1. Overview
The Apache web server is one of the most popular and powerful among all of the web servers available in the world. It is an open-source web server that can be configured to serve a single or multiple websites with ease of administration and flexibility.
In this tutorial will show you how to install and configure Apache web server on CentOS 7. It is also applicable for RHEL 7.
2. Prerequisites
In this tutorial, it is supposed that:
a. You have already install RHEL/CentOS 7 Linux server up and running. In case that you don’t, you would probably like to read this link. Minimal RHEL/CentOS 7 Installation With Logical Volume Manager (LVM).
b. You have already done the initial server setup. Please refer to this link Minimal RHEL/CentOS 7 Initial Server Setup.
c. You have already configured a MariaDB database server. Please refer to this link Installing And Configuring MariaDB Server on RHEL/CentOS 7.
d. You have a self signed SSL certificate generated. Please refer to this link Generating a Self Signed SSL Certificate in RHEL/CentOS 7.
3. System Architecture Diagram
We will set up the Apache web server as show in the following diagram. For security and performance optimization purpose, we will need to separated the Web server and the Database server in two different servers. The Apache web server with hostname “vkcent-web01” and IP address of 10.0.0.1 will connect to database on the remote MariaDB database server with hostname “vkcent-dbs01” and IP address of 10.0.0.2.
4. Install Apache Package
To install Apache web server, execute the following commands.
# yum -y install httpd
After finish the installation, we need to enable Apache web service to start on boot and then start its service.
# systemctl enable httpd
# systemctl start httpd
Next, we need to open HTTP port 80 on IPTables.
# vim /etc/sysconfig/iptables
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
# systemctl restart iptables
To verify IPTable configuration, execute the following command.
# iptables -L -n -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
391 42075 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
125 10500 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
203 30366 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 512 packets, 869K bytes)
pkts bytes target prot opt in out source destination
To verify Apache web server functionality, we can open a browser on the client computer and enter http://10.0.0.1, a default web page of Apache should appear as the following.
5. Configure Virtual Host
5. 1 Install PHP5 to Support Apache
We need to install the following PHP modules for a basic MariaDB support.
# yum install php php-mysql php-pdo php-gd php-mbstring
To change PHP date and timezone, edit /etc/php.ini configuration file, to your physical location as the following and restart Apache service
# vim /etc/php.ini
date.timezone = Asia/Phnom_Penh
# systemctl restart httpd
If you want to get a full information list about PHP from your browser, you can create a info.php file on Apache Document Root using the following commands, restart httpd service, and direct your browser to the http://10.0.0.1/info.php address.
# vim /var/www/html/info.php
<?php
phpinfo();
?>
# systemctl restart httpd
5.2 Connect to MariaDB Database Server
To connect to MariaDB database server, we need to install MariaDB client package using following command.
# yum -y install mariadb
To connect the remote MariaDB database server from Apache web, execute the following command.
# mysql -u webdbuser01 -p -h 10.0.0.2 Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 3 Server version: 5.5.52-MariaDB MariaDB Server Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | webdb01 | +--------------------+ 2 rows in set (0.01 sec) MariaDB [(none)]> use webdb01; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed MariaDB [webdb01]> show tables; +-------------------+ | Tables_in_webdb01 | +-------------------+ | tbname | +-------------------+ 1 row in set (0.00 sec) MariaDB [webdb01]> select * from tbname; +------+---------+ | id | name | +------+---------+ | 1 | Vannath | | 2 | Solida | +------+---------+ 2 rows in set (0.00 sec) MariaDB [webdb01]>
5.3. Create a Sample Web Page
Now let create a directory to store this sample web page.
# cd /var/www
# mkdir web01
To display the values from the remote MariaDB database server on Apache web server virtual host, we need to create a basic PHP file as the following.
# cd /var/www/web01
# cd /var/www/web01
# vim index.php
<?php
echo "<h1>Welcome to Web01</h1>";
echo "<table style='border: solid 1px black;'>";
echo "<tr><th>Id</th><th>Name</th></tr>";
class TableRows extends RecursiveIteratorIterator {
function __construct($it) {
parent::__construct($it, self::LEAVES_ONLY);
}
function current() {
return "<td style='width:150px;border:1px solid black;'>" . parent::current(). "</td>";
}
function beginChildren() {
echo "<tr>";
}
function endChildren() {
echo "</tr>" . "\n";
}
}
$servername = "10.0.0.2";
$username = "webdbuser01";
$password = "p@ssword123";
$dbname = "webdb01";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmt = $conn->prepare("SELECT * FROM tbname");
$stmt->execute();
// set the resulting array to associative
$result = $stmt->setFetchMode(PDO::FETCH_ASSOC);
foreach(new TableRows(new RecursiveArrayIterator($stmt->fetchAll())) as $k=>$v) {
echo $v;
}
}
catch(PDOException $e) {
echo "Error: " . $e->getMessage();
}
$conn = null;
echo "</table>";
?>
We can run this script manually to check if it is really work.
# php index.php
<h1>Welcome to Web01</h1><table style='border: solid 1px black;'><tr><th>Id</th><th>Name</th></tr><tr><td style='width:150px;border:1px solid black;'>1</td><td style='width:150px;border:1px solid black;'>Vannath</td></tr>
<tr><td style='width:150px;border:1px solid black;'>2</td><td style='width:150px;border:1px solid black;'>Solida</td></tr>
5.4 Create VHost for Web01
To create virtual host, we need to create a virtual host file in the virtual host configurations directory which is /etc/httpd/conf.d. The following file file is the virtual host for the website with domain web01.techspacekh.com.
# cd /etc/httpd/conf.d
# vim web01.conf
<VirtualHost *:80>
ServerAdmin sysadmin@techspacekh.com
ServerName web01.techspacekh.com
DocumentRoot /var/www/web01
ErrorLog "/var/log/httpd/web01.techspacekh.com.log"
CustomLog "/var/log/httpd/web01.techspacekh.com.log" combined
</VirtualHost>
Now, we need to restart Apache service.
# systemctl restart httpd
To verify virtual host configuration, we can open a browser on the client computer and enter http://web01.techspacekh.com, and the following web page should be appeared.
5.5. Create VHost for Web02
Since the advantages of virtual host is that can have many web site in a single server, we can try to create another website with domain web02.techspacekh.com as the following.
# cd /etc/httpd/conf.d
# vim web02.conf
<VirtualHost *:80>
ServerAdmin sysadmin@techspacekh.com
ServerName web02.techspacekh.com
DocumentRoot /var/www/web02
ErrorLog "/var/log/httpd/web02.techspacekh.com.log"
CustomLog "/var/log/httpd/web02.techspacekh.com.log" combined
</VirtualHost>
We need to restart Apache service as the following.
# systemctl restart httpd
Create a directory to store web page for virtual host web02 as the following.
# cd /var/www
# mkdir web02
We do not need to create new web page, just copy the old web page to directory /var/www/web02 and edit it as the following.
# cp /var/www/web01/index.php /var/www/web02/ # vim /var/www/web02/index.php <?php echo "<h1>Welcome to Web02</h1>";
Now, we need to restart Apache service and verify the virtual host configuration by open a browser on the client computer and enter http://web02.techspacekh.com, and the following web page should be appeared.
9. Configure SSL Certificate for Web01
In order to set up the SSL certificate, we first have to install a package name “mod_ssl“, This will automatically enabled the Apache SSL module during installation, and Apache will be able to start using an SSL certificate after it is restarted.
# yum -y install mod_ssl
Next, we need to generate a self signed SSL certificate. Please refer to this link for how to create an self signed SSL certificate. Generating a Self Signed SSL Certificate in RHEL/CentOS 7.
Then, we need to edit the virtual host file of web01 as the following.
# vim /etc/httpd/conf.d/web01.conf
<VirtualHost *:443>
ServerAdmin sysadmin@techspacekh.com
ServerName web01.techspacekh.com
DocumentRoot /var/www/web01
#
SSLEngine on
SSLCertificateFile /etc/ssl/private/techspacekh.com/techspacekh.com.crt
SSLCertificateKeyFile /etc/ssl/private/techspacekh.com//techspacekh.com.key
#
ErrorLog "/var/log/httpd/cacti.ababank.com.log"
CustomLog "/var/log/httpd/cacti.ababank.com.log" combined
</VirtualHost>
We need to restart Apache services as the below.
# systemctl restart httpd
Next, we need to open HTTPS port 443 on IPTable.
# vim /etc/sysconfig/iptables
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
# systemctl restart iptables
Right now, open a browser on the client computer and enter https://web01.techspacekh.com, and the following web page should be appeared.
10. Redirect HTTP to HTTPS Protocol
Right now the domain web01.techspacekh.com is accessible via HTTP port 80 and HTTPs port 443. To force user to use HTTPS port 443, need to redirect the port 80 to port 443 in virtual host configuration as the following.
# vim /etc/httpd/conf.d/web01.conf
<VirtualHost *:80>
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
</VirtualHost>
<VirtualHost *:443>
ServerAdmin sysadmin@techspacekh.com
ServerName web01.techspacekh.com
DocumentRoot /var/www/web01
#
SSLEngine on
SSLCertificateFile /etc/ssl/private/techspacekh.com/techspacekh.com.crt
SSLCertificateKeyFile /etc/ssl/private/techspacekh.com//techspacekh.com.key
#
ErrorLog "/var/log/httpd/cacti.ababank.com.log"
CustomLog "/var/log/httpd/cacti.ababank.com.log" combined
</VirtualHost>
We need to restart Apache services as the below.
# systemctl restart httpd
Now try to access http://web01.techspacekh.com, and it will redirect to https://web01.techspacekh.com automatically.
7. Conclusion
That’s all about installing and configuring Apache web server in RHEL/ CentOS 7 from Tech Space KH. Hopefully, you can find this guide informative. If you have any questions or suggestions you can always leave your comments below. I will try all of my best to review and reply them.
