setup apache

You can use Apache or other compatible http server, to access the infx commands from a browser.

By setting up ssh keys (setup ssh keys) from the server with Apache installed, you can manage all your Informix instances from the one installation of Apache.

default Apache

When you install infx, you can also install a stand-alone version of Apache.

This runs a standalone copy of Apache, executing as the informix user.

To re-run that installation manually use the command.

$ /infx/www/conf/httpd-setup

This guide covers manual configuration of Apache and explores some of the security features.

setups

  • Select a port for apache to listen on e.g. 63000
  • Create a “virtual host” with settings for the infx software
  • Set up the infxadmin user with a password for access via the browser
  • Security options for apache

apache config file

Create a new Apache config file e.g. /etc/httpd/conf.d/infx.conf

This will contain all the settings that infx requires.

You need to be the root user to edit Apache config files.

informix user setting

If Apache is only going to be used for infx, you can run the web server process as the user informix.

Edit the infx.conf file and add these lines at the top.

This directs Apache to run as the informix user. The infx commands must be run as the informix user.

using a different user

If someone can exploit Apache to gain access to your server, that access will be as the informix user. If you run the process as a limited, non-administrative account, that access can be restricted.

You can run Apache as default user, but have it use suexec to execute the infx commands as informix.

relocate infx scgi-bin directory

First you have to relocate the /infx/www/scgi-bin directory to a new secure location.

Just creating a link will not work. The files must be in a directory under /var/www.

You need to be logged on as the root user to perform these actions

change infx.conf

Edit /etc/httpd/conf.d/infx.conf to reference the new location under /var/www, then add the SuexecUserGroup directive.

Don’t forget to remove the User informix and Group informix lines, if you added them earlier.

Now Apache runs as a default user, and only the infx CGI scripts can be executed as the informix user.

setup authentication

Set the password for the infxadmin login, as the informix user

You can use this command to change the infxadmin password at any time, and you probably should do so regularly.

This provides basic authentication only, Apache offers several other authentication methods you could try.

Minimally you must require entry of a password to access infx from the browser. You should treat this password the same as the informix password, as it gives the same level of access.

restart

Restart Apache, as root, so the settings take effect.

You can now manage the server with this address: http://server:63000/.