×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC Discovery content reference ... What you can discover Product Publishers Apache (draft)

Apache HTTPD-based Webservers

This topic was edited by a BMC Contributor and has not been approved.  More information.

Related topics
Product names
Publisher page
  • [Apache Foundation|Apache Foundation]
  • [IBM|IBM]
  • [Oracle|Oracle]
  • [HP|HP]
  • [Red Hat|Red Hat]
Category
Application Server Software Platforms
Release
TKU 2023-May-1
More information
Publisher links

Product Description


Extended Discovery pattern, which models SoftwareComponent Nodes for websites, is available for this product.


Apache HTTP Server

Apache HTTP Server is a web server. Apache HTTP Server is available on many platforms, including most Unix platforms, Windows, Mac OS X, NetWare.

It has been taken and used as the base for a number of other Web server products, including IBM HTTP Server, Oracle HTTP Server and HP HP-UX Apache-based Web Server.

IBM HTTP Server

The IBM HTTP Server is a simple Web HTTP hosting server. It communicates with LDAP, supports SSL protocol and multi-threading. It's more optimized in the sense of performance than Apache HTTP Server. It uses a java installation process that is standard across all platforms and compatible with the SUN and GNU Java VMs.

Oracle HTTP Server

Oracle HTTP Server enables additional functionality specific to Oracle-based Databases and Application Servers.

HP HP-UX Apache-Based Web Server

HP HP-UX Apache-Based Web Server has combined numerous popular modules from other Open Source projects and provided HP value-added features just for the HP-UX platform.

JBoss Core Services Apache HTTP Server

Apache HTTP Server is used in multiple Red Hat JBoss Middleware products(starting from version 7 and onwards).


Software Pattern Summary

Product ComponentPatternOS TypeVersioningPattern Depth
Apache HTTP ServerApacheBasedWebserverUnixActive, Path and PackageInstance-based
Windows
IBM HTTP ServerUnix
Windows
Oracle HTTP ServerUnixPath
Windows
HP Apche-Based Web ServerUnixActive
HP-UX Apache-Based Web ServerUnixActive
Red Hat JBoss Enterprise Web ServerUnixPath
JBoss Core Services Apache HTTP ServerUnixActive

Platforms Supported by the Pattern

The pattern supports the identification and versioning of all Apache-based web servers on all major platforms - Unix, Linux, and Windows.

Identification

Due to the broad nature of the products, the fact that three different products can use the same binary to provide a service, the same binary can be found in many different forms with different names, and that the product sometimes forks a separate process that could be named the same as its parent, we have chosen to have several different triggers that can be used to run the product. Once the pattern is triggered, we perform some additional checks that will allow us to understand what the process is doing and which product it is representing.

Software Instance Triggers

If any of the trigger conditions below are met, then the pattern's body will commence.

Trigger NodeAttributeConditionArgument
DiscoveredProcesscmdmatchesunix_cmd 'httpd\d?'
or
windows_cmd 'httpd\d?'
or

regex '(?i)\bhttpd\d?[-_\.](?:prefork|worker|event|bin)$'

or

regex '(?i)\bapache\d?(?:\.exe)?$'

Created types

The pattern creates Software Instances with the following types:

SI Type
Apache Webserver
IBM HTTP Server
Oracle HTTP Server
HP Apache-based Web Server
HP HP-UX Apache-based Web Server
Apache HTTPD-based Webserver
Red Hat JBoss Enterprise Web Server
JBoss Core Services Apache HTTP Server

Simple Identification Mappings

Namecmd matchesargs matches
Apache Webserver

regex '\bapache\[^ \]*/(sbin|bin)/\[^ \]\*\bhttpd$'

N/A

regex '\bapps/apache\[^ \]*/(sbin|bin)/httpd$'

Apache / Apache Variant Webserver

regex '/usr/sbin/httpd$'

regex '\bapache\[^ \]*/(sbin|bin)/\[^ \]\*\bhttpd\[-_\]prefork$'

regex '/usr/sbin/httpd\[-_\.\](prefork|worker|event|bin)$'

regex '/usr/sbin/httpd\d$'

regex '/usr/sbin/httpd\d\[-_\.\](prefork|worker)$'

regex '(?i)\bapache\.exe$'

regex '(?i)\bhttpd\.exe$'

regex '\bbin/httpd$'

regex '\^.*-(d|f) \*\[^ \]\*/apache\b'

Apache Monitor (Windows)

regex '(?i)\bApacheMonitor\.exe$'

N/A
Apache Rotatelogs Process

regex '(?i)\brotatelogs\.exe$'

regex '(?i)\brotatelogs$'

Oracle HTTP Server (Apache Variant)

regex '/(orcl|ora\[\^/\]*)/\[^ \]\*/Apache/Apache/bin/httpd$'

regex '(?i)(orcl|ora\[^\\]*)\\.\*\bApache\\Apache\\Apache\.exe$'

IBM HTTP Webserver (Apache Variant)

regex '\bIBM(HTTPD|IHS)\[^ \]*/bin/httpd$'

regex '\bIBM.*(\[H|h\]\[Tt\]\[Tt\]\[Pp\]|IHS).\*\b\[^ \]\*/bin/httpd$'

regex '\[Ii\]\[Hh\]\[Ss\]\[^ \]*/bin/httpd$'

regex '\bibmhttpd\b\[^ \]*/bin/httpd$'

regex '\bHTTPServer\b\[^ \]*/bin/httpd$'

regex '(?i)\bIBM.*(HTT|IHS).\*\b(apache|httpd).exe$'

regex '(?i)\[i\]\[h\]\[s\].*\b(apache|httpd).exe$'

regex '(?i)ibmhttpd.*\b(apache|httpd).exe$'

regex '(?i)\bHTTP\[ \]*Server.\*\b(apache|httpd).exe$'

Versioning

Version information for this product can be gathered using one of three possible methods.

Active Versioning

We first perform a check for all active version commands to ensure that we have a full command path before executing a command or parsing a binary file.

Regex used to check Windows path:


(?i)(^\w:\\.+)\\\S+\.exe$

Regex used to check Unix path:


(^/\S+)/httpd

We have identified two different ways to version these products, one of them for all Apache-based Web Servers, the other specifically for the IBM HTTP Server.

Before we execute the specific command, we check the path of the command to see if it is a known IBM deployment, more information on how the check is performed can be found in the Publisher and Type Identification section and the list of regular expressions we use to check the path can be found within the IBM HTTP Server Path Identification of it.

IBM Specific Version Command

If the path identifies that the webserver we are dealing with is an instance of IBM HTTP Server, we then perform the IBM Specific version command.

Windows

The command that is executed on Windows involves performing a find for the string '\"HTTP\"' in a file called "version.signature", which can be found in the directory above the location of the HTTP binary.

Executed command:findstr HTTP "%cmd_path%\\..\\version.signature"

Unix

The command that is executed on Unix involves performing a grep for the string 'HTTP' on a file called "version.signature", which can be found in the directory above the location of the HTTP binary.

Executed command:


cd %cmd_path%; egrep "HTTP" ../version.signature

Generic Apache Version Command

Unix

On Unix based systems we extract the version number of the HTTP server by parsing the binary that we triggered on using the strings command.

Executed command:


strings -a %process.cmd% | egrep "Apache/|Oracle-HTTP-Server" | head -n 3

The command returns the first line within the binary file that contains the string "Apache/", as the version information for Apache is stored as "Apache/x.x.x.x" we can be confident that the first instance of this string contains a valid version number.

For instances of Oracle HTTP Server before Oracle 10g releases and for HP Apache-based Web Server, the binary still contains the Apache information because Oracle HTTP Server and HP Apache-based Web Server is simply Apache repackaged with an additional set of modules.

Windows

If the path was not identified as an IBM HTTP Server deployment, then a more generic command is executed. We run the triggered process with the argument "-version."

Executed command:


"%process.cmd%" -V

Note: The executable is run with quotes to get a round running commands with spaces in the path under DOS/Windows CLI.

We have found that all of the approaches provide a version number up to four levels of depth, i.e. x.x.x.x.

Oracle HTTP Server Version Command

For Oracle HTTP Server from Oracle 10g onwards, we get version information by executing the trigger process with the argument "-version." The versions returned are now based on Oracle versioning and no longer on Apache versions.

Executed commands:


LD_LIBRARY_PATH=$LD_LIBRARY_PATH:%install_root%/lib %process.cmd% -V '%process.cmd% -V'

On Solaris x64, the previous command may fail if the 64 bit HTTP server is running. In this case, pattern runs the command:

Executed command:


LD_LIBRARY_PATH=$LD_LIBRARY_PATH:%install_root%/lib:/usr/sfw/lib/64 %process.cmd% -V

If On Solaris x64 no install_root is obtained, the following command is to be executed:

Executed command:


LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/sfw/lib/64 %process.cmd% -V

On Debian, Ubuntu:

Executed command:


%sbin_dir%/apache2ctl" -V

Parsing of the Version Command Output

Because multiple Versioning Commands may be running (Generic Command and Oracle Command), we store all the results in a list containing 1 to 2 elements. We then iterate through that list and parse each result through a series of Regular Expressions, stopping when we find a match.

Regular Expressions employed to obtain Version (in the following order):

  • IBM[_\s]+HTTP[_\s]+Server[/\s]+(\d+(?:\.\d+)*)

  • (\d+(?:\.\d+)*)\s+Oracle-HTTP-Server

  • HP Apache-based Web Server/(\d+(?:\.\d+)*)

  • HP-UX_Apache-based_Web_Server/(\d+(?:\.\d+)*)

Path Versioning

If the Active Version Command does not return any version or publisher information, then we attempt to parse the full command path against a regex to see if we can identify the publisher and/or version of the product.

(?i)apache(?:_|/|-|\.|\\|)(\d+(?:\.\d+){0,2}(?:-\d+)?)
(?i)/ihs[-_/]?(\d(?:\.\d+){0,2}(?:-\d+)?)/
(?i)/(\d(?:\.\d+){0,2}(?:-\d+)?)[-_/]?ihs/
(?i)HTTPServer(\d+)
(?i)/jboss-ews/base/(\d(?:\.\d+){0,2}(?:-\d+)?)

A returned value of apache22 is taken as indicating version 2.2.

Package Versioning

If neither the Active Command nor Path regex returns any version information but the pattern has .Apache HTTPD-based Webservers vv1#Publisher and Type Identification is either 'Apache' or 'IBM', it then checks the installed packages to see if it can extract version information from one of them.

Package Regular expressions for 'Apache Foundation' publisher:

  • ^httpd
  • ^SUNWapch2r$
  • ^SUNWapchu$
  • ^SUNWapch2u$
  • ^SUNWapch22r$
  • ^SUNWapch22u$
  • ^COVLapache
  • ^apache2
  • ^(?i)Apache HTTP Server
  • web/server/apache-13
  • web/server/apache-22

Package Regular expressions for 'IBM' publisher:

  • ^IBMHTTP
  • ^ISIHS
  • ^IHS6\.base$
  • ^(?i)IBM HTTP Server

If a single package is returned, then the version number is taken from it and assigned to the Software Instance.

Where multiple packages are returned for "Apache Foundation" publisher, they are checked against a pre-defined preference list, and the most 'trusted' package is used to version the Software Instance. For "IBM," the publisher version of the first found package is extracted.

Package preference in descending order:

  1. httpd
  2. SUNWapch2r
  3. SUNWapchu
  4. SUNWapch2u
  5. COVLapache
  6. apache2
  7. SUNWapch22r
  8. SUNWapch22u

Alternative Versioning Approach

From the information we have, we believe that the versioning techniques we are using are accurate enough to be considered the best options for the current releases. Future release may need to have additional techniques added to cover unforeseen circumstances or new features.

Future Considerations

The current versioning techniques provide a broad scope and good depth in the majority of circumstances, as such, we do not know of any further versioning techniques that would be beneficial for this product at this time.

The versioning techniques may need to be updated if more commands become available or new/different packages are used during the installation.

Publisher and Type Identification

The pattern attempts to obtain publisher information from the trigger process command line and the active version command.

Publisher from Trigger Process

The pattern parses the trigger process command line with the following regular expressions to check the publisher

If command matches regular expressionPublisher is


/(?:orcl|ora\[\^/\]*)/\[^ \]\*/Apache

Oracle


(?i)(?:orcl|ora[^\\]*)\\.*\bApache


(?i)\bOHS\b.*\bhttpd


(?i)IBM(HTTPD|IHS)

IBM


(?i)\bIBM.*(HTTP|IHS)


(?i)IHS


\bapache[^ ]*/(?:sbin|bin)/[^ ]*\bhttpd$

Apache


\bapps/apache[^ ]*/(?:sbin|bin)/httpd$


/usr/sbin/httpd$


\bapache[^ ]*/(?:sbin|bin)/[^ ]*\bhttpd[-_]prefork$


/usr/sbin/httpd\d$


/usr/sbin/httpd\d*[-_\.](?:prefork|worker)$


(?i)\bapache\.exe$


(?i)\bhttpd\.exe$

Depending on the publisher information, the pattern assigns the product type:

PublisherType
OracleOracle HTTP Server
IBMIBM HTTP Server
HPHP Apache-based Web Server
HP-UXHP HP-UX Apache-based Web Server
Apache FoundationApache Webserver

If no publisher information is present, the pattern sets 'Apache HTTPD-based Webserver' type for the SI.

Publisher from Active Command

In addition to version information, we can also retrieve the publisher from the Active Version Command, To do this, we parse the executed command's output with a simple regex to identify whether IBM, Apache, or Oracle was found in the output.

The same information is presented on both types of Operating Systems (Unix and Windows) in the same format to use a single regex for both of them.

Publisher Regex:


(?i)(ibm|hp-ux|hp|apache|oracle)

Extracting list of installed modules

Pattern extracts the modules using the following commands:

  • %full_process_cmd% -M
  • %full_process_cmd%" -h
  • %sbin_dir%/apache2ctl" -M

Application Model Produced by Software Pattern

Product Architecture

The webserver may be installed both as a standalone and included as a component of other business applications.

Single or multiple instances of the webserver could be running on a specific host. This is dictated by platform and configuration.

On Linux/Unix, it is more common to find a forking instance of the webserver. It is started with a single HTTPS process. This then forks several children to assist in the handling of HTTP requests.

On Windows, it is more common to have a single process that manages all requests internally.

A single instance of the webserver can host more than one website at a single time using virtual hosts.

Configuration Option

There is a configuration option for this product that allows using default configuration file locations.

There are three ways to find the path to this file:

  • The -f option in the trigger process arguments gives a direct path to httpd.conf.
  • The -d option in the trigger process might give a path to httpd.conf, either directly or when cobined with -f (e.g. -d /opt/IBM/HTTPServer -f conf/httpd.conf means a file at /opt/IBM/HTTPServer/conf/httpd.conf).
  • We can find the path to the trigger process command then check in that directory.

Software Pattern Model

The pattern is triggered on all processes that match the specified regular expressions; this will result in the pattern being triggered several times equal to the number of Apache-based web server processes running on a single host - not ideal where the running instance has forked children.

To ensure that only a single Software Instance is created for each truly unique running instance of the webserver, a further check is then made to ensure that the pattern continues only if the process is the parent process - if it is a child process then the pattern stops.

The added advantage of performing this check is that it ensures that the commands are only executed when we are sure that we have a unique instance - making the pattern more efficient and saving time when scanning.

Thanks to this functionality and the multi-step commands, we can create a Deep Software Instance.
As mentioned above, a check is performed to ensure that the process is a distinct webserver parent process. The additional information used by the pattern to create a unique key is the arguments of the process.

When an Apache-based web server is started, it either uses a default configuration or has a specific configuration set using the arguments. Using the '-f' and/or '-d' arguments, you can identify the specific configuration of the webserver. The -f argument is used to identify a Config File, whereas the -d argument identifies the ServerRoot. When present, each argument is added as an attribute to the SI.

The Pattern also creates different Software Instances based on the information it has retrieved from the commands and/or path it queried.
The Software Instance Type is based on the returned publisher, so if 'IBM' were returned by a version command or were in the path, then the Type would be set to "IBM HTTP Server," this information is also used in the key to creating distinct Software Instances for each type of web server running on a specific host.

SI Depth

The pattern creates an Instance-based Software Instance, its key being based on the hashed value of Config file attribute, obtained SI type, and host key. If the Config file attribute is not obtained, the pattern creates grouped Software Instance. The key group is based on the hashed cmd line. If the argument line is present, it is also added into the key group.

Build

Build attribute is extracted from full version with help of regex:


  • _'-(\d+)$'_

    Server root

Server root attribute is extracted in several different ways on Windows and Unix.

  • Windows

The pattern tries to extract server root from trigger' args or from its children processes using the following regex:


  • _'-d\s+(\"\w:.*?\"|\w:\S+)'_

Note

If several "-d" attributes present in arguments, the pattern extracts them all (2 instances are expected at most). In this case the last one contains the path to domain-specific configuration file and it should be considered as server root.

If this method fails, the pattern tries to extract server root from trigger command line using regular expression:


  • _'(?i)^(\w:.*)\\bin\\[^\\]*\.exe$'_

    UNIX

The pattern tries to parse trigger' arguments using regex:


  • _'-d (/\S+)'_

Should this method fail and Oracle HTTP Server Version Command has succeeded, the pattern tries to extract server root from command output using regex:


  • _'(?i)-D HTTPD_ROOT\s*=\s*[\"\'](.*?)[\"\']'_

    Config file

Config file attribute is extracted in several different ways on Windows and Unix. If extracted path is not fully qualified, it can be combined of <SERVER_ROOT><CONFIG_FILE>.

  • Windows

The pattern tries to extract config file from trigger' args or from its children processes using the following regex:


  • _'-f\s+(\".*?\"|\S+\.conf)'_

    If this method fails and if any of Active Versioning was successful, the pattern tries to extract config file from the last obtained result:



  • _'(?i)-D SERVER_CONFIG_FILE\s*=\s*[\"\'](.*?)[\"\']'_

  • UNIX

The pattern tries to parse trigger' arguments using regex:


_'-f (\S+)'_

If this method fails, the pattern tries to extract config files using active command output, the same way as it is managed on Windows, but it parses Unix-related command results.

Server Name

Additional attribute Server Name is extracted from root config file. It is modeled as an additional attribute and is describing the root Server Name. All names that are within VirtualHosts are modeled in extended discovery and stand as Details of SI.

Server Name RegEx


(?mi)^\s*ServerName\s*(\S+)$

Relationships Creation

  • Oracle e-Business

If we are dealing with the Oracle HTTP Server, the pattern works on establishing a Relationship with Oracle E-Business Suite.

While the pattern doesn't actually model a Relationship with Oracle E-Business Suite, it creates the grounds on which the Relationship is based by modeling the ebs_sid attribute.

This attribute is added to the Web Server SI and represents the Database SID that E-Business Suite is working with.

To obtain it, the pattern extracts the contents of the -f Config File, and parses its content through a Regular Expression.

Regular Expression employed to extract Database SID: (?i)DocumentRoot *.+portal[/\\](.+)_

The ebs_sid attribute is going to be looked for by the Oracle E-Business Suite Pattern, in order to model a Relationship with the Web Server.


  • Website SoftwareComponents

Current BMC Discovery model allows to see all the websites configured within an Apache Server instance. This functionality is delegated to Apache extended pattern.

  • Associate processes

The pattern identifies all the child processes of the trigger process that created the SI and relates them to the SI via an associate relationship.

Testing

This pattern has been tested against installations of all possible product types that can be created across multiple platforms, additional tests were performed against record data for other webservers to ensure that erroneous Software Instances were not created.
Was this page helpful? Yes No Submitting... Thank you
Last modified by Mykhailo Radzivilov on May 02, 2023
apache_foundation open_source configuration path_versioning ibm products active_command active_versioning package_versioning additional_attributes application_server_software_platforms tku_2020-jul-1 contributor_unapproved tku_2021-may-1

Comments

Log in or register to comment.

Apache Hive - Reports & Attributes
Apache HTTPD Based Webservers - Deployment Data
© Copyright 2004 - 2023 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.