This document describes a basic Apache installation and configuration. Apache is a free open source software which runs web servers.
Installation
| Check if Apche is already installed |
|
| Install Apache Webserver |
|
| Install PHP Support |
|
| List of useful PHP-libraries and -modules |
|
| To see more details about what each module does |
|
| Start Webserver |
|
| set the Apache to run automatically when the server boots |
|
| Install LAMP (Linux, Apache, MySQL, PHP) |
|
| See PHP on the server by creating testpage |
|
| Visit your site |
|
| Restart Apache |
|
| Scrtipt to control the functioning of the Apache httpd daemon |
|
| Restart / Stop without aborting currently open connections |
|
Configuration
The default configuration (/etc/httpd/conf/httpd.conf) is already preconfigured to get Apache Server running. All you need is to write your index.html and your web pages and place them in the default DocumentRoot ( /var/www/html).
Best Practices
There are numerous ways to organize your Apache configuration files. In some cases this will be dictated by your Linux distribution.
- Minimize changes to /etc/httpd/conf/httpd.conf. It’s easier to upgrade or migrate if this file has few or no changes.
- Place virtual host definitions in /etc/httpd/conf/vhosts.conf.
- Put the document root for each website at /var/www/vhosts/[domain name]/httpdocs. Do not include “www” on the domain name. For example with “exampledomain.com” the document root would be /var/www/vhosts/ exampledomain.com /httpdocs.
Here’s a template for the virtual host definition:
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster@ exampledomain.com
ServerName exampledomain.com
ServerAlias www. exampledomain.com
DocumentRoot /var/www/vhosts/ exampledomain.com /httpdocs
ErrorLog logs/ exampledomain.com -error_log
CustomLog logs/ exampledomain.com -access_log combined
<Directory /var/www/vhosts/ exampledomain.com /httpdocs>
AllowOverride All
</Directory>
</VirtualHost>
Firewall
Make sure the firewall does not block access to port 80 by running:
system-config-securitylevel
Allow WWW(HTTP) as “Trusted Services”
Configuring user based security
To allow only authorized users who have passwords, add the following lines to /etc/httpd/conf/httpd.conf.
Just before the commented option for the UserDir directive:
AuthType Basic
AuthName “Test Passwords”
AuthUserFile /etc/httpd/passdb
Require user user1
Configuring Passwords
To create the passwords database passdb in /etc/httpd and add user1 to it run the following command:
htpasswd -c /etc/httpd/passdb user1
To add another user, run the following command without the -c switch (which creates the database):
htpasswd /etc/httpd/passdb user2
Configuring host based security
Add the following to the Directory if you want to allow access only to your network. If your network for example is 192.168.1.0:
# vi /etc/httpd/conf/httpd.conf
Order allow,deny
Allow from 192.168.1.0/255.255.255.0
Setting permissions for PHP sites
Secure your site by setting the correct permissions on your DocumentRoot:
| Set Apache user as the owner for your DocumentRoot |
|
| Modify permissions |
|
In some cases your PHP site requires write access in some folders. For example WordPress sites requires write access into the /wp-content folder to could install plugings, themes or updates.
| Provide write permissions to WordPress |
|
Troubleshooting
| Make sure Apache is running |
|
| Start Apache |
|
| Make sure Apache is starting during the boot process |
|
| Test the syntax of the configuration |
|
| view error log file |
|
| view Access log file |
|
| restart Apache without disconnecting the user |
|