Apache

httpd(8), also known as Apache or Apache2, is one of the oldest and most extensible web servers. It has survived so long precisely because it is so extensible; system administrators have been able to continuously tune and upgrade the server for modern best practices.

Contents

  1. Apache
    1. Installation
      1. Containers
    2. Setup
    3. Configuration
      1. Server
      2. Virtual Hosts
      3. Encryption
      4. Authentication
      5. FastCGI
    4. See also

Installation

Most Linux and BSD distributions offer a package for httpd(8), but it will be named differently across systems. The most common names are apache and apache2.

Supporting programs like htpasswd(1) are sometimes split into a separate package named like apache2-utils.

Containers

Docker container images are also available for the current version. The image is available from DockerHub as docker.io/library/httpd (or simply httpd when using docker(1) specifically).

Try: 

docker run --detach --name my-apache \
  --publish 127.0.0.1:8080:80 \
  --mount type=bind,src=/path/to/web/root,dst=/usr/local/apache2/htdocs \
  httpd:2.4

Setup

For systemd-capable systems, start and enable httpd.service or apache2.service (again, differing across systems).

For OpenRC-based systems, start the apache2 service and set it to start on boot.

Otherwise try: 

service apache2 start
#also: stop, restart, and reload

For BSD distributions, try: 

/usr/local/sbin/apachectl start
#also: stop, restart, and graceful

See apachectl(8) for more information.

To launch the server on startup, update /etc/rc.conf: 

apache_enable="YES"

Configuration

Server

The server is configured by a central file. Distributions disagree about the correct location for this file. Try all of the following:

Virtual Hosts

Virtual hosts are declared in domain-specific files. An example site configuration for a CGI script, such as cgit. 

<VirtualHost *:80>
  ServerAdmin webmaster@localhost
  ServerName git.my-domain.com
 
  DocumentRoot /usr/share/cgit
  Alias / /usr/share/cgit/cgit.cgi

  <Document '/usr/share/cgit/'>
    Options ExecCGI FollowSymLinks
    Require all granted
    AddHandler cgi-script .cgi
    DirectoryIndex cgit.cgi
  </Document>
 
  ErrorLog /var/log/apache2/error.log
  CustomLog /var/log/apache2/access.log combined
</VirtualHost>

Encryption

See here for details.

Authentication

A document can be set to require authentication, except for a local network user. 

<Document "/">
  AuthType Basic
  AuthName "Authentication Required"
  AuthUserFile /var/www/ftp-htpasswd
  <RequireAny>
    Require valid-user
    Require ip 192.168
    Require ip 10
  </RequireAny>
</Document>

This method of authentication is 'good-enough' for personal uses. It relies entirely on the traffic encryption (HTTPS).

FastCGI

See here for details.

See also

Apache server documentation

httpd(8)

Apache with FastCGI

Apache with SSL/TLS

CategoryRicottone

Apache (last edited 2023-04-03 12:48:41 by DominicRicottone)