Before You Begin

This tutorial provides instructions for installing the Apache web server and enabling it on Oracle Linux 8.

Background

Apache has been in active development since 1993 and over time has become one of the most popular web servers in the world. The Apache web server is a key component of the "LAMP" (Linux, Apache, Oracle MySQL and Perl/PHP) software stack and continues to be widely used today.

The Apache web server is directly available from the Oracle Linux 8 Application Streams repository and is simple to deploy and configure.

What Do You Need?


Install the httpd package

The following command installs the httpd package and all of its dependencies.

$ sudo dnf install httpd

Enable and start the httpd service

To enable and start the httpd service for immediate access and make the service start automatically after a reboot, run the following command:

$ sudo systemctl enable --now httpd.service

The service starts a web server that listens on TCP port 80 by default. To check the status of the service, run this command:

$ sudo systemctl status httpd

Configure firewall rules (Optional)

If you are using a custom firewall profile or an Oracle Cloud Infrastructure instance, open the firewall port for the Apache web service (80).

These commands enable the firewall port for the Apache web service and reload the default firewall service:

$ sudo firewall-cmd --add-service=http --permanent
$ sudo firewall-cmd --reload

Test your deployment

With your web browser, go to the domain name or IP address of your system.

http://myserver.example.com/

The Apache web server opens the default test page.


Edit the Apache configuration

To change the root path for your web server, do not edit the /etc/httpd/conf/httpd.conf directly. Instead, as a preferred method, create a site-specific configuration in the /etc/httpd/conf.d directory.

Create virtual hosts

Create the file /etc/httpd/conf.d/example.com.conf and populate it with the following content:

Listen *:80

<VirtualHost *:80>
  ServerName example.com
  ServerAlias www.example.com

  DocumentRoot /var/www/example.com/html/

  ErrorLog /var/log/httpd/example.com_error.log
  CustomLog /var/log/httpd/example.com_access.log combined
</VirtualHost>

Replace the ServerName and ServerAlias values with the hostnames, domain names, or IP addresses that you will use to access the service. Replace the DocumentRoot value with the path to where you intend to host the files for your web site. Replace the ErrorLog and CustomLog values with the path to where you intend to log activity from the httpd service.

Create the document root folder

Create a folder to host the web pages that Apache will serve to the browsers, then set the necessary ownership permissions for it.

$ sudo mkdir -p /var/www/example.com/html
$ sudo echo "example.com" > /var/www/example.com/html/index.html
$ sudo chown -R apache:apache /var/www/example.com/html

On systems where SELinux is enabled in enforcing mode and pages are not served from within the /var/www directory, you must apply the correct security context to the DocumentRoot directory. For example, you would serve web pages from the /mnt/example.com directory as follows:

$ sudo semanage fcontext -a -t httpd_sys_content_t "/mnt/example.com(/.*)?"
$ sudo restorecon -Rv /mnt/example.com/

Apply your configuration

Restart the Apache web service to load the new configuration.

$ sudo systemctl restart httpd

Note that if you are hosting multiple domains, you can specify different VirtualHost values for each configuration file that you create in the /etc/httpd/conf.d directory.


Configure HTTPS to secure your service

As a best practice, secure all communications between a web browser and your Apache server by using HTTPS. For a secure setup, a TLS certificate is required.

Configure your TLS/SSL certificates

Oracle strongly recommends using an TLS certificate that has been signed by an external Certificate Authority (CA). See https://docs.oracle.com/en/operating-systems/oracle-linux/certmanage/ for more information.

Install the HTTPS add-on for Apache

Install and enable the mod_ssl extension for Apache.

$ sudo dnf install mod_ssl
$ sudo systemctl restart httpd

Update the Apache configuration

Open the /etc/httpd/conf.d/example.com.conf file in a text editor and create a new VirtualHost for HTTPS:

Listen *:443

<VirtualHost *:443>
  ServerName example.com
  ServerAlias www.example.com
  
  SSLEngine on
  SSLCertificateFile /etc/pki/tls/private/certificate.crt
  SSLCertificateKeyFile /etc/pki/tls/private/private.key

  DocumentRoot /var/www/example.com/html/

  ErrorLog /var/log/httpd/example.com_error.log
  CustomLog /var/log/httpd/example.com_access.log combined
</VirtualHost>

Redirect HTTP requests to HTTPS

Replace your existing HTTP VirtualHost configuration with a redirect, as follows:

<VirtualHost *:80>
  ServerName example.com
  ServerAlias www.example.com
  
  Redirect "/" "https://example.com/"
</VirtualHost>

Restart the Apache service to load the new configuration.

$ sudo systemctl restart httpd

Configure the firewall (optional)

Enable the firewall port (443) for the Apache HTTPS web service and reload the default firewall service.

$ sudo firewall-cmd --add-service=https --permanent
$ sudo firewall-cmd --reload


Want to Learn More?