33 The Apache HTTP Server #
According to the survey from http://www.netcraft.com/, the Apache HTTP Server (Apache) is the world’s most widely-used Web server. Developed by the Apache Software Foundation (http://www.apache.org/), it is available for most operating systems. SUSE® Linux Enterprise Server includes Apache version 2.4. In this chapter, learn how to install, configure and set up a Web server; how to use SSL, CGI, and additional modules; and how to troubleshoot Apache.
33.1 Quick Start #
With this section, quickly set up and start Apache. You must be root to install and configure Apache.
33.1.1 Requirements #
Make sure the following requirements are met before trying to set up the Apache Web server:
- The machine’s network is configured properly. For more information about this topic, refer to Chapter 17, Basic Networking.
- The machine’s exact system time is maintained by synchronizing with a time server. This is necessary because parts of the HTTP protocol depend on the correct time. See Chapter 26, Time Synchronization with NTP to learn more about this topic.
- The latest security updates are installed. If in doubt, run a YaST Online Update.
- The default Web server port ( 80 ) is opened in the firewall. For this, configure the SuSEFirewall2 to allow the service HTTP Server in the external zone. This can be done using YaST. See Section 16.4.1, “Configuring the Firewall with YaST” for details.
33.1.2 Installation #
Apache on SUSE Linux Enterprise Server is not installed by default. To install it with a standard, predefined configuration that runs “ out of the box ” , proceed as follows:
- Start YaST and select Software › Software Management .
- Choose View › Patterns and select Web and LAMP Server .
- Confirm the installation of the dependent packages to finish the installation process.
33.1.3 Start #
You can start Apache automatically at boot time or start it manually.
To make sure that Apache is automatically started during boot in the targets multi-user.target and graphical.target , execute the following command:
root #
systemctl enable apache2
For more information about the systemd targets in SUSE Linux Enterprise Server and a description of the YaST Services Manager , refer to Section 14.4, “Managing Services with YaST”.
To manually start Apache using the shell, run systemctl start apache2 .
If you do not receive error messages when starting Apache, this usually indicates that the Web server is running. To test this:
- Start a browser and open http://localhost/. If Apache is up and running, you get a test page stating “ It works! ” .
- If you do not see this page, refer to Section 33.9, “Troubleshooting”.
Now that the Web server is running, you can add your own documents, adjust the configuration according to your needs, or add functionality by installing modules.
33.2 Configuring Apache #
SUSE Linux Enterprise Server offers two configuration options:
Manual configuration offers a higher level of detail, but lacks the convenience of the YaST GUI.
Most configuration changes require a reload (some also a restart) of Apache to take effect. Manually reload Apache with systemctl reload apache2 or use one of the restart options as described in Section 33.3, “Starting and Stopping Apache”.
If you configure Apache with YaST, this can be taken care of automatically if you set HTTP Service to Enabled as described in Section 33.2.3.2, “HTTP Server Configuration”.
33.2.1 Apache Configuration Files #
This section gives an overview of the Apache configuration files. If you use YaST for configuration, you do not need to touch these files—however, the information might be useful for you if you want to switch to manual configuration later on.
Apache configuration files can be found in two different locations:
33.2.1.1 /etc/sysconfig/apache2 #
/etc/sysconfig/apache2 controls some global settings of Apache, like modules to load, additional configuration files to include, flags with which the server should be started, and flags that should be added to the command line. Every configuration option in this file is extensively documented and therefore not mentioned here. For a general-purpose Web server, the settings in /etc/sysconfig/apache2 should be sufficient for any configuration needs.
33.2.1.2 /etc/apache2/ #
/etc/apache2/ hosts all configuration files for Apache. In the following, the purpose of each file is explained. Each file includes several configuration options (also called directives ). Every configuration option in these files is extensively documented and therefore not mentioned here.
The Apache configuration files are organized as follows:
/etc/apache2/ | |- charset.conv |- conf.d/ | | | |- *.conf | |- default-server.conf |- errors.conf |- httpd.conf |- listen.conf |- magic |- mime.types |- mod_*.conf |- server-tuning.conf |- ssl.* |- ssl-global.conf |- sysconfig.d | | | |- global.conf | |- include.conf | |- loadmodule.conf . . | |- uid.conf |- vhosts.d | |- *.conf
Specifies which character sets to use for different languages. Do not edit this file.
Configuration files added by other modules. These configuration files can be included into your virtual host configuration where needed. See vhosts.d/vhost.template for examples. By doing so, you can provide different module sets for different virtual hosts.
Global configuration for all virtual hosts with reasonable defaults. Instead of changing the values, overwrite them with a virtual host configuration.
Defines how Apache responds to errors. To customize these messages for all virtual hosts, edit this file. Otherwise overwrite these directives in your virtual host configurations.
The main Apache server configuration file. Avoid changing this file. It primarily contains include statements and global settings. Overwrite global settings in the pertinent configuration files listed here. Change host-specific settings (such as document root) in your virtual host configuration.
Binds Apache to specific IP addresses and ports. Name-based virtual hosting is also configured here. For details, see Section 33.2.2.1.1, “Name-Based Virtual Hosts”.
Data for the mime_magic module that helps Apache automatically determine the MIME type of an unknown file. Do not change this file.
MIME types known by the system (this actually is a link to /etc/mime.types ). Do not edit this file. If you need to add MIME types not listed here, add them to mod_mime-defaults.conf .
Configuration files for the modules that are installed by default. Refer to Section 33.4, “Installing, Activating, and Configuring Modules” for details. Note that configuration files for optional modules reside in the directory conf.d .
Contains configuration directives for the different MPMs (see Section 33.4.4, “Multiprocessing Modules”) and general configuration options that control Apache’s performance. Properly test your Web server when making changes here.
Global SSL configuration and SSL certificate data. Refer to Section 33.6, “Setting Up a Secure Web Server with SSL” for details.
Configuration files automatically generated from /etc/sysconfig/apache2 . Do not change any of these files—edit /etc/sysconfig/apache2 instead. Do not put other configuration files in this directory.
Specifies under which user and group ID Apache runs. Do not change this file.
Your virtual host configuration should be located here. The directory contains template files for virtual hosts with and without SSL. Every file in this directory ending with .conf is automatically included in the Apache configuration. Refer to Section 33.2.2.1, “Virtual Host Configuration” for details.
33.2.2 Configuring Apache Manually #
Configuring Apache manually involves editing plain text configuration files as user root .
33.2.2.1 Virtual Host Configuration #
The term virtual host refers to Apache’s ability to serve multiple universal resource identifiers (URIs) from the same physical machine. This means that several domains, such as www.example.com and www.example.net, are run by a single Web server on one physical machine.
It is common practice to use virtual hosts to save administrative effort (only a single Web server needs to be maintained) and hardware expenses (each domain does not require a dedicated server). Virtual hosts can be name based, IP based, or port based.
To list all existing virtual hosts, use the command apache2ctl -S . This outputs a list showing the default server and all virtual hosts together with their IP addresses and listening ports. Furthermore, the list also contains an entry for each virtual host showing its location in the configuration files.
Virtual hosts can be configured via YaST as described in Section 33.2.3.1.4, “Virtual Hosts” or by manually editing a configuration file. By default, Apache in SUSE Linux Enterprise Server is prepared for one configuration file per virtual host in /etc/apache2/vhosts.d/ . All files in this directory with the extension .conf are automatically included to the configuration. A basic template for a virtual host is provided in this directory ( vhost.template or vhost-ssl.template for a virtual host with SSL support).
It is recommended to always create a virtual host configuration file, even if your Web server only hosts one domain. By doing so, you not only have the domain-specific configuration in one file, but you can always fall back to a working basic configuration by simply moving, deleting, or renaming the configuration file for the virtual host. For the same reason, you should also create separate configuration files for each virtual host.
When using name-based virtual hosts it is recommended to set up a default configuration that will be used when a domain name does not match a virtual host configuration. The default virtual host is the one whose configuration is loaded first. Since the order of the configuration files is determined by file name, start the file name of the default virtual host configuration with an underscore character ( _ ) to make sure it is loaded first (for example: _default_vhost.conf ).
The block holds the information that applies to a particular domain. When Apache receives a client request for a defined virtual host, it uses the directives enclosed in this section. Almost all directives can be used in a virtual host context. See http://httpd.apache.org/docs/2.4/mod/quickreference.html for further information about Apache’s configuration directives.
33.2.2.1.1 Name-Based Virtual Hosts #
With name-based virtual hosts, more than one Web site is served per IP address. Apache uses the host field in the HTTP header that is sent by the client to connect the request to a matching ServerName entry of one of the virtual host declarations. If no matching ServerName is found, the first specified virtual host is used as a default.
The first step is to create a block for each different name-based host that you want to serve. Inside each block, you will need at minimum a ServerName directive to designate which host is served and a DocumentRoot directive to show where in the file system the content for that host resides.
# This first-listed virtual host is also the default for *:80 ServerName www.example.com ServerAlias example.com DocumentRoot /srv/www/htdocs/domain ServerName other.example.com DocumentRoot /srv/www/htdocs/otherdomain
The opening VirtualHost tag takes the IP address (or fully qualified domain name) as an argument in a name-based virtual host configuration. A port number directive is optional.
The wild card * is also allowed as a substitute for the IP address. When using IPv6 addresses, the address must be included in square brackets.