Personal tools

Apache2 Notes

From OpenEMR Project Wiki

Jump to: navigation, search



/etc/apache2 Config File
/usr/share/doc/apache2-doc Apache2 Manual.
/var/www/html Default http home directory.

apache2 -v Display apache version.
sudo /etc/init.d/apache2 restart Restart apache. This needs to be done after configuration changes.
apache2ctl configtest Tests syntax of apache2 config files.
sudo a2enmod [MODULE NAME] Enable apache2 module. Modules must be in directory mods-available.
sudo a2dismod [MODULE NAME] Disable apache2 module.
sudo a2ensite [SITE NAME] Enable apache2 module.
sudo a2enconf [CONF NAME] Enable apache2 module.

Configuration File Settings
ServerSignature Off Suppress identification of the Apache version.
ServerTokens Prod Suppress identification of OS.
<Directory /var/www/html>
    Options -Indexes
Turn off directory listing.

Configuration File - Directory DIrectives
Options None
Order deny, allow Order of deny, allow directives.
Deny from all. Deny request from everybody.
Options -FollowSymLinks Disable following symbolic links.
Options +FollowSymLinks Enable following symbolic links.
AllowOverride All Allows override of directory directives with .htaccess files.
Options -Includes Turn off server side includes (mod_includes).
Options -ExecCGI Turn off CGI file executions.
LimitRequestBody 512000 Limits size of HTTP request. Any value from 0 to 2147483647 (2GB).
MaxClients 10 Limits simultaneous connections. Default is 256.

Sample Virtual Host
<VirtualHost *:80>
   DocumentRoot /var/www/html/
   DirectoryIndex index.htm index.html index.php
   ErrorDocument 404 /story.php
   ErrorLog /var/log/httpd/example.com_error_log
   CustomLog /var/log/httpd/example.com_access_log combined

SSL Certificate

Create a self signed certificate:

openssl genrsa -des3 -out 1024
openssl req -new -key -out exmaple.csr
openssl x509 -req -days 365 -in -signkey -out
openssl rsa -in -out
sudo chmod 600

Sample Configuration:

        SSLEngine on
        SSLCertificateFile /etc/pki/tls/certs/
        SSLCertificateKeyFile /etc/pki/tls/certs/
        SSLCertificateChainFile /etc/pki/tls/certs/sf_bundle.crt
        DocumentRoot /var/www/html/example/
        ErrorLog /var/log/httpd/
        CustomLog /var/log/httpd/ common

Redirect Http (port 80) to Https (port 443)
	DocumentRoot  /var/www/html/example/
	Redirect permanent /

  • Proxy SSL to another server in the network.
	SSLEngine On
	SSLCertificateFile conf/ssl/
	SSLCertificateKeyFile conf/ssl/

	SSLProxyEngine On
	ProxyPreserveHost On
	ProxyRequests Off
        <Proxy *>
            Order deny,allow
            Allow from all
        ProxyErrorOverride On                       
        ProxyPass /
        ProxyPassReverse /
       <Location />
    	    Order allow,deny
            Allow from all