One place for hosting & domains


      How to Use IPv6 With Apache and NGINX

      Internet Protocol version 6 (IPv6) provides some performance advantages over IPv4 as well as additional features. On both the Apache and NGINX web servers, IPv6 is enabled by default. However, many users do not take full advantage of all IPv6 capabilities. This guide explains how to configure and use IPv6 on both the Apache and NGINX web server. It also introduces some useful IPv6 tools.

      What is IPv6?

      IPv6 is the most recent version of the Internet Protocol (IP). It is defined in
      RFC 8200. Like the original IPv4 protocol, IPv6 provides consistent addressing for systems connected to the internet. This standard allows for a shared understanding of how to route data packets from source to destination.

      IPv6 was implemented as a solution to IPv4 address exhaustion, meaning the internet was quickly depleting its pool of available IPv4 addresses. IPv6 is intended as a full replacement for IPv4, but the two systems continue to be used together. Many systems are provisioned with both IPv4 and IPv6 addresses. End users are not typically aware of what protocol they are using to access a given resource.

      Why to Use IPv6

      Many system administrators prefer to use IPv6 due to its improved performance and additional features. Here are some of the advantages of IPv6, compared to IPv4.

      • Much larger address space of about 340 duodecillion, or 3.4 × 10^38, addresses. This allows addresses to be liberally assigned and lets organizations receive large address blocks.
      • Better speed and performance. Web page load times are 5% to 15% faster with IPv6.
      • The header is smaller than the one used in IPv4, so IPv6 uses bandwidth more efficiently.
      • Better route aggregation, which limits the size of routing tables.
      • Improved multicast capabilities.
      • Security enhancements, including the mandatory use of Internet Protocol Security (IPSec) and optional data consistency verification.

      Although IPv4 and IPv6 are not directly compatible, several transitional and upgrade strategies are available.

      Before You Begin

      1. If you have not already done so, create a Linode account and Compute Instance. See our
        Getting Started with Linode and
        Creating a Compute Instance guides.

      2. Follow our
        Setting Up and Securing a Compute Instance guide to update your system. You may also wish to set the timezone, configure your hostname, create a limited user account, and harden SSH access.


      This guide is written for a non-root user. Commands that require elevated privileges are prefixed with sudo. If you are not familiar with the sudo command, see the
      Users and Groups guide.

      How to Configure IPv6

      How to Configure IPv6 on Apache

      The following sections explain how to configure IPv6 on an Apache web server. IPv6 is enabled on Apache by default. Users do not have to do anything else to start using IPv6. However, it is possible to adjust or refine the default configuration.

      Before proceeding, ensure Apache is already installed and running on the system. Enter the command apache2 -v to see the currently installed version. If the system displays the version number, Apache is already running on the system. If the system displays the error message Command 'apache2' not found, use the command sudo apt install apache2 to install it. These instructions are geared towards Ubuntu users, but are generally valid for all Linux distributions.


      On some distributions, including CentOS/RHEL, IPv6 must be enabled on a system-wide level. See the
      RHEL documentation for details.

      The standard ports.conf configuration includes the directives Listen 80 and Listen 443. This tells Apache to listen for HTTP and HTTPS connections for all addresses on well-known ports 80 and 443. In practice, many administrators configure Apache to only listen to the system IPv4 and IPv6 addresses. To force Apache to only listen for a specific IPv6 address, add the address to the ports.conf file. Additionally, use this technique to listen for different IPv6 addresses on different ports.

      Follow these steps to configure IPv6 addresses on Apache.

      1. Ensure Apache is operational. The systemctl status command should return a value of active.

        sudo systemctl status apache2
        apache2.service - The Apache HTTP Server
            Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
            Active: active (running) since Fri 2022-09-23 21:18:57 UTC; 9min ago
      2. For better security, enable and configure the ufw firewall. Allow the Apache Full profile to permit HTTP and HTTPS connections through the firewall. OpenSSH connections must also be allowed. Enable ufw after making all changes. Use the ufw status command to validate the settings.

        sudo ufw allow OpenSSH
        sudo ufw allow in "Apache Full"
        sudo ufw enable
        sudo ufw status
        Status: active
        To                         Action      From
        --                         ------      ----
        OpenSSH                    ALLOW       Anywhere
        Apache Full                ALLOW       Anywhere
        OpenSSH (v6)               ALLOW       Anywhere (v6)
        Apache Full (v6)           ALLOW       Anywhere (v6)
      3. Use the Linux ip command to determine the IPv6 address of the system. The ip command replaces the older and now deprecated ifconfig command. To narrow down the output, grep for the inet6 family in the output. The output typically displays several entries. Use the address that is shown as having scope global. In the following example, the second entry represents the relevant IPv6 system address.

        ip addr show | grep inet6
        inet6 ::1/128 scope host
        inet6 2001:db8::f03c:93ff:fe25:6762/64 scope global dynamic mngtmpaddr noprefixroute
        inet6 fe80::f03c:93ff:fe25:6762/64 scope link
      4. Edit the ports.conf file and add Listen directives for the addresses on port 80 for HTTP, and port 443 for HTTPS. Enclose the IPv6 address in brackets [] and follow it with the : symbol and the port number. To listen for both IPv4 and IPv6 traffic, add both addresses. To restrict access to IPv6, do not include the IPv4 entry. The following example demonstrates how to configure Apache to only listen for specific requests for its IPv6 and IPv4 addresses.


        On older installations of Apache, add this configuration to httpd.conf.

        sudo vi /etc/apache2/ports.conf
        File: /etc/apache2/ports.conf
        Listen [2001:db8::f03c:93ff:fe25:6762]:80
        <IfModule ssl_module>
            Listen [2001:db8::f03c:93ff:fe25:6762]:443
        <IfModule mod_gnutls.c>
            Listen [2001:db8::f03c:93ff:fe25:6762]:443
      5. Before restarting Apache, run the configtest script to ensure the syntax is valid.

        sudo apache2ctl configtest
        Syntax OK
      6. Restart the Apache server to apply the changes.

        sudo systemctl restart apache2
      7. Verify Apache is still active.

        sudo systemctl status apache2
        apache2.service - The Apache HTTP Server
            Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
            Active: active (running) since Sat 2022-09-24 19:05:52 UTC; 7s ago
      8. Use the ss “socket statistics” command to confirm the new sockets are in LISTEN mode.

        sudo ss -ltpn
        State     Recv-Q    Send-Q                          Local Address:Port       Peer Address:Port    Process
        LISTEN    0         511                      *        users:(("apache2",pid=9303,fd=4),("apache2",pid=9302,fd=4),("apache2",pid=9301,fd=4))
        LISTEN    0         511          [2001:db8::f03c:93ff:fe25:6762]:80                 [::]:*        users:(("apache2",pid=9303,fd=3),("apache2",pid=9302,fd=3),("apache2",pid=9301,fd=3))
      9. As a final test, enter the system IPv6 address in the browser, enclosed between the [] brackets. You should see the default web page for the system. If both IPv4 and IPv6 addresses are configured, the host should also respond to a request for the IPv4 address.



        To host multiple domains on the same system using different ports or IP addresses, additional changes to the virtual host files are necessary. See the
        Apache virtual host examples for more complete information. Virtual host changes are not necessary if all domains are accessed using the same IPv6 address and port.

      How to Configure IPv6 on NGINX

      IPv6 is already enabled on NGINX. No further steps have to be taken to use IPv6. However, it is possible to edit the NGINX configuration to only accept configurations for a specified address. Ensure NGINX is already installed on the system. If not, install it using sudo apt install nginx. To configure IPv6 settings on NGINX, follow these steps.

      1. Ensure NGINX is active using the systemctl status command.

        sudo systemctl status nginx
        nginx.service - A high performance web server and a reverse proxy server
             Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset:>
             Active: active (running) since Sun 2022-09-25 17:07:13 UTC; 17s ago
      2. NGINX should be properly secured using the ufw firewall. The Nginx Full profit permits HTTP and HTTPS access. Enter the following commands to grant NGINX firewall access.

        sudo ufw allow OpenSSH
        sudo ufw allow in "Nginx Full"
        sudo ufw enable
        sudo ufw status
        Status: active
        To                         Action      From
        --                         ------      ----
        OpenSSH                    ALLOW       Anywhere
        Nginx Full                 ALLOW       Anywhere
        OpenSSH (v6)               ALLOW       Anywhere (v6)
        Nginx Full (v6)            ALLOW       Anywhere (v6)
      3. To determine the system’s IPv6 address, use the Linux ip command. To restrict the output to IPv6 addresses, use the grep command and search for inet6 in the output. The relevant address is the one having scope global. This is the second address in the following results.

        ip addr show | grep inet6
        inet6 ::1/128 scope host
        inet6 2001:db8::f03c:93ff:fe64:3a0c/64 scope global dynamic mngtmpaddr noprefixroute
        inet6 fe80::f03c:93ff:fe64:3a0c/64 scope link
      4. To force NGINX to listen only to the default IPv6 address, add it to the main server block. Enclose the IPv6 address in square brackets []. The server block containing the address might be included in either the nginx.conf file or in a virtual host file. For instance, if the default virtual host is used, add the configuration to /etc/nginx/sites-enabled/default. If the domain uses its own virtual host, add the configuration there. It is easier to use an existing server block because multiple server blocks and default servers might conflict with each other. Add the following configuration to the server block as follows.

        File: /etc/nginx/sites-enabled/default
        server {
            listen 80 default_server;
            listen [2001:db8::f03c:93ff:fe64:3a0c]:80 default_server;
      5. Optional: To only listen for IPv6 requests, add the flag ipv6only=on to the IPv6 server configuration and delete the listen 80 directive. In this configuration, the server block should resemble the following example.

        File: /etc/nginx/sites-enabled/default
        server {
            listen [2001:db8::f03c:93ff:fe64:3a0c]:80 ipv6only=on default_server;
      6. Before restarting the web server, use the NGINX test script to search for errors.

        sudo nginx -t
        nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
        nginx: configuration file /etc/nginx/nginx.conf test is successful
      7. Restart NGINX to incorporate the changes.

        sudo systemctl restart nginx
      8. Use the ss command to confirm there is a socket in the LISTEN state for the IPv6 address on the designated port.

        sudo ss -ltpn
        State  Recv-Q Send-Q                     Local Address:Port   Peer Address:Port Process
        LISTEN 0      4096             *     users:(("systemd-resolve",pid=454,fd=14))
        LISTEN 0      128                    *     users:(("sshd",pid=586,fd=3))
        LISTEN 0      511     [2001:db8::f03c:93ff:fe64:3a0c]:80             [::]:*     users:(("nginx",pid=3928,fd=6),("nginx",pid=3927,fd=6))
        LISTEN 0      128                                 [::]:22             [::]:*     users:(("sshd",pid=586,fd=4))
      9. To confirm the server is reachable using its IPv6 address, enter the address in a browser. Enclose the address in square [] brackets. If the ipv6only=on flag is on, requests for the IPv4 address should not resolve.


      Adding an IPv6 Address to the Domain DNS Records

      To enforce the use of an IPv6 address to access a hosted domain, update the DNS record for the domain. Change the DNS record to use the IPv6 address instead of the IPv4 address. For information on domain names and pointing the domain name to a Linode, see the
      Linode DNS Manager guide. All DNS changes take some time to propagate across the internet. Changing the DNS record does not affect direct access to the node using the raw IPv4 or IPv6 addresses.

      For IPv4 networks, several handy tools are available to debug and monitor networks. For IPv6, equivalent tools are available. These often have similar names to their IPv4 equivalents, sometimes with an extra 6 at the end.

      • To restrict the output of the ip command to only list IPv6 addresses, use the -6 option.

        ip -6 addr show
        1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
            inet6 ::1/128 scope host
               valid_lft forever preferred_lft forever
        2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
            inet6 2001:db8::f03c:93ff:fe25:6762/64 scope global dynamic mngtmpaddr noprefixroute
               valid_lft 5133sec preferred_lft 1533sec
            inet6 fe80::f03c:93ff:fe25:6762/64 scope link
               valid_lft forever preferred_lft forever
      • Likewise, the ss command accepts the same flag. The command ss -6 only shows socket statistics for IPv6 addresses.

        ss -6ltpn
        State          Recv-Q         Send-Q                                    Local Address:Port                 Peer Address:Port        Process
        LISTEN         0              128                                                [::]:22                           [::]:*
        LISTEN         0              511                    [2001:db8::f03c:93ff:fe25:6762]:80                           [::]:*
      • No special configuration is required for the ufw firewall. The Nginx Full profile permits both IPv4 and IPv6 connections.

      • The nslookup command is used to discover DNS information. The same command returns information about both IPv4 and IPv6 addresses, if any.

        Non-authoritative answer:
        Address: 2a00:1450:4009:816::200e
      • nslookup can be used for reverse lookups of IPv6 addresses. The output displays the address in reverse order due to nslookup display conventions.

        nslookup 2620:0:862:ed1a::1
        name =
      • There are IPv6 variants of the popular ping and traceroute utilities. To ping an IPv6 address, use ping6.

        ping6 -c 3 2620:0:862:ed1a::1
        PING 2620:0:862:ed1a::1(2620:0:862:ed1a::1) 56 data bytes
        64 bytes from 2620:0:862:ed1a::1: icmp_seq=1 ttl=56 time=6.44 ms
        64 bytes from 2620:0:862:ed1a::1: icmp_seq=2 ttl=56 time=6.54 ms
        64 bytes from 2620:0:862:ed1a::1: icmp_seq=3 ttl=56 time=6.55 ms
        --- 2620:0:862:ed1a::1 ping statistics ---
        3 packets transmitted, 3 received, 0% packet loss, time 2004ms
        rtt min/avg/max/mdev = 6.442/6.510/6.550/0.048 ms
      • The IPv6 equivalent of traceroute is traceroute6. This utility is not pre-installed on Ubuntu. To install it, use sudo apt install traceroute.

        traceroute to (2620:0:862:ed1a::3), 30 hops max, 80 byte packets
        1  2600:3c0f:7::1460 (2600:3c0f:7::1460)  0.667 ms  0.618 ms  0.603 ms
        2  2600:3c0f:7:35::8 (2600:3c0f:7:35::8)  2.537 ms 2600:3c0f:7:35::7 (2600:3c0f:7:35::7)  3.104 ms  3.216 ms
        3  2600:3c0f:7:32::2 (2600:3c0f:7:32::2)  0.633 ms  0.621 ms 2600:3c0f:7:32::1 (2600:3c0f:7:32::1)  0.699 ms
        4  2600:3c0f:7:42::2 (2600:3c0f:7:42::2)  0.767 ms  0.755 ms 2600:3c0f:7:42::1 (2600:3c0f:7:42::1)  0.774 ms
        5 (2001:7f8:17::1b1b:1)  1.933 ms * *


      More organizations are beginning to use IPv6 in their networks instead of IPv4 due to its larger address space, enhanced functionality, and better performance. It is easy to use IPv6 on Apache or NGINX because IPV6 is already enabled by default on both platforms. However, both the NGINX and Apache IPv6 configurations can be edited for better security and more flexibility. To properly monitor IPv6 performance and debug issues, several additional tools are available. See the
      Apache and
      NGINX documentation for more information about IPv6.

      More Information

      You may wish to consult the following resources for additional information
      on this topic. While these are provided in the hope that they will be
      useful, please note that we cannot vouch for the accuracy or timeliness of
      externally hosted materials.

      Source link

      How To Configure WebDAV Access with Apache on Ubuntu 20.04

      The author selected the Free and Open Source Fund to receive a donation as part of the Write for DOnations program.


      WebDAV is an extension of the HTTP protocol that allows users to manage files on remote servers. There are many ways to use a WebDAV server, you can, for example, share Word or Excel documents with your colleagues by uploading them to your WebDAV server. You can also share your music collection with your family and friends by simply giving them a URL. All of this can be achieved without them installing any additional software as everything is built right into their operating system.

      In this article, you’ll configure an Apache web server to enable WebDAV access from Windows, Mac, and Linux with SSL and password authentication.


      Before you begin this guide, you will need the following:

      WebDAV requires very few server resources, so any sized virtual machine will be enough to get your WebDAV server up and running.

      Log in to your server as the sudo-enabled, non-root user to start the first step.

      Step 1 — Enabling the WebDAV Apache Modules

      The Apache web server provides a lot of functionality as optional modules. You can enable and disable these modules to add and remove their functionality from Apache. Its WebDAV functionality is included in a module that you installed along with Apache, but is not enabled by default.
      You enable the WebDAV module for Apache using the a2enmod utility. The following two commands will enable the WebDAV modules:

      • sudo a2enmod dav
      • sudo a2enmod dav_fs

      Now, restart Apache to load the new modules:

      • sudo systemctl restart apache2.service

      The WebDAV module is now loaded and running. In the next step, you will configure Apache to serve your files via WebDAV.

      Step 2 — Configuring Apache

      In this step, you will create all the configurations that Apache needs to implement a WebDAV server.

      First, create the WebDAV root folder at /var/www/webdav that will hold the files you want to make available over WebDAV:

      • sudo mkdir /var/www/webdav

      Then, set Apache’s user, www-data, to be the owner of the WebDAV directory:

      • sudo chown www-data:www-data /var/www/webdav

      Next, you need to create a location for the database file that Apache uses to manage and lock the files that WebDAV users are accessing. This file needs to be readable and writable by Apache, but must not be available from the website as this can leak sensitive information.

      Create a new directory with the mkdir utility for the database file at /usr/local/apache/var/:

      • sudo mkdir -p /usr/local/apache/var/

      The -p option tells the mkdir utility to create all the directories in the path you specified if they don’t exist.

      Next, set the owner and group of the new directory to Apache’s user and group with the chown utility:

      • sudo chown www-data:www-data /usr/local/apache/var

      Now, you need to edit the VirtualHost file that holds the Apache configuration about your domain name. This file is located in /etc/apache2/sites-enabled/ and ends in le-ssl.conf if you used Certbot to register the SSL certificate.

      Open the VirtualHost file with a text editor:

      • sudo nano /etc/apache2/sites-enabled/your_domain-le-ssl.conf

      On the first line, add the DavLockDB directive:


      DavLockDB /usr/local/apache/var/DavLock
      . . .

      Next, add the following Alias and Directory directives inside the <VirtualHost> tags following all the other directives:


      . . .
      Alias /webdav /var/www/webdav
      <Directory /var/www/webdav>
          DAV On

      The Alias directive maps requests to http://your.server/webdav to the /var/www/webdav folder.

      The Directory directive tells Apache to enable WebDAV for the /var/www/webdav folder. You can find out more about mod_dav from the Apache docs.

      Your final VirtualHost file will be as follows, which includes the DavLockDB, Alias, and Directory directives in the correct locations:


      DavLockDB /usr/local/apache/var/DavLock
      <IfModule mod_ssl.c>
      <VirtualHost *:443>
              ServerAdmin [email protected]_domain
              ServerName your_domain
              ServerAlias your_domain
              DocumentRoot /var/www/your_domain
              ErrorLog ${APACHE_LOG_DIR}/error.log
              CustomLog ${APACHE_LOG_DIR}/access.log combined
              SSLCertificateFile /etc/letsencrypt/live/your_domain/fullchain.pem
              SSLCertificateKeyFile /etc/letsencrypt/live/your_domain/privkey.pem
              Include /etc/letsencrypt/options-ssl-apache.conf
              Alias /webdav /var/www/webdav
              <Directory /var/www/webdav>
                  DAV On

      If you make any syntax errors while you are editing Apache’s configuration it will refuse to start. It’s a good practice to check your Apache configuration before restarting Apache.

      Use the apachectl utility to check the configuration:

      • sudo apachectl configtest

      If your configuration is error free, apachectl will print Syntax OK. When you receive this, it is safe to restart Apache to load the new configuration:

      • sudo systemctl restart apache2.service

      You’ve now configured Apache as a WebDAV server to serve files from /var/www/webdav. However, you don’t yet have authentication configured or enabled so anyone that can access your server will be able to read, write, and edit your files. In the next section, you will enable and configure WebDAV authentication.

      Step 3 — Adding Authentication to WebDAV

      The authentication method that you will use is called digest authentication. Digest authentication is the more secure method of WebDAV authentication, especially when coupled with HTTPS.

      Digest authentication works with a file that stores the usernames and passwords of users that are allowed to access the WebDAV server. Just as with the DavLockDB the digest file needs to be stored in a location that Apache can read and write to and that cannot be served from your website.

      As you already created /usr/local/apache/var/ for this purpose, you will place the digest file there as well.

      First, create an empty file called users.password at /usr/local/apache/var/ with the touch utility:

      • sudo touch /usr/local/apache/var/users.password

      Then change the owner and group to www-data so Apache can read and write to it:

      • sudo chown www-data:www-data /usr/local/apache/var/users.password

      New users are added to WebDAV using the htdigest utility. The following command adds the user sammy:

      • sudo htdigest /usr/local/apache/var/users.password webdav sammy

      The webdav in this command is the realm and should be thought of as the group you are adding the new user to. It is also the text displayed to users as they enter their username and password when they access your WebDAV server. You can choose whatever realm best describes your use case.

      htdigest will prompt you to enter a password and confirm it when you run it:


      Adding user sammy in realm webdav New password: Re-type new password:

      Next, you’ll tell Apache to require authentication for WebDAV access and to use the users.password file.

      Open your VirtualHost file:

      • sudo nano /etc/apache2/sites-enabled/your_domain-le-ssl.conf

      Then, add the following lines inside the Directory directive block:


      AuthType Digest
      AuthName "webdav"
      AuthUserFile /usr/local/apache/var/users.password
      Require valid-user

      These directives do the following:

      • AuthType Digest: Use the digest authentication method.
      • AuthName "webdav": Only allow users from the webdav realm.
      • AuthUserFile /usr/local/apache/var/users.password: Use the usernames and passwords contained in /usr/local/apache/var/users.password.
      • Require valid-user: Allow access to any user listed in the users.password file that supplied the correct password.

      Your <Directory> directive will be as follows:


      <Directory /var/www/webdav>
        DAV On
        AuthType Digest
        AuthName "webdav"
        AuthUserFile /usr/local/apache/var/users.password
        Require valid-user

      Next, enable the auth_digest Apache module so that Apache knows how to use the digest authentication method:

      Finally, restart Apache to load all the new configuration:

      • sudo systemctl restart apache2.service

      You’ve now configured your WebDAV server to use HTTPS and digest authentication. It is ready to start serving files to your users. In the next section, you’ll access a WebDAV server from either Windows, Linux, or macOS.

      Step 4 — Accessing WebDAV

      In this step, you’ll access a WebDAV server with the native file browsers of macOS, Windows, and Linux (KDE and GNOME).

      Before you get started accessing your WebDAV server you should put a file into the WebDAV folder, so you have a file to test.

      Open a new file with a text editor:

      • sudo nano /var/www/webdav/webdav-testfile.txt

      Add some text then save and exit. Now, set the owner and group of this file to www-data:

      • sudo chown www-data:www-data /var/www/webdav/webdav-testfile.txt

      You are now ready to start accessing and testing your WebDAV server.

      Linux KDE

      First, open the KDE Dolphin file manager. Then edit the address bar with a URL that has the following form:


      image showing WebDAV link in the Dolphin address bar

      When you hit ENTER you will be prompted to enter a username and password.

      image showing the username and password dialog box

      Check the Remember password option if you want Dolphin to retain your password. Then click OK to continue. It will now present you with the contents of the /var/www/webdav/ directory, which you can manipulate as if they were on your local system.

      Bookmark your WebDAV server by grabbing the folder icon in the address bar and dragging it under the Remote section in the left-hand navigation panel.

      Image showing the WebDAV server in the Dolphin Remote locations

      Linux GNOME

      First, open the Files application by clicking on its icon on the right-hand side of the desktop.

      Image showing Finder icon

      When Files opens do the following:

      1. Click on + Other Locations.
      2. Enter the URL of your WebDAV instance with the following form:

      Image showing the Files application

      Then, click on Connect. It will then prompt you with a username and password dialog box.

      Image showing the username and password dialog

      Enter your username and password then click Connect to log in to your WebDAV server. Check the Remember forever option if you do not want to enter your password every time you access your files.

      Your WebDAV folder will now be available in Files where you can manage your files:

      Image showing the WebDAV server in the Files application


      First, open the Finder application. Next, click on the Go menu and then on Connect to server.

      Image showing the Go menu in the Finder application

      You will now find a new dialog box where you enter the URL of the WebDAV server. This URL must have the following form:


      Image showing the URL entry dialog box

      Click on the Connect button to continue. It will prompt you to enter a username and password.

      Image showing the username and password dialog

      Click on Connect to complete adding your WebDAV server to your system.

      You will now find your WebDAV server in Finder under the Locations section.

      Image showing the WebDAV share in Finder


      First, from the Start Menu, open the File Explorer application. When this opens select This PC from the left-hand navigation panel.

      Image showing This PC in the navigation panel

      Next, click on the Map network drive icon in the top navigation bar.

      Image showing the Map network drive icon in top navigation panel

      Enter the URL of your WebDAV server with a URL of the following form:


      Image showing the URL entry dialog

      Click Finish to connect to your WebDAV server. It will prompt you to enter a username and password.

      Image showing username and password entry dialog

      Enter your username and password and click OK to log in to your server. Check the Remember my credentials option if you do not want to enter your password every time you access your files.

      Your WebDAV will now appear as a location under the This PC section of the File Explorer left-hand navigation panel.

      Image showing the WebDAV share in File Explorer


      You have now set up and configured a secure WebDAV server to serve your files to your users. No matter what operating system your users have on their local system they will be able to access and manage the files in your WebDAV server.

      Source link

      How To Install Apache Kafka on Ubuntu 20.04

      The author selected the Free and Open Source Fund to receive a donation as part of the Write for DOnations program.


      Apache Kafka is a popular distributed message broker designed to handle large volumes of real-time data. A Kafka cluster is highly scalable and fault-tolerant. It also has a much higher throughput compared to other message brokers like ActiveMQ and RabbitMQ. Though it is generally used as a publish/subscribe messaging system, a lot of organizations also use it for log aggregation because it offers persistent storage for published messages.

      A publish/subscribe messaging system allows one or more producers to publish messages without considering the number of consumers or how they will process the messages. Subscribed clients are notified automatically about updates and the creation of new messages. This system is more efficient and scalable than systems where clients poll periodically to determine if new messages are available.

      In this tutorial, you will install and use Apache Kafka 2.6.0 on Ubuntu 20.04.


      To follow along, you will need:

      Step 1 &mdash Creating a User for Kafka

      Because Kafka can handle requests over a network, your first step is to create a dedicated user for the service. This minimizes damage to your Ubuntu machine in the event that someone compromises the Kafka server. We will create a dedicated kafka user in this step.

      Logged in as your non-root sudo user, create a user called kafka:

      Follow the prompts to set a password and create the kafka user.

      Next, add the kafka user to the sudo group with the adduser command. You need these privileges to install Kafka’s dependencies:

      Your kafka user is now ready. Log into the account using su:

      Now that you’ve created a Kafka-specific user, you are ready to download and extract the Kafka binaries.

      Step 2 &mdash Downloading and Extracting the Kafka Binaries

      Let’s download and extract the Kafka binaries into dedicated folders in our kafka user’s home directory.

      To start, create a directory in /home/kafka called Downloads to store your downloads:

      Use curl to download the Kafka binaries:

      • curl "" -o ~/Downloads/kafka.tgz

      Create a directory called kafka and change to this directory. This will be the base directory of the Kafka installation:

      • mkdir ~/kafka && cd ~/kafka

      Extract the archive you downloaded using the tar command:

      • tar -xvzf ~/Downloads/kafka.tgz --strip 1

      We specify the --strip 1 flag to ensure that the archive’s contents are extracted in ~/kafka/ itself and not in another directory (such as ~/kafka/kafka_2.13-2.6.0/) inside of it.

      Now that we’ve downloaded and extracted the binaries successfully, we can start configuring our Kafka server.

      Step 3 &mdash Configuring the Kafka Server

      Kafka’s default behavior will not allow you to delete a topic. A Kafka topic is the category, group, or feed name to which messages can be published. To modify this, you must edit the configuration file.

      Kafka’s configuration options are specified in Open this file with nano or your favorite editor:

      • nano ~/kafka/config/

      First, add a setting that will allow us to delete Kafka topics. Add the following to the bottom of the file:


      delete.topic.enable = true

      Second, change the directory where the Kafka logs are stored by modifying the logs.dir property:



      Save and close the file. Now that you’ve configured Kafka, your next step is to create systemd unit files for running and enabling the Kafka server on startup.

      Step 4 &mdash Creating Systemd Unit Files and Starting the Kafka Server

      In this section, you will create systemd unit files for the Kafka service. This will help you perform common service actions such as starting, stopping, and restarting Kafka in a manner consistent with other Linux services.

      Zookeeper is a service that Kafka uses to manage its cluster state and configurations. It is used in many distributed systems. If you would like to know more about it, visit the official Zookeeper docs.

      Create the unit file for zookeeper:

      • sudo nano /etc/systemd/system/zookeeper.service

      Enter the following unit definition into the file:


      ExecStart=/home/kafka/kafka/bin/ /home/kafka/kafka/config/

      The [Unit] section specifies that Zookeeper requires networking and the filesystem to be ready before it can start.

      The [Service] section specifies that systemd should use the and shell files for starting and stopping the service. It also specifies that Zookeeper should be restarted if it exits abnormally.

      After adding this content, save and close the file.

      Next, create the systemd service file for kafka:

      • sudo nano /etc/systemd/system/kafka.service

      Enter the following unit definition into the file:


      ExecStart=/bin/sh -c '/home/kafka/kafka/bin/ /home/kafka/kafka/config/ > /home/kafka/kafka/kafka.log 2>&1'

      The [Unit] section specifies that this unit file depends on zookeeper.service. This will ensure that zookeeper gets started automatically when the kafka service starts.

      The [Service] section specifies that systemd should use the and shell files for starting and stopping the service. It also specifies that Kafka should be restarted if it exits abnormally.

      Now that you have defined the units, start Kafka with the following command:

      • sudo systemctl start kafka

      To ensure that the server has started successfully, check the journal logs for the kafka unit:

      • sudo systemctl status kafka

      You will receive output like this:


      ● kafka.service Loaded: loaded (/etc/systemd/system/kafka.service; disabled; vendor preset: enabled) Active: active (running) since Wed 2021-02-10 00:09:38 UTC; 1min 58s ago Main PID: 55828 (sh) Tasks: 67 (limit: 4683) Memory: 315.8M CGroup: /system.slice/kafka.service ├─55828 /bin/sh -c /home/kafka/kafka/bin/ /home/kafka/kafka/config/ > /home/kafka/kafka/kafka.log 2>&1 └─55829 java -Xmx1G -Xms1G -server -XX:+UseG1GC -XX:MaxGCPauseMillis=20 -XX:InitiatingHeapOccupancyPercent=35 -XX:+ExplicitGCInvokesConcurrent -XX:MaxInlineLevel=15 -Djava.awt.headless=true -Xlog:gc*:file=> Feb 10 00:09:38 cart-67461-1 systemd[1]: Started kafka.service.

      You now have a Kafka server listening on port 9092.

      You have started the kafka service. But if you rebooted your server, Kafka would not restart automatically. To enable the kafka service on server boot, run the following commands:

      • sudo systemctl enable zookeeper
      • sudo systemctl enable kafka

      In this step, you started and enabled the kafka and zookeeper services. In the next step, you will check the Kafka installation.

      Step 5 &mdash Testing the Kafka Installation

      In this step, you will test your Kafka installation. Specifically, you will publish and consume a “Hello World” message to make sure the Kafka server is behaving correctly.

      Publishing messages in Kafka requires:

      • A producer, who enables the publication of records and data to topics.
      • A consumer, who reads messages and data from topics.

      To begin, create a topic named TutorialTopic:

      • ~/kafka/bin/ --create --zookeeper localhost:2181 --replication-factor 1 --partitions 1 --topic TutorialTopic

      You can create a producer from the command line using the script. It expects the Kafka server’s hostname, a port, and a topic as arguments.

      Now publish the string "Hello, World" to the TutorialTopic topic:

      • echo "Hello, World" | ~/kafka/bin/ --broker-list localhost:9092 --topic TutorialTopic > /dev/null

      Next, create a Kafka consumer using the script. It expects the ZooKeeper server’s hostname and port, along with a topic name as arguments.

      The following command consumes messages from TutorialTopic. Note the use of the --from-beginning flag, which allows the consumption of messages that were published before the consumer was started:

      • ~/kafka/bin/ --bootstrap-server localhost:9092 --topic TutorialTopic --from-beginning

      If there are no configuration issues, you will see Hello, World appear in your terminal:


      Hello, World

      The script will continue to run, waiting for more messages to publish. To test this, open a new terminal window and log into your server.

      In this new terminal, start a producer to publish another message:

      • echo "Hello World from Sammy at DigitalOcean!" | ~/kafka/bin/ --broker-list localhost:9092 --topic TutorialTopic > /dev/null

      You will see this message in the consumer’s output:


      Hello, World Hello World from Sammy at DigitalOcean!

      When you are done testing, press CTRL+C to stop the consumer script.

      You have now installed and configured a Kafka server on Ubuntu 20.04. In the next step, you will perform a few quick tasks to harden the security of your Kafka server.

      Step 6 &mdash Hardening the Kafka Server

      With your installation complete, you can remove the kafka user’s admin privileges. Before you do so, log out and log back in as any other non-root sudo user. If you are still running the same shell session that you started this tutorial with, type exit.

      Remove the kafka user from the sudo group:

      To further improve your Kafka server’s security, lock the kafka user’s password using the passwd command. This makes sure that nobody can directly log into the server using this account:

      At this point, only root or a sudo user can log in as kafka by typing in the following command:

      In the future, if you want to unlock it, use passwd with the -u option:

      You have now successfully restricted the kafka user’s admin privileges. You are ready to begin using Kafka, or you can follow the next optional step, which will add KafkaT to your system.

      Step 7 &mdash Installing KafkaT (Optional)

      KafkaT is a tool that Airbnb developed. It makes it easier to view details about your Kafka cluster and perform certain administrative tasks from the command line. But because it is a Ruby gem, you will need Ruby to use it. You will also need the build-essential package to build the other gems that KafkaT depends on. Install them using apt:

      • sudo apt install ruby ruby-dev build-essential

      You can now install KafkaT using the gem command:

      • sudo CFLAGS=-Wno-error=format-overflow gem install kafkat

      The “Wno-error=format-overflow” compilation flag is required to suppress Zookeeper’s warnings and errors during kafkat’s installation process.

      KafkaT uses .kafkatcfg as the configuration file to determine the installation and log directories of your Kafka server. It should also have an entry pointing KafkaT to your ZooKeeper instance.

      Create a new file called .kafkatcfg:

      Add the following lines to specify the required information about your Kafka server and Zookeeper instance:


        "kafka_path": "~/kafka",
        "log_path": "/home/kafka/logs",
        "zk_path": "localhost:2181"

      You are now ready to use KafkaT. For a start, here’s how you would use it to view details about all Kafka partitions:

      You will see the following output:


      [DEPRECATION] The trollop gem has been renamed to optimist and will no longer be supported. Please switch to optimist as soon as possible. /var/lib/gems/2.7.0/gems/json-1.8.6/lib/json/common.rb:155: warning: Using the last argument as keyword parameters is deprecated ... Topic Partition Leader Replicas ISRs TutorialTopic 0 0 [0] [0] __consumer_offsets 0 0 [0] [0] ... ...

      You will see TutorialTopic, as well as __consumer_offsets, an internal topic used by Kafka for storing client-related information. You can safely ignore lines starting with __consumer_offsets.

      To learn more about KafkaT, refer to its GitHub repository.


      You now have Apache Kafka running securely on your Ubuntu server. You can now integrate Kafka into your favorite programming language using Kafka clients.

      To learn more about Kafka, you can also consult its documentation.

      Source link