Differences

This shows you the differences between two versions of the page.

--- computers:apache_server_configuration [2016/01/06 17:34] – [Apache] chkuo
+++ computers:apache_server_configuration [2022/11/02 16:04] (current) – chkuo
@@ Line 5: / Line 5: @@
 <code bash>
-sudo apt-get install apache2
+sudo apt install apache2
-sudo apt-get install php5 libapache2-mod-php5
+sudo apt install php libapache2-mod-php
 </code>
-===== Apache =====
+===== Process control and status check =====
-To start/stop/restart the service:
 <code bash>
-sudo /etc/init.d/apache2 start
+sudo systemctl start apache2
-sudo /etc/init.d/apache2 stop
+sudo systemctl stop apache2
-sudo /etc/init.d/apache2 restart
+sudo systemctl restart apache2
+sudo systemctl status apache2
 </code>
-the configuration file is: ''/etc/apache2/sites-available/000-default.conf''
+===== Configuration =====
+  * the configuration file is: ''/etc/apache2/sites-available/000-default.conf''
+  * Directory listing
+    * To disable directory listing
+      * add ''Options -Indexes'' in the global configuration file ''/etc/apache2/sites-available/000-default.conf''
+    * To enable directory listing in a specific directory
+      * add a ''.htaccess'' file inside the directory
+      * Within the ''.htaccess'' file, specify ''Options +Indexes''
+  * Sample configuration:
 <file 000-default.conf>
@@ Line 84: / Line 93: @@
 </file>
+===== Update =====
-==== directory listing ====
+<code bash>
-  * disable directory listing by specifying ''Options -Indexes'' in the global configuration file ''/etc/apache2/sites-available/000-default.conf''
+# for Ubuntu 20.04.5 LTS; 2022/11/02
-  * to enable directory listing in a specific directory, add a ''.htaccess'' file inside the directory. Within the ''.htaccess'' file, specify ''Options +Indexes''
+# to update beyond Apache/2.4.41
+$ apache2 -v
+Server version: Apache/2.4.41 (Ubuntu)
+Server built:   2022-06-14T13:30:55
+$ sudo add-apt-repository ppa:ondrej/apache2
+$ sudo apt update
+$ sudo apt install apache2
+$ apache2 -v
+Server version: Apache/2.4.54 (Ubuntu)
+Server built:   2022-06-08T15:59:07
+$ systemctl status apache2
+$ sudo systemctl start apache2
+$ sudo systemctl enable apache2
+</code>
+===== Password protection =====
+Inside the directory to be protected, add a ''.htaccess'' file
+<code bash>
+AuthType Basic
+AuthName "Password Protected Area"
+AuthUserFile /PATH/.htpasswd
+require valid-user
+</code>
+''/PATH/.htpasswd'' should not be readable through a URL for safety.
+to generate ''/PATH/.htpasswd'':
+<code bash>
+htpasswd –c /PATH/.htpasswd USER
+</code>
+the ''-c'' option is for creating the file (1st time use). Too add more users, remove the ''-c'' option
+===== HTTPS/SSL =====
+  * Use [[https://letsencrypt.org/|Let's Encrypt]] with [[https://certbot.eff.org/|certbot]]
+  * install:
+<code bash>
+# require snapd; pre-installed on Ubuntu 20.04
+# remove the pre-installed cerbot (if present)
+$ sudo apt remove certbot
+# install certbot using snap
+$ sudo snap install --classic certbot
+# get a certificate; two options
+# (1) get a certificate without changing the Apache configuration
+$ sudo certbot certonly --apache
+# (2) get a certificate and have certbot edit the Apache configuration
+$ sudo certbot --apache
+#
+# check status
+$ sudo systemctl status certbot.timer
+# test renewal
+$ sudo certbot renew --dry-run
+# manual renewal; not recommended
+# better to put '/usr/bin/certbot renew --quiet' in crontab
+$ sudo certbot renew
+# enable ssl
+$ sudo a2enmod ssl
+</code>
+    * modify ''/etc/apache2/sites-available/000-default.conf'' accordingly
+<file>
+	ServerName example.com
+	ServerAdmin admin@example.com
+</file>
+  * SSL test: [[https://www.ssllabs.com/ssltest/]]
 ===== PHP =====
 ==== Info ====
@@ Line 130: / Line 202: @@
 ==== Permissions ====
-Make the permissions more restrictive for security reasons. Assuming the wiki is installed in ''/var/www/wiki''
+Make the permissions more restrictive for security reasons. Assuming that the wiki is installed in ''/var/www/wiki''
 <code bash>
 # change the ownership
-sudo chown -R www-data:admin /var/www/wiki
+sudo chown -R www-data:adm /var/www/wiki
 # restrict access by other
 sudo chmod -R o-rwx /var/www/wiki
@@ Line 156: / Line 228: @@
 sudo mkdir -p /var/www/webdav/web
 # change ownership
-sudo chown -R www-data:admin /var/www/webdav
+sudo chown -R www-data:adm /var/www/webdav
 # configure the virtual host For WebDAV
 # create the WebDAV password file with the user test
@@ Line 162: / Line 234: @@
 sudo htpasswd -c /var/www/webdav/passwd.dav test
 # change the ownership and permissions
-sudo chown www-data:admin /var/www/webdav/passwd.dav
+sudo chown www-data:adm /var/www/webdav/passwd.dav
 sudo chmod 640 /var/www/webdav/passwd.dav
 # backup the vhost configuration
@@ Line 197: / Line 269: @@
 ==== References ====
-  * [[http://www.howtoforge.com/how-to-set-up-webdav-with-apache2-on-ubuntu-10.04]]
+  * [[https://www.digitalocean.com/community/tutorials/how-to-install-the-apache-web-server-on-ubuntu-20-04]]
-  * [[http://www.linuxserver.org/linux/ubuntu/webdav-ubuntu-10-04/]]
+  * [[https://www.digitalocean.com/community/tutorials/how-to-install-the-apache-web-server-on-ubuntu-18-04]]