Rich

Azure DevOps, Terraform, PowerShell, Azure Policy and more.

Linux - How to Setup an Apache Web Server

24 Mar 2023

Installation

Install apache2:

sudo apt install apache2
systemctl status apache2
lynx http://192.168.101.83

The main configuration file is /etc/apache2/apache2.conf, the document root is /var/www/html with a default landing page of /var/www/html/index.html.

Configuring an Additional Site

You can host multiple website using /etc/apache2/sites-available that includes configuration files for each website configuration with a matching criteria. If hosting single site then 000-default.conf will suffice.
Copy the /etc/apache2/sites-available/000-default.conf file.
- Amend the VirtualHost value to match an additional hostname or IP address, for example:

<VirtualHost 192.168.101.83:80>

<VirtualHost *:80>
ServerName: hexale.net

<VirtualHost *:443>
ServerName: hexale.net:443

Amend the DocumentRoot value to a subdirectory of /var/www.
Amend the ErrorLog and CustomLog values to include the Site name.
You can enable a site configuration using sudo a2ensite hexale.net.conf and than reload the apache2 configuration using sudo systemctl reload apache2. a2dissite may be used to disable a site configuration.

Note: The commands add / delete a symbolic link to the .conf file in /etc/apache2/sites-enabled to enable/ disable the site.

Installing Additional Apache Modules

apt search libapache2-mod to see a list of modules that may be installed.
sudo apt install libapache2-mod-php8.1 will install a module to support PHP.
a2enmod will list all available modules and sudo a2enmod php8.1 would install a specific module. a2dismod may be used to disable a module.
Once a module is enabled you must restart the apache2 service using sudo systemctl restart apache2.

Note: apache2 -l will display builtin modules.

Secure a Site with TLS

Enable SSL Apache Module:

sudo a2enmod ssl
sudo systemctl restart apache2

Note: That at this stage a new site configuration will be generated /etc/apache2/sites-available/default-ssl.conf.

Generate a certificate

Self-signed certificate example:

sudo mkdir /etc/apache2/certs 
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/certs/mysite.key -out /etc/apache2/certs/mysite.crt

3rd Party Certificate Authority example:

sudo openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

Edit /etc/apache2/sites-available/default-ssl.conf and set the SSLCertificateFile and SSLCertificateKeyFile values as follows:
```
SSLCertificateFile /etc/apache2/certs/mysite.crt
SSLCertificateKeyFile /etc/apache2/certs/mysite.key
```

Enable the site configuration:

sudo a2ensite default-ssl.conf
sudo systemctl reload apache2
ls /etc/apache2/sites-enabled

If using a self-signed certificate you may carry out the following additional steps to ensure the certificate is trusted certificate is trusted:

sudo cp /etc/apache2/certs/mysite.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
ls -l /etc/ssl/certs

If you are not using a DNS Server you may wish to add an entry to /etc/hosts:
```
192.168.101.83 devopsrich.com
```
Test connectivity using curl https://devopsrich.com.

Rich

DevOps Rich DevOps content for Infrastructure Engineers

Rich

Linux - How to Setup an Apache Web Server

Installation

Configuring an Additional Site

Installing Additional Apache Modules

Secure a Site with TLS

Related posts

Linux - How to Deploy Containers to a Kubernetes Cluster 17 Feb 2023

Linux - How to a Setup a Kubernetes Cluster 15 Feb 2023

Linux - How to a Setup Virtual Machine Server 14 Feb 2023