Kuo Lab Wiki

User Tools

Site Tools

You are here: start » computers » apache_server_configuration
computers:apache_server_configuration

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
computers:apache_server_configuration [2018/12/14 02:52] – [HTTPS/SSL] chkuocomputers:apache_server_configuration [2022/11/02 16:04] (current) chkuo
Line 19: Line 19:
  
 ===== Configuration ===== ===== Configuration =====
- 
   * the configuration file is: ''/etc/apache2/sites-available/000-default.conf''   * the configuration file is: ''/etc/apache2/sites-available/000-default.conf''
 +  * Directory listing
 +    * To disable directory listing
 +      * add ''Options -Indexes'' in the global configuration file ''/etc/apache2/sites-available/000-default.conf''
 +    * To enable directory listing in a specific directory
 +      * add a ''.htaccess'' file inside the directory
 +      * Within the ''.htaccess'' file, specify ''Options +Indexes''
 +  * Sample configuration:
 +
  
 <file 000-default.conf> <file 000-default.conf>
Line 86: Line 93:
 </file> </file>
  
-===== HTTPS/SSL ===== +===== Update ===== 
-  * Use [[https://letsencrypt.org/|Let's Encrypt]] with [[https://certbot.eff.org/|certbot]] +
-  * install:+
 <code bash> <code bash>
-$ sudo apt-get update +# for Ubuntu 20.04.5 LTS; 2022/11/02 
-sudo apt-get install software-properties-common +# to update beyond Apache/2.4.41 
-$ sudo add-apt-repository universe +apache2 -v 
-$ sudo add-apt-repository ppa:certbot/certbot +Server version: Apache/2.4.41 (Ubuntu) 
-$ sudo apt-get update +Server built:   2022-06-14T13:30:55 
-$ sudo apt-get install python-certbot-apache +$ sudo add-apt-repository ppa:ondrej/apache2  
 +$ sudo apt update 
 +$ sudo apt install apache2 
 +$ apache2 -
 +Server version: Apache/2.4.54 (Ubuntu) 
 +Server built:   2022-06-08T15:59:07 
 +$ systemctl status apache2 
 +$ sudo systemctl start apache2 
 +$ sudo systemctl enable apache2
 </code> </code>
-    * modify ''/etc/apache2/sites-available/000-default.conf'' accordingly 
-<file> 
- ServerName example.com 
- ServerAdmin admin@example.com 
-</file> 
-    * execute 
-<code bash> 
-$ sudo certbot --apache 
-</code> 
- 
- 
- 
- 
-==== Directory listing ==== 
-  * disable directory listing by specifying ''Options -Indexes'' in the global configuration file ''/etc/apache2/sites-available/000-default.conf'' 
-  * to enable directory listing in a specific directory, add a ''.htaccess'' file inside the directory. Within the ''.htaccess'' file, specify ''Options +Indexes'' 
  
-==== Password protection ====+===== Password protection =====
 Inside the directory to be protected, add a ''.htaccess'' file Inside the directory to be protected, add a ''.htaccess'' file
 <code bash> <code bash>
Line 132: Line 130:
  
  
 +===== HTTPS/SSL =====
 +  * Use [[https://letsencrypt.org/|Let's Encrypt]] with [[https://certbot.eff.org/|certbot]]
 +  * install:
 +<code bash>
 +# require snapd; pre-installed on Ubuntu 20.04
 +# remove the pre-installed cerbot (if present)
 +$ sudo apt remove certbot
 +# install certbot using snap
 +$ sudo snap install --classic certbot
 +# get a certificate; two options
 +# (1) get a certificate without changing the Apache configuration 
 +$ sudo certbot certonly --apache
 +# (2) get a certificate and have certbot edit the Apache configuration 
 +$ sudo certbot --apache
 +#
 +# check status
 +$ sudo systemctl status certbot.timer
 +# test renewal
 +$ sudo certbot renew --dry-run
 +# manual renewal; not recommended
 +# better to put '/usr/bin/certbot renew --quiet' in crontab
 +$ sudo certbot renew
 +# enable ssl
 +$ sudo a2enmod ssl
 +</code>
 +    * modify ''/etc/apache2/sites-available/000-default.conf'' accordingly
 +<file>
 + ServerName example.com
 + ServerAdmin admin@example.com
 +</file>
  
  
 +  * SSL test: [[https://www.ssllabs.com/ssltest/]]
 ===== PHP ===== ===== PHP =====
 ==== Info ==== ==== Info ====
Line 174: Line 202:
  
 ==== Permissions ==== ==== Permissions ====
-Make the permissions more restrictive for security reasons. Assuming the wiki is installed in ''/var/www/wiki''+Make the permissions more restrictive for security reasons. Assuming that the wiki is installed in ''/var/www/wiki''
  
 <code bash> <code bash>
 # change the ownership # change the ownership
-sudo chown -R www-data:admin /var/www/wiki+sudo chown -R www-data:adm /var/www/wiki
 # restrict access by other # restrict access by other
 sudo chmod -R o-rwx /var/www/wiki sudo chmod -R o-rwx /var/www/wiki
Line 200: Line 228:
 sudo mkdir -p /var/www/webdav/web sudo mkdir -p /var/www/webdav/web
 # change ownership # change ownership
-sudo chown -R www-data:admin /var/www/webdav+sudo chown -R www-data:adm /var/www/webdav
 # configure the virtual host For WebDAV # configure the virtual host For WebDAV
 # create the WebDAV password file with the user test # create the WebDAV password file with the user test
Line 206: Line 234:
 sudo htpasswd -c /var/www/webdav/passwd.dav test sudo htpasswd -c /var/www/webdav/passwd.dav test
 # change the ownership and permissions # change the ownership and permissions
-sudo chown www-data:admin /var/www/webdav/passwd.dav+sudo chown www-data:adm /var/www/webdav/passwd.dav
 sudo chmod 640 /var/www/webdav/passwd.dav sudo chmod 640 /var/www/webdav/passwd.dav
 # backup the vhost configuration # backup the vhost configuration
Line 241: Line 269:
  
 ==== References ==== ==== References ====
 +  * [[https://www.digitalocean.com/community/tutorials/how-to-install-the-apache-web-server-on-ubuntu-20-04]]
   * [[https://www.digitalocean.com/community/tutorials/how-to-install-the-apache-web-server-on-ubuntu-18-04]]   * [[https://www.digitalocean.com/community/tutorials/how-to-install-the-apache-web-server-on-ubuntu-18-04]]
  
  
computers/apache_server_configuration.1544727171.txt.gz · Last modified: by chkuo