warning!
this howto is very old (2017) rhel7 and CentOS7, while both distros are kind of EOL (End Of Life = no more updates) they are still widely in use.
this howto is UNTESTED!
in general: social skills
social competence demands to first praise then critizise – no matter what – nobody is perfect or god.
praise: Thanks for this massively cool webserver software – that can do so many things (vhosts and .htaccess and php) – you contributed an very important part to an internet completely powered by free soft- and hardware.
in general: webservers + vestacp
vestacp is a nice-and-easy way to admin a webserver (their servers got hacked in 2018, have paused but now resumed?)
while actually one webserver software should be enough – some software like magento webshop (at least in the past) explicitly required apache2 – now lightspeed is also supported (Apache compatible rewrite rules, a web administration interface (cool!), and customized PHP processing optimized for the server)?
Is it fully Open Source? https://github.com/litespeedtech/openlitespeed
Re: Why use nginx and apache together?
nginx serves static files (images, css, html etc.) really fast and efficient and passes php and .htaccess requests to apache2 for processing
apache serves php and .htaccess (most cms site like wordpress needs it for rewrite) and if you throw in a php opcode cache like zend opcache or xcache it should serve php even faster
nginx + apache with php opcache = performance and server resource efficiency
… while well… this php7 benchmark says lighttpd was the most efficient.
as said – with static sites nginx is dominating.
so as i said – one webserver software should actually be enough 😀
first the naming: apache could either have it’s name from native americans (and their fast horses? 🙂 or from “a patchy server”.
originally called httpd (http daemon) it is still called httpd in CentOS/Redhat – while under Debian/Ubuntu the program is actually called apache2.
On GitHub the project is called httpd by Apache.
So httpd is the project – Apache is the organization – but still the webserver is known as apache. This is how you can confuse people with your naming and renaming…
The Apache HTTP Server Project is a collaborative software development effort aimed at creating a robust, commercial-grade, feature-rich and freely available source code implementation of an HTTP (Web) server. The project is jointly managed by a group of volunteers located around the world, using the Internet and the Web to communicate, plan, and develop the server and its related documentation. This project is part of the Apache Software Foundation. In addition, hundreds of users have contributed ideas, code, and documentation to the project.[55][56][57]
a bit of apache hisory: http://httpd.apache.org/ABOUT_APACHE.html
also checkout the massive list of open source software projects apache is dedicated to: https://en.wikipedia.org/wiki/List_of_Apache_Software_Foundation_projects
financials
In the 2010–11 fiscal year, the Foundation took in $539,410, almost entirely from grants and contributions (your donation campgains are not as aggressive as those of wikipedia 😀 “donate or we switch off the internet”) with $12,349 from two ApacheCons. With no employees and 2,663 volunteers, it spent $270,846 on infrastructure, $92,364 on public relations, and $17,891 on two ApacheCons.[13]
setup and install:
theoretically you could compile from source – but i guess it is easier going with the precompiled packages.
apt install apache2; # debian9 yum -y install httpd; # redhat/centos httpd -v; # check version centos/redhat Server version: Apache/2.4.6 (CentOS) Server built: Apr 12 2017 21:03:28 apache2 -v; # check version Server version: Apache/2.4.25 (Debian) Server built: 2017-07-18T18:37:33 # if php and postgresdb access is required yum install php php-pgsql.x86_64 # set firewall rule under centos7, iptables was replaced with firewalld firewall-cmd --permanent --zone=public --add-service=http firewall-cmd --permanent --zone=public --add-service=https firewall-cmd --reload
start and stop, restart:
# redhat/centos systemctl start httpd.service systemctl enable httpd.service # debian/ubuntu systemctl start apache2.service
for restarting you can use systemd’s systemctl:
systemctl restart apache2.service
it won’t give you any feedback if the config is okay…
apachectl restart ll /usr/sbin/apachectl; # apachectl = apache2ctl lrwxrwxrwx 1 root root 10 Jul 18 20:37 /usr/sbin/apachectl -> apache2ctl apache2ctl restart AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/apache2.conf:229 AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message # show all ips of server hostname -I
this is the “official” tool to do it…
now when the browsers to server’s ip
user should see the CentOS7 Apache2 test default page:
under Debian9 it looks like this:
congratz!
webserver is up and running 🙂
more testing: hello html world
echo "<html>hello world</html>" > /var/www/html/index.html;
testing if php is working:
echo "<?php phpinfo(); ?>" > /var/www/html/info.php
then open in browser
http://ip.of.server/info.php
if php is working, it SHOULD display a “info php page”
monitoring runtime:
ps uax|grep apache2; # debian/ubuntu root 1436 0.0 0.4 75608 4388 ? Ss 16:32 0:00 /usr/sbin/apache2 -k start www-data 1437 0.0 0.3 364768 4044 ? Sl 16:32 0:00 /usr/sbin/apache2 -k start www-data 1438 0.0 0.3 364768 4020 ? Sl 16:32 0:00 /usr/sbin/apache2 -k start root 1771 0.0 0.0 12784 980 pts/0 S+ 16:50 0:00 grep apache2 ps uax|grep httpd; # centos/redhat root 2988 0.0 1.0 226224 5176 ? Ss 10:36 0:00 /usr/sbin/httpd -DFOREGROUND apache 2989 0.0 0.6 226224 3024 ? S 10:36 0:00 /usr/sbin/httpd -DFOREGROUND apache 2990 0.0 0.7 226360 3772 ? S 10:36 0:00 /usr/sbin/httpd -DFOREGROUND apache 2991 0.0 0.7 226360 3516 ? S 10:36 0:00 /usr/sbin/httpd -DFOREGROUND apache 2992 0.0 0.7 226360 3772 ? S 10:36 0:00 /usr/sbin/httpd -DFOREGROUND apache 2993 0.0 0.6 226224 3260 ? S 10:36 0:00 /usr/sbin/httpd -DFOREGROUND apache 3012 0.0 0.6 226224 3024 ? S 10:37 0:00 /usr/sbin/httpd -DFOREGROUND apache 3038 0.0 0.6 226224 3024 ? S 10:41 0:00 /usr/sbin/httpd -DFOREGROUND root 3044 0.0 0.1 112644 964 pts/1 R+ 10:49 0:00 grep --color=auto httpd systemctl status httpd.service; # debian/ubuntu ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled) Active: active (running) since Thu 2017-07-27 10:36:16 EDT; 12min ago Docs: man:httpd(8) man:apachectl(8) Main PID: 2988 (httpd) Status: "Total requests: 47; Current requests/sec: 0; Current traffic: 0 B/sec" CGroup: /system.slice/httpd.service ├─2988 /usr/sbin/httpd -DFOREGROUND ├─2989 /usr/sbin/httpd -DFOREGROUND ├─2990 /usr/sbin/httpd -DFOREGROUND ├─2991 /usr/sbin/httpd -DFOREGROUND ├─2992 /usr/sbin/httpd -DFOREGROUND ├─2993 /usr/sbin/httpd -DFOREGROUND ├─3012 /usr/sbin/httpd -DFOREGROUND └─3038 /usr/sbin/httpd -DFOREGROUND Jul 27 10:36:16 CentosSlave systemd[1]: Starting The Apache HTTP Server... Jul 27 10:36:16 CentosSlave httpd[2988]: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::919f:e7b3:ff...is message Jul 27 10:36:16 CentosSlave systemd[1]: Started The Apache HTTP Server. Hint: Some lines were ellipsized, use -l to show in full. systemctl status apache2.service; # debian/ubuntu ● apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2017-07-27 16:32:29 CEST; 15min ago Main PID: 1436 (apache2) CGroup: /system.slice/apache2.service ├─1436 /usr/sbin/apache2 -k start ├─1437 /usr/sbin/apache2 -k start └─1438 /usr/sbin/apache2 -k start
config files:
praise then critics – thanks for this massively cool webserver software – that can do so many things (vhosts and .htaccess and php) – you contributed an very important part to an internet completely powered by free soft- and hardware.
now the critics: quiet complicated. in contrast to the unix philosophy of small and beautiful – the configuration of apache2 has grown into a massive confusing monster of options.
that’s what i like about lighttpd 😀 (it can not do .htacess but wordpress is running just fine with it)
“Apache’s config is really simple, and really powerful. Nginx is powerful, but can be very hard to understand, as it seems more like a programming language than a config file.” (src)
it is not easy to find out what main-config file apache2 is actually using.
it used to be one large config file – now atleast under debian – it was split up into multiple files for better overview.
apache2 -V | grep SERVER_CONFIG_FILE; # could work vim /etc/httpd/conf/httpd.conf; # redhat/centos vim /etc/apache2/apache2.conf; # debian/ubuntu
debian/ubuntu:
Debian’s Apache2 default configuration is different from the upstream default configuration, and split into several files optimized for interaction with Debian tools.
Why is that? -> Automation
Debian’s default Apache2 installation attempts to make adding and removing modules, virtual hosts, and extra configuration directives as flexible as possible, in order to make automating the changes and administering the server as easy as possible.
Please be aware that this layout is quite different from the standard Apache configuration. Due to the use of environment variables, apache2 needs to be started/stopped with ‘/etc/init.d/apache2’, apachectl, or apache2ctl. Calling ‘/usr/bin/apache2’ directly will not work with the default configuration. To call apache2 with specific command line
arguments, just call apache2ctl with the same arguments.
The configuration system is fully documented in /usr/share/doc/apache2/README.Debian.gz (or by clicking this link). Refer to this for the full documentation. Documentation for the web server itself can be found by accessing the manual if the apache2-doc package was installed on this server.
The configuration layout for an Apache2 web server installation on Debian systems is as follows:
/etc/apache2/ |-- apache2.conf | `-- ports.conf |-- mods-enabled | |-- *.load | `-- *.conf |-- conf-enabled | `-- *.conf |-- sites-enabled | `-- *.conf
- apache2.conf is the main configuration file. It puts the pieces together by including all remaining configuration files when starting up the web server.
- ports.conf is always included from the main configuration file. It is used to determine the listening ports for incoming connections, and this file can be customized anytime.
- Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/ directories contain particular configuration snippets which manage modules, global configuration fragments, or virtual host configurations, respectively.
- They are activated by symlinking available configuration files from their respective *-available/ counterparts. These should be managed by using our helpers a2enmod, a2dismod, a2ensite, a2dissite, and a2enconf, a2disconf . See their respective man pages for detailed information.
- The binary is called apache2. Due to the use of environment variables, in the default configuration, apache2 needs to be started/stopped with /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not work with the default configuration.
in the main config file those directories containing more config files are defined:
# Include generic snippets of statements IncludeOptional conf-enabled/*.conf # Include the virtual host configurations: IncludeOptional sites-enabled/*.conf
under centos/redhat it looks like this:
ll /etc/httpd/
total 0
drwxr-xr-x. 2 root root 37 Jul 27 11:14 conf
drwxr-xr-x. 2 root root 82 Jul 27 10:35 conf.d
drwxr-xr-x. 2 root root 146 Jul 27 10:35 conf.modules.d
lrwxrwxrwx. 1 root root 19 Jul 27 10:35 logs -> ../../var/log/httpd
lrwxrwxrwx. 1 root root 29 Jul 27 10:35 modules -> ../../usr/lib64/httpd/modules
lrwxrwxrwx. 1 root root 10 Jul 27 10:35 run -> /run/httpd
under debian9 it looks like this:
ll /etc/apache2/ total 88K drwxr-xr-x 8 root root 4.0K Jul 27 17:12 . drwxr-xr-x 92 root root 4.0K Jul 27 16:32 .. -rw-r--r-- 1 root root 7.1K Jul 18 20:37 apache2.conf drwxr-xr-x 2 root root 4.0K Jul 27 17:13 conf-available drwxr-xr-x 2 root root 4.0K Jul 27 17:12 conf-enabled -rw-r--r-- 1 root root 1.8K Jul 18 20:36 envvars -rw-r--r-- 1 root root 31K Jul 16 10:15 magic drwxr-xr-x 2 root root 12K Jul 27 16:32 mods-available drwxr-xr-x 2 root root 4.0K Jul 27 16:32 mods-enabled -rw-r--r-- 1 root root 320 Jul 16 10:15 ports.conf drwxr-xr-x 2 root root 4.0K Jul 27 16:32 sites-available drwxr-xr-x 2 root root 4.0K Jul 27 16:32 sites-enabled ll /etc/apache2/conf-enabled total 8.0K drwxr-xr-x 2 root root 4.0K Jul 27 16:32 . drwxr-xr-x 8 root root 4.0K Jul 27 17:08 .. lrwxrwxrwx 1 root root 30 Jul 27 16:32 charset.conf -> ../conf-available/charset.conf lrwxrwxrwx 1 root root 44 Jul 27 16:32 localized-error-pages.conf -> ../conf-available/localized-error-pages.conf lrwxrwxrwx 1 root root 46 Jul 27 16:32 other-vhosts-access-log.conf -> ../conf-available/other-vhosts-access-log.conf lrwxrwxrwx 1 root root 31 Jul 27 16:32 security.conf -> ../conf-available/security.conf lrwxrwxrwx 1 root root 36 Jul 27 16:32 serve-cgi-bin.conf -> ../conf-available/serve-cgi-bin.conf
ll /etc/apache2/sites-available total 20K drwxr-xr-x 2 root root 4.0K Jul 27 16:32 . drwxr-xr-x 8 root root 4.0K Jul 27 17:12 .. -rw-r--r-- 1 root root 1.4K Jul 16 10:15 000-default.conf -rw-r--r-- 1 root root 6.2K Jul 18 20:36 default-ssl.conf
before restarting apache and risking outage – you can test your config like this:
/usr/sbin/apachectl configtest; # test config
.htaccess
is a nice but not-so-easy way to secure your http://www.web.com/directories with username and password authentification.
mkdir /var/www/html/test; # create a test subdirectory, it did not work in document-root vim /var/www/html/test/.htaccess; # create the file with this content AuthType Basic AuthUserFile /var/www/passwd AuthName "title of the user password dialog box" order deny,allow allow from all require valid-user htpasswd -cs /var/www/passwd user; # generate file, you will be asked twice for password htpasswd -s /var/www/passwd secondaryuser; # -s Use SHA encryption for passwords. # if you find: tail -f /var/log/httpd/*_log ==> /var/log/httpd/error_log <== [Fri Jul 28 07:41:16.678450 2017] [authn_file:error] [pid 2923] (13)Permission denied: [client 172.20.0.7:51440] AH01620: Could not open password file: /var/www/passwd chcon -Rv --type=httpd_sys_content_t /var/www/passwd; # under centos/redhat # you will have to change this line vim /etc/httpd/conf/httpd.conf # Further relax access to the default document root: <Directory "/var/www/html"> # # Possible values for the Options directive are "None", "All", # or any combination of: # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews # # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. # # The Options directive is both complicated and important. Please see # http://httpd.apache.org/docs/2.4/mod/core.html#options # for more information. # Options Indexes FollowSymLinks # # AllowOverride controls what directives may be placed in .htaccess files. # It can be "All", "None", or any combination of the keywords: # Options FileInfo AuthConfig Limit # AllowOverride All ... systemctl restart httpd.service; # restart apache2 to make config active
files involved – file list debian/centos:
debian_apache2_file_search.txt
errors:
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message Syntax OK
while this is not a severe error you should uncomment the ServerName line in your config:
vim /etc/httpd/conf/httpd.conf; # redhat/centos vim /etc/apache2/apache2.conf; # debian/ubuntu # # ServerName gives the name and port that the server uses to identify itself. # This can often be determined automatically, but we recommend you specify # it explicitly to prevent problems during startup. # # If your host doesn't have a registered DNS name, enter its IP address here. # ServerName www.example.com:80
under debian/ubuntu this setting is defined here:
vim /etc/apache2/sites-available/000-default.conf # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. ServerName www.example.com
tools:
log files:
error and access logs are usually generated.
# fedora/redhat/centos/suse? tail -f /var/log/httpd/* # debian/ubuntu tail -f /var/log/apache2/*
apache2 vs nginx
“Nginx is event-based, while apache is process-based.
Under high load, this makes all the difference in the world…
Apache has to fork or start a new thread for each connection, while nginx doesn’t.
This difference shows up mainly in memory usage, but also in user response time and other performance metrics.” (src)
Links:
more webserver software – https://en.wikipedia.org/wiki/Comparison_of_web_server_software
need more php speed? hhvm – https://www.youtube.com/watch?v=P9WhAUpMFdg
https://www.howtoforge.com/apache_php_mysql_on_centos_7_lamp
liked this article?
- only together we can create a truly free world
- plz support dwaves to keep it up & running!
- (yes the info on the internet is (mostly) free but beer is still not free (still have to work on that))
- really really hate advertisement
- contribute: whenever a solution was found, blog about it for others to find!
- talk about, recommend & link to this blog and articles
- thanks to all who contribute!