Configure Apache Web Server in Redhat Linux

Apache is a very popular and commonly used open-source web server that can run on both Linux and Windows operating systems. In this blog, we will build a very basic static Apache website and later branch this out to a dynamic webpage using LEMP stack.

Lab Server Setup:

Hostname: lnx03.ash.local
Operating System: Redhat 9.2

Packages and Config files required for the Apache server

  • httpd – Package installs the Apache web server.
  • mod_ssl -Additional package required to create secure websites ie: SSL
  • links – Optional package for text-based web browser
    Default ports: 80 and 443 (SSL)

These are the main folders storing Apache config files

PurposeLocation
Default Parent Directory /var/www/html
Main Apache root configuration directory./etc/httpd
Additional Apache configuration files are provided by third-party software./etc/httpd/conf.d
Main Configuration file/etc/httpd/conf/httpd.conf
Configuration files for additional modules.( SymLink to /etc/httpd/modules)/var/lib/httpd/modules
Configuration files which load modules/etc/httpd/conf.modules.d/ directory (e.g. PHP)
Contains log files ( SymLink to /etc/httpd/logs)
/etc/log/httpd
Main web document root directory/var/www
Access Logs/var/log/httpd/example.com.access.log
Error Logs/var/log/httpd/example.com.error.log

Step 1 – Set up the host file

[root@lnx03 ~]# cat /etc/hostname 
lnx03
[root@lnx03 ~]# cat /etc/hosts 
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.21	lnx03	lnx03.ash.local
[root@lnx03 ~]# ç

Step 2 – Install the Apache server and the mod ssl package using the following command

 dnf install --assumeyes httpd mod_ssl

Step 3 – Check Apache daemon(httpd) install

[root@lnx03 /]# 
[root@lnx03 /]# dnf list httpd 
Updating Subscription Management repositories.
Last metadata expiration check: 0:02:48 ago on Mon 30 Oct 2023 06:24:38 GMT.
Installed Packages
httpd.x86_64                                                          2.4.53-11.el9_2.5                                                          @rhel-9-for-x86_64-appstream-rpms


[root@lnx03 /]# yum list httpd
Updating Subscription Management repositories.
Last metadata expiration check: 0:03:15 ago on Mon 30 Oct 2023 06:24:38 GMT.
Installed Packages
httpd.x86_64                                                          2.4.53-11.el9_2.5                                                          @rhel-9-for-x86_64-appstream-rpms
[root@lnx03 /]# 

Step 4 – Enable the Apache service with either httpd.service or apache2.service using the below command

# To Manage httpd deamon
# systemctl start|stop|status httpd.service

# To Stop and Disable Service
systemctl enable |disable httpd.service  

# To Ensure service stays peristant during reboots
chkconfig httpd on

# To Show status of httpd
systemctl list-unitfiles | grep httpd

Optionally, services can be restarted as 
/etc/init.d/httpd | stop | start

 

[root@lnx03 /]# 
[root@lnx03 /]# systemctl enable httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@lnx03 /]# systemctl start httpd 
[root@lnx03 /]# 
[root@lnx03 /]# 
[root@lnx03 /]# systemctl status httpd 
● httpd.service - The Apache HTTP Server
     Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; preset: disabled)
     Active: active (running) since Mon 2023-10-30 06:30:19 GMT; 21s ago

Step 5 – Check the version of Apache installed.

root@lnx03 /]# httpd -v
Server version: Apache/2.4.53 (Red Hat Enterprise Linux)
Server built:   Apr 28 2023 00:00:00
[root@lnx03 /]# 

Step 6 –Verify that port 80 is open

[root@lnx03 /]# netstat -tulpn | grep :80
tcp6       0      0 :::80                   :::*                    LISTEN      2318/httpd          
[root@lnx03 /]# 

Step 7 –Allow HTTP and HTTPS traffic in our firewall if enabled.

$ firewall-cmd --permanent --add-service=http --add-service=https
# firewall-cmd --reload

On the old RHEL, we would use iptables to set the config as shown


# Allow a subnet to pass port 80 
 iptables-A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.1.0/24 --dport 80 -j ACCEPT
 iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
 iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
 service iptables save
 service iptables restart
[root@lnx03 /]# 
[root@lnx03 /]# systemctl status firewalld
○ firewalld.service - firewalld - dynamic firewall daemon
     Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; preset: enabled)
     Active: inactive (dead)
       Docs: man:firewalld(1)
[root@lnx03 /]# 
[root@lnx03 /]# systemctl start firewalld
[root@lnx03 /]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
     Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; preset: enabled)
     Active: active (running) since Mon 2023-10-30 06:33:03 GMT; 1s ago
       Docs: man:firewalld(1)
   Main PID: 2546 (firewalld)
      Tasks: 2 (limit: 10930)
     Memory: 27.0M
        CPU: 847ms
     CGroup: /system.slice/firewalld.service
             └─2546 /usr/bin/python3 -s /usr/sbin/firewalld --nofork --nopid

Oct 30 06:33:03 lnx03 systemd[1]: Starting firewalld - dynamic firewall daemon...
Oct 30 06:33:03 lnx03 systemd[1]: Started firewalld - dynamic firewall daemon.
[root@lnx03 /]# 

[root@lnx03 /]#  firewall-cmd --permanent --add-service=http --add-service=https
success
[root@lnx03 /]# firewall-cmd --reload
success


[root@lnx03 /]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens160
  sources: 
  services: cockpit dhcpv6-client http https ssh
  ports: 
  protocols: 
  forward: yes
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
[root@lnx03 /]# 

Step 8 – Create web content under /var/www/html folder for RHEL.

[root@lnx03 /]# echo This is my webserver $HOSTNAME > /var/www/html/index.html
[root@lnx03 /]# cat /var/www/html/index.html 
This is my webserver lnx03

Step 9 – Test the config file

[root@lnx03 conf]# apachectl configtest
Syntax OK

Step 10 – Verify the webpage

[root@lnx03 conf]# curl 127.0.0.1
This is my webserver lnx03
[root@lnx03 conf]# curl lnx03.ash.local
This is my webserver lnx03
[root@lnx03 conf]# 

Apache Virtual Host Configuration to run multiple websites – Shared Website Hosting.

Most of the WordPress sites we use run with the virtual host configuration. The objective of a virtual host entry in Apache config is to handle multiple websites from a single IP address on our Apache VM so that a single massive VM can serve a ton of websites from it which is the principle of Shared Website Hoisting.

We will aim to set up our two hotel websites running from a single web server as shown below – www.east.ash.local and www.west.ash.local from our single server which has a single IP address of 192.168.0.17, so we must have DNS names resolving to this machine IP address or make an entry in /etc/hosts file. Each hotel branch will have its own URL as shown.

Set up the host file

root@lnx03 ~]# cat /etc/hosts 
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1    east   east.lnx03.ash.local
127.0.0.1    west   west.lnx03.ash.local

For multiple websites, to be hoisted, create a dedicated directory for each website file and keep all the website content on those directories respectively as shown below. In this example, my east and west website files are kept separately.

[root@lnx03 conf]# mkdir -p /var/www/html/east
[root@lnx03 conf]# mkdir -p /var/www/html/west
[root@lnx03 conf]# echo This is my east webserver $HOSTNAME > /var/www/html/east/index.html
[root@lnx03 conf]# echo This is my west webserver $HOSTNAME > /var/www/html/west/index.html
[root@lnx03 conf]# mkdir -p /var/log/httpd/west/
[root@lnx03 conf]# mkdir -p /var/log/httpd/east
[root@lnx03 conf]# touch /var/log/httpd/west/error_log
[root@lnx03 conf]# touch /var/log/httpd/east/error_log

Open the main configuration file /etc/httpd/conf/httpd.conf and make the below changes at the end of the file.


<VirtualHost *:80>
 ServerAdmin admin@ash.local
 ServerName east.ash.local
 DocumentRoot /var/www/html/east
 ErrorLog /var/log/httpd/east/error_log 
 TransferLog /var/log/httpd/east/access_log 
</VirtualHost>

<VirtualHost *:80>
 ServerAdmin admin@ash.local
 ServerName west.ash.local
 DocumentRoot /var/www/html/west
 ErrorLog /var/log/httpd/west/error_log 
 TransferLog /var/log/httpd/west/access_log 
</VirtualHost>

Test the config file

[root@lnx03 conf]# apachectl configtest
Syntax OK

Test the east and west website page

[root@lnx03 ~]# curl east.lnx03.ash.local
This is my east webserver lnx03
[root@lnx03 ~]# 
[root@lnx03 ~]# curl west.lnx03.ash.local
This is my west webserver lnx03
[root@lnx03 ~]# 

Grep command example to strip out data and see what are all the uncommented lines in our config file.

egrep -v "^#|^$" /etc/httpd/conf/httpd.conf | less
or
grep -v "^#" /etc/httpd/conf/httpd.conf | less
(Visited 42 times, 1 visits today)

By Ash Thomas

Ash Thomas is a seasoned IT professional with extensive experience as a technical expert, complemented by a keen interest in blockchain technology.