Download the Apache distribution from httpd.apache.org and unpack it into your home directory.

  $ tar -xzf httpd_x.x.xx.tar.gz
  $ cd httpd_x.x.xx

Now is time to define the compile-time options to use. To faciliate future upgrades, it is best to save the ./configure arguments to a text file such as $HOME/httpd-config.sh. For the full list of modules and options, see the Apache documentation. Since your Apache instance runs entirely under your account, you don't need to worry about the suexec options. If you have multiple domain names, you probably want to enable the mod_vhost_alias to faciliate the configuration. If you want to use Subversion with mod_dav_svn (as described here), enable the dav module as well. A typical configuration might look like this:

./configure \
  "--prefix=$HOME/apache" \
  "--enable-vhost-alias" \
  "--enable-ssl" \
  "--disable-actions" \
  "--enable-dav"

Now you can compile and install Apache into your home directory:

  $ sh $HOME/httpd-config.sh
  $ make all install

Open up the Apache configuration file (./apache/conf/httpd.conf) in your favorite text editor.

First and foremost, you should set the KeepAlive parameter. If you want to serve web pages containing more than 30 images, set KeepAlive to On and KeepAliveTimeout to a value between 1 and 4. Otherwise, set KeepAlive to Off - this will make your web server less susceptible to denial-of-service attacks.

It is also important to set the critical MaxClients parameter to a sane value (see the Apache documentation for details). We recommend that you start with a low value and use the mod_status facility to fine-tune it.

Assuming you have compiled Apache with the prefork MPM (the default), StartServers, MinSpareServers and MaxSpareServers need to be tweaked as well. Too many processes will not necessarily improve performance and bumping into your account's maximum process limit would cause problems.

  KeepAlive Off
  StartServers 4
  MinSpareServers 2
  MaxSpareServers 3
  MaxRequestsPerChild 0
  MaxClients 20

Look for the Listen directive and replace it with your v-host IP address (as shown by dns list in csoftadm). Specify 8080 for the port number (packets to port 80 will be redirected accordingly).

  Listen w.x.y.z:8080

Now specify the location of your webpages with DocumentRoot. The VirtualDocumentRoot directive allows you to configure new domain names under your account (i.e., using the DNS section of the web interface or the dns commands in the shell interface), without having to edit httpd.conf every time. In this example, the VirtualDocumentRoot directive dictates that any domain domain.ext should simply point to /home/myself/www/domain.ext.

  DocumentRoot /home/myself/www
  VirtualDocumentRoot /home/myself/www/%0

We now need to allow access to the DocumentRoot:

  <Directory "/home/myself/www">
    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
  </Directory>

The Options string defines the default web server options. Indexes enables directory listings and FollowSymLinks instructs the web server to follow symbolic links. Other commonly used options include MultiViews to turn on the HTTP/1.1 language negotiation feature and ExecCGI for CGI script execution.

The AllowOverride parameter defines the ability of .htaccess files to override certain aspects of the server configuration on a per directory basis. If you prefer, you can avoid editing .htaccess files altogether and edit your httpd.conf instead.

Before using logs under your custom Apache server, make sure to disable your access and error logs with the shared Apache, otherwise conflicts will disrupt the logging process (see the Server Settings section of the web interface, or use conf from the shell interface).

The LogFormat directive specifies the format of log entries. Here we use the standard "combined" log format. The CustomLog directive specifies the location of the logfile.

  LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %V" combined
  CustomLog "/home/myself/www/logs/access" combined

You'll probably want to configure a log analysis tool such that the logfile is analyzed and rotated periodically. See Site statistics with Webalizer for details.

The .cgi extension is usually associated with the cgi-script handler. If you are using PHP, you need to associate the .php extension to php5-script.

  AddHandler cgi-script .cgi
  AddHandler php5-script .php
  AddType text/html .php
  DirectoryIndex index.html index.php

If you want to use SSL, you need to specify at least SSLCertificateFile and SSL_CertificateKeyFile, set SSLEngine to On. Our servers use specialized hardware for RC4, MD5 and SHA, so we recommend also setting SSLCipherSuite to the value below.

  <IfModule mod_ssl.c>
    Listen vhost-ip:8443
    SSLCertificateFile /home/myself/ssl/cert
    SSLCertificateKeyFile /home/myself/ssl/key
    AddType application/x-x509-ca-cert .crt
    AddType application/x-pkcs7-crl    .crl
    SSLCipherSuite ALL:!ADH:RC4+SHA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
    SSLRandomSeed startup builtin
    SSLRandomSeed connect builtin
    SSLSessionCache dbm:/home/myself/apache/logs/ssl_gcache_data
    SSLSessionCacheTimeout 300
    SSLMutex file:/home/myself/apache/logs/ssl_mutex
</IfModule>

SSL can be enabled or disabled for specific virtual hosts with the SSLEngine parameter:

  <VirtualHost vhost-ip:8080>
    SSLEngine Off
    ServerAdmin webmaster@domain.ext
    ServerName domain.ext
    VirtualDocumentRoot /home/myself/www/%0
    VirtualScriptAlias /home/myself/www/%0/cgi-bin 
    DocumentRoot /home/myself/www
  </VirtualHost>
  
  <VirtualHost vhost-ip:8443>
    SSLEngine On
    ServerAdmin webmaster@domain.ext
    ServerName domain.ext
    VirtualDocumentRoot /home/myself/www/%0
    VirtualScriptAlias /home/myself/www/%0/cgi-bin
    DocumentRoot /home/myself/www
  </VirtualHost>
</IfDefine>

If you don't have a certificate signed by a recognized authority, you can always use a self-signed certificate as described in the SSL micro-howto.

You can fetch the PHP distribution from php.net and unpack it in some temporary location:

  $ tar -xzf php-x.x.tar.gz
  $ cd php-x.x

Now is time to define the compile-time settings. We recommend saving the ./configure arguments to a text file such as $HOME/php-config.sh to faciliate further upgrades. To ensure best performance, make sure to explicitely disable all the options which you do not require (these will otherwise be enabled by default if they exist on the system). The --prefix, --with-apxs2 and --disable-cgi options are required. A typical configuration might look like:

./configure \
  --prefix=$HOME/apache \
  --with-apxs2=$HOME/apache/bin/apxs \
  --with-config-file-path=$HOME/apache/etc \
  --disable-cgi \
  --disable-cli \
  --disable-libxml \
  --disable-ipv6 \
  --with-zlib=/usr \
  --with-mysql=/usr/local \
  --with-pgsql=/usr/local \
  --without-mcrypt \
  --without-mhash \
  --without-java \
  --without-imap \
  --without-imap-ssl \
  --without-gd \
  --without-ttf \
  --without-png \
  --without-gettext \
  --without-iconv

If you are migrating from the shared Apache and want to make sure to use the same settings, you can check the phpinfo() for the PHP configuration you were previously using:

  $ echo '<?phpinfo()?>' php4-fat > php4-fat.html
  $ lynx php4-fat.html

You will probably want to enable GD and JPEG/PNG if some of your scripts are using imaging features. The --with-gd and --with-ttf options require special consideration. If your account is on an OpenBSD server, substitute /usr/local for /usr/X11R6.

  --with-gd=/usr/local \
  --with-ttf=/usr/local \
  --with-jpeg-dir=/usr/local \
  --with-png-dir=/usr/local

If your scripts use internationalization, enable iconv and gettext:

  --with-iconv=/usr/local \
  --with-gettext=/usr/local

When you are satisfied with the settings, install PHP and copy the example php.ini to the directory specified in --with-config-file-path. Open up php.ini in an editor and tweak the settings to your liking.

  $ sh $HOME/php-config.sh
  $ make all install
  $ cp php.ini-dist $HOME/apache/etc/php.ini

Finally, make sure the necessary directives exist in your httpd.conf:

  LoadModule php5_module  modules/libphp5.so
  AddHandler php-script   php
  AddType text/html       php

You are free to use the Apache modules of your choice. We also provide official technical support for every module mentioned in your hosting plan description.

You can now start the daemon and test it remotely. If the server is unreachable, consult the ErrorLog file.

  $ ~/apache/bin/apachectl start
  $ lynx http://domain.ext:8080

If you have enabled SSL:

  $ lynx http://domain.ext:8443

It is critical to add a @reboot directive to your crontab so that your server will be started automatically whenever the machines hosting your account are rebooted. Use crontab -e to bring up your crontab in the default text editor and add the line:

  @reboot $HOME/apache/bin/apachectl start

You may want to use the standard Apache utilities without having to provide the full ~/apache/bin path:

  $ mkdir ~/bin
  $ ln -s ~/apache/bin/apachectl ~/bin
  $ ln -s ~/apache/bin/apxs ~/bin