Apache is a very popular and commonly used open-source web server that can run on both Linux and Windows operating systems. In this blog, we will build a very basic static Apache website and later branch this out to a dynamic webpage using LEMP stack.
Lab Server Setup:
Hostname: lnx03.ash.local
Operating System: Redhat 9.2
Packages and Config files required for the Apache server
- httpd – Package installs the Apache web server.
- mod_ssl -Additional package required to create secure websites ie: SSL
- links – Optional package for text-based web browser
Default ports: 80 and 443 (SSL)
These are the main folders storing Apache config files
Purpose | Location |
Default Parent Directory | /var/www/html |
Main Apache root configuration directory. | /etc/httpd |
Additional Apache configuration files are provided by third-party software. | /etc/httpd/conf.d |
Main Configuration file | /etc/httpd/conf/httpd.conf |
Configuration files for additional modules.( SymLink to /etc/httpd/modules) | /var/lib/httpd/modules |
Configuration files which load modules | /etc/httpd/conf.modules.d/ directory (e.g. PHP) |
Contains log files ( SymLink to /etc/httpd/logs) | /etc/log/httpd |
Main web document root directory | /var/www |
Access Logs | /var/log/httpd/example.com.access.log |
Error Logs | /var/log/httpd/example.com.error.log |
Step 1 – Set up the host file
[root@lnx03 ~]# cat /etc/hostname
lnx03
[root@lnx03 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.21 lnx03 lnx03.ash.local
[root@lnx03 ~]# ç
Step 2 – Install the Apache server and the mod ssl package using the following command
dnf install --assumeyes httpd mod_ssl
Step 3 – Check Apache daemon(httpd) install
[root@lnx03 /]#
[root@lnx03 /]# dnf list httpd
Updating Subscription Management repositories.
Last metadata expiration check: 0:02:48 ago on Mon 30 Oct 2023 06:24:38 GMT.
Installed Packages
httpd.x86_64 2.4.53-11.el9_2.5 @rhel-9-for-x86_64-appstream-rpms
[root@lnx03 /]# yum list httpd
Updating Subscription Management repositories.
Last metadata expiration check: 0:03:15 ago on Mon 30 Oct 2023 06:24:38 GMT.
Installed Packages
httpd.x86_64 2.4.53-11.el9_2.5 @rhel-9-for-x86_64-appstream-rpms
[root@lnx03 /]#
Step 4 – Enable the Apache service with either httpd.service or apache2.service using the below command
# To Manage httpd deamon
# systemctl start|stop|status httpd.service
# To Stop and Disable Service
systemctl enable |disable httpd.service
# To Ensure service stays peristant during reboots
chkconfig httpd on
# To Show status of httpd
systemctl list-unitfiles | grep httpd
Optionally, services can be restarted as
/etc/init.d/httpd | stop | start
[root@lnx03 /]#
[root@lnx03 /]# systemctl enable httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@lnx03 /]# systemctl start httpd
[root@lnx03 /]#
[root@lnx03 /]#
[root@lnx03 /]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; preset: disabled)
Active: active (running) since Mon 2023-10-30 06:30:19 GMT; 21s ago
Step 5 – Check the version of Apache installed.
root@lnx03 /]# httpd -v
Server version: Apache/2.4.53 (Red Hat Enterprise Linux)
Server built: Apr 28 2023 00:00:00
[root@lnx03 /]#
Step 6 –Verify that port 80 is open
[root@lnx03 /]# netstat -tulpn | grep :80
tcp6 0 0 :::80 :::* LISTEN 2318/httpd
[root@lnx03 /]#
Step 7 –Allow HTTP and HTTPS traffic in our firewall if enabled.
$ firewall-cmd --permanent --add-service=http --add-service=https
# firewall-cmd --reload
On the old RHEL, we would use iptables to set the config as shown
# Allow a subnet to pass port 80
iptables-A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.1.0/24 --dport 80 -j ACCEPT
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
service iptables save
service iptables restart
[root@lnx03 /]#
[root@lnx03 /]# systemctl status firewalld
○ firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
[root@lnx03 /]#
[root@lnx03 /]# systemctl start firewalld
[root@lnx03 /]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; preset: enabled)
Active: active (running) since Mon 2023-10-30 06:33:03 GMT; 1s ago
Docs: man:firewalld(1)
Main PID: 2546 (firewalld)
Tasks: 2 (limit: 10930)
Memory: 27.0M
CPU: 847ms
CGroup: /system.slice/firewalld.service
└─2546 /usr/bin/python3 -s /usr/sbin/firewalld --nofork --nopid
Oct 30 06:33:03 lnx03 systemd[1]: Starting firewalld - dynamic firewall daemon...
Oct 30 06:33:03 lnx03 systemd[1]: Started firewalld - dynamic firewall daemon.
[root@lnx03 /]#
[root@lnx03 /]# firewall-cmd --permanent --add-service=http --add-service=https
success
[root@lnx03 /]# firewall-cmd --reload
success
[root@lnx03 /]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens160
sources:
services: cockpit dhcpv6-client http https ssh
ports:
protocols:
forward: yes
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@lnx03 /]#
Step 8 – Create web content under /var/www/html folder for RHEL.
[root@lnx03 /]# echo This is my webserver $HOSTNAME > /var/www/html/index.html
[root@lnx03 /]# cat /var/www/html/index.html
This is my webserver lnx03
Step 9 – Test the config file
[root@lnx03 conf]# apachectl configtest
Syntax OK
Step 10 – Verify the webpage
[root@lnx03 conf]# curl 127.0.0.1
This is my webserver lnx03
[root@lnx03 conf]# curl lnx03.ash.local
This is my webserver lnx03
[root@lnx03 conf]#
Apache Virtual Host Configuration to run multiple websites – Shared Website Hosting.
Most of the WordPress sites we use run with the virtual host configuration. The objective of a virtual host entry in Apache config is to handle multiple websites from a single IP address on our Apache VM so that a single massive VM can serve a ton of websites from it which is the principle of Shared Website Hoisting.
We will aim to set up our two hotel websites running from a single web server as shown below – www.east.ash.local and www.west.ash.local from our single server which has a single IP address of 192.168.0.17, so we must have DNS names resolving to this machine IP address or make an entry in /etc/hosts file. Each hotel branch will have its own URL as shown.
Set up the host file
root@lnx03 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1 east east.lnx03.ash.local
127.0.0.1 west west.lnx03.ash.local
For multiple websites, to be hoisted, create a dedicated directory for each website file and keep all the website content on those directories respectively as shown below. In this example, my east and west website files are kept separately.
[root@lnx03 conf]# mkdir -p /var/www/html/east
[root@lnx03 conf]# mkdir -p /var/www/html/west
[root@lnx03 conf]# echo This is my east webserver $HOSTNAME > /var/www/html/east/index.html
[root@lnx03 conf]# echo This is my west webserver $HOSTNAME > /var/www/html/west/index.html
[root@lnx03 conf]# mkdir -p /var/log/httpd/west/
[root@lnx03 conf]# mkdir -p /var/log/httpd/east
[root@lnx03 conf]# touch /var/log/httpd/west/error_log
[root@lnx03 conf]# touch /var/log/httpd/east/error_log
Open the main configuration file /etc/httpd/conf/httpd.conf and make the below changes at the end of the file.
<VirtualHost *:80>
ServerAdmin admin@ash.local
ServerName east.ash.local
DocumentRoot /var/www/html/east
ErrorLog /var/log/httpd/east/error_log
TransferLog /var/log/httpd/east/access_log
</VirtualHost>
<VirtualHost *:80>
ServerAdmin admin@ash.local
ServerName west.ash.local
DocumentRoot /var/www/html/west
ErrorLog /var/log/httpd/west/error_log
TransferLog /var/log/httpd/west/access_log
</VirtualHost>
Test the config file
[root@lnx03 conf]# apachectl configtest Syntax OK
Test the east and west website page
[root@lnx03 ~]# curl east.lnx03.ash.local This is my east webserver lnx03 [root@lnx03 ~]# [root@lnx03 ~]# curl west.lnx03.ash.local This is my west webserver lnx03 [root@lnx03 ~]#
Grep command example to strip out data and see what are all the uncommented lines in our config file.
egrep -v "^#|^$" /etc/httpd/conf/httpd.conf | less
or
grep -v "^#" /etc/httpd/conf/httpd.conf | less