Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.
In Apache HTTP and Security Last updated: October 29, 2022
Share on:
Invicti Web Application Security Scanner – the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

Let’s learn how to install the Apache HTTP server and secure that with the Let’s Encrypt Certificate.


Apache is one of the most widely used HTTP web servers. Setting up the apache and securing it with an SSL cert is the first step you need to do for your web applications.

In this tutorial, you will learn how to set up Apache for your website on Ubuntu and CentOS. I’ve tested this on DigitalOcean VM.

For the demonstration purpose. I’m going to use the test domain name, which is supercharged by Cloudflare.

Don’t forget to replace the domain with your actual domain. 📢

DNS Record Creation

Login to Cloudflare or your domain registrar (if not Cloudflare) and create an A record to point the domain to the cloud VM’s IP.

Log in to your cloud server via SSH.

Installing Apache(Ubuntu)

To update the available packages up-to-date

sudo apt-get update

Install apache

sudo apt-get install apache2

Allow ports 80 and 443 in your firewall for the HTTP server.

sudo ufw allow 'Apache Full'

Check that your installed apache running correctly

sudo systemctl status apache2

Installing Apache(CentOS)

Update the available packages up-to-date.

sudo yum update

Install Apache

sudo yum install httpd

Add ports 80 and 443 in the firewall to access the web app.

sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload

Start apache and check the running status

sudo systemctl start httpd
sudo systemctl status httpd

Create VirtualHost for the website

A virtual host can be created in two ways depending upon which type of web app/ website we serve.

Suppose the application already has a web server like Node running on a port. We can use a proxy to serve it in apache. Or if the app is just serving the files like static sites. We can specify the path of the application to serve in apache.

Create a Virtual host file in apache – the configuration file can be in any name. But keeping it with the domain name which we are going to serve the web app will be better for easy identification.

Additional setup for CentOS

In CentOS(SELinux), not everything is enabled by default like Ubuntu.

We have to create sites-enabled and sites-available folders in apache.

sites-enabled – tells apache to serve visitor with the conf files in it

sites-available – store the virtual host conf files

sudo mkdir /etc/httpd/sites-available /etc/httpd/sites-enabled

Now tell the apache to read the conf file in the sites-enabled folder.

sudo vi /etc/httpd/conf/httpd.conf

Add the below line at the end of the file

IncludeOptional sites-enabled/*.conf

Configure Apache to serve files

  • Create a folder for serving your web app
sudo mkdir -p /var/www/
sudo vi /var/www/
  • Paste the below HTML snippet for testing
<!DOCTYPE html>
<html lang="en">
<title>Apache webapp</title>
<h1>My Apache webapp is working in</h1>
  • Create a folder to generate and store logs
sudo mkdir -p /var/www/
sudo touch /var/www/
sudo touch /var/www/
Virtual host configuration
  • Open conf file(Ubuntu)
sudo vi /etc/apache2/sites-available/
  • Open conf file(CentOS)
sudo vi /etc/httpd/sites-available/
  • Paste the below conf snippet by changing your-domain-name
<VirtualHost *:80>
DocumentRoot /var/www/
ErrorLog /var/www/
CustomLog /var/www/ combined
  • Give required permission for your folder.
sudo chown -R $USER:$USER /var/www/
sudo chmod -R 755 /var/www/
Enable your virtual host config file in apache(Ubuntu)
sudo a2ensite

Disable the default conf file for security reason

sudo a2dissite 000-default.conf

Restart apache to make changes to take effect.

sudo systemctl restart apache2

Enable your virtual host config file in apache(CentOS)

Create a symbolic link for apache

sudo ln -s /etc/httpd/sites-available/ 

Restart apache to make changes to take effect.

sudo systemctl restart httpd

Enabling HTTPS

Enabling HTTPS in apache webserver in Ubuntu has been made easy by using certbot and Let’s Encrypt. 

Let’s Encrypt is a non-profit organization which provided SSL certificate for millions of website free.

Certbot is software that will automatically set up HTTPS for our website using let’s encrypt.

Add and install certbot for apache(Ubuntu)

sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-apache

Add and install certbot for apache(CentOS)

sudo yum install epel-release
sudo yum install certbot python2-certbot-apache mod_ssl

Get SSL certificate

sudo certbot --apache -d your-domain-name

If all the verification is done by certbot without any issues.

It will ask for HTTPS redirection. Select option 2 and enter.

That’s it.

If everything works correctly, will show a basic HTML index page that we have created.


I hope this gives you an idea about installing and implement an SSL certificate on Apache.

Next, find out how to implement a certificate in Nginx.

  • Aghilan Baskar
    Software Engineer by profession. Loves to share and help things with others. Loves writing articles to help the community.
Thanks to our Sponsors
More great readings on Apache HTTP
Power Your Business
Some of the tools and services to help your business grow.
  • Invicti uses the Proof-Based Scanning™ to automatically verify the identified vulnerabilities and generate actionable results within just hours.
    Try Invicti
  • Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.
    Try Brightdata
  • is an all-in-one work OS to help you manage projects, tasks, work, sales, CRM, operations, workflows, and more.
    Try Monday
  • Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.
    Try Intruder