Some tightening in the DNS, HTTP, and FTP sections.

The DNS and HTTP sections still need a good go-through.

Clarify the introductions to these sections.

Fix some acronyms along the way.

To be followed by a white-space fix.

en_US.ISO8859-1/books/handbook/network-servers/chapter.xml

@@ -3006,58 +3006,33 @@ dhcpd_ifaces="dc0"</programlisting>
     -->
     <title>Domain Name System (<acronym>DNS</acronym>)</title>
 
-    <sect2>
-      <title>Overview</title>
-
       <indexterm><primary>BIND</primary></indexterm>
 
-      <para>&os; utilizes, by default, a version of BIND (Berkeley
+      <para>Domain Name System (<acronym>DNS</acronym>) is the protocol through which domain names are
-	Internet Name Domain), which is the most common implementation
+	mapped to <acronym>IP</acronym> addresses, and vice versa.  By default, &os; installs the Berkeley
-	of the <acronym>DNS</acronym> protocol.
+	Internet Name Domain (<acronym>BIND</acronym>), which is the most common implementation
-	<acronym>DNS</acronym> is the protocol through which names are
+	of the <acronym>DNS</acronym> protocol.  The &os; version provides enhanced security features, a new file
-	mapped to <acronym>IP</acronym> addresses, and vice versa.
+	system layout, and automated &man.chroot.8;
-	For example, a query for
+	configuration.  BIND is maintained by the
-	<hostid role="fqdn">www.FreeBSD.org</hostid> will receive a
+	<ulink url="https://www.isc.org/">isc.org</ulink>.
-	reply with the <acronym>IP</acronym> address of The &os;
+	It is not necessary to run a name
-	Project's web server, whereas, a query for
-	<hostid role="fqdn">ftp.FreeBSD.org</hostid> will return the
-	<acronym>IP</acronym> address of the corresponding
-	<acronym>FTP</acronym> machine.  Likewise, the opposite can
-	happen.  A query for an <acronym>IP</acronym> address can
-	resolve its hostname.  It is not necessary to run a name
 	server to perform <acronym>DNS</acronym> lookups on a
 	system.</para>
 
-      <para>&os; currently comes with <acronym>BIND</acronym>9
-	<acronym>DNS</acronym> server software by default.  Our
-	installation provides enhanced security features, a new file
-	system layout and automated &man.chroot.8;
-	configuration.</para>
-
       <indexterm><primary>DNS</primary></indexterm>
       <para><acronym>DNS</acronym> is coordinated across the Internet
 	through a somewhat complex system of authoritative root, Top
 	Level Domain (<acronym>TLD</acronym>), and other smaller-scale
-	name servers which host and cache individual domain
+	name servers, which host and cache individual domain
-	information.</para>
+	information.  Table 28.4 describes some of the terms associated with <acronym>DNS</acronym>:</para>
-
-      <para>Currently, BIND is maintained by the
-	Internet Systems Consortium
-	<ulink url="https://www.isc.org/"></ulink>.</para>
-    </sect2>
-
-    <sect2>
-      <title>Terminology</title>
-
-      <para>To understand this document, some terms related to
-	<acronym>DNS</acronym> must be understood.</para>
 
       <indexterm><primary>resolver</primary></indexterm>
       <indexterm><primary>reverse
 	  <acronym>DNS</acronym></primary></indexterm>
       <indexterm><primary>root zone</primary></indexterm>
 
-      <informaltable frame="none" pgwide="1">
+      <table frame="none" pgwide="1">
+	<title><acronym>DNS</acronym> Terminology</title>
 	<tgroup cols="2">
 	  <colspec colwidth="1*"/>
 	  <colspec colwidth="3*"/>
@@ -3117,7 +3092,7 @@ dhcpd_ifaces="dc0"</programlisting>
 	    </row>
 	  </tbody>
 	</tgroup>
-      </informaltable>
+      </table>
 
       <indexterm>
 	<primary>zones</primary>
@@ -3159,7 +3134,6 @@ dhcpd_ifaces="dc0"</programlisting>
 	of a hostname is much like a file system: the
 	<filename class="directory">/dev</filename> directory falls
 	within the root, and so on.</para>
-    </sect2>
 
     <sect2>
       <title>Reasons to Run a Name Server</title>
@@ -4431,56 +4405,45 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
       <secondary>setting up</secondary></indexterm>
     <indexterm><primary>Apache</primary></indexterm>
 
-    <para>&os; is used to run some of the busiest web sites in the
+    <para>The open source
-      world.  The majority of web servers on the Internet are using
+      <application>Apache HTTP Server</application> is the most widely
-      the <application>Apache HTTP Server</application>.
+      used web server.  &os; does not install this web server by default,
-      <application>Apache</application> software packages should be
+      but it can be installed from the
-      included on the &os; installation media.  If
+      <filename role="package">www/apache24</filename> package or port.</para>
-      <application>Apache</application> was not installed while
-      installing &os;, then it can be installed from the
-      <filename role="package">www/apache22</filename> port.</para>
 
-    <para>Once <application>Apache</application> has been installed
+    <para>This section summarizes how to configure and start version 2.<replaceable>x</replaceable> of the
-      successfully, it must be configured.</para>
+	<application>Apache HTTP Server</application>, the
-
+	most widely used version, on &os;.  For more detailed
-    <note>
+	information about
-      <para>This section covers version 2.2.X of the
+	<application>Apache</application>&nbsp;2.X and its configuration directives, refer to
-	<application>Apache HTTP Server</application> as that is the
+	<ulink url="http://httpd.apache.org/">httpd.apache.org</ulink>.</para>
-	most widely used version for &os;.  For more detailed
-	information beyond the scope of this document about
-	<application>Apache</application>&nbsp;2.X, please see
-	<ulink url="http://httpd.apache.org/"></ulink>.</para>
-    </note>
 
     <sect2>
-      <title>Configuration</title>
+      <title>Configuring and Starting Apache</title>
 
       <indexterm><primary>Apache</primary>
 	<secondary>configuration file</secondary></indexterm>
 
-      <para>The main <application>Apache HTTP Server</application>
+      <para>In &os;, the main <application>Apache HTTP Server</application>
 	configuration file is installed as
-	<filename>/usr/local/etc/apache22/httpd.conf</filename> on
+	<filename>/usr/local/etc/apache2<replaceable>x</replaceable>/httpd.conf</filename>.
-	&os;.  This file is a typical &unix; text configuration file
+	This ASCII text file begins
-	with comment lines beginning with the <literal>#</literal>
+	comment lines with the <literal>#</literal>.  The
-	character.  A comprehensive description of all possible
+	most frequently modified directives are:</para>
-	configuration options is outside the scope of this book, so
-	only the most frequently modified directives will be described
-	here.</para>
 
       <variablelist>
 	<varlistentry>
 	  <term><literal>ServerRoot "/usr/local"</literal></term>
 
 	  <listitem>
-	    <para>This specifies the default directory hierarchy for
+	    <para>Specifies the default directory hierarchy for
 	      the <application>Apache</application> installation.
 	      Binaries are stored in the
 	      <filename class="directory">bin</filename> and
 	      <filename class="directory">sbin</filename>
 	      subdirectories of the server root, and configuration
 	      files are stored in <filename
-		class="directory">etc/apache</filename>.</para>
+		class="directory">etc/apache2<replaceable>x</replaceable></filename>.</para>
 	  </listitem>
 	</varlistentry>
 
@@ -4488,8 +4451,7 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
 	  <term><literal>ServerAdmin you@your.address</literal></term>
 
 	  <listitem>
-	    <para>The address to which problems with the server should
+	    <para>The email address to receive problems with the server.  This address also appears on some
-	      be emailed.  This address also appears on some
 	      server-generated pages, such as error documents.</para>
 	  </listitem>
 	</varlistentry>
@@ -4498,21 +4460,20 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
 	  <term><literal>ServerName www.example.com</literal></term>
 
 	  <listitem>
-	    <para><literal>ServerName</literal> allows an
+	    <para>Allows an
 	      administrator to set a host name which is sent back to
-	      clients for the server.  This is useful if the host is
+	      clients for the server.  For example,
-	      different than the one that it is configured with (i.e.,
+	      <hostid>www</hostid> can be used instead of the actual host
-	      use <hostid>www</hostid> instead of the host's real
+	      name.</para>
-	      name).</para>
 	  </listitem>
 	</varlistentry>
 
 	<varlistentry>
 	  <term><literal>DocumentRoot
-	    "/usr/local/www/apache22/data"</literal></term>
+	    "/usr/local/www/apache2<replaceable>x</replaceable>/data"</literal></term>
 
 	  <listitem>
-	    <para><literal>DocumentRoot</literal>: The directory
+	    <para>The directory
 	      where documents will be served from.  By default, all
 	      requests are taken from this directory, but symbolic
 	      links and aliases may be used to point to other
@@ -4525,18 +4486,14 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
 	<application>Apache</application> configuration file before
 	making changes.  When the configuration of
 	<application>Apache</application>, is complete, save the
-	file and verify the configuration using &man.apachectl.8;.
+	file and verify the configuration using apachectl(8).
-	To do this, issue <command>apachectl configtest</command>
+	Running <command>apachectl configtest</command>
-	which should return <literal>Syntax OK</literal>.</para>
+	should return <literal>Syntax OK</literal>.</para>
-    </sect2>
-
-    <sect2>
-      <title>Running <application>Apache</application></title>
 
       <indexterm><primary>Apache</primary>
 	<secondary>starting or stopping</secondary></indexterm>
 
-      <para>The <filename role="package">www/apache22</filename> port
+      <para>The <filename role="package">www/apache24</filename> port
 	installs an &man.rc.8; script to aid in starting, stopping,
 	and restarting <application>Apache</application>, which can be
 	found in <filename
@@ -4546,13 +4503,13 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
 	startup, add the following line to
 	<filename>/etc/rc.conf</filename>:</para>
 
-      <programlisting>apache22_enable="YES"</programlisting>
+      <programlisting>apache24_enable="YES"</programlisting>
 
       <para>If <application>Apache</application> should be started
 	with non-default options, the following line may be added to
-	<filename>/etc/rc.conf</filename>:</para>
+	<filename>/etc/rc.conf</filename> to specify the needed flags:</para>
 
-      <programlisting>apache22_flags=""</programlisting>
+      <programlisting>apache24_flags=""</programlisting>
 
       <para>The <application>Apache</application> configuration can be
 	tested for errors after making subsequent
@@ -4561,7 +4518,7 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
 	or by the &man.service.8; utility by issuing one of the
 	following commands:</para>
 
-      <screen>&prompt.root; <userinput>service apache22 configtest</userinput></screen>
+      <screen>&prompt.root; <userinput>service apache24 configtest</userinput></screen>
 
       <note>
 	<para>It is important to note that the
@@ -4571,11 +4528,10 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
       </note>
 
       <para>If <application>Apache</application> does not report
-	configuration errors, the
+	configuration errors, start <command>httpd</command>
-	<application>Apache</application>&nbsp;<command>httpd</command>
+	with &man.service.8;:</para>
-	can be started with &man.service.8;:</para>
 
-      <screen>&prompt.root; <userinput>service apache22 start</userinput></screen>
+      <screen>&prompt.root; <userinput>service apache24 start</userinput></screen>
 
       <para>The <command>httpd</command> service can be tested by
 	entering <literal>http://<hostid
@@ -4585,7 +4541,7 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
 	domain name of the machine running <command>httpd</command>,
 	if it is not the local machine.  The default web page that is
 	displayed is
-	<filename>/usr/local/www/apache22/data/index.html</filename>.</para>
+	<filename>/usr/local/www/apache24/data/index.html</filename>.</para>
     </sect2>
 
     <sect2>
@@ -4915,128 +4871,107 @@ DocumentRoot /www/someotherdomain.tld
       </authorgroup>
     </sect1info>
     -->
-    <title>File Transfer Protocol (FTP)</title>
+    <title>File Transfer Protocol (<acronym>FTP</acronym>)</title>
 
-    <indexterm><primary>FTP servers</primary></indexterm>
+    <indexterm><primary><acronym>FTP</acronym> servers</primary></indexterm>
 
-    <para>The File Transfer Protocol (FTP) provides users with a
+    <para>The File Transfer Protocol (<acronym>FTP</acronym>) provides users with a
       simple way to transfer files to and from an
-      <acronym role="File Transfer Protocol">FTP</acronym> server.
+      <acronym>FTP</acronym> server.
-      &os; includes <acronym
+      &os; includes <acronym>FTP</acronym> server
-	role="File Transfer Protocol">FTP</acronym> server
+      software, <application>ftpd</application>, in the base system.</para>
-      software, <application>ftpd</application>, in the base system.
+      
-      This makes setting up and administering an
+      <para>&os; provides several configuration files for controlling access
-      <acronym role="File Transfer Protocol">FTP</acronym> server on
+	to the <acronym>FTP</acronym> server. This section summarizes
-      &os; very straightforward.</para>
+	these files.  Refer to &man.ftpd.8; for more details about the
+	built-in <acronym>FTP</acronym> server.</para>
 
-    <sect2>
+      <sect2>
-      <title>Configuration</title>
+	<title>Configuration</title>
 
       <para>The most important configuration step is deciding which
-	accounts will be allowed access to the FTP server.  A normal
+	accounts will be allowed access to the <acronym>FTP</acronym> server.  A
-	&os; system has a number of system accounts used for various
+	&os; system has a number of system accounts which
-	daemons, but unknown users should not be allowed to log in
+	should not be allowed <acronym>FTP</acronym> access.
-	with these accounts.  The <filename>/etc/ftpusers</filename>
+	The list of users disallowed any <acronym>FTP</acronym> access
-	file is a list of users disallowed any FTP access.  By
+	can be found in <filename>/etc/ftpusers</filename>.
-	default, it includes the aforementioned system accounts, but
+	By
-	it is possible to add specific users here that should not be
+	default, it includes system accounts.  Additional
-	allowed access to FTP.</para>
+	users that should not be
+	allowed access to <acronym>FTP</acronym> can be added.</para>
 
       <para>In some cases it may be desirable to restrict the access
 	of some users without preventing them completely from using
-	FTP.  This can be accomplished with the
+	<acronym>FTP</acronym>.  This can be accomplished be creating
-	<filename>/etc/ftpchroot</filename> file.  This file lists
+	<filename>/etc/ftpchroot</filename> as described in &man.ftpchroot.5;.  This file lists
-	users and groups subject to FTP access restrictions.  Refer to
+	users and groups subject to <acronym>FTP</acronym> access restrictions.</para>
-	&man.ftpchroot.5; for more details.</para>
 
       <indexterm>
-	<primary>FTP</primary>
+	<primary><acronym>FTP</acronym></primary>
 	<secondary>anonymous</secondary>
       </indexterm>
 
-      <para>To enable anonymous FTP access to the server, create a
+      <para>To enable anonymous <acronym>FTP</acronym> access to the server, create a
 	user named <username>ftp</username> on the &os; system.  Users
-	will then be able to log on to the FTP server with a username
+	will then be able to log on to the <acronym>FTP</acronym> server with a username
-	of <username>ftp</username> or <username>anonymous</username>
+	of <username>ftp</username> or <username>anonymous</username>.  When prompted for the password,
-	and with any password (by convention an email address for the
+	any input will be accepted, but by convention, an email address
-	user should be used as the password).  The FTP server will
+	should be used as the password.  The <acronym>FTP</acronym> server will
 	call &man.chroot.2; when an anonymous user logs in, to
 	restrict access to only the home directory of the
 	<username>ftp</username> user.</para>
 
-      <para>There are two text files that specify welcome messages to
+      <para>There are two text files that can be created to specify welcome messages to
-	be displayed to FTP clients.  The contents of the file
+	be displayed to <acronym>FTP</acronym> clients.  The contents of
 	<filename>/etc/ftpwelcome</filename> will be displayed to
 	users before they reach the login prompt.  After a successful
-	login, the contents of the file
+	login, the contents of
 	<filename>/etc/ftpmotd</filename> will be displayed.  Note
 	that the path to this file is relative to the login
-	environment, so the file <filename>~ftp/etc/ftpmotd</filename>
+	environment, so the contents of <filename>~ftp/etc/ftpmotd</filename>
 	would be displayed for anonymous users.</para>
 
-      <para>Once the FTP server has been configured properly, it must
+      <para>Once the <acronym>FTP</acronym> server has been configured, set the appropriate variable in
-	be enabled in <filename>/etc/inetd.conf</filename>.  All that
+	<filename>/etc/rc.conf</filename> to start the service during boot:</para>
-	is required here is to remove the comment symbol
-	<quote>#</quote> from in front of the existing
-	<application>ftpd</application> line :</para>
-
-      <programlisting>ftp	stream	tcp	nowait	root	/usr/libexec/ftpd	ftpd -l</programlisting>
-
-      <para>As explained in <xref linkend="network-inetd-reread"/>,
-	the <application>inetd</application> configuration must be
-	reloaded after this configuration file is changed.  Please
-	refer to <xref linkend="network-inetd-settings"/> for details
-	on enabling <application>inetd</application> on the
-	system.</para>
-
-      <para>Alternatively, <application>ftpd</application> can also be
-	started as a stand-alone server.  In this case, it is
-	sufficient to set the appropriate variable in
-	<filename>/etc/rc.conf</filename>:</para>
 
       <programlisting>ftpd_enable="YES"</programlisting>
 
-      <para>After setting the above variable, the stand-alone server
+      <para>To start the service now:</para>
-	will be started at the next reboot, or it can be started
-	manually by executing the following command as
-	<username>root</username>:</para>
 
       <screen>&prompt.root; <userinput>service ftpd start</userinput></screen>
 
-      <para>Log on to the FTP server by typing:</para>
+      <para>Test the connection to the <acronym>FTP</acronym> server by typing:</para>
 
       <screen>&prompt.user; <userinput>ftp localhost</userinput></screen>
-    </sect2>
-
-    <sect2>
-      <title>Maintaining</title>
 
       <indexterm><primary>syslog</primary></indexterm>
       <indexterm><primary>log files</primary>
-	<secondary>FTP</secondary></indexterm>
+	<secondary><acronym>FTP</acronym></secondary></indexterm>
 
       <para>The <application>ftpd</application> daemon uses
 	&man.syslog.3; to log messages.  By default, the system log
-	daemon will put messages related to FTP in the
+	daemon will write messages related to <acronym>FTP</acronym> in
-	<filename>/var/log/xferlog</filename> file.  The location of
+	<filename>/var/log/xferlog</filename>.  The location of
-	the FTP log can be modified by changing the following line in
+	the <acronym>FTP</acronym> log can be modified by changing the following line in
 	<filename>/etc/syslog.conf</filename>:</para>
 
       <programlisting>ftp.info      /var/log/xferlog</programlisting>
 
       <indexterm>
-	<primary>FTP</primary>
+	<primary><acronym>FTP</acronym></primary>
 	<secondary>anonymous</secondary>
       </indexterm>
 
+      <note>
       <para>Be aware of the potential problems involved with running
-	an anonymous FTP server.  In particular, think twice about
+	an anonymous <acronym>FTP</acronym> server.  In particular, think twice about
 	allowing anonymous users to upload files.  It may turn out
-	that the FTP site becomes a forum for the trade of unlicensed
+	that the <acronym>FTP</acronym> site becomes a forum for the trade of unlicensed
-	commercial software or worse.  If anonymous FTP uploads are
+	commercial software or worse.  If anonymous <acronym>FTP</acronym> uploads are
 	required, then verify the permissions so that these files can
 	not be read by other anonymous users until they have been
 	reviewed by an administrator.</para>
+      </note>
     </sect2>
   </sect1>