Apache2 Notes

From OpenEMR Project Wiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
General


Files
/etc/apache2 Config File
/usr/share/doc/apache2-doc Apache2 Manual.
/var/www/html Default http home directory.


Commands
apache2 -v Display apache version.
sudo /etc/init.d/apache2 restart Restart apache. This needs to be done after configuration changes.
apache2ctl configtest Tests syntax of apache2 config files.
sudo a2enmod [MODULE NAME] Enable apache2 module. Modules must be in directory mods-available.
sudo a2dismod [MODULE NAME] Disable apache2 module.
sudo a2ensite [SITE NAME] Enable apache2 module.
sudo a2enconf [CONF NAME] Enable apache2 module.


Configuration File Settings
ServerSignature Off Suppress identification of the Apache version.
ServerTokens Prod Suppress identification of OS.
<Directory /var/www/html>
    Options -Indexes
</Directory>
Turn off directory listing.



Configuration File - Directory DIrectives
Options None
Order deny, allow Order of deny, allow directives.
Deny from all. Deny request from everybody.
Options -FollowSymLinks Disable following symbolic links.
Options +FollowSymLinks Enable following symbolic links.
AllowOverride All Allows override of directory directives with .htaccess files.
Options -Includes Turn off server side includes (mod_includes).
Options -ExecCGI Turn off CGI file executions.
LimitRequestBody 512000 Limits size of HTTP request. Any value from 0 to 2147483647 (2GB).
MaxClients 10 Limits simultaneous connections. Default is 256.


Sample Virtual Host
<VirtualHost *:80>
   DocumentRoot /var/www/html/example.com/
   ServerName www.example.com
   DirectoryIndex index.htm index.html index.php
   ServerAlias example.com
   ErrorDocument 404 /story.php
   ErrorLog /var/log/httpd/example.com_error_log
   CustomLog /var/log/httpd/example.com_access_log combined
</VirtualHost>


SSL Certificate

Create a self signed certificate:

openssl genrsa -des3 -out example.com.key 1024
openssl req -new -key example.com.key -out exmaple.csr
openssl x509 -req -days 365 -in example.com.com.csr -signkey example.com.com.key -out example.com.com.crt
openssl rsa -in example.com.key -out example.com.nopass.key
sudo chmod 600 example.com.nopass.key


Sample Configuration:

<VirtualHost 170.16.25.100:443>
        SSLEngine on
        SSLCertificateFile /etc/pki/tls/certs/example.com.crt
        SSLCertificateKeyFile /etc/pki/tls/certs/example.com.key
        SSLCertificateChainFile /etc/pki/tls/certs/sf_bundle.crt
        ServerAdmin ravi.saive@example.com
        ServerName example.com
        DocumentRoot /var/www/html/example/
        ErrorLog /var/log/httpd/example.com-error_log
        CustomLog /var/log/httpd/example.com-access_log common
</VirtualHost>


Redirect Http (port 80) to Https (port 443)
<VirtualHost 192.168.1.1:80>
	DocumentRoot  /var/www/html/example/
	ServerName www.example.com
	ServerAlias example.com
	Redirect permanent / https://example.com/
</VirtualHost>


Proxy