Tutorials

How to Set Up Apache Web Server on CentOS 7

Table of Contents

Introduction

The Apache web server is one of the most popular and powerful web servers in the world. It is also one of the most secure web servers available. This tutorial will explain how to install and configure a basic and secure Apache web server in CentOS 7.

Requirements

  • A server running CentOS v. 7
  • A desktop machine running Linux
  • A static IP Address for your server

Set up the Apache HTTP server

This section will walk you through the process of preparing your server for Apache, setting up Apache, and testing the installation.

Update the package repository

Before installing Apache, it is a good idea to update the package repository. You can do this by running the following commands:

sudo yum update -y
sudo yum install httpd -y

Disable SELinux

By default SELinux is enabled in CentOS 7. It is recommended that you disable it first.

You can disable SELinux by editing the /etc/selinux/config file:

sudo nano /etc/selinux/config

Change the line from SELINUX=enforcing to SELINUX=disabled

SELINUX=disabled

Save and close the file, then restart your machine for the changes to take effect.

Allow Apache through the firewall

You will need to allow the default Apache port 80 (HTTP) and 443 (HTTPS) using FirewallD.

You can do this by running the following commands:

 sudo firewall-cmd --permanent --add-port=80/tcp
 sudo firewall-cmd --permanent --add-port=443/tcp

Reload the firewall service for the changes to take effect.

 sudo firewall-cmd --reload

Create a test page

In CentOS7 the default Apache DocumentRoot path is /var/www/html/. However, there is no index.html file in this directory. You will need to create one.

sudo nano /var/www/html/index.html

Add the following content:

Apache index page

Restart the Apache service to reflect the changes:

sudo systemctl start httpd

You can configure the Apache service to start on boot by running the following command:

sudo systemctl enable httpd

Test the Apache HTTP server

To verify that the Apache web server is up and running, open your web browser and go to your server's IP Address with the url http://your.server.ip.address.

You should see a default page like the one in the image below.

Apache test page

Set up a secure Apache HTTPS server with SSL

This section will walk you through setting up a secure HTTPS connection using SSL on Apache.

Install SSL

In order to secure Apache, you need to install SSL first.

You can install SSL using the following command:

sudo yum install mod_ssl openssl

Generate a self-signed certificate

First, you need to generate a private key ca.key with 2048-bit encryption.

sudo openssl genrsa -out ca.key 2048

Then generate the certificate signing request cs.csr using the following command.

sudo openssl req -new -key ca.key -out ca.csr

You will be prompted for information about the certificate.

SSL certificate

Finally, generate a self-signed certificate ca.crt of X509 type valid for 365 keys.

sudo openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

After creating the certificate, you need to copy all of the certificate files to the necessary directories.

You can do this by running the following commands:

sudo cp ca.crt /etc/pki/tls/certs/
sudo cp ca.key /etc/pki/tls/private/
sudo cp ca.csr /etc/pki/tls/private/

Set up the certificates

All the certificates are ready. The next thing to do is to set up Apache to display the new certificates.

You can do this by editing the SSL config file:

sudo nano /etc/httpd/conf.d/ssl.conf

Find the section that begins with <VirtualHost _default_:443>. Uncomment the DocumentRoot and ServerName line and replace example.com with your server's IP address.

DocumentRoot "/var/www/html"
ServerName 192.168.1.42:443

Next, find the SSLCertificateFile and SSLCertificateKeyFile lines and update them with the new location of the certificates.

SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key

After making these changes, restart Apache service for the changes to take effect.

sudo systemctl restart httpd

Test the secure Apache HTTPS server

To verify that the secure Apache HTTPS web server is working, open your web browser and go to your server's IP Address with the url https://your.server.ip.address.

An error should appear on your browser and you must manually accept the certificate.

Apache warning page

Once you add an exception to the browser's identity verification, you should see a test page for your newly-secure site.

Apache secure test page

 
  • how apache can read a file other than index.html on /var/www/html

  • You can use DirectoryIndex directive under Apache to set a default page other than index.html or index.php.

  • Disable SELinux, really? Rather than securing an Apache with SELinux?

  • Very nicely put article! Great UI for the website. Great blog!

    Like it! Keep it up!

  • This tutorial turned a road to nowhere into a 10 minute exercise.

    Amazing.

    Thank you very much.

  • This is not working, I used redhat instance on AWS. What could be wrong: https://52.87.214.147/

  • The problem is not only are they quitting, but also that very few college students are majoring in education. Big teacher crisis coming and if you think they can be replaced by online courses that used to write my paper, I am not sure.

  • It is necessary that the form file name finishes with configuration. online assignment companies You can name the arrangement data as you like but the best method is to use the field name as the title of the virtual host arrangement line.

Log In, Add a Comment