Skip to main content

Apache2 Tutorial - HTTP, HTTPS, PHP, Apache2 Commands. RHEL Version

880 words·
Apache PHP Certbot RHEL Webserver
Table of Contents

Note: Instead of RHEL I use Rocky Linux 9.3 and a wildcard certificate for this tutorial.

Apache2
#

Installation
#

# Update package index
sudo dnf update

# Install Apache2
sudo dnf install httpd -y
# Install Apache2 SSL Module
sudo dnf install mod_ssl

# Check if Apache2 SSL Module is installed
sudo dnf list installed | grep mod_ssl
# Install OpenSSL (Should be installed by default)
sudo dnf install openssl

Start & Enable
#

# Start Apache
sudo systemctl start httpd

# Stop Apache
sudo systemctl stop httpd

# Restart Apache
sudo systemctl restart httpd

# Reload Apache without restart
sudo systemctl reload httpd

# Enable service on boot
sudo systemctl enable httpd

Status & Logs
#

# Check status
sudo systemctl status httpd

# View the systemd journal logs
journalctl -xeu httpd.service

# Error logs
sudo tail /var/log/httpd/error_log

# SSL error logs
sudo tail /etc/httpd/logs/ssl_error_log

# Access logs
sudo tail /var/log/httpd/access_log

Firewall
#

# Allow port 80
sudo firewall-cmd --permanent --add-service=http

# Allow port 443
sudo firewall-cmd --permanent --add-service=https

# Reload firewall
sudo firewall-cmd --reload

Configuration
#

Main Configuration Files
#

# Main configuration
sudo vi /etc/httpd/conf/httpd.conf

# Add "sites-enabled" directory
IncludeOptional sites-enabled/*.conf
# Additional configuration files
cd /etc/httpd/conf.d/
# Test configuration
sudo apachectl configtest

Apache2 Domain Name
#

Define the domain name for the server in the main configuration file.

# Open main configuration
sudo vi /etc/httpd/conf/httpd.conf

# Add domain name
ServerName jklug.work

# Reload Apache2
sudo systemctl restart httpd

# Check status
sudo systemctl status httpd

Otherwise the following notification shows up:

# Check status
sudo systemctl status httpd

# Shell output
...httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain.

Virtual Hosts Configurations
#

# Create virtual hosts directories
sudo mkdir /etc/httpd/{sites-available,sites-enabled}
# Virtual hosts configurations / website configurations
/etc/apache2/sites-available/

# Enabled virtual hosts configurations
/etc/apache2/sites-enabled/
# Enable virtual host
sudo ln -s /etc/httpd/sites-available/your_domain.conf /etc/httpd/sites-enabled/

# Diable virtual host
sudo tm /etc/httpd/sites-enabled/your_domain.conf

Modules
#

# Modules directory
/etc/httpd/modules

# Module specific configuration files
/etc/httpd/conf.modules.d/
  • Load SSL module: Should be loaded by default
# Open Apache2 main configuration
sudo vi /etc/httpd/conf/httpd.conf

# Load SSL Module
LoadModule ssl_module modules/mod_ssl.so

# Restart Apache2
sudo systemctl restart httpd

Directories
#

# Default webcontent directors
/var/www/html/

Default Virtual Host Configuration
#

TGp disable the default virtual host configuration, comment out all lines in the welcome.conf file.

# Open default virtual host configuration
sudo vi /etc/httpd/conf.d/welcome.conf

Comment out all lines:

# /etc/httpd/conf.d/welcome.conf
<LocationMatch "^/+$">
    Options -Indexes
    ErrorDocument 403 /.noindex.html
</LocationMatch>

<Directory /usr/share/httpd/noindex>
    AllowOverride None
    Require all granted
</Directory>

Alias /.noindex.html /usr/share/httpd/noindex/index.html
Alias /poweredby.png /usr/share/httpd/icons/apache_pb3.png
Alias /system_noindex_logo.png /usr/share/httpd/icons/system_noindex_logo.png
# Reload Apache2
sudo systemctl reload httpd

Apache2 Webserver
#

HTTP Website
#

Folder & Permissions
#

# Create directory for website
sudo mkdir -p /var/www/mywebsite.jklug.work

# Set owner
sudo chown -R apache:apache /var/www/mywebsite.jklug.work

# Set permissions
sudo chmod -R 755 /var/www/mywebsite.jklug.work

HTML Testsite
#

# Create HTML file
sudo vi /var/www/mywebsite.jklug.work/index.html
<!-- /var/www/mywebsite.jklug.work/index.html -->
<!DOCTYPE html>
<html>

<head>
	<title>jklug.work</title>
</head>

<body>
	<h1>Apache Test</h1>
</body>

</html>

Virtual Host Configuration
#

# Create virtual host configuration
sudo vi /etc/httpd/sites-available/mywebsite.jklug.work.conf

# /etc/httpd/sites-available/mywebsite.jklug.work.conf
<VirtualHost *:80>
    ServerName mywebsite.jklug.work
    ServerAlias www.mywebsite.jklug.work
    DocumentRoot /var/www/mywebsite.jklug.work
    ErrorLog /var/log/httpd/error.log
    CustomLog /var/log/httpd/access.log combined
</VirtualHost>

Enable Virtual Host
#

# Enable website
sudo ln -s /etc/httpd/sites-available/mywebsite.jklug.work.conf /etc/httpd/sites-enabled/

# Reload Apache
sudo systemctl reload httpd

HTTPS Website
#

Certbot
#

# Check if the EPEL repository is enabled
sudo ls /etc/yum.repos.d/ | grep -i epel

# Enable the EPEL repository
sudo dnf install epel-release -y

# Install Certbot
sudo dnf install certbot -y
# Stop Apache2
sudo systemctl stop httpd

# Create certificate
sudo certbot certonly --standalone -d mywebsite.jklug.work

# Start Apache2
sudo systemctl start httpd

Folder & Permissions
#

# Create directory for website
sudo mkdir -p /var/www/mywebsite.jklug.work

# Set owner
sudo chown -R apache:apache /var/www/mywebsite.jklug.work

# Set permissions
sudo chmod -R 755 /var/www/mywebsite.jklug.work

HTML Testsite
#

# Create HTML file
sudo vi /var/www/mywebsite.jklug.work/index.html
<!-- /var/www/mywebsite.jklug.work/index.html -->
<!DOCTYPE html>
<html>

<head>
	<title>jklug.work</title>
</head>

<body>
	<h1>Apache Test</h1>
</body>

</html>

Virtual Host Configuration
#

# Create virtual host configuration
sudo vi /etc/httpd/sites-available/mywebsite.jklug.work.conf

# /etc/apache2/sites-available/mywebsite.jklug.work.conf
<VirtualHost *:80>
    ServerName mywebsite.jklug.work
    ServerAlias www.mywebsite.jklug.work
    Redirect permanent / https://mywebsite.jklug.work/ # Redirect HTTP to HTTPS
</VirtualHost>

<VirtualHost *:443>
    ServerName mywebsite.jklug.work
    ServerAlias www.mywebsite.jklug.work
    DocumentRoot /var/www/mywebsite.jklug.work

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/mywebsite.jklug.work/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/mywebsite.jklug.work/privkey.pem

    ErrorLog /var/log/httpd/error.log
    CustomLog /var/log/httpd/access.log combined
</VirtualHost>

Note: Remove all comments from the configuration!


SSL Certificates
#

# Open SSL configuration
sudo vi sudo vi /etc/httpd/conf.d/ssl.conf
# Comment out default cert paths:
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

# Add Let's Encrypt / Certbot paths
SSLCertificateFile /etc/letsencrypt/live/mywebsite.jklug.work/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mywebsite.jklug.work/privkey.pem

Enable Virtual Host
#

# Enable website
sudo ln -s /etc/httpd/sites-available/mywebsite.jklug.work.conf /etc/httpd/sites-enabled/

# Reload Apache
sudo systemctl reload httpd

PHP Website
#

Install PHP
#

# Update package index
sudo dnf update

# Install PHP and Apache2 PHP module
sudo dnf install php -y
# PHP settings
sudo vi /etc/php.ini

Adjust Apache config
#

Adjust Apache2 configuration to prefer PHP Files.

# Open Apache main configuration
sudo vi /etc/httpd/conf/httpd.conf
  • Set index.php on the beginning of the list, it should look like this:
# /etc/httpd/conf/httpd.conf
<IfModule dir_module>
    DirectoryIndex index.php index.html
</IfModule>

Create PHP File
#

# Create PHP file
sudo vi /var/www/mywebsite.jklug.work/index.php
# /var/www/mywebsite.jklug.work/index.php
<?php
phpinfo();
?>

Note: For security reasons use phpinfo only for testing purposes.


Restart Apache
#

# Restart Apache2
sudo systemctl restart httpd

# Check status
sudo systemctl status httpd