how to installation and configure apache2

How To - Apache2 Installation and Configuration

Contents

Overview ....................................................................................................................................................... 1

Applies To .................................................................................................................................................. 1

Update Operating System Patches ........................................................................................................... 1

Install Apache2 Packages .......................................................................................................................... 1

Start / Stop / Restart Service .................................................................................................................... 1

Reload Apache2 Configuration ................................................................................................................. 1

Important Configuration Files and Directories ............................................................................................. 2

Global Configuring Attributes ....................................................................................................................... 2

ServerName – FQDN ................................................................................................................................. 2

Listen – Default Port ................................................................................................................................. 3

Timeout ..................................................................................................................................................... 3

KeepAlive .................................................................................................................................................. 3

MaxKeepAliveRequests ............................................................................................................................. 3

KeepAliveTimeout ..................................................................................................................................... 3

Default Virtual Host – Sites-Available ........................................................................................................... 4

Virtual Host Directives and Values ............................................................................................................ 5

Virtual Host Port and Document Root Directives ................................................................................. 5

Directory Directive and Options for Root Folder .................................................................................. 5

Custom Directory Directive and Options .............................................................................................. 5

Error Log Directive ................................................................................................................................ 5

Log Level, Custom Log Directive ........................................................................................................... 5

Alias and Directory Directives ............................................................................................................... 6

Virtual Host – Definition & Directives ........................................................................................................... 6

<VirtualHost *:80> Directive ..................................................................................................................... 6

Virtual Host – ServerAdmin & DocumentRoot Directives ........................................................................ 6

<Directory /> - Directory Tag Directive ..................................................................................................... 6

Alias and ScriptAlias Directives ................................................................................................................. 7

Alias Doc .................................................................................................................................................... 8

Enabling Modules and Sites in Apache2 ....................................................................................................... 9

Apache2 Managing Modules .................................................................................................................... 9

Enabling Apache2 Module(s) ................................................................................................................ 9


Disabling Apache2 Module(s) ............................................................................................................... 9

Apache2 Managing Sites ......................................................................................................................... 10

Enabling Apache2 Site(s) ..................................................................................................................... 10

Disabling Apache2 Site(s) .................................................................................................................... 10


1 | P a g e

Overview

This guide will help in installing and configuration Apache2 on Ubuntu operating system, Apache is an open source web server.

Applies To

ubuntu 12.04

To know the Ubuntu release execute the command

lsb_release -a

Update Operating System Patches

First and foremost thing is to update operating system with latest OS patches, to update the system patches execute the update command.

sudo apt-get update

Install Apache2 Packages

In order to install Apache2, additional dependent packages have to installed, which also are specified in the command below.

sudo apt-get install apache2 apache2-mpm-worker apache2-utils apache2.2-bin apache2.2-common libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap

Start / Stop / Restart Service

To start, stop, restart the apache2 service, execute the commands accordingly

sudo service apache2 start

sudo service apache2 stop

sudo service apache2 restart

Reload Apache2 Configuration

To reload the configuration execute the command

sudo apache2 reload


2 | P a g e

Important Configuration Files and Directories

File / Directory Name

Purpose Type

apache2.conf

This is the main configuration file for the server. Almost all configuration can be done. It is recommended to use separate, designated files for simplicity. This file will configure defaults and be the central point of access for the server to read configuration details.

File

ports.conf This file is used to specify the ports that virtual hosts should listen on. Always ensure that, file is correct if you are configuring SSL. File

conf.d/ It’s used for controlling specific aspects of the Apache configuration. It is often used to define SSL configuration and default security options. Directory

fqdn.conf This file is used to specify the fully qualified domain name. File

sites-available/

This directory contains all of the virtual host files that define different web sites. These will establish which content gets served for which requests. These are available configurations, not active configurations.

Directory

sites-enabled/

This directory establishes which virtual host definitions are actually being used. Typically, this directory consists of symbolic links to files defined in the "sites-available" directory.

Directory

mods-enabled This directory is similar in function to the sites directories and modules are enabled Directory

mods- available This directory is similar in function to the sites directories and modules that are available which could be enabled optionally. Directory

Global Configuring Attributes

ServerName – FQDN

The purpose of this setting is to configure “Server Name” of the web server, to add the entry execute the below command.

echo "ServerName vcpubuntu.effonetech.com" | sudo tee /etc/apache2/conf.d/fqdn.conf

Note:

The above command will create the file and add the text <ServerName> <FQDN>

It will overwrite the existing content


3 | P a g e

Listen – Default Port

The purpose of this setting is to modify the default listening port of the web server.

vi /etc/apache2/ports.conf

Listen 80

Timeout

The purpose of this setting is to configure the time out value of the request (send and receive).

By default, this parameter is set to "300"

vi /etc/apache2/apache2.conf

Timeout 300

KeepAlive

The purpose of this setting is to allow each connection to continue open to handle multiple request from the same client; wherein it’s set to "On"

If this is setting is set to "Off", each request will have to establish a new connection, which would result in significant overhead depending on your setup and traffic.


KeepAlive On

MaxKeepAliveRequests

The purpose of this setting is to control how many separate request each connection will handle before dying. Keeping this number high will allow Apache to serve content to each client more effectively.

Setting this value to 0 will allow Apache to serve an unlimited amount of request for each connection.


KeepAliveRequest 0

KeepAliveTimeout

The purpose of this setting specifies how long to wait for the next request after finishing the last one. If the timeout threshold is reached, then the connection will die.

Which means that the next time content is requested, the server will establish a new connection to handle the request for the content that make up the page the client is visiting.


KeepAliveTimeout 0


4 | P a g e

Default Virtual Host – Sites-Available

Virtual host directive is required for name based virtual hosts, each directive have a definitive purpose.

Default configuration file is default

To edit the default configuration file, execute the command

sudo vi /etc/apache2/sites-available/default

Snippet:

<VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </VirtualHost>

5 | P a g e

Virtual Host Directives and Values

Each and every directive plays a significant role in apache webserver behavior, hence configuring directive is very crucial.

Virtual Host Port and Document Root Directives

This directive defines the virtual host’s port wherein the webpage would be severed with specific document root associated to it.

 <VirtualHost *:80>

ServerAdmin [email protected] DocumentRoot /var/www

Directory Directive and Options for Root Folder

This directive defines directory access with options and methods of access for the root directory.



<Directory /> Options FollowSymLinks AllowOverride None </Directory>

Custom Directory Directive and Options

In addition to the root directory access, custom directory access should also be set and configured accordingly.

 <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory>

Error Log Directive

Error log directive defines the error logs that would be written on to the file and its location.

 ErrorLog ${APACHE_LOG_DIR}/vcp_ubuntu_error.log

Log Level, Custom Log Directive

LogLevel and CustomLog directives defines the diffent types of logs that could be generated and its associated log file.

 LogLevel warn

6 | P a g e

CustomLog ${APACHE_LOG_DIR}/vcp_ubuntu_access.log combined

Alias and Directory Directives

Alias directive defines mapping of URL alias to file system location and directory directive defines access permissions and methods of access and accessibility from IP and subnet ranges to specific directory.

 Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory>

Virtual Host – Definition & Directives

<VirtualHost *:80> Directive

Default Virtual Host is configured to handle any request on port 80, the standard http port.

This is defined in the declaration header where it says "*:80", meaning port 80 on any interface.

This does not mean that it will necessarily handle each request to the server on this port however. Apache uses the most specific Virtual Host definition that matches the request. This means that if there was a more specific definition, it could supersede this definition.

Virtual Host – ServerAdmin & DocumentRoot Directives

Directive Purpose

ServerAdmin Define Server Administrator E-Mail ID

DocumentRoot Define Document Root Folder

<Directory /> - Directory Tag Directive

The first directory directive applies rules for the "/", or root, directory on the server.

This will provide the baseline configuration for your Virtual Host entry, as it applies to all files served on the filesystem.

Note: Ubuntu does not set up any access restrictions to the filesystem by default. Though, Apache recommends you to configure some default access restrictions.


7 | P a g e

<Directory /> Options FollowSymLinks AllowOverride None Order Deny,Allow Deny from All </Directory>

Directive Purpose

<Directory /> Define Directory option, in this case its “/” – Starting Tag

Options FollowSymLinks Follow Symbolic Links in the directory; tells the web server to follow the symbolic links. This option permits Apache to follow Symbolic link directory.

AllowOverride None When this directive is set to None; then .htaccess files are completely ignored This option allows webserver to validate user access based on the override option.

Order Deny,Allow Order deny, allow means that the deny rules are processed before the allow rules. If the client does not match the deny rule or it does match the allow rule, then it will be granted access.

Deny from All Deny all requests by default

</Directory> Directory Options – Ending Tag

The above setting signifies

FollowSymLinks means if a directory is a symbol link, follow the link

It will deny access to all content unless specified otherwise in subsequent directory definitions.

The next directory definition is for the document root, so it specifies the "allow from all" option that overrides the "/" option for this directory.

The "AllowOverride" option is used to decide whether an ".htaccess" file can override settings if it is placed in the content directory. This is not allowed by default, but can be useful to enable in a variety of circumstances.

"Order Deny, Allow" option means that deny rules would be processed before allow rules.

Alias and ScriptAlias Directives

Directory definitions are sometimes preceded by "Alias" or "ScriptAlias" statements. Alias maps a URL path to a directory path.

ScriptAlias operates in the same way, but is used to define directories that will have executables.

Example:

This line in a Virtual Host that handles request to "f1tech.com" would allow access to content within "/path/to/content/" by navigating to "http://f1tech.com/cgi-bin/":

Alias /cgi-bin/ /usr/lib/cgi-bin/


8 | P a g e

Following the alias, always remember to define the directory with access privileges as defined in the directory section.

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin">

AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory>

Directive Purpose

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ Define Script alias in the URL mapping and the actual location of the script folder "cgi-bin" location

<Directory "/usr/lib/cgi-bin"> Define Directory option


Options +ExeCGI -MultiViews +SymLinksIfOwnerMatch

+ExeCGI is set, execution of CGI Script is permitted. -MultiViews is not set, content negotiation is disabled. +SymLinksIfOwnerMatch is set, server will only follow symbolic links for which the target file or directory is owned by the same user id as the link.

Order allow,deny Order deny, allow means that the deny rules are processed before the allow rules. If the client does not match the deny rule or it does match the allow rule, then it will be granted access.

Allow from all Deny all requests by default


Alias Doc

Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory>

Directive Purpose

Alias /doc/ "/usr/share/doc/" Define doc alias in the URL mapping and the actual location of the doc folder "doc" location

<Directory "/usr/share/doc/"> Define Directory option


9 | P a g e

Options Indexes MultiViews FollowSymLinks

Indexes enable indexing on the directory. MultiViews is not set, content negotiation is enabled. Follow Symbolic Links in the directory; tells the web server to follow the symbolic links. This option permits Apache to follow Symbolic link directory.


Order deny, allow Order deny, allow means that the deny rules are processed before the allow rules. If the client does not match the deny rule or it does match the allow rule, then it will be granted access.

Allow from all allow all requests by default


Enabling Modules and Sites in Apache2

After configuring and validating Virtual Host file according to requirements; enable the sites for the live environment.

For creating a symbolic link automatically in the "sites-enabled" directory to an existing file in the "sites-available" directory, execute the following command:

sudo a2ensite <virtual host file name>

Example: sudo a2ensite f1tech.com

After enabling a site, issue the following command to tell Apache to re-read its configuration files, allowing the change to propagate:

sudo service apache2 reload

There is also a command for disabling a Virtual Host. It operates by removing the symbolic link from the "sites-enabled" directory:

sudo a2dissite virtual_host_file_name

Again, reload the configuration changes are reflected execute; sudo service apache2 reload

Apache2 Managing Modules

Enabling Apache2 Module(s)

Modules can be enabled by executing command "sudo a2enmod".

Disabling Apache2 Module(s)

Modules can be enabled by executing command "sudo a2dismod".


10 | P a g e

Apache2 Managing Sites

Enabling Apache2 Site(s)

Modules can be enabled by executing command "sudo a2ensite".

Disabling Apache2 Site(s)

Modules can be enabled by executing command "sudo a2dissite".

how to installation and configure apache2

Technology

virtual host directives

custom log directive

custom directory directive

directory directives

apache2 configuration

virtual host port

error log directive

document root directives