Let’s learn how to install Apache HTTP server and secure that with the Let’s Encrypt Certificate.
Apache is one of the most widely used HTTP webservers. Setting up the apache and secure it with an SSL cert is the first step you need to do for your web applications.
In this tutorial, you will learn how to set up Apache for your website on Ubuntu and CentOS. I’ve tested this on DigitalOcean VM.
For the demonstration purpose. I’m going to use the test domain name test.sanakil.xyz, which is supercharged by Cloudflare.
Don’t forget to replace the test.sanakil.xyz domain with your actual domain. 📢
DNS record creation
Login to Cloudflare or your domain registrar (if not Cloudflare) and create an A record to point the domain to the cloud VM’s IP.
Log in to your cloud server via SSH.
To update the available packages up-to-date
sudo apt-get update
sudo apt-get install apache2
Allow ports 80 and 443 in your firewall for the HTTP server.
sudo ufw allow 'Apache Full'
Check that your installed apache running correctly
sudo systemctl status apache2
Update the available packages up-to-date.
sudo yum update
sudo yum install httpd
Add ports 80 and 443 in the firewall to access the web app.
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload
Start apache and check the running status
sudo systemctl start httpd
sudo systemctl status httpd
Create VirtualHost for the website
A virtual host can be created in two ways depending upon which type of web app/ website we serve.
Suppose If the application already has a web server like Node running on a port. We can use a proxy to serve it in apache. Or if the app is just serving the files like static sites. We can specify the path of the application to serve in apache.
Create a Virtual host file in apache – the configuration file can be in any name. But keeping it with the domain name which we are going to serve the web app will be better for easy identification.
Additional setup for CentOS
In CentOS(SELinux), not everything is enabled default like Ubuntu.
We have to create sites-enabled and sites-available folders in apache.
sites-enabled – tells apache to serve visitor with the conf files in it
sites-available – store the virtual host conf files
sudo mkdir /etc/httpd/sites-available /etc/httpd/sites-enabled
Now tell the apache to read the conf file in the sites-enabled folder.
sudo vi /etc/httpd/conf/httpd.conf
Add the below line at the end of the file
Configure Apache to serve files
- Create a folder for serving your web app
sudo mkdir -p /var/www/test.sanakil.xyz/webapp
sudo vi /var/www/test.sanakil.xyz/webapp/index.html
- Paste the below HTML snippet for testing
<!DOCTYPE html> <html lang="en"> <head> <title>Apache webapp</title> </head> <body> <h1>My Apache webapp is working in test.sanakil.xyz</h1> </body> </html>
- Create a folder to generate and store logs
sudo mkdir -p /var/www/test.sanakil.xyz/log sudo touch /var/www/test.sanakil.xyz/request.log sudo touch /var/www/test.sanakil.xyz/log/error.log
- Open conf file(Ubuntu)
sudo vi /etc/apache2/sites-available/test.sanakil.xyz.conf
- Open conf file(CentOS)
sudo vi /etc/httpd/sites-available/test.sankil.xyz.conf
- Paste the below conf snippet by changing your-domain-name
<VirtualHost *:80> ServerName test.sanakil.xyz ServerAlias test.sanaki.xyz DocumentRoot /var/www/test.sanakil.xyz/webapp ErrorLog /var/www/test.sankil.xyz/log/error.log CustomLog /var/www/test.sanakil.xyz/log/requests.log combined </VirtualHost>
- Give required permission for your folder.
sudo chown -R $USER:$USER /var/www/test.sanakil.xyz
sudo chmod -R 755 /var/www/test.sanakil.xyz
sudo a2ensite test.sanakil.xyz.conf
Disable the default conf file for security reason
sudo a2dissite 000-default.conf
Restart apache to make changes to take effect.
sudo systemctl restart apache2
Enable your virtual host config file in apache(CentOS)
Create a symbolic link for apache
sudo ln -s /etc/httpd/sites-available/test.sanakil.xyz.conf /etc/httpd/sites-enabled/test.sanakil.xyz.conf
Restart apache to make changes to take effect.
sudo systemctl restart httpd
Enabling HTTPS in apache webserver in Ubuntu has been made easy by using certbot and Let’s Encrypt.
Let’s Encrypt is a non-profit organization which provided SSL certificate for millions of website free.
Certbot is software that will automatically set up HTTPS for our website using let’s encrypt.
Add and install certbot for apache(Ubuntu)
sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-apache
Add and install certbot for apache(CentOS)
sudo yum install epel-release
sudo yum install certbot python2-certbot-apache mod_ssl
Get SSL certificate
sudo certbot --apache -d your-domain-name
If all the verification is done by certbot without any issues.
It will ask for HTTPS redirection. Select option 2 and enter.
If everything works correctly, https://test.sanakil.xyz will show a basic HTML index page that we have created.
I hope this gives you an idea about installing and implement an SSL certificate on Apache.
Next, find out how to implement a certificate in Nginx.
More great readings on Apache HTTP
How to Redirect AMP Page to Non-AMP in Nginx, Apache, Cloudflare?Abhishek Nair on September 27, 2021
How to Block .git in Apache, Nginx and Cloudflare?Chandan Kumar on October 27, 2020
How to Protect Page with Password in Apache, Nginx, WordPress, Hosting?Chandan Kumar on September 11, 2020
How to Implement ZeroSSL Certificate in Apache and Nginx?Asad Ali on May 24, 2020
How to Enable CORS in Apache and Nginx?Chandan Kumar on October 18, 2019
How to Implement CSP frame-ancestors in Apache, Nginx and WordPress?Chandan Kumar on May 21, 2021
Join Geekflare Newsletter
Every week we share trending articles and tools in our newsletter. More than 10,000 people enjoy reading, and you will love it too.