A spider web with dew on a purple background.

How to configure an Apache web server


Image by: You as a Machine. Modified by Rikki Endsley. CC BY-SA 2.0.

Note: This article was originally published on Opensource.com in 2018 and updated there in 2021 with Fedora 33 and Apache 2.4.46. As of this update, my server uses Fedora 39 and Apache 2.4.58.

I have hosted my own websites for many years now. Since switching from OS/2 to Linux more than 25 years ago, I have used Apache as my web server software. Apache is solid, well-known, and quite easy to configure for a basic installation. It is not really that much more difficult to configure Apache to support a more complex setup, such as multiple websites.

Installation and configuration of the Apache web server and configuring the firewall need to be performed as root. Using a browser to view the results of this work should be done as a non-root user. (I use the user student on my virtual host.)

A little history

Developed by Rob McCool (yes, really) at the National Center for Supercomputing Applications, it was the most common HTTP server on the Internet in 1995. As of 2023, it is still used by just over 30% of known web servers.

Although the name may seem strange, it’s easily explained. Some of the webmasters that were using it had created many of their own plug-in extensions and bug fixes because further development had stalled. Some of those people collaborated to add those extensions and fixes to the original code in the form of patches. There were many of those patches, so it was quite natural for the webmaster hackers to call it “a patchy web server.”


If you use a different distribution your commands and the locations and content of the configuration files may be different. However, the few configuration lines you need to modify are the same regardless of distribution.

The Apache web server software is easy to install. With one command, you can install Apache plus all necessary dependencies:

# dnf install httpd

All the configuration files for Apache are located in /etc/httpd/conf and /etc/httpd/conf.d. The data for websites you’ll run with Apache is located in /var/www by default, but you can change that if you want by editing the configuration files.

Configuring HTTPD

The primary Apache configuration file is /etc/httpd/conf/httpd.conf and contains a lot of configuration statements that don’t need to be changed for a basic installation. You only need to make a few changes to this file to get a basic website up and running. The file is very large, so rather than clutter this article with a lot of unnecessary stuff, I will show only those directives that you need to change.

First, take a bit of time and browse through the httpd.conf file to familiarize yourself with it. One of the things I like about Red Hat versions of most configuration files is the number of comments that describe the various sections and configuration directives in the files. The httpd.conf file is no exception, as it is quite well commented. Use these comments to understand what the file is configuring.

The first item to change is the Listen statement, which defines the IP address and port on which Apache is to listen for page requests. For now, you just need to make this website available to the local machine, so use the localhost address. The line should look like this when you finish:


With this directive set to the IP address of the localhost, Apache will listen only for connections from the local host. If you want the web server to listen for connections from remote hosts, you would use the host’s external IP address.

The DocumentRoot directive specifies the location of the HTML files that make up the pages of the website. That line does not need to be changed because it already points to the standard location. The line should look like this:

DocumentRoot "/var/www/html"

The Apache installation RPM creates the /var/www directory tree. If you wanted to change the location where the website files are stored, this configuration item is used to do that. For example, you might want to use a different name for the www subdirectory to make the identification of the website more explicit. That might look like this:

DocumentRoot "/var/mywebsite/html"

These are the only Apache configuration changes needed to create a simple website. For this little exercise, only one change was made to the httpd.conf file—the Listen directive. Everything else is already configured to produce a working web server.

Configuring the firewall

One change is needed to our firewall. Port 80 is the default HTTP port and must be open to enable requests to our website to pass through the firewall.

The Linux kernel contains the Linux firewall which is implemented using a series of netfilter kernel modules. There are several tools available for users to write and manage the firewall rules used by netfilter. Iptables was the first interface and nftables is the current user interface provided by the netfilter project.

Other projects, such as firewalld which is part of the systemd galaxy of tools, also provides methods for managing firewall rules.

If using iptables as my firewall user interface on my server, I change /etc/sysconfig/iptables to add a statement that allows HTTP protocol. The entire file looks like this otherwise default configuration.

# sample configuration for iptables service
# you can edit this manually or use system-config-firewall
# please do not ask us to add additional ports/services to this default configuration
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited

The line I added is the fourth from the bottom, which allows incoming traffic on port 80. Now I reload the altered iptables configuration:

# cd /etc/sysconfig/ ; iptables-restore iptables

When using firewalld, you can add new rules with the following two commands. This first one open the port 80 with protocol tcp in the public zone of the runtime environment. This makes the assumption that the public zone is not the default. To open port 80 in the default zone, you can omit the zone argument. This change is only effective until firewalld is restarted so it’s not persistent through reboots.

# firewall-cmd --zone=public --add-port=80/tcp

To make this change permanent so it is persistent through reboots and other firewalld restarts, use the --permanent argument as shown here.

# firewall-cmd --permanent --zone=public --add-port=80/tcp

Create an index.html file

The index.html file is the default file a web server will serve up when you access the website using just the domain name and not a specific HTML file name. In the /var/www/html directory, create a file with the name index.html. Add the content Hello World. You do not need to add any HTML markup to make this work. The sole job of the web server is to serve up a stream of text data, and the server has no idea what the date is or how to render it. It simply transmits the data stream to the requesting host.

After saving the file, set the ownership to apache.apache.

[root@testvm1 html]# chown apache.apache index.html

Start Apache

Apache is very easy to start. Current versions of Fedora use systemd. Run the following commands to start it and then to check the status of the server:

[root@testvm1 ~]# systemctl start httpd
[root@testvm1 ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Thu 2018-02-08 13:18:54 EST; 5s ago
     Docs: man:httpd.service(8)
 Main PID: 27107 (httpd)
   Status: "Processing requests..."
    Tasks: 213 (limit: 4915)
   CGroup: /system.slice/httpd.service
           ├─27107 /usr/sbin/httpd -DFOREGROUND
           ├─27108 /usr/sbin/httpd -DFOREGROUND
           ├─27109 /usr/sbin/httpd -DFOREGROUND
           ├─27110 /usr/sbin/httpd -DFOREGROUND
           └─27111 /usr/sbin/httpd -DFOREGROUND

Feb 08 13:18:54 testvm1 systemd[1]: Starting The Apache HTTP Server...
Feb 08 13:18:54 testvm1 systemd[1]: Started The Apache HTTP Server.

The commands may be different on your server. On Linux systems that use SystemV start scripts, the commands would be:

[root@testvm1 ~]# service httpd start
Starting httpd: [Fri Feb 09 08:18:07 2018]          [  OK  ]
[root@testvm1 ~]# service httpd status
httpd (pid  14649) is running...

If you have a web browser like Firefox or Chrome on your host, you can use the URL localhost on the URL line of the browser to display your web page, simple as it is. You could also use a text mode web browser like Lynx to view the web page. First, install Lynx (if it is not already installed):

[root@testvm1 ~]# dnf -y install lynx

Then use this command to display the web page:

[root@testvm1 ~]# lynx localhost

The result looks like this in my terminal session. I have deleted a lot of the empty space on the page:

  Hello World


Commands: Use arrow keys to move, '?' for help, 'q' to quit, '<-' to go back.
  Arrow keys: Up and Down to move.  Right to follow a link; Left to go back.
 H)elp O)ptions P)rint G)o M)ain screen Q)uit /=search [delete]=history list

Next, edit your index.html file and add a bit of HTML markup so it looks like this:

<h1>Hello World</h1>

Now refresh the browser. For Lynx, use the key combination Ctrl+R. The results look just a bit different. The text is in color, which is how Lynx displays headings if your terminal supports color, and it is now centered. In a GUI browser the text would be in a large font.

                                   Hello World


Commands: Use arrow keys to move, '?' for help, 'q' to quit, '<-' to go back.
  Arrow keys: Up and Down to move.  Right to follow a link; Left to go back.
 H)elp O)ptions P)rint G)o M)ain screen Q)uit /=search [delete]=history list

Parting thoughts

As you can see from this exercise, it is easy to set up an Apache web server. The specifics will vary depending upon your distribution and the version of Apache supplied by that distribution. In my environment, this was a pretty trivial exercise.

You can find documentation, support, security information, mailing lists, downloads, and more at the Apache HTTP Server Project.