Apache Web Server Centos 7



  1. Centos 7 Apache Virtual Host
  2. Two Node Apache Web Server Clustering With Pacemaker On Centos 7

In our project, the web server will be running on Apache. Of course Nginx is another great web server, but here, I’ll use Apache v2.4. If you’d like the Nginx version of this article, please click here.

  1. Apr 23, 2019 In a standard installation, CentOS 7 is set to prevent traffic to Apache. Normal web traffic uses the http protocol on Port 80, while encrypted web traffic uses the https protocol, on Port 443. Modify your firewall to allow connections on these ports using the following commands.
  2. One reason for poor Apache performance is that Apache is having trouble coping with the load. The Apache MPM (Multi-Processing Module) can help. Mpmpreforkmodule is included and enabled in the default Apache installation on CentOS 7. To confirm this run the following command.

Jul 26, 2019 Pre Flight Check For this article, we will be using a Core-Managed CentOS 7 VPS, which comes with a clean installation of Apache 2.4. Instructions will be similar for CentOS 6, and also for Unmanaged CentOS 7 servers, with the same Apache version. We’re SSH'd to our server as the root user.

The site runs on PHPas well and so, we’ll be installing php7.0 to facilitate the properworking of the website.

Prerequisites

  • A VPS with Centos 7 installed
  • Root access to the server

What do we want?

We want to set up aserver so as it should run website on Apache. The site should alsorun on SSL.

Procedure

1. Login to yourserver as root

2. Install Apacheweb server and mod_ssl

[[email protected]~]# yum install -y httpd mod_ssl

3. Start and enableApache

[[email protected]~]# systemctl start httpd

[[email protected]~]# systemctl enable httpd

4. Install php 7.0as below:

  • Install epel repository and remi repository

[[email protected] ~]# yum install epel-release -y

[[email protected] ~]# yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm

  • Install yum-utils. We need it for the yum-config-manager package [[email protected] ~]# yum install yum-utils -y
  • Enable remi repository for installing php7.0. If you would like to install php 7.1 or 7.2, replace the 70 in the command above with 71 or 72 respectively.

[[email protected] ~]# yum-config-manager --enable remi-php70

  • Run the command below to install php 7.0 with some necessary modules

[[email protected] ~]# yum install php php-mcrypt php-cli php-gd php-curl php-mysql php-mysqli php-ldap php-zip php-fileinfo

  • You can then check if your php version has been installed [[email protected] ~]# php –version

5. Create a vhost

We now need todefine a vhost file that will have the Apache directives for our siteeg Document root.

Navigate to/etc/httpd/conf.d folder and create a file calledexample.co.ke.conf. Copy the following in the file and save.

<VirtualHost*:80>

DocumentRoot/home/example/public_html

Server

ServerName example.co.ke

ServerAlias www.example.co.ke

</VirtualHost>

Centos 7 Apache Virtual Host

From the abovevhost, our document root is located in /home/example/public_html. This is a path we created so as to act as Document root insteadof the normal /var/www/html folder. You may specify another locationas you wish but make sure thepermissions are okay for access. Rule of thumb is: All directoriesshould be 0755 while all files should be 0644

Nowrestart Apapche

[[email protected]~]# systemctlrestart httpd

6. Upload content toyour root folder. You may use any method available for you includingFileZilla(needs FTP installed ) or a nice solid command such as scpwhich uses SSH to transfer files

Your website shouldnow be well accessible online via a browser. To complete the setup,however, we need to install SSL certificate for the domain. It’s agood habit to install SSL for your site, the world is moving to a100% encrypted internet.

7. Install SSL

  • Generate CSR for your domain. Click here to learn how to do this from the command line.
  • Obtain your SSL certificate from preferred vendor using the CSR you generated and upload them to a folder on your server. I recommend you save them in the same folder as the CSR and Key the step above
  • On your web server access the Apache vhost configuration file. Create another vhost section and copy lines in step (5) then change *:80 to *:443. Finally add the following code just before </Virtual Host> line

SSLEngineon

SSLCertificateFile/path/to/your_domain_name.crt

SSLCertificateKeyFile/path/to/your_private.key

SSLCertificateChainFile/path/to/CA.crt

Replace the respective paths to the files with your actual ones.

Now,ifyou restartApache andfailto include the virtual host listening to port 80atthis pointthentryaccessing the site, you willget a Error 400: Bad Requesterror. Your webserver is unable to service http request as the vhostwe have definedforceshttps via port 443. And of course, it’ll be unimaginableto ask visitors to precedehttps on your domain name every time they’reaccessing.Toallow http requests to be served as well, you need to include thevirtual host for port 80. Thusyour file in after the whole process should look like this:

<VirtualHost *:443>

DocumentRoot/home/example/public_html

Web

ServerNameexample.co.ke

ServerAliaswww.example.co.ke

SSLEngine on

SSLCertificateFile/home/example/certs/example.co.ke.cer

SSLCertificateKeyFile/home/example/certs/example.co.ke.key

SSLCertificateChainFile/home/example/certs/example.co.ke.ca

</VirtualHost>

<VirtualHost *:80 >

DocumentRoot/home/example/public_html

ServerNameexample.co.ke

ServerAliaswww.example.co.ke

</VirtualHost>

Alternatively, you can redirect all traffic tohttps by using the configuration file below instead:

<VirtualHost *:443>

DocumentRoot/home/example/public_html

ServerNameexample.co.ke

ServerAliaswww.example.co.ke

SSLEngineon

SSLCertificateFile/home/example/certs/example.co.ke.cer

SSLCertificateKeyFile/home/example/certs/example.co.ke.key

SSLCertificateChainFile/home/example/certs/example.co.ke.ca

</VirtualHost>

<VirtualHost*:80>

DocumentRoot/home/example/public_html

ServerNameexample.co.ke

ServerAliaswww.example.co.ke

Redirect/ https://www.example.co.ke

</VirtualHost>

Two Node Apache Web Server Clustering With Pacemaker On Centos 7

8. Next disable the default sslconfiguration file – /etc/httpd/conf.d/ssl.conf by renaming it. Notethat, we don’t want it to end with .conf otherwise it’ll still beprocessed by apache. so add something towards the end of file name egssl.conf.hold.

9. After that access your vhost file and add the following line atthe top – outside <VirtualHost></VirtualHost>

Listen 443 https

You can also choose to , instead of adding the above line to vhost,add the line Listen 443 to/etc/httpd/conf/httpd.conf file.

Note that you can only have Listen 443in either file but not both.

10.Restart Apache.

[[email protected] ~]#systemctlrestart httpd

That should do it. Now you have your site up and running on well!

Related posts: