Deployment/Apache: Difference between revisions
From charlesreid1
(→SSL) |
(→SSL) |
||
| Line 77: | Line 77: | ||
See [[LetsEncrypt]] for creation of SSL certificate. | See [[LetsEncrypt]] for creation of SSL certificate. | ||
===Installing and Enabling SSL=== | |||
Ensure OpenSSL is installed: | |||
<pre> | <pre> | ||
| Line 107: | Line 109: | ||
sudo service apache2 restart | sudo service apache2 restart | ||
</pre> | </pre> | ||
===Configuring SSL Site=== | |||
Now, modify the default sites-enabled to also work over port 443. If you're using the default site: | Now, modify the default sites-enabled to also work over port 443. If you're using the default site: | ||
| Line 114: | Line 118: | ||
</pre> | </pre> | ||
Change the content to follow the block below (remember where your pem file is? see [[LetsEncrypt]] page - it's at <code>/etc/letsencrypt/keys/ | Change the content to follow the block below (remember where your pem file is? see [[LetsEncrypt]] page - it's at <code>/etc/letsencrypt/keys/0000_key-certbot.pem</code>): | ||
<pre> | <pre> | ||
| Line 122: | Line 126: | ||
SSLEngine On | SSLEngine On | ||
SSLCertificateFile /etc/letsencrypt/keys/ | SSLCertificateFile /etc/letsencrypt/keys/0000_key-certbot.pem | ||
DocumentRoot /www/mindreid.com/htdocs | DocumentRoot /www/mindreid.com/htdocs | ||
Revision as of 11:44, 28 October 2017
Deploying Apache Server
Conf
Configuration file is in /etc/apache2/apache2.conf
Edit:
- Directory tag corresponding to one-level-up from your web root
Sites Available and Sites Enabled
This always throws me off.
Edit sites-available/000-default.conf (or make your own conf file in sites-available).
sudo a2ensite 000-default sudo service apache2 restart
To disable:
sudo a2dissite 000-default sudo service apache2 restart
PHP
Set Up PHP
Make sure you have php installed:
$ apt-get install -y php
PHP configuration file is in /etc/php/7.0/cli/php.ini
Things you might wanna change:
short_open_tag = On- enables short php open tag <?magic_quotes_gpc = On- puts slashes before quotes in user inputdisplay_errors = Offif your site is live
If you want to send mail, see PHP/Mail page.
Enable PHP in Apache
Start by installing the PHP mod for Apache:
sudo apt-get install libapache2-mod-php
sudo a2enmod php7.0
See [3]
To test: add an info.php with the following contents:
<?php phpinfo(); ?>
Then visit the info.php page in your browser, and you should see a table with information about your PHP installation.
SSL
See LetsEncrypt for creation of SSL certificate.
Installing and Enabling SSL
Ensure OpenSSL is installed:
sudo apt-get install openssl
Ensure Apache is listening on port 443:
vim /etc/apache2/ports.conf
You should see:
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
Now we just need to enable the ssl module:
sudo a2enmod ssl sudo service apache2 restart
Configuring SSL Site
Now, modify the default sites-enabled to also work over port 443. If you're using the default site:
cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/default-ssl.conf
Change the content to follow the block below (remember where your pem file is? see LetsEncrypt page - it's at /etc/letsencrypt/keys/0000_key-certbot.pem):
NameVirtualHost *: 443
<VirtualHost *:443>
ServerAdmin admin@mindreid.com
SSLEngine On
SSLCertificateFile /etc/letsencrypt/keys/0000_key-certbot.pem
DocumentRoot /www/mindreid.com/htdocs
# maybe some log stuff too...
</ VirtualHost>
See https://wiki.ubuntu.com/Apache2_SSL