Install and Configure Apache Server

 

A. Install and Verify Apache Server

  1. Install the 

    Web Server

    package group:
# yum groupinstall -y "Web Server"
  1. Edit the /etc/hosts file and the ip address and fully qualified domain name of the server:
 

192.168.2.50 server.example.com

  1. Optionally, Set the ServerName directive in /etc/httpd/conf/httpd.conf file. Activate at boot time and start the service:
#

systemctl enable httpd

#

systemctl start httpd

  1. Add the HTTP service to the firewall configuration and reload it:
# firewall-cmd --list-all #

firewall-cmd --permanent --add-service=http

Success #

firewall-cmd --reload

Success

If you plan to use the HTTPS protocol, the command should be # firewall-cmd –permanent –add-service=https

  1. Check which ports this deamon is listening on:
$ ss -nutlp | grep -i http

Here it shows that our web server daemon is listening on port 80 and 443. A further check you can do is this:

# fuser -v -n tcp 80 # fuser -v -n tcp 443
  1. Confirm that our client can connect to these ports:
# nc -v 10.0.5.10 80 Ncat: Version 6.40 ( http://nmap.org/ncat ) Ncat: Connected to 10.0.5.10:80. ^C # nc -v 10.0.5.10 443 Ncat: Version 6.40 ( http://nmap.org/ncat ) Ncat: Connected to 10.0.5.10:443. ^C

 

  1. Test the Welcome Page. Open the browser and visit http://server.example.com. You will get the welcome page, even if you create an html page in 

    /var/www/html

    . This is due to  

    IncludeOptional conf.d/*.conf

    statement at the end of the

    /etc/httpd/conf/httpd.conf

     file that instructs

    Apache

     to load the files finishing by 

    *.conf

     located in the 

    /etc/httpd/conf.d

    To display the content of the 

    /var/www/html

     directory, you need to go to the 

    /etc/httpd/conf.d

     directory and check the

    welcome.conf

    file.
  2. Create /etc/httpd/conf.d/mywebserver.conf file:
 

AllowOverride None

Require all granted

 

  1. Install the httpd-manual package.
 

# yum install -y httpd-manual

# elinks /usr/share/httpd/manual/howto/auth.html

[the_ad id="2469"]

B. Configure a Virtual Host.

Let’s assume your website is called 

vhost1.example.com

.

  1. Create /var/www/html/vhost1.example.com directory:
#

cd /var/www/html

#

mkdir vhost1.example.com

  1. Create an index.html file and assign the correct SELinux context:
#

echo "This is vhost1 test." > vhost1.example.com/index.html

#

restorecon -R vhost1.example.com

  1. Create the /etc/httpd/conf.d/vhosts.conf file and paste the following lines:
 

ServerAdmin webmaster@vhost1.example.com

DocumentRoot /var/www/html/vhost1.example.com

ServerName vhost1.example.com

ErrorLog logs/vhost1.example.com-error_log

CustomLog logs/vhost1.example.com-access_log common

 

  1. Optionaly, rename the /etc/httpd/conf.d/ssl.conf file, otherwise you get an additional non-working https virtual host displayed in the configuration.
#

cd /etc/httpd/conf.d; mv ssl.conf ssl.conf2

  1. Check the validity of the configuration:
#

apachectl configtest

Syntax OK

You can also type: # 

httpd -t

 

  1. Restart the httpd service:
#

apachectl restart

You can also use # 

systemctl restart httpd.

For minor configuration changes, it is also possible to restart the 

Apache

 daemon without losing the current connections: # 

apachectl graceful

 

  1. Check the virtual host(s) configuration:
#

httpd -D DUMP_VHOSTS

VirtualHost configuration: *:80                   is a NameVirtualHost         default server vhost1.example.com (/etc/httpd/conf.d/vhosts.conf:1)         port 80 namevhost vhost1.example.com (/etc/httpd/conf.d/vhosts.conf:1)         port 80 namevhost vhost1.example.com (/etc/httpd/conf.d/vhosts.conf:1)
  1. Check the configuration:
#

yum install -y elinks

#

elinks

http://vhost1.example.com

C. Configure Apache access restrictions on directories.

  1. Create a private directory,

    private

    , in

    /var/www/html

#

cd /var/www/html

#

mkdir private

#

echo "This is Private Host test." > private/index.html

#

restorecon -R .

  1. Host-based private directories: To only allow the test.example.com host (add the name/IP address in the /etc/hosts file if necessary) to access a specific directory (here private), edit the /etc/httpd/conf/httpd.conf file and paste the following lines at the end:
AllowOverride None Options None Require host test.example.com
  1. Check the configuration file:
# apachectl configtest Syntax OK
  1. User-based private directories: To only allow me to access a specific directory (here private), edit the /etc/httpd/conf/httpd.conffile and paste the following lines at the end:
AuthType Basic AuthName "Password protected area" AuthUserFile /etc/httpd/conf/passwd Require user me
  1. Check the configuration file:
# apachectl configtest Syntax OK
  1. Create the passwd file and store me‘s password:
# htpasswd -c /etc/httpd/conf/passwd me # chmod 600 /etc/httpd/conf/passwd # chown apache:apache /etc/httpd/conf/passwd

The .htpasswd file can be used locally instead of the httpd.conf file.

  1. Whatever the option chosen, restart the httpd service:
# systemctl restart httpd
  1. Check the httpd service:
#

yum install -y curl

#

curl -u user:password http://localhost

or

#

yum install -y elinks

#

elinks http://localhost/private