How to Install Apache on CentOS 9 Stream

Apache, also known as Apache HTTP server or in RHEL distributions simply as HTTPD, has been one of the most widely used web server applications globally for the past few decades. It is a free and open-source web application software maintained by the Apache Software Foundation. Apache provides some powerful features with dynamically loadable modules, easy integration with other software, and handling of static files, among other popular features.

In the following tutorial, you will learn how to install Apache HTTPD Web Server on CentOS 9 Stream using the command line terminal for desktop or server and basic configuration and creating a TLS/SSL certificate with Let’s Encrypt.

Situational – Remove DNF Subscription Manager

For users who encounter issues with “This system is not registered with an entitlement server. You can use subscription-manager to register,” then use the following command to remove the subscription manager as it is unnecessary for CentOS stream to receive updates, unlike RHEL.

sudo dnf erase subscription-manager -y

Example output:

How to Install Apache on CentOS 9 Stream

As mentioned above, all the subscription-based lockouts have been removed.

Update CentOS Stream

Before you continue, your system is advised to ensure all existing packages are up to date to avoid system conflicts during the installation and sound system maintenance.

sudo dnf upgrade --refresh -y

Install Apache (HTTPD)

Apache, known as HTTPD on RHEL family distributions, is present in CentOS 9 Appstream.

In your command terminal, execute the following command to install.

sudo dnf install httpd -y

Once installed, enable the service immediately and on system boot by using the following command.

sudo systemctl enable httpd --now

Check to see if Apache2 is running correctly using the following systemctl command:

systemctl status httpd

Example output if everything is ok:

How to Install Apache on CentOS 9 Stream

Configure FirewallD for Apache (HTTPD)

It does not automatically add firewall rules to the standard port 80 or 443 ports when installing Apache. Before you continue, you should set the following rules, this will depend on what ports you will use, but all options are listed.

Open port 80 or HTTP:

sudo firewall-cmd --permanent --zone=public --add-service=http

Open port 443 or HTTPS:

sudo firewall-cmd --permanent --zone=public --add-service=https

Reload firewall to make changes into effect.

sudo firewall-cmd --reload

After FirewallD is configured, check to make sure you can see the Apache landing page in your Internet Browser.

http://your_server_ip

Alternative, try the local host.

http://localhost

If all is working well, you should land on the following page:

How to Install Apache on CentOS 9 Stream

Create Virtual Host for Apache (HTTPD)

Using the Apache web server, you can create virtual hosts to manage configurations for more than one domain running on a single server. If you have used Nginx before, it is the equivalent of server blocks.

In the example below, the tutorial will create a domain example.com that you will replace with your domain name and make the required directory infrastructure and test page to ensure everything is working correctly.

Create and or Configure Directories

Firstly, leave /var/www/html the directory intact as the default directory.

cd /var/www/

Now create a new directory, /example.com/ and replace the example with your domain name with the following command.

sudo mkdir -p /var/www/example.com/

The next step is to assign ownership of the directory with the apache environment variable:

sudo chown -R apache:apache /var/www/example.com

Now create a sample page index.html using your favorite text editor. The tutorial will use nano as below:

sudo nano /var/www/example.com/index.html

In the file, copy and paste the following code:

<html>
 <head>
  <title>Welcome to Linuxcapable.com</title>
 </head>
 <body>
   <h1>Success!  The tutorial server block is working! Thanks Linuxcapable.com :D</h1>
 </body>
</html>

Save the file (CTRL+O), then exit (CTRL+X).

Create Virtual Host

Now that you have created a landing page and set correct ownership and permissions. You can now proceed to create a virtual host file. By default, all virtual host files will need to be located at /etc/apache2/sites-available/ directory.

Use the following command to create both sites-available and sites-enabled directories.

sudo mkdir -p /etc/httpd/sites-available/ /etc/httpd/sites-enabled

First, use your favorite text editor to create a configuration file located at /etc/apache2/sites-available/example.com.conf as below.

sudo nano /etc/httpd/sites-available/example.com.conf

Now, copy and paste the following into the configuration block file, note to replace your ServerName, ServerAlias, and Document root with your own:

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot /var/www/example.com
</VirtualHost>

Do not forget to change the required Server directives to your own.

Save the configuration file using (CTRL+O) and exit with (CTRL+X).

Enable Virtual Host

The next step you must do is instruct HTTPD to look for virtual host files that will need to be located at /etc/httpd/sites-enabled directory.

Open up the configuration file.

sudo nano /etc/httpd/conf/httpd.conf

Add the following to the end of the file.

IncludeOptional sites-enabled/*.conf

Example:

How to Install Apache on CentOS 9 Stream

Optionally, you can disable the default folder that HTTPD folder conf.d/*.conf.

Just place a comment next to IncludeOptional conf.d/*.conf.

Example:

#IncludeOptional conf.d/*.conf
IncludeOptional sites-enabled/*.conf

Save the file (CTRL+O), then exit (CTRL+X).

Next, use your favorite text editor to create a virtual host configuration file located at /etc/httpd/sites-available/example_domain.conf as below:

sudo nano /etc/httpd/sites-available/example.com.conf

Now, copy and paste the following into the configuration block file, note to replace your ServerName, ServerAlias, and Document root with your own:

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot /var/www/example.com
</VirtualHost>

Do not forget to change the required Server directives to your own.

Save the configuration file using (CTRL+O) and exit with (CTRL+X).

Next, you need to enable permissions for the HTTPD service to allow access publically to your server in the /etc/httpd/conf/httpd.conf configuration file. Failure to do this may result in HTTP 403 errors when trying to access your website, as, by default, the configuration is set to deny access.

Open the configuration file using nano or any text editor of your choice.

sudo nano /etc/httpd/conf/httpd.conf

Now, add the following and make sure to change the root directory to your own.

Example:

<Directory /var/www/example.com/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>

This can be added towards the end of the configuration file, below is an example of it in a live environment.

Example:

How to Install Apache on CentOS 9 Stream

Create a SYMLINK for Virtual Host

Now create a symlink to sites-enabled to activate the virtual host.

sudo ln -s /etc/httpd/sites-available/example.com.conf /etc/httpd/sites-enabled/

Once done, restart the httpd service.

sudo systemctl restart httpd

Open your Internet Browser and type in your domain name HTTP://example_domain where you should get the following landing page you created in the index.html file:

How to Install Apache on CentOS 9 Stream

Yes, the text sounds cheesy from the test page, and feel free to modify it.

Anyway, congratulations, you have successfully created your virtual host and made it work successfully on your domain.

Secure HTTPD File Permissions for Apache (HTTPD)

One of the most common mistakes many users make is not fixing permissions of files/folders. Many users even give complete read/write and execute access to the public, which many websites are hacked.

Use the following command to search for all folders and files and set the most commonplace secure permissions. Make sure to change permissions on any files/directories afterward. For example, phpBB requires some folders to be 777.

sudo find /var/www/example.com/ -type d -exec chmod 755 "{}" \;
sudo find /var/www/example.com/ -type f -exec chmod 644 "{}" \;

Make sure to change /var/www/example.com/ to your root directory location.

Note that this does not make your Apache server secure; it eliminates a prevalent risk out of many.

Create Let’s Encrypt SSL Free Certificate for Apache (HTTPD)

Ideally, you would want to run your Apache web server on HTTPS using an SSL certificate. The best way to do this is to use Let’s Encrypt, a free, automated, and open certificate authority run by the nonprofit Internet Security Research Group (ISRG).

Currently, CentOS 9 is one of few distributions without Certbot available with DNF. However, you can install snap to manage this until the EPEL/EPEL Next 9 catches up.

First, install snapd.

sudo dnf install snapd -y

Once installed, enable it immediately and on system startup to monitor for updates.

sudo systemctl enable snapd --now

Next, install the snap core to cover all dependencies required for snap packages.

sudo snap install core

Create a symlink for the snapd folder.

sudo ln -s /var/lib/snapd/snap /snap

Install Certbot snap package.

sudo snap install --classic certbot

Lastly, create another symlink for certbot.

sudo ln -s /snap/bin/certbot /usr/bin/certbot

Once installed, run the following command to start the creation of your certificate:

sudo certbot --dry-run --apache --agree-tos --redirect --hsts --staple-ocsp --email you@example.com -d www.example.com

Alternatively, use the following command and follow the prompts if more accessible.

sudo certbot certonly --apache

This ideal setup includes force HTTPS 301 redirects, a Strict-Transport-Security header, and OCSP Stapling. Just make sure to adjust the e-mail and domain name to your requirements.

Now your URL will be HTTPS://www.example.com instead of HTTP://www.example.com.

If you use the old HTTP URL, it will automatically redirect to HTTPS.

Optionally, you can set a cron job to renew the certificates automatically. Certbot offers a script that does this automatically, and you can first test to make sure everything is working by performing a dry run.

sudo certbot renew --dry-run

Next, use the systemctl-timers to confirm that there is a cron job currently working to check and renew your certificate.

systemctl-timers

Example output:

How to Install Apache on CentOS 9 Stream

As above, there is a timer going to check and renew the certificate before it expires, so you do not need to worry again.

Managing Apache (HTTPD) Service

Now that Apache is running on your server successfully, some management keynotes are as follows.

Apache Server Logs

Apache server logs can be found in the directory locations

/var/log/httpd/access_log
/var/log/httpd/error_log

For example, to view the logs in real-time from the terminal, use a command such as tail.

sudo tail -f /var/log/httpd/access_log

Then fine, tune the log files using commands filters such as AWK, GREP, and the list continues.

Apache Commands

The following commands that you will undoubtedly use in your day-to-day management when working with Apache. Some of the most common are:

Stop Apache webserver:

sudo systemctl stop httpd

Start Apache webserver:

sudo systemctl start httpd

Restart Apache webserver:

sudo systemctl restart httpd

Reload Apache webserver (For more minor changes not requiring a restart):

sudo systemctl reload httpd

Disable Apache on server boot:

sudo systemctl disable httpd

Start Apache on server boot (Automatically enabled on installation):

sudo systemctl enable httpd

How to Update Apache (HTTPD)

To update Apache in the future, this is done with the command you used to check if your system is up to date. Note, always create backups or images if you have an Apache service running critical services. Usually, it’s pretty safe to upgrade, but sometimes bugs can occur like any software upgrade.

To update Apache (HTTPD), use the following command:

sudo upgrade --refresh

If an upgrade is available, run the upgrade.

How to Remove (Uninstall) Apache (HTTPD)

For users no longer requiring the HTTPD server, begin by disabling it.

sudo systemctl disable httpd --now

Next, use the following command to remove the webserver and all unused dependencies.

sudo dnf autoremove httpd

For users that will not use HTTPD again, remove the folder as follows after backing up any configuration files just in case.

sudo rm -R /etc/httpd

Comments and Conclusion

In the tutorial, you have learned how to install Apache (HTTPD) on CentOS 9 Stream Workstation or Server. Overall, Apache has been the most used web application server for decades. However, Nginx has finally overtaken the lead just slightly.

Apache is still one of the most deployed and recognized web applications, especially with combing LAMP stack, which is often used for back-end web servers. You will find more friendly options for Apache than Nginx, leading newer users to get into hosting their web server, perhaps to try Apache over Nginx as the first step.



Follow LinuxCapable.com!

Like to get automatic updates? Follow us on one of our social media accounts!