Contents
1.Apache2 Install , Virtual Host Configuration
1.1 Apache2 Install
①httpd Install
|
1 |
# dnf -y install httpd |
Version Check
|
1 2 3 |
# httpd -v Server version: Apache/2.4.63 (Rocky Linux) Server built: Aug 16 2025 00:00:00 |
1.2 Apache Configuration
①Edit httpd.conf file
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
# cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf_org # vi /etc/httpd/conf/httpd.conf # Line 91: Administrator Address Specification ServerAdmin [Email Address] # Line 101 : Adding a ServerName #ServerName www.example.com:80 ServerName [domain] # Line 149 : Change (IIndexes are deleted) Options FollowSymLinks # Line 156 : Chqnge AllowOverride All # Line 170 : Add filenames accessible by directory name only DirectoryIndex index.html ndex.php index.cgi # Add to the last line ServerTokens Prod |
②Firewalld is enabled, HTTP service permission is required; HTTP uses [80/TCP]
|
1 2 |
# firewall-cmd --add-service=http --permanent # firewall-cmd --reload |
③Apache Auto-Start Configuration
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
# systemctl start httpd # systemctl enable httpd # systemctl status httpd ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; preset: disabled) Active: active (running) since Sat 2025-11-29 15:08:57 JST; 13s ago Invocation: 3d7ec3ac2db34af99274a467113e0ff7 Docs: man:httpd.service(8) Main PID: 11376 (httpd) Status: "Total requests: 0; Idle/Busy workers 100/0;Requests/sec: 0; Bytes served/sec: 0 B/sec" Tasks: 177 (limit: 16805) Memory: 14M (peak: 14.3M) CPU: 66ms CGroup: /system.slice/httpd.service ├─11376 /usr/sbin/httpd -DFOREGROUND ├─11377 /usr/sbin/httpd -DFOREGROUND ├─11378 /usr/sbin/httpd -DFOREGROUND ├─11379 /usr/sbin/httpd -DFOREGROUND └─11380 /usr/sbin/httpd -DFOREGROUND Nov 29 15:08:57 Lepard systemd[1]: Starting httpd.service - The Apache HTTP Server... Nov 29 15:08:57 Lepard (httpd)[11376]: httpd.service: Referenced but unset environment variable evaluates to an empty string: OPTIONS Nov 29 15:08:57 Lepard httpd[11376]: Server configured, listening on: port 80 Nov 29 15:08:57 Lepard systemd[1]: Started httpd.service - The Apache HTTP Server. |
httpd.service: Referenced but unset environment variable evaluates to an empty string: OPTIONS
The above is displayed. The Apache service is running, but it feels unsettling, so I configured it as follows to prevent recurrence.
|
1 2 3 4 5 6 |
# vi /etc/systemd/system/httpd.service.d/override.conf Please fill in the following [Service] ExecStart= ExecStart=/usr/sbin/httpd -DFOREGROUND |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
# systemctl daemon-reload # systemctl restart httpd # systemctl status httpd ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; preset: disabled) Drop-In: /etc/systemd/system/httpd.service.d └─override.conf Active: active (running) since Sat 2025-11-29 15:18:33 JST; 7s ago Invocation: 37fef600516242ebb36867988f5e980f Docs: man:httpd.service(8) Main PID: 11854 (httpd) Status: "Started, listening on: port 80" Tasks: 177 (limit: 16805) Memory: 13.3M (peak: 13.5M) CPU: 63ms CGroup: /system.slice/httpd.service ├─11854 /usr/sbin/httpd -DFOREGROUND ├─11855 /usr/sbin/httpd -DFOREGROUND ├─11856 /usr/sbin/httpd -DFOREGROUND ├─11858 /usr/sbin/httpd -DFOREGROUND └─11859 /usr/sbin/httpd -DFOREGROUND Nov 29 15:18:33 Lepard systemd[1]: Starting httpd.service - The Apache HTTP Server... Nov 29 15:18:33 Lepard httpd[11854]: Server configured, listening on: port 80 Nov 29 15:18:33 Lepard systemd[1]: Started httpd.service - The Apache HTTP Server. |
④operation check
If you access http://[server IP address] and see the AlmaLinux Test Page as shown below, it is OK.
⑤Hide the Welcome page, create a new index.html file as a Test Page, and check apache operation
Rename the welcome page
|
1 |
# mv /etc/httpd/conf.d/welcome.conf /etc/httpd/conf.d/welcome.conf.org |
Create HTML test page
|
1 2 3 4 5 6 7 8 |
# vi /var/www/html/index.html <html> <body> <div style="width: 100%; font-size: 40px; font-weight: bold; text-align: center;"> Apache Test Page </div> </body> </html> |
If you access http://[server IP] and the Test Page is displayed as shown below, it is OK.
1.3 Virtual Host Settings
Assign and configure the domain name [FQDN] to the document root [/var/www/html/FQDN] directory for virtual host operation
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
# vi /etc/httpd/conf.d/vhost.conf #Virtual Host Domain Settings <VirtualHost *:80> DocumentRoot /var/www/html/[FQDN] ServerName [FQDN] ServerAdmin <Email Address> ←Administrator's email address ErrorLog logs/[FQDN].error_log CustomLog logs/[FQDN].access_log combined </VirtualHost> <Directory "/var/www/html/[FQDN]"> Options FollowSymLinks AllowOverride All </Directory> |
Creating a Document Directory
|
1 |
# mkdir /var/www/html/[FQDN] |
Restart Apache
|
1 |
# systemctl restart httpd |
2. Use of CGI Scripts
①CGI availability check
|
1 2 3 |
# grep -n "^ *ScriptAlias" /etc/httpd/conf/httpd.conf 252: ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" The above is displayed and available under "/var/www/cgi-bin/". |
②Create test scripts and check operation
|
1 2 3 4 5 |
# vi /var/www/cgi-bin/index.cgi #!/usr/libexec/platform-python print("Content-type: text/html\n") print("CGI Script Test Page") |
|
1 2 3 |
# chmod 755 /var/www/cgi-bin/index.cgi # curl localhost/cgi-bin/index.cgi CGI Script Test Page |
3. PHP installation and configuration
3.1.PHP8 Install
①Install
|
1 |
# dnf -y install php |
②Version Check
|
1 2 3 4 5 |
# php -v PHP 8.3.19 (cli) (built: Mar 12 2025 13:10:27) (NTS gcc x86_64) Copyright (c) The PHP Group Zend Engine v4.3.19, Copyright (c) Zend Technologies with Zend OPcache v8.3.19, Copyright (c), by Zend Technologies |
php-fpm configuration
|
1 2 |
# systemctl enable php-fpm Created symlink /etc/systemd/system/multi-user.target.wants/php-fpm.service → /usr/lib/systemd/system/php-fpm.service. |
|
1 |
# systemctl start php-fpm |
③Apache Restart
After PHP installation, restarting Apache will invoke PHP-FPM (FPM : FastCGI Process Manager) by default, and php-fpm service will be started in conjunction with httpd startup.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
# systemctl restart httpd # systemctl status php-fpm ● php-fpm.service - The PHP FastCGI Process Manager Loaded: loaded (/usr/lib/systemd/system/php-fpm.service; enabled; preset: disabled) Active: active (running) since Sat 2025-11-29 15:33:51 JST; 22s ago Invocation: 960205eb7912458d99e3149870a29e39 Main PID: 13345 (php-fpm) Status: "Processes active: 0, idle: 5, Requests: 0, slow: 0, Traffic: 0.00req/sec" Tasks: 6 (limit: 16805) Memory: 12.8M (peak: 13.1M) CPU: 40ms CGroup: /system.slice/php-fpm.service ├─13345 "php-fpm: master process (/etc/php-fpm.conf)" ├─13347 "php-fpm: pool www" ├─13348 "php-fpm: pool www" ├─13349 "php-fpm: pool www" ├─13350 "php-fpm: pool www" └─13351 "php-fpm: pool www" Nov 29 15:33:51 Lepard systemd[1]: Starting php-fpm.service - The PHP FastCGI Process Manager... Nov 29 15:33:51 Lepard systemd[1]: Started php-fpm.service - The PHP FastCGI Process Manager. |
④Confirmation of PHP operation
Create the following files
|
1 2 |
# vi /var/www/html/[FQDN]/test.php <?php phpinfo(); ?> |
If you access http://[FQDN]/test.php in your browser and see the following screen, it is OK
4. Digest authentication with Apache2
Since Basic Authentication, a well-known authentication authorization method for http, sends authentication information in plain text, there is a risk of ID and password leakage if the packet is intercepted.
On the other hand, Digest Authentication encrypts and transmits authentication information, so there is almost no risk of information leakage.
4.1 Create password file for Digest authentication
Specify an authenticated area called realm. This realm allows the same directory to be accessed as authenticated.
For this example, the realm is "DigestAuth" and a user and password file named "secretuser" ".digestauth" is created.
|
1 |
# /usr/bin/htdigest -c /etc/httpd/.digestauth "DigestAuth" secretuser |
Confirmation
|
1 2 |
# cat /etc/httpd/.digestauth secretuser:DigestAuth:64939177c7b7c6eac3687925b27e771d |
As above, secretuser and encrypted password are created
4.2 Edit Apache configuration file
Specify the directory to which Digest authentication will be applied. (In this case, specify the "secret" directory.)
|
1 |
# vi /etc/httpd/conf/httpd.conf |
Add the following at the end
|
1 2 3 4 5 6 7 |
<Directory "/var/www/html/[FQDN]/secret"> AuthType Digest AuthName "DigestAuth" AuthDigestDomain /[FQDN]/secret/ AuthUserFile "/etc/httpd/.digestauth" Require valid-user </Directory> |
Create a directory for Digest authentication
|
1 |
# mkdir /var/www/html/[FQDN]/secret |
Enable Digest authentication and reboot
|
1 |
# systemctl restart httpd.service |
When accessing http://[FQDN]/secret with a browser, a screen appears asking for "user name" and "password".
