daily system administration

Linux, Debian and the rest
any questions or comments: Tom@d7031.de

Apache 2.4 Backports for Debian wheezy and (squeeze)

by Tom in  ,

Running Apache 2.4 (SID) under Debian wheezy and (squeeze)

Apache 2.4 is the current major release. This version is available in the debian SID and Testing tree (experimental before), so I’ve backported these packages to wheezy and in the past squeeze. The last available squeeze-version for i386 in this repro is 2.4.4-6, because I’ve no squezze-i386 servers anymore and I can’t test this packages. The last squeeze-version for amd64 is 2.4.10-3. That is the last version for squeeze in this repro.

The current amd64 wheezy-version is 2.4.10-6. it’s hard to backport newer versions at the moment, because these depending on a higher dpkg version. Is there a security problem, then I’ll go this way and provide a new version.

After jessie is released I’ll continue backporting the latest version of apache to go with releases cicle.

My first intention to backport was to set up custom error pages in a reverse proxy with Tomcat and AJP. Now I use the packages in different configurations.

Caution: Apache 2.4 is stable, but the packages are from the SID branch. Use at your own risk !

The repository contains the apache 2.4 package and the modul libapache2-mod-fcgid. If you use php as modul (libapache2-mod-php5), switch to php5-cgi with mod_fcgid. A good howto could be found on typo3.org. Modules like libapache2-mod-perl2 and libapache2-mod-php5 are not usable, because the apache api has changed (see the debian apache wiki). After the packages had switched from EXPERTIMENTAL to SID I’ll backport more module like mod-php5 against the new api.

Here are also my configured ciphers:

SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite 'EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS'



Include this repository by adding these lines to your /etc/apt/sources.list:



deb http://www.d7031.de/debian squeeze-experimental main

or

deb http://www.d7031.de/debian wheezy-experimental main




Here is list of all packages include in my repro:



    

  • apache2
    • 

  • apache2.2-bin
    • 

  • apache2-bin
    • 

  • apache2-data
    • 

  • apache2-dbg
    • 

  • apache2-dev
    • 

  • apache2-doc
    • 

  • apache2-mpm-event
    • 

  • apache2-mpm-itk
    • 

  • apache2-mpm-prefork
    • 

  • apache2-mpm-worker
    • 

  • apache2-suexec
    • 

  • apache2-suexec-custom
    • 

  • apache2-suexec-pristine
    • 

  • apache2-utils
    • 

  • libapache2-mod-fcgid
    • 

  • libapache2-mod-fcgid-dbg
    • 

  • libapache2-mod-proxy-html
    • 

  • libaprutil1
    • 

  • libaprutil1-dbd-freetds
    • 

  • libaprutil1-dbd-mysql
    • 

  • libaprutil1-dbd-odbc
    • 

  • libaprutil1-dbd-pgsql
    • 

  • libaprutil1-dbd-sqlite3
    • 

  • libaprutil1-dbg
    • 

  • libaprutil1-dev
    • 

  • libaprutil1-ldap
    •