Difference between revisions of "Installing Apache webserver"
From rdkwiki
Line 40: | Line 40: | ||
add: '''ServerTokens Prod''' --> hides version info in response headers. | add: '''ServerTokens Prod''' --> hides version info in response headers. | ||
add: '''ServerSignature Off''' --> hides version info on error pages. | add: '''ServerSignature Off''' --> hides version info on error pages. | ||
+ | |||
+ | == Hiding PHP version information == | ||
+ | * '''sudo nano /etc/php.ini''' --> edit the PHP configuration | ||
+ | change: '''expose_php = off''' --> hides PHP version (default = on) | ||
== Securing your sites with certificates (optional) == | == Securing your sites with certificates (optional) == | ||
You can secure your sites with certficates for free. I like Let's Encrypt. there's a wiki here: [[Let's Encrypt configuration]] | You can secure your sites with certficates for free. I like Let's Encrypt. there's a wiki here: [[Let's Encrypt configuration]] |
Revision as of 13:10, 26 October 2016
Contents
Intro
The steps below will configure a working Apache web-server. The steps assume that you have a (fresh) CentOS 7 server running.
Apache installation
- sudo yum install httpd --> install httpd (Apache)
- systemctl start httpd --> start Apache
- systemctl enable httpd --> enable Apache at boot
Apache vhost configuration (optional)
- mkdir /etc/httpd/sites-available --> create the folder where the vhost files will be saved
- mkdir /etc/httpd/sites-enabled --> create the folder where the vhost files will be linked to make them active
- sudo nano /etc/httpd/conf/httpd.conf --> change the Apache configuration
add IncludeOptional sites-enabled/*.conf to end of file
repeat the steps below for each vhost that you want to create:
- sudo nano /etc/httpd/sites-available/<host>.<domain>.<tld>.conf
<VirtualHost *:80> ServerName <host>.<domain>.<tld> ServerAlias <domain>.<tld> DocumentRoot /var/www/html/<subfolder> </VirtualHost>
- sudo ln -s /etc/httpd/sites-available/<host>.<domain>.<tld>.conf /etc/httpd/sites-enabled/<host>.<domain>.<tld>.conf --> make a symbolic link to activate a site.
Splitting Apache's "access_log" and "errorlog" for each vhost (optional)
- sudo nano /etc/httpd/sites-enabled/<site>.conf --> edit vhost-file
<VirtualHost *:80> ServerName <host>.<domain>.<tld> ServerAlias <domain>.<tld> DocumentRoot /var/www/html/<subfolder> add this line: ErrorLog /var/log/httpd/<sitename>_error.log add this line: CustomLog /var/log/httpd/<sitename>_access_log combined </VirtualHost>
Repeat this step for each vhost. This way you will get seperate logs for each site.
- apachectl configtest --> test new Apache configuration
- sudo systemctl restart httpd --> restart the Apache webserver
Hiding Apache version information
- sudo nano /etc/httpd/conf/httpd.conf --> edit the Apache configuration
add: ServerTokens Prod --> hides version info in response headers. add: ServerSignature Off --> hides version info on error pages.
Hiding PHP version information
- sudo nano /etc/php.ini --> edit the PHP configuration
change: expose_php = off --> hides PHP version (default = on)
Securing your sites with certificates (optional)
You can secure your sites with certficates for free. I like Let's Encrypt. there's a wiki here: Let's Encrypt configuration