{"id":4384,"date":"2024-03-18T02:15:00","date_gmt":"2024-03-18T06:15:00","guid":{"rendered":"https:\/\/www.both.org\/?p=4384"},"modified":"2024-03-11T17:26:26","modified_gmt":"2024-03-11T21:26:26","slug":"how-to-configure-an-apache-web-server","status":"publish","type":"post","link":"https:\/\/www.both.org\/?p=4384","title":{"rendered":"How to configure an Apache web server"},"content":{"rendered":"
\r\n
\r\n \r\n <\/i>\r\n <\/a>\r\n <\/span>\r\n<\/div><\/div>\n

Image by: You as a Machine. Modified by Rikki Endsley. CC BY-SA 2.0.<\/p>\n\n\n\n

Note: This article was originally published on Opensource.com in 2018 and updated there in 2021 with Fedora 33 and Apache 2.4.46. As of this update, my server uses Fedora 39 and Apache 2.4.58.<\/em><\/p>\n\n\n\n

I have hosted my own websites for many years now. Since switching from OS\/2 to Linux more than 25 years ago, I have used Apache<\/a> as my web server software. Apache is solid, well-known, and quite easy to configure for a basic installation. It is not really that much more difficult to configure Apache to support a more complex setup, such as multiple websites.<\/p>\n\n\n\n

Installation and configuration of the Apache web server and configuring the firewall need to be performed as root. Using a browser to view the results of this work should be done as a non-root user. (I use the user student<\/code> on my virtual host.)<\/p>\n\n\n\n

A little history<\/h2>\n\n\n\n

Developed by Rob McCool (yes, really) at the National Center for Supercomputing Applications, it was the most common HTTP server on the Internet in 1995. As of 2023, it is still used by just over 30% of known web servers<\/a>. <\/p>\n\n\n\n

Although the name may seem strange, it’s easily explained. Some of the webmasters that were using it had created many of their own plug-in extensions and bug fixes because further development had stalled. Some of those people collaborated to add those extensions and fixes to the original code in the form of patches. There were many of those patches, so it was quite natural for the webmaster hackers to call it \u201ca patchy web server.\u201d <\/p>\n\n\n\n

Installation<\/h2>\n\n\n\n

If you use a different distribution your commands and the locations and content of the configuration files may be different. However, the few configuration lines you need to modify are the same regardless of distribution.<\/p>\n\n\n\n

The Apache web server software is easy to install. With one command, you can install Apache plus all necessary dependencies:<\/p>\n\n\n\n

# dnf install httpd<\/strong><\/code><\/pre>\n\n\n\n
All the configuration files for Apache are located in \/etc\/httpd\/conf<\/code> and \/etc\/httpd\/conf.d<\/code>. The data for websites you’ll run with Apache is located in \/var\/www<\/code> by default, but you can change that if you want by editing the configuration files.<\/p>\n\n\n\n
Configuring HTTPD<\/h2>\n\n\n\n
The primary Apache configuration file is \/etc\/httpd\/conf\/httpd.conf<\/code> and contains a lot of configuration statements that don’t need to be changed for a basic installation. You only need to make a few changes to this file to get a basic website up and running. The file is very large, so rather than clutter this article with a lot of unnecessary stuff, I will show only those directives that you need to change.<\/p>\n\n\n\n
First, take a bit of time and browse through the httpd.conf<\/code> file to familiarize yourself with it. One of the things I like about Red Hat versions of most configuration files is the number of comments that describe the various sections and configuration directives in the files. The httpd.conf<\/code> file is no exception, as it is quite well commented. Use these comments to understand what the file is configuring.<\/p>\n\n\n\n
The first item to change is the Listen<\/code> statement, which defines the IP address and port on which Apache is to listen for page requests. For now, you just need to make this website available to the local machine, so use the localhost<\/code> address. The line should look like this when you finish:<\/p>\n\n\n\n
Listen 127.0.0.1:80<\/code><\/pre>\n\n\n\n
With this directive set to the IP address of the localhost<\/code>, Apache will listen only for connections from the local host. If you want the web server to listen for connections from remote hosts, you would use the host’s external IP address.<\/p>\n\n\n\n
The DocumentRoot<\/code> directive specifies the location of the HTML files that make up the pages of the website. That line does not need to be changed because it already points to the standard location. The line should look like this:<\/p>\n\n\n\n
DocumentRoot \"\/var\/www\/html\"<\/code><\/pre>\n\n\n\n
The Apache installation RPM creates the \/var\/www<\/code> directory tree. If you wanted to change the location where the website files are stored, this configuration item is used to do that. For example, you might want to use a different name for the www<\/code> subdirectory to make the identification of the website more explicit. That might look like this:<\/p>\n\n\n\n
DocumentRoot \"\/var\/mywebsite\/html\"<\/code><\/pre>\n\n\n\n
These are the only Apache configuration changes needed to create a simple website. For this little exercise, only one change was made to the httpd.conf<\/code> file\u2014the Listen<\/code> directive. Everything else is already configured to produce a working web server.<\/p>\n\n\n\n
Configuring the firewall<\/h2>\n\n\n\n
One change is needed to our firewall. Port 80 is the default HTTP port and must be open to enable requests to our website to pass through the firewall. <\/p>\n\n\n\n
The Linux kernel contains the Linux firewall which is implemented using a series of netfilter<\/a> kernel modules. There are several tools available for users to write and manage the firewall rules used by netfilter. Iptables was the first interface and nftables is the current user interface provided by the netfilter project. <\/p>\n\n\n\n
Other projects, such as firewalld which is part of the systemd galaxy of tools, also provides methods for managing firewall rules. <\/p>\n\n\n\n
If using iptables<\/a> as my firewall user interface on my server, I change \/etc\/sysconfig\/iptables<\/code> to add a statement that allows HTTP protocol. The entire file looks like this otherwise default configuration.<\/p>\n\n\n\n
# sample configuration for iptables service\n# you can edit this manually or use system-config-firewall\n# please do not ask us to add additional ports\/services to this default configuration\n*filter\n:INPUT ACCEPT [0:0]\n:FORWARD ACCEPT [0:0]\n:OUTPUT ACCEPT [0:0]\n-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT\n-A INPUT -p icmp -j ACCEPT\n-A INPUT -i lo -j ACCEPT\n-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT\n-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT<\/strong>\n-A INPUT -j REJECT --reject-with icmp-host-prohibited\n-A FORWARD -j REJECT --reject-with icmp-host-prohibited\nCOMMIT<\/code><\/pre>\n\n\n\n
The line I added is the fourth from the bottom, which allows incoming traffic on port 80. Now I reload the altered iptables configuration:<\/p>\n\n\n\n
# cd \/etc\/sysconfig\/ ; iptables-restore iptables<\/strong><\/code><\/pre>\n\n\n\n
When using firewalld, you can add new rules with the following two commands. This first one open the port 80 with protocol tcp<\/code> in the public zone of the runtime environment. This makes the assumption that the public zone is not the default. To open port 80 in the default zone, you can omit the zone argument. This change is only effective until firewalld is restarted so it’s not persistent through reboots.<\/p>\n\n\n\n
# firewall-cmd --zone=public --add-port=80\/tcp<\/strong><\/code><\/pre>\n\n\n\n
To make this change permanent so it is persistent through reboots and other firewalld restarts,  use the --permanent<\/code> argument as shown here. <\/p>\n\n\n\n
# firewall-cmd --permanent --zone=public --add-port=80\/tcp<\/strong><\/code><\/pre>\n\n\n\n
Create an index.html file<\/h2>\n\n\n\n
The index.html<\/code> file is the default file a web server will serve up when you access the website using just the domain name and not a specific HTML file name. In the \/var\/www\/html<\/code> directory, create a file with the name index.html<\/code>. Add the content Hello World<\/code>. You do not need to add any HTML markup to make this work. The sole job of the web server is to serve up a stream of text data, and the server has no idea what the date is or how to render it. It simply transmits the data stream to the requesting host.<\/p>\n\n\n\n
After saving the file, set the ownership to apache.apache<\/code>.<\/p>\n\n\n\n
[root@testvm1 html]# chown apache.apache index.html<\/strong><\/code><\/pre>\n\n\n\n
Start Apache<\/h2>\n\n\n\n
Apache is very easy to start. Current versions of Fedora use systemd<\/code>. Run the following commands to start it and then to check the status of the server:<\/p>\n\n\n\n
[root@testvm1 ~]# systemctl start httpd<\/strong>\n[root@testvm1 ~]# systemctl status httpd<\/strong>\n\u25cf httpd.service - The Apache HTTP Server\n   Loaded: loaded (\/usr\/lib\/systemd\/system\/httpd.service; disabled; vendor preset: disabled)\n   Active: active (running) since Thu 2018-02-08 13:18:54 EST; 5s ago\n     Docs: man:httpd.service(8)\n Main PID: 27107 (httpd)\n   Status: \"Processing requests...\"\n    Tasks: 213 (limit: 4915)\n   CGroup: \/system.slice\/httpd.service\n           \u251c\u250027107 \/usr\/sbin\/httpd -DFOREGROUND\n           \u251c\u250027108 \/usr\/sbin\/httpd -DFOREGROUND\n           \u251c\u250027109 \/usr\/sbin\/httpd -DFOREGROUND\n           \u251c\u250027110 \/usr\/sbin\/httpd -DFOREGROUND\n           \u2514\u250027111 \/usr\/sbin\/httpd -DFOREGROUND\n\nFeb 08 13:18:54 testvm1 systemd[1]: Starting The Apache HTTP Server...\nFeb 08 13:18:54 testvm1 systemd[1]: Started The Apache HTTP Server.<\/code><\/pre>\n\n\n\n
The commands may be different on your server. On Linux systems that use SystemV start scripts, the commands would be:<\/p>\n\n\n\n
[root@testvm1 ~]# service httpd start<\/strong>\nStarting httpd: [Fri Feb 09 08:18:07 2018]          [  OK  ]\n[root@testvm1 ~]# service httpd status<\/strong>\nhttpd (pid  14649) is running...<\/code><\/pre>\n\n\n\n
If you have a web browser like Firefox or Chrome on your host, you can use the URL localhost<\/code> on the URL line of the browser to display your web page, simple as it is. You could also use a text mode web browser like Lynx<\/a> to view the web page. First, install Lynx (if it is not already installed):<\/p>\n\n\n\n
[root@testvm1 ~]# dnf -y install lynx<\/strong><\/code><\/pre>\n\n\n\n
Then use this command to display the web page:<\/p>\n\n\n\n
[root@testvm1 ~]# lynx localhost<\/strong><\/code><\/pre>\n\n\n\n
The result looks like this in my terminal session. I have deleted a lot of the empty space on the page:<\/p>\n\n\n\n
  Hello World\n\n<snip>\n\nCommands: Use arrow keys to move, '?' for help, 'q' to quit, '<-' to go back.\n  Arrow keys: Up and Down to move.  Right to follow a link; Left to go back.\n H)elp O)ptions P)rint G)o M)ain screen Q)uit \/=search [delete]=history list<\/code><\/pre>\n\n\n\n
Next, edit your index.html<\/code> file and add a bit of HTML markup so it looks like this:<\/p>\n\n\n\n
<h1>Hello World<\/h1><\/code><\/pre>\n\n\n\n
Now refresh the browser. For Lynx, use the key combination Ctrl+R. The results look just a bit different. The text is in color, which is how Lynx displays headings if your terminal supports color, and it is now centered. In a GUI browser the text would be in a large font.<\/p>\n\n\n\n
                                   Hello World\n\n<snip>\n\n\nCommands: Use arrow keys to move, '?' for help, 'q' to quit, '<-' to go back.\n  Arrow keys: Up and Down to move.  Right to follow a link; Left to go back.\n H)elp O)ptions P)rint G)o M)ain screen Q)uit \/=search [delete]=history list<\/code><\/pre>\n\n\n\n
Parting thoughts<\/h2>\n\n\n\n
As you can see from this exercise, it is easy to set up an Apache web server. The specifics will vary depending upon your distribution and the version of Apache supplied by that distribution. In my environment, this was a pretty trivial exercise.<\/p>\n\n\n\n
You can find documentation, support, security information, mailing lists, downloads, and more at the Apache HTTP Server Project<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"
Learn to host your own website with Apache, a solid, well-known, and easy-to-configure web server.<\/p>\n","protected":false},"author":2,"featured_media":4395,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[5,14],"tags":[311,312],"class_list":["post-4384","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","category-open-source-software","tag-apache","tag-http"],"modified_by":"Jim Hall","_links":{"self":[{"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/posts\/4384","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.both.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4384"}],"version-history":[{"count":24,"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/posts\/4384\/revisions"}],"predecessor-version":[{"id":4419,"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/posts\/4384\/revisions\/4419"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.both.org\/index.php?rest_route=\/wp\/v2\/media\/4395"}],"wp:attachment":[{"href":"https:\/\/www.both.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4384"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.both.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4384"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.both.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4384"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}