Changes

3,744 bytes added , 09:53, 24 February 2020

m

no edit summary

Line 2: Line 2:

Paths:

/etc/apache2/sites-available

−

/etc/apache2/sites-enabled (symbolic links to sites-available/*.conf files)

+

/etc/apache2/sites-enabled (symbolic links to sites-available/*.conf files) <syntaxhighlight lang="bash">

+

sudo apache2ctl -t -D DUMP_VHOSTS

+

sudo apache2ctl configtest

+

sudo a2enmod ssl

+

</syntaxhighlight>

−

== Virtual Hosts ==

+

==Virtual Hosts==

Apache allows to have multiple web sites on the same server. To do this go to sites-available and create a

.conf file for each host you whant containing the following:

Line 26: Line 30:

You should also enter in your domain administration panel and create the CNAMES to redirect trafic

−

to the public ip of this server

+

to the public ip of this server

+

Basic SSL VirtualHost:<syntaxhighlight lang="apache">

+

+

ServerName home.rra.lan

+

ServerAdmin webmaster@rra.lan

+

DocumentRoot /var/www/home.rra.lan

+

Redirect permanent / https://home.rra.lan

+

ErrorLog ${APACHE_LOG_DIR}/error.log

+

CustomLog ${APACHE_LOG_DIR}/access.log combined

+

</VirtualHost>

+

+

ServerName home.rra.lan

+

ServerAdmin webmaster@rra.lan

+

DocumentRoot /var/www/home.rra.lan

+

ErrorLog ${APACHE_LOG_DIR}/error.log

+

CustomLog ${APACHE_LOG_DIR}/access.log combined

+

SSLEngine on

+

SSLCertificateKeyFile /etc/ssl/private/home.rra.lan.key

+

SSLCertificateFile /etc/ssl/certs/home.rra.lan.crt

+

SSLCertificateChainFile /etc/ssl/certs/FreeIPA-CA.crt

+

</VirtualHost>

+

</syntaxhighlight>

+

==Redirect HTTP to HTTPS==

+

<code>sudo a2enmod rewrite</code>

+

<code>sudo nano /etc/apache2/sites-available/redirect_HTTP_to_HTTPS.conf</code>

+

+

+

RewriteEngine on

+

RewriteCond %{HTTPS} !=on

+

RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

+

ErrorLog ${APACHE_LOG_DIR}/error.log

+

CustomLog ${APACHE_LOG_DIR}/access.log combined

+

</VirtualHost>

+

</syntaxhighlight>

+

<code>sudo ln -s /etc/apache2/sites-available/redirect_HTTP_to_HTTPS.conf /etc/apache2/sites-enable/redirect_HTTP_to_HTTPS.conf</code>

+

==Authentication==

+

Create user account with:

+

htpasswd -c /usr/local/apache/passwd/passwords rbowen

+

Protect with the directory directive:

+

+

AuthType Basic

+

AuthName "Restricted Files"

+

# (Following line optional)

+

AuthBasicProvider file

+

AuthUserFile "/usr/local/apache/passwd/passwords"

+

# Require user rbowen

+

Require valid-user

+

</Directory></nowiki>

+

==Reverse Proxy==

+

+

a2enmod proxy proxy_http # HTTP

+

a2enmod proxy proxy_ftp # FTP

+

a2enmod proxy proxy_html # rewrite HTML links in proxy address space

+

a2enmod proxy proxy_ajp # Tomcat

+

a2enmod proxy

+

a2enmod rewrite

+

a2enmod deflate

+

a2enmod headers

+

a2enmod proxy_balancer

+

a2enmod proxy_connect

+

</syntaxhighlight>

+

====VirtualHost ProxyPass====

+

+

+

+

ServerAdmin webmaster@rra.lan

+

ServerName splunk.rra.lan

+

ErrorLog ${APACHE_LOG_DIR}/error.log

+

CustomLog ${APACHE_LOG_DIR}/access.log combined

+

ServerAlias splunk.rra.lan

+

SSLEngine on

+

SSLCertificateFile /etc/ssl/certs/splunk.rra.lan.crt

+

SSLCertificateKeyFile /etc/ssl/private/splunk.rra.lan.key

+

+

AddDefaultCharset Off

+

Order deny,allow

+

Allow from all

+

</Proxy>

+

ProxyRequests Off

+

ProxyPreserveHost On

+

# SSLProxyEngine on

+

ProxyPass / http://0.0.0.0:8000/

+

ProxyPassReverse / http://0.0.0.0:8000/

+

</VirtualHost>

+

</IfModule>

+

</syntaxhighlight>

+

==apachectl==

+

+

sudo apachectl configtest

+

</syntaxhighlight>

+

https://httpd.apache.org/docs/2.4/programs/apachectl.html

+

See more options at:

+

https://httpd.apache.org/docs/2.4/es/howto/auth.html

+

https://www.digitalocean.com/community/tutorials/how-to-use-apache-http-server-as-reverse-proxy-using-mod_proxy-extension

+

Rafahsolis

Bureaucrats, Administrators

2,306

edits

Changes

Apache2 (view source)

Revision as of 09:53, 24 February 2020

Navigation menu

Search