Note: Instead of RHEL I use Rocky Linux 9.3 and a wildcard certificate for this tutorial.
Apache2 #
Installation #
# Update package index
sudo dnf update
# Install Apache2
sudo dnf install httpd -y
# Install Apache2 SSL Module
sudo dnf install mod_ssl
# Check if Apache2 SSL Module is installed
sudo dnf list installed | grep mod_ssl
# Install OpenSSL (Should be installed by default)
sudo dnf install openssl
Start & Enable #
# Start Apache
sudo systemctl start httpd
# Stop Apache
sudo systemctl stop httpd
# Restart Apache
sudo systemctl restart httpd
# Reload Apache without restart
sudo systemctl reload httpd
# Enable service on boot
sudo systemctl enable httpd
Status & Logs #
# Check status
sudo systemctl status httpd
# View the systemd journal logs
journalctl -xeu httpd.service
# Error logs
sudo tail /var/log/httpd/error_log
# SSL error logs
sudo tail /etc/httpd/logs/ssl_error_log
# Access logs
sudo tail /var/log/httpd/access_log
Firewall #
# Allow port 80
sudo firewall-cmd --permanent --add-service=http
# Allow port 443
sudo firewall-cmd --permanent --add-service=https
# Reload firewall
sudo firewall-cmd --reload
Configuration #
Main Configuration Files #
# Main configuration
sudo vi /etc/httpd/conf/httpd.conf
# Add "sites-enabled" directory
IncludeOptional sites-enabled/*.conf
# Additional configuration files
cd /etc/httpd/conf.d/
# Test configuration
sudo apachectl configtest
Apache2 Domain Name #
Define the domain name for the server in the main configuration file.
# Open main configuration
sudo vi /etc/httpd/conf/httpd.conf
# Add domain name
ServerName jklug.work
# Reload Apache2
sudo systemctl restart httpd
# Check status
sudo systemctl status httpd
Otherwise the following notification shows up:
# Check status
sudo systemctl status httpd
# Shell output
...httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain.
Virtual Hosts Configurations #
# Create virtual hosts directories
sudo mkdir /etc/httpd/{sites-available,sites-enabled}
# Virtual hosts configurations / website configurations
/etc/apache2/sites-available/
# Enabled virtual hosts configurations
/etc/apache2/sites-enabled/
# Enable virtual host
sudo ln -s /etc/httpd/sites-available/your_domain.conf /etc/httpd/sites-enabled/
# Diable virtual host
sudo tm /etc/httpd/sites-enabled/your_domain.conf
Modules #
# Modules directory
/etc/httpd/modules
# Module specific configuration files
/etc/httpd/conf.modules.d/
- Load SSL module: Should be loaded by default
# Open Apache2 main configuration
sudo vi /etc/httpd/conf/httpd.conf
# Load SSL Module
LoadModule ssl_module modules/mod_ssl.so
# Restart Apache2
sudo systemctl restart httpd
Directories #
# Default webcontent directors
/var/www/html/
Default Virtual Host Configuration #
TGp disable the default virtual host configuration, comment out all lines in the welcome.conf file.
# Open default virtual host configuration
sudo vi /etc/httpd/conf.d/welcome.conf
Comment out all lines:
# /etc/httpd/conf.d/welcome.conf
<LocationMatch "^/+$">
Options -Indexes
ErrorDocument 403 /.noindex.html
</LocationMatch>
<Directory /usr/share/httpd/noindex>
AllowOverride None
Require all granted
</Directory>
Alias /.noindex.html /usr/share/httpd/noindex/index.html
Alias /poweredby.png /usr/share/httpd/icons/apache_pb3.png
Alias /system_noindex_logo.png /usr/share/httpd/icons/system_noindex_logo.png
# Reload Apache2
sudo systemctl reload httpd
Apache2 Webserver #
HTTP Website #
Folder & Permissions #
# Create directory for website
sudo mkdir -p /var/www/mywebsite.jklug.work
# Set owner
sudo chown -R apache:apache /var/www/mywebsite.jklug.work
# Set permissions
sudo chmod -R 755 /var/www/mywebsite.jklug.work
HTML Testsite #
# Create HTML file
sudo vi /var/www/mywebsite.jklug.work/index.html
<!-- /var/www/mywebsite.jklug.work/index.html -->
<!DOCTYPE html>
<html>
<head>
<title>jklug.work</title>
</head>
<body>
<h1>Apache Test</h1>
</body>
</html>
Virtual Host Configuration #
# Create virtual host configuration
sudo vi /etc/httpd/sites-available/mywebsite.jklug.work.conf
# /etc/httpd/sites-available/mywebsite.jklug.work.conf
<VirtualHost *:80>
ServerName mywebsite.jklug.work
ServerAlias www.mywebsite.jklug.work
DocumentRoot /var/www/mywebsite.jklug.work
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
</VirtualHost>
Enable Virtual Host #
# Enable website
sudo ln -s /etc/httpd/sites-available/mywebsite.jklug.work.conf /etc/httpd/sites-enabled/
# Reload Apache
sudo systemctl reload httpd
HTTPS Website #
Certbot #
# Check if the EPEL repository is enabled
sudo ls /etc/yum.repos.d/ | grep -i epel
# Enable the EPEL repository
sudo dnf install epel-release -y
# Install Certbot
sudo dnf install certbot -y
# Stop Apache2
sudo systemctl stop httpd
# Create certificate
sudo certbot certonly --standalone -d mywebsite.jklug.work
# Start Apache2
sudo systemctl start httpd
Folder & Permissions #
# Create directory for website
sudo mkdir -p /var/www/mywebsite.jklug.work
# Set owner
sudo chown -R apache:apache /var/www/mywebsite.jklug.work
# Set permissions
sudo chmod -R 755 /var/www/mywebsite.jklug.work
HTML Testsite #
# Create HTML file
sudo vi /var/www/mywebsite.jklug.work/index.html
<!-- /var/www/mywebsite.jklug.work/index.html -->
<!DOCTYPE html>
<html>
<head>
<title>jklug.work</title>
</head>
<body>
<h1>Apache Test</h1>
</body>
</html>
Virtual Host Configuration #
# Create virtual host configuration
sudo vi /etc/httpd/sites-available/mywebsite.jklug.work.conf
# /etc/apache2/sites-available/mywebsite.jklug.work.conf
<VirtualHost *:80>
ServerName mywebsite.jklug.work
ServerAlias www.mywebsite.jklug.work
Redirect permanent / https://mywebsite.jklug.work/ # Redirect HTTP to HTTPS
</VirtualHost>
<VirtualHost *:443>
ServerName mywebsite.jklug.work
ServerAlias www.mywebsite.jklug.work
DocumentRoot /var/www/mywebsite.jklug.work
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/mywebsite.jklug.work/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mywebsite.jklug.work/privkey.pem
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
</VirtualHost>
Note: Remove all comments from the configuration!
SSL Certificates #
# Open SSL configuration
sudo vi sudo vi /etc/httpd/conf.d/ssl.conf
# Comment out default cert paths:
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
# Add Let's Encrypt / Certbot paths
SSLCertificateFile /etc/letsencrypt/live/mywebsite.jklug.work/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mywebsite.jklug.work/privkey.pem
Enable Virtual Host #
# Enable website
sudo ln -s /etc/httpd/sites-available/mywebsite.jklug.work.conf /etc/httpd/sites-enabled/
# Reload Apache
sudo systemctl reload httpd
PHP Website #
Install PHP #
# Update package index
sudo dnf update
# Install PHP and Apache2 PHP module
sudo dnf install php -y
# PHP settings
sudo vi /etc/php.ini
Adjust Apache config #
Adjust Apache2 configuration to prefer PHP Files.
# Open Apache main configuration
sudo vi /etc/httpd/conf/httpd.conf
- Set index.php on the beginning of the list, it should look like this:
# /etc/httpd/conf/httpd.conf
<IfModule dir_module>
DirectoryIndex index.php index.html
</IfModule>
Create PHP File #
# Create PHP file
sudo vi /var/www/mywebsite.jklug.work/index.php
# /var/www/mywebsite.jklug.work/index.php
<?php
phpinfo();
?>
Note: For security reasons use phpinfo only for testing purposes.
Restart Apache #
# Restart Apache2
sudo systemctl restart httpd
# Check status
sudo systemctl status httpd