TranscendLinux.com

Download the latest Apache 2.2 sources from http://httpd.apache.org/download.cgi

Untar the sources, and configure and install:

./configure --prefix=/usr/local/apache2 --enable-mods-shared=all --enable-deflate \
--enable-proxy --enable-proxy-balancer --enable-proxy-http --enable-rewrite
make
make install

Edit ssl.conf:

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:+EXP:+SSLv3:+TLSv1

test with:

# curl --cipher SSLv2 https://www.url.com
curl: (35) SSL: error:14077417:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert illegal parameter
# curl --cipher SSLv3 https://www.url.com
HI THIS IS MY SSL WEB PAGE ISN'T IT GREAT

Linux:
(2.6 kernel only)
Check vm.swappiness: sysctl -A|grep swap
The default is 60, which is generally too high... if it is still the default, set it to 20:

sysctl -w vm.swappiness=20
echo "vm.swappiness = 20" >> /etc/sysctl.conf

Setting up:

Addhandler

AddHandler cgi-script .cgi .pl
would indicate that all files ending in .cgi and .pl should be treated as cgi

Options +ExecCGI
needs to be enabled for any directory where cgi needs to be executed... you can use this to execute cgi content outside of a /cgi-bin/

ScriptAlias (if needed)
#

Semaphore issues are generally indicated by "out of space on device" errors when there is still free space on the device. You can run 'ipcs -s|grep apache' to see the apache semaphores. If it looks like there are a lot, try clearing them out with 'ipcrm sem [semid]', or just run:

for i in `ipcs -s|grep apache|awk {'print $2'}`;do ipcrm sem $i;done;

Redirect to another host for nonexistent content (e.g. configure this on example.com, and it will redirect to transcendlinux.com if a requested file or directory doesn't exist)

RewriteCond %{HTTP_HOST}   !^transcendlinux\.com [NC]
RewriteCond %{HTTP_HOST}   !^$
RewriteCond %{REQUEST_FILENAME}       !-f
RewriteCond %{REQUEST_FILENAME}       !-d
RewriteRule ^/(.*)         http://transcendlinux.com/$1 [L,R]

Some security certifications require this. The easiest way to do this is to include the following in a file in /etc/httpd/conf.d (e.g. /etc/httpd/conf.d/notrace.conf), since this directory is automagickally included:

RewriteEngine On
RewriteCond %{REQUEST_METHOD} (TRACE|TRACK)
RewriteRule .* - [F,L]

A common problem with Apache on Redhat is an issue with displaying special characters (they come up as a ? instead of the proper symbol). The most common cause for this is that Redhat sets the default charset to UTF-8, while most content is instead encoded in ISO-8859-1 (or some other thing!)

The easy fix for this is to comment out:

AddDefaultCharset UTF-8

Here are some great resources on mod_rewrite from apache.org:
http://httpd.apache.org/docs/1.3/misc/rewriteguide.html: This guide provides some great examples for common uses of mod_rewrite, including things like using rewrite to rewrite urls from a moved document root, rewriting all subdomains to a primary subdomain (e.g. have *.test.com all be rewritten to test.com), etc.
http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html: Full documentation on mod_rewrite.
http://www.ilovejackdaniels.com/mod_rewrite_cheat_sheet.png: Spiffy Cheatsheet