Difference between revisions of "Apache2"

From RHS Wiki
Jump to navigation Jump to search
m
Tag: visualeditor
m
Tag: visualeditor
Line 30: Line 30:
 
Basic SSL VirtualHost:
 
Basic SSL VirtualHost:
 
  <nowiki><VirtualHost *:80>
 
  <nowiki><VirtualHost *:80>
        ServerName home.rra.lan
+
          ServerName home.rra.lan
        ServerAdmin webmaster@rra.lan
+
          ServerAdmin webmaster@rra.lan
        DocumentRoot /var/www/home.rra.lan
+
          DocumentRoot /var/www/home.rra.lan
       
+
         
        Redirect permanent / https://home.rra.lan
+
          Redirect permanent / https://home.rra.lan
        ErrorLog ${APACHE_LOG_DIR}/error.log
+
          ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
+
          CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
+
  </VirtualHost>
<VirtualHost *:443>
+
  <VirtualHost *:443>
        ServerName home.rra.lan
+
          ServerName home.rra.lan
        ServerAdmin webmaster@rra.lan
+
          ServerAdmin webmaster@rra.lan
        DocumentRoot /var/www/home.rra.lan
+
          DocumentRoot /var/www/home.rra.lan
        ErrorLog ${APACHE_LOG_DIR}/error.log
+
          ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
+
          CustomLog ${APACHE_LOG_DIR}/access.log combined
       
+
         
        SSLEngine on
+
          SSLEngine on
        SSLCertificateKeyFile /etc/ssl/private/home.rra.lan.key
+
          SSLCertificateKeyFile /etc/ssl/private/home.rra.lan.key
        SSLCertificateFile /etc/ssl/certs/home.rra.lan.crt
+
          SSLCertificateFile /etc/ssl/certs/home.rra.lan.crt
        SSLCertificateChainFile /etc/ssl/certs/FreeIPA-CA.crt
+
          SSLCertificateChainFile /etc/ssl/certs/FreeIPA-CA.crt
</VirtualHost>
+
  </VirtualHost>
</nowiki>
+
  </nowiki>
  
 
==Redirect HTTP to HTTPS==
 
==Redirect HTTP to HTTPS==
 
sudo nano /etc/apache2/sites-available/redirect_HTTP_to_HTTPS.conf
 
sudo nano /etc/apache2/sites-available/redirect_HTTP_to_HTTPS.conf
 
  <nowiki><VirtualHost *:80>
 
  <nowiki><VirtualHost *:80>
        RewriteEngine on
+
          RewriteEngine on
        RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
+
          RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost></nowiki>
+
  </VirtualHost></nowiki>
 
sudo ln -s /etc/apache2/sites-available/redirect_HTTP_to_HTTPS.conf /etc/apache2/sites-enable/redirect_HTTP_to_HTTPS
 
sudo ln -s /etc/apache2/sites-available/redirect_HTTP_to_HTTPS.conf /etc/apache2/sites-enable/redirect_HTTP_to_HTTPS
 
==Authentication==
 
==Authentication==
Line 66: Line 66:
 
Protect with the directory directive:
 
Protect with the directory directive:
 
  <nowiki><Directory "/usr/local/apache/htdocs/secret">
 
  <nowiki><Directory "/usr/local/apache/htdocs/secret">
    AuthType Basic
+
      AuthType Basic
    AuthName "Restricted Files"
+
      AuthName "Restricted Files"
    # (Following line optional)
+
      # (Following line optional)
    AuthBasicProvider file
+
      AuthBasicProvider file
    AuthUserFile "/usr/local/apache/passwd/passwords"
+
      AuthUserFile "/usr/local/apache/passwd/passwords"
    # Require user rbowen
+
      # Require user rbowen
    Require valid-user
+
      Require valid-user
</Directory></nowiki>
+
  </Directory></nowiki>
  
== Reverse Proxy ==
+
==Reverse Proxy==
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
 
a2enmod proxy proxy_http  # HTTP
 
a2enmod proxy proxy_http  # HTTP
Line 89: Line 89:
 
</syntaxhighlight>
 
</syntaxhighlight>
  
==== VirtualHost ProxyPass ====
+
====VirtualHost ProxyPass====
 
<syntaxhighlight lang="apache">
 
<syntaxhighlight lang="apache">
 
<VirtualHost *:*>
 
<VirtualHost *:*>
Line 106: Line 106:
 
</VirtualHost>
 
</VirtualHost>
 
</syntaxhighlight>
 
</syntaxhighlight>
 +
 +
== apachectl ==
 +
<syntaxhighlight lang="bash">
 +
sudo apachectl configtest
 +
</syntaxhighlight>
 +
https://httpd.apache.org/docs/2.4/programs/apachectl.html
  
  

Revision as of 09:30, 22 March 2019

Web Server for linux.
Paths:
/etc/apache2/sites-available
/etc/apache2/sites-enabled (symbolic links to sites-available/*.conf files)

Virtual Hosts

Apache allows to have multiple web sites on the same server. To do this go to sites-available and create a
.conf file for each host you whant containing the following: 

 <VirtualHost *:80>
    ServerAdmin rafael@herrerosolis.com
    DocumentRoot /var/www/webfolder
    ServerName www.yourwebpagename.com
    ServerAlias www.yourwebpagename.com

    ErrorLog /var/www/yourwebfolder/logs/error.log
    
    # Posible values include: debug, info, notice, warn, error, crit.
    # alert, emerg.

    CustomLog /var/www/yourwebfolder/logs/access.log combined

 </VirtualHost>

You should also enter in your domain administration panel and create the CNAMES to redirect trafic
to the public ip of this server

Basic SSL VirtualHost: 

<VirtualHost *:80>
          ServerName home.rra.lan
          ServerAdmin webmaster@rra.lan
          DocumentRoot /var/www/home.rra.lan
          
          Redirect permanent / https://home.rra.lan
          ErrorLog ${APACHE_LOG_DIR}/error.log
          CustomLog ${APACHE_LOG_DIR}/access.log combined
  </VirtualHost>
  <VirtualHost *:443>
          ServerName home.rra.lan
          ServerAdmin webmaster@rra.lan
          DocumentRoot /var/www/home.rra.lan
          ErrorLog ${APACHE_LOG_DIR}/error.log
          CustomLog ${APACHE_LOG_DIR}/access.log combined
          
          SSLEngine on
          SSLCertificateKeyFile /etc/ssl/private/home.rra.lan.key
          SSLCertificateFile /etc/ssl/certs/home.rra.lan.crt
          SSLCertificateChainFile /etc/ssl/certs/FreeIPA-CA.crt
  </VirtualHost>

Redirect HTTP to HTTPS

sudo nano /etc/apache2/sites-available/redirect_HTTP_to_HTTPS.conf 

<VirtualHost *:80>
          RewriteEngine on
          RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
  </VirtualHost>

sudo ln -s /etc/apache2/sites-available/redirect_HTTP_to_HTTPS.conf /etc/apache2/sites-enable/redirect_HTTP_to_HTTPS

Authentication

Create user account with: 

htpasswd -c /usr/local/apache/passwd/passwords rbowen

Protect with the directory directive: 

<Directory "/usr/local/apache/htdocs/secret">
      AuthType Basic
      AuthName "Restricted Files"
      # (Following line optional)
      AuthBasicProvider file
      AuthUserFile "/usr/local/apache/passwd/passwords"
      # Require user rbowen
      Require valid-user
  </Directory>

Reverse Proxy

a2enmod proxy proxy_http  # HTTP
a2enmod proxy proxy_ftp   # FTP
a2enmod proxy proxy_html  # rewrite HTML links in proxy address space
a2enmod proxy proxy_ajp   # Tomcat
a2enmod proxy
a2enmod rewrite
a2enmod deflate
a2enmod headers
a2enmod proxy_balancer
a2enmod proxy_connect

VirtualHost ProxyPass

<VirtualHost *:*>
    ProxyPreserveHost On

    # Servers to proxy the connection, or;
    # List of application servers:
    # Usage:
    # ProxyPass / http://[IP Addr.]:[port]/
    # ProxyPassReverse / http://[IP Addr.]:[port]/
    # Example: 
    ProxyPass / http://0.0.0.0:8080/
    ProxyPassReverse / http://0.0.0.0:8080/

    ServerName localhost
</VirtualHost>

apachectl

sudo apachectl configtest

https://httpd.apache.org/docs/2.4/programs/apachectl.html


See more options at:

https://httpd.apache.org/docs/2.4/es/howto/auth.html

https://www.digitalocean.com/community/tutorials/how-to-use-apache-http-server-as-reverse-proxy-using-mod_proxy-extension

Retrieved from "https://wiki.herrerosolis.com/index.php?title=Apache2&oldid=1789"