Set Up Apache Web Server on CentOS 7

The Apache web server is one of the most popular and powerful web servers in the world. It is also one of the most secure web servers available. This tutorial will explain how to install and configure a basic and secure Apache web server in CentOS 7.

Requirements

  • A server running CentOS v. 7
  • A static IP Address for your server

Set up the Apache HTTP server

Update the package repository

Before installing Apache, it is a good idea to update the package repository. You can do this by running the following commands:

# yum update -y
# yum install httpd -y

Disable SELinux

By default SELinux is enabled in CentOS 7. It is recommended that you disable it first.

You can disable SELinux by editing the /etc/selinux/config file:

# nano /etc/selinux/config

Change the line from SELINUX=enforcing to SELINUX=disabled

SELINUX=disabled

Save and close the file, then restart your machine for the changes to take effect.

Allow Apache through the firewall

You will need to allow the default Apache port 80 (HTTP) and 443 (HTTPS) using FirewallD.

You can do this by running the following commands:

 # firewall-cmd --permanent --add-port=80/tcp
 # firewall-cmd --permanent --add-port=443/tcp

Reload the firewall service for the changes to take effect.

 # firewall-cmd --reload

Create a test page

In CentOS7 the default Apache DocumentRoot path is /var/www/html/. However, there is no index.html file in this directory. You will need to create one.

# vi /var/www/html/index.html

Add the following content:

Apache index page

Restart the Apache service to reflect the changes:

# systemctl start httpd

You can configure the Apache service to start on boot by running the following command:

# systemctl enable httpd

Test the Apache HTTP server

To verify that the Apache web server is up and running, open your web browser and go to your server’s IP Address with the url http://your.server.ip.address.

You should see a default page like the one in the image below.

Apache test page

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

To Set up a secure Apache HTTPS server with SSL

Install SSL

In order to secure Apache, you need to install SSL first.

You can install SSL using the following command:

# yum install mod_ssl openssl

Generate a self-signed certificate

First, you need to generate a private key ca.key with 2048-bit encryption.

# openssl genrsa -out ca.key 2048

Then generate the certificate signing request cs.csr using the following command.

# openssl req -new -key ca.key -out ca.csr

You will be prompted for information about the certificate.

SSL certificate

Finally, generate a self-signed certificate ca.crt of X509 type valid for 365 keys.

# openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

After creating the certificate, you need to copy all of the certificate files to the necessary directories.

You can do this by running the following commands:

# cp ca.crt /etc/pki/tls/certs/
# cp ca.key /etc/pki/tls/private/
# cp ca.csr /etc/pki/tls/private/

Set up the certificates

All the certificates are ready. The next thing to do is to set up Apache to display the new certificates.

You can do this by editing the SSL config file:

# vi /etc/httpd/conf.d/ssl.conf

Find the section that begins with . Uncomment the DocumentRoot and ServerName line and replace example.com with your server’s IP address.

DocumentRoot "/var/www/html"
ServerName 192.168.1.42:443

Next, find the SSLCertificateFile and SSLCertificateKeyFile lines and update them with the new location of the certificates.

SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key

After making these changes, restart Apache service for the changes to take effect.

# sudo systemctl restart httpd

Test the secure Apache HTTPS server

To verify that the secure Apache HTTPS web server is working, open your web browser and go to your server’s IP Address with the url https://your.server.ip.address.

An error should appear on your browser and you must manually accept the certificate.

Apache warning page

Once you add an exception to the browser’s identity verification, you should see a test page for your newly-secure site.

Apache secure test page

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Now, Lets Configure Apache Virtual Hosts

In Apache, you can use virtual hosts to direct http traffic for a given domain name to a particular directory (i.e. the root directory of the website for the domain in the request). This feature is commonly used to host multiple websites, but we recommend using it for every website on your server including the first.

Set up the virtual host

1. Create the virtual directories for your domain:

# mkdir -p /var/www/html/test

2. Change the ownership to the Apache group:

# mkdir -p /var/www/html/test

3. Change the directory’s permission:

# chmod -R 755 /var/www/html

Create content for the website

If you have the content for the website prepared, you can upload it to the /test folder you created in the last section.

If you don’t have content ready to upload, you can create a sample home page (As an index file, which is the first page that loads when visitors come to your domain).

1. Create the index file:

# vi /var/www/html/test/index.html

2. Add some content to the file and save it using <wq!>,

 
     
    Welcome to my site! 
     
     

Hooray! test.com virtual host is working!


Configure your virtual host directories

We’re going to create two directories: one to store the virtual host files (sites-available) and another to hold symbolic links to virtual hosts that will be published (sites-enabled).

Create sites-available and sites-enabled directories

    • Create the directories:
      # mkdir /etc/httpd/sites-available
      # mkdir /etc/httpd/sites-enabled

 

Edit your Apache configuration file

Edit the main configuration file (httpd.conf) so that Apache will look for virtual hosts in the sites-enabled directory. Open your config file:

# vi /etc/httpd/conf/httpd.conf

Add this line at the very end of the file:

IncludeOptional sites-enabled/*.conf

This way, we’re telling Apache to look for additional config files in the sites-enabled directory. Save and close the file:

:wq!

Create virtual host file

We’re going to build it from a new file in your sites-available directory. 1. Create a new config file:

# vi /etc/httpd/sites-available/test.conf

Paste this code in, replacing your own domain for test and save it.

    ServerAdmin webmaster@dummy-host.example.com    
    ServerName www.test.com
    ServerAlias test.com 
    DocumentRoot /var/www/html/test/public_html 
    ErrorLog /var/www/html/test/error.log 
    CustomLog /var/www/html/test/requests.log combined 

The lines ErrorLog and CustomLog are not required to set up your virtual host, but we’ve included them, in case you do want to tell Apache where to keep error and request logs for your site.

Enable your virtual host file with a sym link to the sites-enabled directory:

# ln -s /etc/httpd/sites-available/test.conf /etc/httpd/sites-enabled/test.conf

  • Restart Apache:

sudo service httpd restart

Adding additional virtual hosts

To create additional sites, repeat the following sections:

  1. Set up the virtual host,
  2. Create content for the website,
  3. Create virtual host file — but for additional virtual hosts, you will need to create new config files in /etc/httpd/sites-available/,

For example:

/etc/httpd/sites-available/your second domain name

Note:- Don’t forget to point your domain name to your server. In other words, Configure DNS entries of Domains in DNS Server.

That’s it. You have successfully configured a Apache Web Server and it’s Virtual Hosts. This article was well tested on CentOS 7.3 machine.

Thank you.

For more reading materials please click here