Configure an Apache2 Web server – Promox 3

Install Apache

# apt-get install apache2

Authorize htaccess

# updatedb
# locate mod_rewrite.so
# cd /etc/apache2/mods-enabled
# touch rewrite.load
# nano rewrite.load

Add the line:

LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so

Restart Apache

# service apache2 restart

Create a Virtual Host

Create web directory

# cd /home <username>
# mkdir www
# mkdir www/public
# echo "<?php phpinfo(); ?>" > www/public/index.html

Create the virtual host file

# nano /etc/apache2/sites-available/<vhost>
<VirtualHost *:80>
    ErrorLog /var/log/apache2/error.log
    CustomLog /var/log/apache2/access.log combined
    ServerName www.thedomain.com
    DocumentRoot /home/thedomain/www/public/
    <Directory />
        Options FollowSymLinks
        AllowOverride All
    </Directory>
    <Directory /home/thedomain/www/public/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
   </Directory>
</VirtualHost>

enable the site:

# a2ensite <vhost>

reload apache

# service apache2 reload

Firewall authorization

You need to authorize http connexion on the host. Log on the host Display iptables rules:

#  iptables -t nat -L

If the following rule is missing, add it:

# iptables -t nat -A PREROUTING -i vmbr0 -p tcp -m tcp --dport 80 -j DNAT --to-destination <web service ip>:80

Disable Server Signature

Revealing web server signature with server/PHP version info can be a security risk as you are essentially telling attackers known vulnerabilities of your system. Thus it is recommended you disable all web server signatures as part of server hardening process.

# nano /etc/apache2/conf.d/security
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
#
ServerSignature Off
#ServerSignature On

Then reload Apache2

# service apache2 reload

Raphaël has written 45 articles

One thought on “Configure an Apache2 Web server – Promox 3

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>