Install and Configure Apache Server

 A. Install and Verify Apache Server

  1. Install the Web Serverpackage group:
# yum groupinstall -y "Web Server"
  1. Edit the /etc/hosts file and the ip address and fully qualified domain name of the server:
  1. Optionally, Set the ServerName directive in /etc/httpd/conf/httpd.conf file. Activate at boot time and start the service:
# systemctl enable httpd # systemctl start httpd
  1. Add the HTTP service to the firewall configuration and reload it:
# firewall-cmd --list-all # firewall-cmd --permanent --add-service=http Success # firewall-cmd --reload Success

If you plan to use the HTTPS protocol, the command should be # firewall-cmd –permanent –add-service=https

  1. Check which ports this deamon is listening on:
$ ss -nutlp | grep -i http

Here it shows that our web server daemon is listening on port 80 and 443. A further check you can do is this:

# fuser -v -n tcp 80 # fuser -v -n tcp 443
  1. Confirm that our client can connect to these ports:
# nc -v 80 Ncat: Version 6.40 ( ) Ncat: Connected to ^C # nc -v 443 Ncat: Version 6.40 ( ) Ncat: Connected to ^C


  1. Test the Welcome Page. Open the browser and visit You will get the welcome page, even if you create an html page in /var/www/html. This is due to  IncludeOptional conf.d/*.confstatement at the end of the /etc/httpd/conf/httpd.conf file that instructs Apache to load the files finishing by *.conf located in the /etc/httpd/conf.d To display the content of the /var/www/html directory, you need to go to the /etc/httpd/conf.d directory and check the welcome.conf file.
  2. Create /etc/httpd/conf.d/mywebserver.conf file:
<Directory /var/www/html> AllowOverride None Require all granted </Directory>
  1. Install the httpd-manual package.
# yum install -y httpd-manual # elinks /usr/share/httpd/manual/howto/auth.html


B. Configure a Virtual Host.

Let’s assume your website is called

  1. Create /var/www/html/ directory:
# cd /var/www/html # mkdir
  1. Create an index.html file and assign the correct SELinux context:
# echo "This is vhost1 test." > # restorecon -R
  1. Create the /etc/httpd/conf.d/vhosts.conf file and paste the following lines:
<VirtualHost *:80> ServerAdmin DocumentRoot /var/www/html/ ServerName ErrorLog logs/ CustomLog logs/ common </VirtualHost>
  1. Optionaly, rename the /etc/httpd/conf.d/ssl.conf file, otherwise you get an additional non-working https virtual host displayed in the configuration.
# cd /etc/httpd/conf.d; mv ssl.conf ssl.conf2
  1. Check the validity of the configuration:
# apachectl configtest Syntax OK

You can also type: # httpd -t

  1. Restart the httpd service:
# apachectl restart

You can also use # systemctl restart httpd. For minor configuration changes, it is also possible to restart the Apache daemon without losing the current connections: # apachectl graceful

  1. Check the virtual host(s) configuration:
# httpd -D DUMP_VHOSTS VirtualHost configuration: *:80                   is a NameVirtualHost         default server (/etc/httpd/conf.d/vhosts.conf:1)         port 80 namevhost (/etc/httpd/conf.d/vhosts.conf:1)         port 80 namevhost (/etc/httpd/conf.d/vhosts.conf:1)
  1. Check the configuration:
# yum install -y elinks # elinks

C. Configure Apache access restrictions on directories.

  1. Create a private directory, private, in /var/www/html
# cd /var/www/html # mkdir private # echo "This is Private Host test." > private/index.html # restorecon -R .
  1. Host-based private directories: To only allow the host (add the name/IP address in the /etc/hosts file if necessary) to access a specific directory (here private), edit the /etc/httpd/conf/httpd.conf file and paste the following lines at the end:
<Directory "/var/www/html/private"> AllowOverride None Options None Require host </Directory>
  1. Check the configuration file:
# apachectl configtest Syntax OK
  1. User-based private directories: To only allow me to access a specific directory (here private), edit the /etc/httpd/conf/httpd.conffile and paste the following lines at the end:
<Directory "/var/www/html/private"> AuthType Basic AuthName "Password protected area" AuthUserFile /etc/httpd/conf/passwd Require user me </Directory>
  1. Check the configuration file:
# apachectl configtest Syntax OK
  1. Create the passwd file and store me‘s password:
# htpasswd -c /etc/httpd/conf/passwd me # chmod 600 /etc/httpd/conf/passwd # chown apache:apache /etc/httpd/conf/passwd

The .htpasswd file can be used locally instead of the httpd.conf file.

  1. Whatever the option chosen, restart the httpd service:
# systemctl restart httpd
  1. Check the httpd service:
# yum install -y curl # curl -u user:password http://localhost


# yum install -y elinks # elinks http://localhost/private