Apache is the most commonly used Web server on Linux systems. Web servers are used to serve Web pages requested by client computers. This configuration is termed LAMP (Linux, Apache, MySQL and Perl/Python/PHP) and forms a powerful and robust platform for the development and deployment of Web-based applications.
Here at LinuxAPT, as part of our Server Management Services, we regularly help our Customers to perform Ubuntu related queries.
In this context, we shall look into how to configure Apache.
i. Allow Apache Traffic through Firewall
ii. Managing Apache Services
iii. Setting Up Virtual Hosts in Apache
iv. Configure Apache to listen on a different port
v. Allow/Deny access from specific IP addresses
1. Ubuntu 20.04 system
2. User with sudo privileges
3. An Apache web server installed
If a firewall is enabled on your OS, you will have to allow Apache traffic through it. The Apache server by default listens on port 80 for HTTP and 443 for https. In order to allow HTTP (port 80) traffic through the firewall, execute the following command in Terminal:
$ sudo ufw allow 'Apache'
To allow HTTPS (port 443) traffic through the firewall, execute the following command in Terminal:
$ sudo ufw allow 'Apache Secure'
In order to allow both HTTP (port 80) and HTTPS (port 443) traffic through in the firewall, execute the following commands in Terminal:
$ sudo ufw allow 'Apache Full'
How to manage Apache Services ?
After installation, the Apache service automatically starts running in the background. To view the status of Apache service, issue the below command in Terminal:
$ systemctl status apache2
If everything is in order then you will see an output with an active (running) state which shows that the Apache service is active and running without any issues.
For manually starting the Apache service, use the below command:
$ sudo systemctl start apache2
For enabling the Apache service to automatically start at startup/boot, use the below command:
$ sudo systemctl enable apache2
For restarting the Apache service, use the below command:
$ sudo systemctl restart apache2
For stopping the Apache service, use the below command:
$ sudo systemctl stop apache2
Virtual host in Apache allows you to run a number of websites from a single Apache Web Server. In the following section, we will configure one virtual host for our domain "linuxapt.com". For multiple domains, follow the same steps for each domain.
The first step will be to create a directory for your domain. If you need to host multiple domains, create separate directories for every domain.
For our domain test.org, we will create the directory with the following command:
$ sudo mkdir /var/www/linuxapt.com
Make sure to replace linuxapt.com with your domain name.
The directory for our domain is currently owned by the root user. In order to allow other users to modify the files, we will need to change the ownership of the directory. Use the following command in Terminal do so:
$ sudo chown -R $USER:$USER /var/www/ linuxapt.com
Also, set required permissions on the domain directory. The 755 in the below command assigns read and execute permissions to everyone while the read, write and execute permissions to the owner of the file.
$ sudo chmod -R 755 /var/www/ linuxapt.com
Now create a sample index.html page for your domain to serve some content. Create a file index.html in the /var/www/linuxapt.com directory.
We are using the Nano editor for this purpose:
$ sudo nano /var/www/linuxapt.com/index.html
Add the following content in the file:
<html>
<head>
<title>Your linuxapt.com server block is up!</title>
</head>
<body>
<h1>This is a test page for linuxapt.com website!</h1>
</body>
</html>
Once you are done with editing, save and close the index.html file.
Now the sample index.html page has been created for our site.
In Apache, there is a default virtual host file that contains configurations for the default web server. For our domain test.org, we will create a separate virtual host file.
Issue the following command in Terminal to create the virtual host file for your domain:
$ sudo nano /etc/apache2/sites-available/linuxapt.com.conf
Add the below content in the file:
<VirtualHost *:80>
ServerAdmin admin@linuxapt.com
ServerName linuxapt.com
ServerAlias www.linuxapt.com
DocumentRoot /var/www/linuxapt.com/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Make sure to replace the linuxapt.com with your own domain name.
Once you are done with editing, save and close the file.
Now we will enable the virtual host file that we have created in the previous step. Issue the below command in Terminal to do so:
$ sudo a2ensite linuxapt.com.conf
We are not using the default virtual host file, so we can disable it. Use the following command to disable it:
$ sudo a2dissite 000-default.conf
Now reload Apache configurations using the following command:
$ systemctl reload apache2
If you do not have an actual domain name and only want to test the procedure using any test domain, you will need to add an entry for your domain in the /etc/hosts file.
Edit the /etc/hosts file using the following command in Terminal:
$ sudo nano /etc/hosts
Add the following entry in this file replacing the server_IP and domain_name with the IP address and domain name of your environment.
server_IP domain_name
In our example, the entry would be:
192.168.012.157 linuxapt.com
Now save and close the /etc/hosts file.
Now test Apache configurations for any errors. Use the following command to do so:
$ sudo apache2ctl configtest
If everything is okay, you will the Syntax OK message in the output.
You may also see the following warning message in the test result:
AH00112: Warning: DocumentRoot [/var/www/linuxapt.com/html] does not exist
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, suing 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
Syntax OK
To suppress this message, add ServerName directive in the /etc/apache2/apache2.conf file.
Edit the /etc/apache2/apache2.conf file using following command in Terminal:
$ sudo nano /etc/apache2/apache2.conf
Add the following entry in the file replacing linuxapt.com with your domain name:
ServerName linuxapt.com
Save and close the file.
Again, test Apache for configuration errors. Now you will see the warning has removed.
Now, test the setup by navigating to the following address in the address bar of your web browser.
http://domain_name
In our example, it would be:
http://linuxapt.com
You will see a page which indicates that the virtual host has been successfully configured and Apache is serving our domain name:
This is a test page for linuxapt.com website
By default, Apache listens to web traffic on port 80. There are some cases when you may need to change the Apache port like when some other service is already listening on port 80, ISP has blocked port 80, or you want to prevent port 80 attacks. However, remember that after changing the default port, you must have to point the browsers to the new port like http://domain_name:port_nmuber.
1. Edit the /etc/apache2/ports.conf file using the below command:
$ sudo nano /etc/apache2/ports.conf
In this file, Change this port number to any other value you want the Apache server to listen to.
Save and close the ports.conf file once you are done with the editing.
2. Now, you will need to configure your virtual host to listen on the new port. To edit the virtual host file, use the following command in Terminal:
$ sudo nano /etc/apache2/sites-avaialble/linuxapt.com.conf file
In the above command, make sure to replace the linuxapt.com.conf with your virtual host file name.
Find the entry <VirtualHost *:80> and change the value from 80 to any number you want the Apache to listen to. For instance, to change the port number to 9090, the entry would be changed to <VirtualHost *:9090>.
Note: To set a port number, choose a value with 1024 to 65535 range.
Once done, save and close the file.
Apache can also be configured to listen on multiple ports. For instance, to set port 80 and 9090 as listening ports, add the following entries in the /etc/apache2/ports.conf file:
Listen 80
Listen 9090
Also in the /etc/apache2/sites-avaialble/linuxapt.com.conf file, add an entry in the following way:
<VirtualHost *:80 *:9090>
Once you are done, restart the Apache service using the following command in Terminal:
$ sudo systemctl restart apache2
In the following section, we will see how to allow/deny specific IP addresses from accessing our site. We will use the .htaccess file for this purpose.
1. Enable apache .htaccess
First, we will need to enable the .htaccess file. To do so, issue the following command in Terminal:
$ sudo nano /etc/apache2/sites-available/linuxapt.com.conf
After the VirtualHost block, append the following lines in the file:
<Directory /var/www/html/example.com/public_html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
Now save the file and restart apache using the following command:
$ sudo systemctl apache2 restart
2. Create .htaccess file
Now we will need to create .htaccess file. Navigate to the virtual host root directory.
$ cd /var/www/linuxapt.com
Then create .htaccess file here using the following command:
$ sudo nano .htaccess
3. Allow/Deny IP addresses
To deny certain IP addresses from accessing your website, you will need to add entries in the .htaccess file in the following way:
order deny, allow
# To deny IP address 192.168.9.8
allow from 192.168.9.8
# To deny all IP addresses from 192.168.9.0 to 192.168.9.255
allow from 192.168.9
To allow For this purpose, IP addresses from accessing your website, you will need to add entries in the .htaccess file in the following way:
order deny, allow
# To deny all IP addresses
Deny from all
# It will allow the IP address 192.168.9.30
allow from 192.168.9.30
# It will allow all IP addresses from 192.168.9.0 through 192.168.9.255
allow from 192.168.9
That is all there is to it!