Linux Apache HTTP/HTTPS

In this tutorial i will try to go easily step by step to install simple virtual hosts using Apache (the most popular web server) on CentOS (considered to be Red Hat community version).

Apache Virtual Hosts is ability to host many web sites with different domain name in same system installation.

Let’s Go,…

01.Installing Apache

httpd is the name of package in centos and mod_ssl (library to provide https ability) :

 # yum install httpd mod_ssl -y

02.Enable and Start httpd service (enable means start on system boot by default) :

 # systemctl enable httpd
 # systemctl start httpd

03.Firewall ports to open (http/https):

  firewall-cmd --permanent --add-service=http --add-service=https
  firewall-cmd --reload

*Open your browser and go to url:  localhost , should see default apache welcome page , fine !

04.SELinux configuration if non-default location used:

Default path for web site files is /var/www/html/ which is properly configured with SELinux , but you can use whatever path you want but you must take care of SELINUX

 # mkdir /web
 # chown -R apache:apache /web/
 # semanage fcontext -a -t httpd_sys_content_t '/web(/.*)?'
 # restorecon -Rv /web

*Now this folder is ready to hold our web site files

05.Virtual Hosts:

default configuration file for httpd in Centos is: /etc/httpd/conf/httpd.conf

*To create a new Virtual host: use any editor to create a file with .conf extension in /etc/httpd/conf.d/

For Example: let’s create  horusec.local web site:
vim /etc/httpd/conf.d/horusec.conf

 <Directory /web >
 Require all granted
 AllowOverride None
 </Directory>
 <VirtualHost *:80>
 DocumentRoot /web
 ServerName horusec.local
 ServerAlias www.horusec.local
 ServerAdmin admin@horusec.local
 ErrorLog "logs/horusec_error_log"
 CustomLog "logs/horusec_access_log" combined
 </VirtualHost>

Now you need to add  a record in /etc/hosts to point to this name for testing or Register this domain name with your public IP in your Domain Registerar

Add test page to our site:

# echo “Welcome to horusec.local Testing web site” > /web/index.html

*Now browse to horusec.local , should see our testing page (edit /etc/hosts or any dns resolving to use site names or use IP for testing)

06.HTTPS secure connection:

yum install crypto-utils

Create self-signed certificate:

 # genkey horusec.local

# provide your certificate info – this files must be found there after that:

 /etc/pki/tls/private/horusec.local.key
 /etc/pki/tls/certs/horusec.local.0.csr
 /etc/pki/tls/certs/horusec.local.crt

#default ssl configuration file:

vim /etc/httpd/conf.d/ssl.conf

Create a new web site in a new configuration file called horusec.conf

# vim /etc/httpd/conf.d/horusec.conf

<Directory /web >
Require all granted
AllowOverride None
</Directory>

<VirtualHost *:443>
DocumentRoot /web
ServerName horusec.local
SSLEngine on
SSLCertificatefile /etc/pki/tls/certs/horusec.local.crt
SSLCertificatekeyfile /etc/pki/tls/private/horusec.local.key
SSLCertificatechainfile /etc/pki/tls/certs/horusec.local.crt
ServerAdmin admin@horusec.local
ErrorLog "logs/site1_error_log"
CustomLog "logs/site1_access_log" combined
</VirtualHost>

#Also append that next lines to redirect http to https:

<VirtualHost *:80>
ServerName horusec.local
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST} [redirect=301]
</VirtualHost>

Reload httpd service to read new configuration file:

systemctl reload httpd

#Now Browse to horusec.local , should redirect you to https://horusec.local and open our welcome test page

One comment on “Linux Apache HTTP/HTTPS”

Comments are closed.