1. apt-get install apache2
2. Set up vhost files.
3. Set up modules you want.
4. service apache2 status|start|stop|restart

Want only to publish local notes to teammates (behind firewall)? Go do this:

# cd /var/www
# mv html html.sav
# ln -s /home/russ/dev/notes ./html

In browser, type http://host-ip-address.

More? See HTTPD - Apache2 Web Server

1. apt-get update
2. apt-get install apache2
3. Enable the firewall:

   # ufw enable
   Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
   Firewall is active and enabled on system startup
   # ufw app list
   Available applications:
     Apache
     Apache Full
     Apache Secure
     OpenSSH
   # ufw allow 'Apache Full'
   Rule added
   Rule added (v6)
   # ufw status
   Status: active
   
   To                         Action      From
   --                         ------      ----
   Apache Full                ALLOW       Anywhere
   Apache Full (v6)           ALLOW       Anywhere (v6)
   

4. Inspect the Apache webserver service's status:

   # systemctl status apache2
   ● apache2.service - The Apache HTTP Server
        Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
        Active: active (running) since Wed 2022-06-22 22:03:37 UTC; 6min ago
          Docs: https://httpd.apache.org/docs/2.4/
      Main PID: 2004 (apache2)
         Tasks: 55 (limit: 38302)
        Memory: 5.3M
           CPU: 41ms
        CGroup: /system.slice/apache2.service
                ├─2004 /usr/sbin/apache2 -k start
                ├─2005 /usr/sbin/apache2 -k start
                └─2006 /usr/sbin/apache2 -k start
   
   Jun 22 22:03:37 russ-microservices systemd[1]: Starting The Apache HTTP Server...
   Jun 22 22:03:37 russ-microservices apachectl[2003]: AH00558: apache2: Could not reliably determine the server's fully q>
   Jun 22 22:03:37 russ-microservices systemd[1]: Started The Apache HTTP Server.
   

5. Now that it's obvious it's running, hit the webserver's splash page from any browser:

   http://russ-microservices
   

Want only to publish local notes to teammates (behind firewall)? Go do this:

# cd /var/www
# mv html html.sav
# ln -s /home/russ/notes ./html

In browser, type http://host-ip-address. When you first do this, you must restart Apache:

# systemctl restart apache2

Setting up a virtual host...

If you wish to set up full, raging virtual hosts, check out Step 5 — Setting up Virtual Hosts.

1. Create a directory for the domain, assign ownership and set permissions:

   # mkdir /var/www/domainname
   # chown -R www-data:www-data /var/www/domainname
   # chmod -R u=rwxr,g=xr,0=rx /var/www/domainname      # (or 755)
   

2. If your domain has no index.html, create one that will come up and reassure you that your domain works. For example, put this file on the path, /var/www/domainname/index.html:

   <html>
     <head>
       <title>Welcome to your domain!</title>
     </head>
     <body>
       <h1>The virtual host you set up is working!</h1>
     </body>
   </html>
   
   

3. Now create a virtual host file. Name this file, domainname.conf and drop it into /etc/apache2/sites-available:

   <VirtualHost *:80>
       ServerAdmin  webmaster@localhost
       ServerName   domainname
       ServerAlias  www.domainname
       DocumentRoot /var/www/domainname
       ErrorLog     ${APACHE_LOG_DIR}/error.log
       CustomLog    ${APACHE_LOG_DIR}/access.log combined
   </VirtualHost>
   

4. Enable your new site thus:

   # a2ensite domainname.conf
   

5. ...and disable the default configuration there since Apache was installed:

   # a2dissite 000-default.conf
   

6. Use Apache to test for any configuration errors in your virtual host file:

   # apache2ctl configtest
   Output
   . . .
   Syntax OK
   

7. Bounce Apache:

   # systemctl restart apache2
   

8. Then head (in a browser) to your domain:

   http://domainname
   

   ...where you should see something like this:

   The virtual host you set up is working!

I followed an article by my old friend, Kevin Millecam, (Google “apache linux millecam”) a little bit before it started deviating from what I could relate to. Kevin wrote this article to rave reviews a few years ago—back before SuSE 10. What is even more useful, once I get to it, is the coverage of PHP and MySQL. I have so far climbed the PHP mountain, although not really since SuSE’s Apache2 simply came already installed with it. (I mean, when I loaded my box in January 2006, I specifically asked for Apache2 to get installed during the initial installation because I knew that sooner or later I would need to use it.

I found in SuSE 10 that Yast doesn’t mention Apache by name, but instead calls it the http server. Okay, I’m clever enough to guess that “http server’ refers to the Apache web server because the Apache Software Foundating is bigger than just their webserver. And, Yast is handy in expert mode once you get there, for setting up Apache in the respective boot levels, but that is all it does for you.

Where’s my stuff?

RedHat installs Apache across /var/local and /usr/local which is where you’d install it if you were compiling it for yourself from Apache sources.

SuSE comes with Apache 2 and if you let Yast take care of the problem for you, it gets installed who knows where. I haven’t found all the places it goes, but I can tell you that it isn’t in /usr/local presumably because SuSE considers it system software.

It has been asserted to me that Yast can configure things like Document Roots. I was looking forward to this since the last time I messed with those, for my Apache server running on NetWare (whence you are reading this very document), I failed to perform the configuration correctly (and, my hand was being held by Novell’s Apache guy too). However, I did not find this to be true in the version of Yast installed on my SuSE 10. On SuSE 10.1, it happens under Yast for http server.

What’s more, I haven’t yet figured out how to muck with /etc/apache2/httpd.conf directly because that file now asks one not to muck with it. So, I’m still looking for how and where to do that. There are very unclear suggestions in that file, but some refer to files that don’t exist on my SuSE host. (But, more on this topic in the next section.)

Disconcertingly, path ~/public_html is useless to the Apache server on my host—a very convenient phenomenon that Kevin’s article had led me to believe would work. I would love to be able to put my stuff there.

Yast or not to Yast?

At work, I’ve found that SuSE 10’s Yast doesn’t provide for as much cool configuration as the SuSE 10.1/2 I have at home (I installed 10.1, but some things have been upgraded to 10.2, something I didn’t do on purpose, but happened already prior to my installation of 10.1 or as part of an automatic upgrade I tried to set up and which may have worked).

In particular, I find that at work I have to modify /etc/sysconfig/apache2 by hand to get APACHE_CONF_INCLUDE_FILES set to /etc/apache2/mod_userdir.conf in support of using ~/public_html use as a document root.

As you might guess, at work now (10.0) I restarted the dæmon with the change just described and it now works. I hate having to learn a new way to do things each release. There should be a best practices and then we’re done.

At this point, I can only say that /srv/www/htdocs is where I found what is displayed when, from a browser on any host here at my work, you type http://taliesin.vintela.com/. This is not to say that this path isn’t an eminently wonderful place for a webserver’s documents to go, it just seems very specific to SuSE.

I placed the following PHP content there and got what I was looking for once I did it. I called the document, info.php and reached it thus: http://taliesin.vintela.com/info.php

	<?php phpinfo(); ?>

This magically causes a page from php.net to come up with system information on it (quite useful).

PHP works, therefore, if not where I would prefer to see it (on ~/public_html where Kevin put his).

In Apache, the term virtual host refers to being able to host more than one web site or domain name on the same server. This seems obvious, but you have to think about it.

It is possible to assign one IP address per domain or, more frequently, overload the one IP address you have with several domains, what Apache calls name-based hosting.

I started by reading this article.

Notice that this method only protects directories and not individual files. If a directory is accessible, all files (and subdirectories) are accessible. Also, usernames and passwords are transmitted in the clear, so someone sniffing can capture them. Therefore, don't use this for serious password protection.

1. Enable .htaccess processing. This is done by editing the vhost file /etc/apache2/sites-available/000-default, which will look something like this:

           <Directory /var/www/>
                   Options Indexes FollowSymLinks MultiViews
                   AllowOverride None         # → AllowOverride All
                   Order allow,deny
                   allow from all
                   # Uncomment this directive is you want to see apache2's
                   # default start page (in /apache2-default) when you go to /
                   #RedirectMatch ^/$ /apache2-default/
           </Directory>
   			

   Then restart Apache2:

   # service apache2 restart
   			

   Note, however, that by Apache 2.4, this had changed. The file is /etc/apache2/sites-available/000-default.conf and it no longer includes a <Directory> section and you can only make the change in that context. So, to the <VirtualHost> section, add this:

   <Directory "/var/www">
       AllowOverride All
   </Directory>
   			

   Of course, if your content isn't on the path /var/www, then you need to add a different path, for instance /home/websites/blah.com.

2. Create .htaccess containing something like:

   AuthName "name"
   AuthType Basic
   AuthUserFile /path/.htpasswd
   Require Valid-User
   

   1. AuthName can be anything you like; it's displayed when the browser prompts for the password. It could simply be "Members only."

   2. AuthType and Require —leave as-is.

   3. AuthUserFile is the password file named .htpasswd. Don't put this file in any general area reachable by other than an administrator.

3. Put .htaccess in the subdirectory (could be deeper than the root of your website documents) you wish to protect from access.

4. Set up the password file, .htpasswd. This isn't a file you create directly by hand, but it would be somewhat orthogonal to create it in the same place as the .htaccess file. Do this:
   1. The very first time, use

      # htpasswd -c .htpasswd username

      to create this file (because it likely doesn't exist.

   2. username need not be a user on the Apache2 host computer. In fact, it shouldn't be.

   3. The command will cause you to create a password.

   4. Do

      # htpasswd .htpasswd username

      to add more users.
   5. The resulting file contains usernames in clear text with encoded, unrecoverable passwords.

   6. You might ensure that .htpasswd has permissions thus:

      # chmod 644 .htpasswd