries will be removed from the library list and the library list will be restored to what it was before the CGI program ran.

Follow the instructions given in Knowledge Center for Highly available Web server cluster on HTTP Server.

Yes, however you can only authenticate through the first server in the proxy chain.

Yes. Use  and  directives to deny CONNECT on the specific hosts. For example, the following will block https://www.foo.com requests:

Deny from all

Java servlet support comes with IBM WebSphere Application Server. The latest information can be found at IBM Websphere Application Server site.

Yes. You can serve Servlets and JSPs using an Apache server which has been associated to a Websphere Application Server. HTTP Server does not support running Java CGI programs. If you have Java CGI applications, you should migrate those applications to Java servlets using WebSphere Application Server or the IBM integrated Web application server for i.

Apache on IBM i does not currently include ASP support.

WebSphere Application Server for IBM i (WAS) is needed to serve JSPs and Servlets from Apache. It is the Application Server of choice on IBM i.

The specification for URLs, RFC1738 (link resides outside of ibm.com), limits the use of allowed characters to only a limited subset of the US-ASCII character set (2.2 URL Character Encoding Issues):

"The lower case letters "a"--"z", digits, and the characters plus ("+"), period("."), and hyphen ("-") are allowed.... In addition, octets may be encoded by a character triplet consisting of the character "%" followed by the two hexadecimal digits (from"0123456789ABCDEF") which forming (sic) the hexadecimal value of the octet. (The characters "abcdef" may also be used in hexadecimal encodings.)"

To insert, for example, the French accented à, you would use %E0 instead of the letter.

You need to run the following CL command, specifying CCSID-value as the desired CCSID:

CHGATR OBJ('/www/directory/') ATR(*CCSID)
VALUE(CCSID-value) SUBTREE(*ALL)

Follow the instructions given in  Red book IBM HTTP Server (powered by Apache): An Integrated Solution for IBM eServer iSeries Servers (PDF, 10.1MB) (Chapter 10)

Note: The user profile that is authorized to the QNTC sharepoint /QNTC directory, must be the same as the user specified on the ServerUserid directive.

Here are a few ways to monitor how many visitors are going to your site.

• Use the IBM Web Administration for IBM i real-time server statistics to see the number of requests.
• Download a hit counter to add to your web page. There are many available for free.