How to Configure Apache Server in CentOS 7: A Step-by-Step Guide


How to Configure Apache Server in CentOS 7: A Step-by-Step Guide

Apache HTTP Server, commonly known as Apache, is one of the most popular and widely used web servers in the world. It is open-source, highly customizable, and compatible with various platforms, including CentOS 7. In this guide, we will go through the step-by-step process of configuring Apache on CentOS 7, from installation to fine-tuning for performance and security.

This tutorial is designed for beginners and intermediate users who want to set up a reliable web server environment using Apache on CentOS 7.

Prerequisites

Before diving into the configuration steps, ensure that you have the following:

  1. A CentOS 7 server with root or sudo privileges.
  2. Basic knowledge of the Linux command line.
  3. Internet access to download Apache and related packages.

Step 1: Update Your System

The first step in configuring an Apache server is to ensure that your system packages are up to date. This helps to avoid compatibility issues and ensures that the server software is secure and stable.

Run the following command to update all packages:

bash
sudo yum update -y

This command will check for any available package updates and install them on your CentOS 7 server.

Step 2: Install Apache on CentOS 7

CentOS 7 includes Apache (also known as httpd) in its package repository. You can easily install it using the following yum command:

bash
sudo yum install httpd -y

This command will download and install Apache, along with any required dependencies. Once the installation is complete, you can confirm that Apache is installed by checking its version:

bash
httpd -v

You should see output indicating the installed version of Apache.

Step 3: Start and Enable Apache

After installation, you need to start Apache and enable it to run at system startup.

To start Apache, run:

bash
sudo systemctl start httpd

To enable Apache to start on boot, use:

bash
sudo systemctl enable httpd

You can verify that Apache is running by checking its status:

bash
sudo systemctl status httpd

If everything is configured correctly, you should see that the service is “active” and “running.”

Step 4: Configure Firewall to Allow HTTP and HTTPS Traffic

By default, CentOS 7 uses firewalld as its firewall management tool. You’ll need to configure it to allow traffic on the HTTP (port 80) and HTTPS (port 443) ports so that users can access your Apache server.

To allow HTTP traffic, run:

bash
sudo firewall-cmd --permanent --add-service=http

To allow HTTPS traffic, run:

bash
sudo firewall-cmd --permanent --add-service=https

After making these changes, reload the firewall for them to take effect:

bash
sudo firewall-cmd --reload

You can check that the ports are open by running:

bash
sudo firewall-cmd --list-all

This will display a list of open services, which should include http and https.

Step 5: Test Apache Web Server

Now that Apache is installed and running, you can verify that it is working by accessing the default Apache welcome page.

Open a web browser and enter your server’s IP address:

arduino
http://your_server_ip

If Apache is correctly installed, you should see the Apache CentOS 7 default welcome page, which indicates that Apache is running successfully.

Step 6: Configure Virtual Hosts (Optional but Recommended)

Apache’s virtual hosting feature allows you to host multiple websites on a single server. Each website can have its own configuration files, root directories, and domain names.

Creating a Directory for the Website

First, create a directory to hold your website’s files. For this example, let’s create a directory for example.com:

bash
sudo mkdir -p /var/www/example.com/public_html

Then set the correct permissions for the directory:

bash
sudo chown -R $USER:$USER /var/www/example.com/public_html
sudo chmod -R 755 /var/www/example.com

Creating a Virtual Host Configuration File

Next, create a new configuration file for your virtual host in the Apache configuration directory:

bash
sudo nano /etc/httpd/conf.d/example.com.conf

Inside this file, add the following configuration, replacing example.com with your domain name and the path to your website directory:

apache
<VirtualHost *:80>
    ServerAdmin admin@example.com
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot /var/www/example.com/public_html
    ErrorLog /var/www/example.com/error.log
    CustomLog /var/www/example.com/requests.log combined
</VirtualHost>

Save and close the file.

Create a Test HTML File

To test if the virtual host is working, create an HTML file in your website’s root directory:

bash
echo "<html><h1>Welcome to example.com</h1></html>" | sudo tee /var/www/example.com/public_html/index.html

Restart Apache

After configuring your virtual host, restart Apache to apply the changes:

bash
sudo systemctl restart httpd

Now, if you access http://example.com (replace with your actual domain or IP), you should see your test HTML page.

Step 7: Enable and Configure SSL (Optional for Secure Connections)

To enable HTTPS on your server, you’ll need to install an SSL certificate. One way to do this is with Let’s Encrypt, a free certificate authority. You can install the Certbot tool to manage SSL certificates.

Install Certbot:

bash
sudo yum install epel-release -y
sudo yum install certbot python2-certbot-apache -y

Request a certificate for your domain:

bash
sudo certbot --apache -d example.com -d www.example.com

Certbot will ask for your email address and other information. After completing the prompts, Certbot will obtain and install an SSL certificate.

Auto-Renewing the SSL Certificate

Let’s Encrypt certificates expire every 90 days, but you can automate renewal with a cron job:

bash
echo "0 0 * * * /usr/bin/certbot renew --quiet" | sudo tee -a /etc/crontab > /dev/null

This job will check daily for any certificates that need renewal.

Step 8: Basic Security and Optimization

Securing and optimizing Apache is crucial for performance and protection against vulnerabilities.

Disable Directory Listing

To prevent users from viewing the contents of directories that don’t have an index.html file, disable directory listing by editing the Apache configuration file.

Add the following line to the default Apache configuration or the virtual host file:

apache
<Directory /var/www/example.com/public_html>
    Options -Indexes
</Directory>

Hide Apache Version and OS Information

Exposing the Apache version and OS information can make your server more vulnerable to attacks. To hide this information, edit /etc/httpd/conf/httpd.conf and add these lines: https://blog.oudel.com/how-to-configure-apache-server-in-centos-7-step-by-step-guide/

apache
ServerTokens Prod
ServerSignature Off

Restart Apache for the changes to take effect:

bash
sudo systemctl restart httpd

Step 9: Troubleshooting Common Apache Issues

  • Permission Errors: If you encounter 403 Forbidden errors, ensure your document root and directories have the proper permissions and ownership.
  • Syntax Errors: Run apachectl configtest to check for syntax errors in your configuration files.
  • Apache Won’t Start: Check logs in /var/log/httpd/ for clues.

Conclusion

Setting up an Apache server on CentOS 7 is straightforward and provides a reliable platform for web hosting. With the steps outlined above, you can install, configure, and secure your Apache server. Additionally, virtual hosting allows you to manage multiple sites, while SSL setup helps secure your connections. Regular maintenance, updates, and monitoring will keep your server running smoothly and securely.

Firewall tips
https://www.rootusers.com/how-to-open-a-port-in-centos-7-with-firewalld/
List port - https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

Comments

Post a Comment

Popular posts from this blog

How to Connect to a Linux Server from Windows Using MobaXterm

Image
   Introduction Connecting to a  Linux server from a Windows machine  is a common task for system administrators, developers, and IT professionals. MobaXterm is a powerful terminal software that provides an all-in-one solution for remote computing. It supports SSH (Secure Shell), X11 forwarding, and other network protocols, making it an excellent choice for managing Linux servers from Windows. This guide will walk you through downloading, installing, and using MobaXterm to connect to a Linux server. Step 1: Download and Install MobaXterm Download MobaXterm Open a web browser on your Windows machine. Visit the official MobaXterm website:  https://mobaxterm.mobatek.net/ Click on the "Download" button. Choose either the "Home Edition" (free version) or the "Professional Edition" (paid version with additional features). Download the installer or the portable version, depending on your preference. Install MobaXterm If you downloaded the installer, double-click ...
Read more

How to Allow Remote Desktop Connections on Windows 7

Image
Remote Desktop Protocol (RDP) is a convenient feature built into Windows operating systems. It allows users to access and control another computer remotely over a network. For businesses and individuals still using Windows 7, enabling Remote Desktop connections can be essential for managing systems from a distance, troubleshooting, or working collaboratively. In this article, we’ll guide you through the steps to enable Remote Desktop connections on Windows 7, discuss security best practices, and troubleshoot common issues you might encounter. What is a Remote Desktop? Remote Desktop is a Microsoft feature that allows users to connect to a Windows computer remotely and interact with it as if they were sitting in front of it. This is achieved using the Remote Desktop Protocol (RDP). It is widely used for: Remote system administration. Accessing files and applications from another location. Offering technical support. In Windows 7, the Remote Desktop feature is available in the Profession...
Read more

How to Secure a Windows VPS from Hackers: A Comprehensive Guide

Image
A Windows Virtual Private Server (VPS) offers the flexibility to host websites, and applications, or manage remote workloads. However, its constant internet exposure makes it an attractive target for hackers. Cyberattacks, including brute force attacks, malware infections, and unauthorized access, can compromise your VPS if proper security measures are not in place. This article provides an in-depth guide on securing a Windows VPS from hackers and ensuring the safety of your data and operations. Understanding the Threats Hackers use a variety of techniques to compromise VPS environments, including: Brute Force Attacks: Automated bots systematically try passwords to gain unauthorized access. Exploitation of Vulnerabilities: Hackers exploit outdated software and unpatched vulnerabilities. Ransomware and Malware: Malicious software can encrypt data or take control of the server. Phishing and Social Engineering: Weak user practices may inadvertently grant hackers access. Addressing th...
Read more