Apache2 Notes
From OpenEMR Project Wiki
Revision as of 16:20, 3 June 2014 by David Eschelbacher (talk | contribs) (→Redirect Http (port 80) to Https (port 443))
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
General
Files
/etc/apache2 | Config File |
/usr/share/doc/apache2-doc | Apache2 Manual. |
/var/www/html | Default http home directory. |
Commands
apache2 -v | Display apache version. |
sudo /etc/init.d/apache2 restart | Restart apache. This needs to be done after configuration changes. |
apache2ctl configtest | Tests syntax of apache2 config files. |
sudo a2enmod [MODULE NAME] | Enable apache2 module. Modules must be in directory mods-available. |
sudo a2dismod [MODULE NAME] | Disable apache2 module. |
sudo a2ensite [SITE NAME] | Enable apache2 module. |
sudo a2enconf [CONF NAME] | Enable apache2 module. |
Configuration File Settings
ServerSignature Off | Suppress identification of the Apache version. |
ServerTokens Prod | Suppress identification of OS. |
<Directory /var/www/html> Options -Indexes </Directory> |
Turn off directory listing. |
Configuration File - Directory DIrectives
Options None | |
Order deny, allow | Order of deny, allow directives. |
Deny from all. | Deny request from everybody. |
Options -FollowSymLinks | Disable following symbolic links. |
Options +FollowSymLinks | Enable following symbolic links. |
AllowOverride All | Allows override of directory directives with .htaccess files. |
Options -Includes | Turn off server side includes (mod_includes). |
Options -ExecCGI | Turn off CGI file executions. |
LimitRequestBody 512000 | Limits size of HTTP request. Any value from 0 to 2147483647 (2GB). |
MaxClients 10 | Limits simultaneous connections. Default is 256. |
Sample Virtual Host
<VirtualHost *:80> DocumentRoot /var/www/html/example.com/ ServerName www.example.com DirectoryIndex index.htm index.html index.php ServerAlias example.com ErrorDocument 404 /story.php ErrorLog /var/log/httpd/example.com_error_log CustomLog /var/log/httpd/example.com_access_log combined </VirtualHost>
SSL Certificate
Create a self signed certificate:
openssl genrsa -des3 -out example.com.key 1024 openssl req -new -key example.com.key -out exmaple.csr openssl x509 -req -days 365 -in example.com.com.csr -signkey example.com.com.key -out example.com.com.crt openssl rsa -in example.com.key -out example.com.nopass.key sudo chmod 600 example.com.nopass.key
Sample Configuration:
<VirtualHost 170.16.25.100:443> SSLEngine on SSLCertificateFile /etc/pki/tls/certs/example.com.crt SSLCertificateKeyFile /etc/pki/tls/certs/example.com.key SSLCertificateChainFile /etc/pki/tls/certs/sf_bundle.crt ServerAdmin ravi.saive@example.com ServerName example.com DocumentRoot /var/www/html/example/ ErrorLog /var/log/httpd/example.com-error_log CustomLog /var/log/httpd/example.com-access_log common </VirtualHost>
Redirect Http (port 80) to Https (port 443)
<VirtualHost 192.168.1.1:80> DocumentRoot /var/www/html/example/ ServerName www.example.com ServerAlias example.com Redirect permanent / https://example.com/ </VirtualHost>
Proxy