Setting up Apache from scratch on Linux

By Darío Rivera

Posted On 2023-05-30 in Laravel

Apache is one of the most widely used web servers throughout the web. It's easy to configure, easy to install, and customizable. In this post, you will see how to perform a configuration of this web server from scratch. If you already have a default configuration, it will also help you understand that configuration and how to change it.

Analyze the initial configuration

Depending on the operating system where you have Apache installed, the first thing you should do is detect where the configuration files are located. To do this, simply execute the following command.

sudo apachectl -D DUMP_INCLUDES

The output of the command will be similar to the following. We have shortened the response a bit because it can display a large number of configuration files.

Included configuration files:
  (*) /etc/apache2/apache2.conf
    (146) /etc/apache2/mods-enabled/access_compat.load
    (146) /etc/apache2/mods-enabled/alias.load
    (146) /etc/apache2/mods-enabled/auth_basic.load
  ...

Having identified the main configuration file, you can take a look at the internal configuration.

sudo vim /etc/apache2/apache2.conf

Some distributions like Ubuntu often organize the structure of Apache files very well. In these cases, the directory configuration will look more or less like this:

#	/etc/apache2/
#	|-- apache2.conf
#	|	`--  ports.conf
#	|-- mods-enabled
#	|	|-- *.load
#	|	`-- *.conf
#	|-- conf-enabled
#	|	`-- *.conf
# 	`-- sites-enabled
#	 	`-- *.conf

This can be verified in the general configuration. In this case, it would look like this.

# Include generic snippets of statements
IncludeOptional conf-enabled/*.conf
Include the virtual host configurations:
IncludeOptional sites-enabled/*.conf

This indicates that the virtual hosts we create should be loaded in the sites-enabled folder. On the other hand, the configuration will be loaded in conf-enabled. Generally, these folders contain symbolic links to the files in other folders where the actual configuration is located, sites-available and conf-available respectively.

Default configurations

It may happen, in the case of some systems like Ubuntu, that a default file called 000-default is included. This site can be disabled as follows.

sudo a2dissite 000-default

You can also choose to change the default path of Apache and configure it to point to a directory in your home.

<VirtualHost *:80>
    DocumentRoot /home/username/www
    ....
    ErrorLog ${APACHE_LOG_DIR}/error.log
    ...
<VirtualHost>

It's always good to have a site that is displayed as soon as you enter "localhost" or 127.0.0.1 to make sure everything is working fine. In addition, some commands like the following

apachectl status

Make an HTTP call to the local server to obtain the status of Apache.

Permission configuration

When setting up new projects, you need to consider whether they will be located in the default folder configured in your Apache server or in any other folder in the operating system. The folders under Apache must have the Apache group (www-data / apache), among other permissions, so that they can be read correctly.

To make sure which Apache user you have on your operating system, you can run the following command:

cat /etc/group | grep 'apache\|www'

Once you have done this, assuming, for example, that the user is www-data, you must assign the group to the folder where your project(s) is located. This folder can be the one that comes configured with the default Apache installation or a path of your preference, such as /home/user/www. For this example, let's assume that the folder for your projects is /var/www

Note: If you choose a different folder than the default one, make sure there are search permissions for all components of the path.

The first thing you should do is change the group and user of the Apache project folder.

sudo chown -R your-user:www-data /var/www

Another recommendation is to change the ownership of this directory and all its subdirectories to add the group, set the write permissions, and configure the group ID for directories that will be created from now on.

sudo chmod 2775 /var/www
find /var/www -type d -exec sudo chmod 2775 {} \;

Finally, we can change the permissions for all files within the path (including its subdirectories) to add the group and write permissions.

find /var/www -type f -exec sudo chmod 0664 {} \;

PHP Configuration

By default, Apache is configured to give precedence to the index.html file over any other file in a directory. To change this behavior and allow index.php to take precedence, you need to find the configuration of the DirectoryIndex in the DIR module. You can use the same command seen at the beginning of this tutorial to find the config, if it exists it should be similar to the following:

vim /etc/apache2/mods-available/dir.conf

If not, you will need to search in the main configuration file for something similar to the following:

<IfModule mod_dir.c>
	DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
</IfModule>

In that case, it should be changed to the following:

<IfModule mod_dir.c>
	DirectoryIndex index.php index.html index.cgi index.pl index.php index.xhtml index.htm
</IfModule>

Another thing you need to add if it's not already there is the handling of PHP files. In Ubuntu, it is usually included in the module configuration depending on the installed versions.

vim /etc/apache2/mods-available/php7.4.conf

If this configuration doesn't exist, you can add it in the main Apache configuration file. This config should be similar to the following:

<FilesMatch ".+\.ph(ar|p|tml)$">
    SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch ".+\.phps$">
    SetHandler application/x-httpd-php-source
    Require all denied
</FilesMatch>
# Deny access to files without filename (e.g. '.php')
<FilesMatch "^\.ph(ar|p|ps|tml)$">
    Require all denied
</FilesMatch>

Analyze the initial configuration

Default configurations

Permission configuration

PHP Configuration

Categories