Deployment/Apache: Difference between revisions

From charlesreid1
Line 121: Line 121:


<pre>
<pre>
NameVirtualHost *:443 # <-- this is required!
<VirtualHost *:443>
<VirtualHost *:443>
         ServerAdmin admin@mindreid.com
         ServerAdmin admin@mindreid.com
Line 132: Line 133:
</VirtualHost>
</VirtualHost>
</pre>
</pre>
Note that you should also add
<pre>
NameVirtualHost *:80
</pre>
to the top of the 000-default.conf file if it is not already there.


See https://wiki.ubuntu.com/Apache2_SSL
See https://wiki.ubuntu.com/Apache2_SSL

Revision as of 11:56, 28 October 2017

Deploying Apache Server

Conf

Configuration file is in /etc/apache2/apache2.conf

Edit:

  • Directory tag corresponding to one-level-up from your web root

Sites Available and Sites Enabled

This always throws me off.

Edit sites-available/000-default.conf (or make your own conf file in sites-available). 

sudo a2ensite 000-default
sudo service apache2 restart

To disable: 

sudo a2dissite 000-default
sudo service apache2 restart

PHP

Set Up PHP

Make sure you have php installed: 

$ apt-get install -y php

PHP configuration file is in /etc/php/7.0/cli/php.ini

Things you might wanna change:

  • short_open_tag = On - enables short php open tag <?
  • magic_quotes_gpc = On - puts slashes before quotes in user input
  • display_errors = Off if your site is live

If you want to send mail, see PHP/Mail page.

Also see [1] and [2]

Enable PHP in Apache

Start by installing the PHP mod for Apache: 

sudo apt-get install libapache2-mod-php

See PHP/Apache/php.ini 

sudo a2enmod php7.0

See [3]

To test: add an info.php with the following contents: 

<?php
phpinfo();
?>

Then visit the info.php page in your browser, and you should see a table with information about your PHP installation.

SSL

See LetsEncrypt for creation of SSL certificate.

Installing and Enabling SSL

Ensure OpenSSL is installed: 

sudo apt-get install openssl

Ensure Apache is listening on port 443: 

vim /etc/apache2/ports.conf

You should see: 

<IfModule ssl_module>
        Listen 443
</IfModule>

<IfModule mod_gnutls.c>
        Listen 443
</IfModule>

Now we just need to enable the ssl module: 

sudo a2enmod ssl
sudo service apache2 restart

Configuring SSL Site

Now, modify the default sites-enabled to also work over port 443. If you're using the default site: 

cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/default-ssl.conf

Change the content to follow the block below (remember where your pem file is? see LetsEncrypt page - it's at /etc/letsencrypt/keys/0000_key-certbot.pem): 

NameVirtualHost *:443 # <-- this is required!
<VirtualHost *:443>
        ServerAdmin admin@mindreid.com

        SSLEngine On
        SSLCertificateFile /etc/letsencrypt/keys/0000_key-certbot.pem

        DocumentRoot /www/mindreid.com/htdocs

        # maybe some log stuff too...
</VirtualHost>

Note that you should also add 

NameVirtualHost *:80

to the top of the 000-default.conf file if it is not already there.

See https://wiki.ubuntu.com/Apache2_SSL

Enabling SSL Site

sudo a2ensite default-ssl
sudo service apache2 restart

Flags

Retrieved from "https://charlesreid1.com/w/index.php?title=Deployment/Apache&oldid=22148"