Apache, also known as Apache HTTP server, has been one of the most widely used web server applications globally for the past few decades. It is a free and open-source web application software maintained by the Apache Software Foundation. Apache provides some powerful features with dynamically loadable modules, easy integration with other software, and handling of static files, among other popular features.
In the following tutorial, you will learn how to install Apache Web Server on Rocky Linux 8.
- Recommended OS: Rocky Linux 8.+.
- User account: A user account with sudo or root access.
Update Operating System
Update your Rocky Linux operating system to make sure all existing packages are up to date:
sudo dnf upgrade --refresh -y
The tutorial will be using the sudo command and assuming you have sudo status.
To verify sudo status on your account:
Example output showing sudo status:
[joshua@rockylinux ~]$ sudo whoami root
To set up an existing or new sudo account, visit our tutorial on How to Add a User to Sudoers on Rocky Linux.
To use the root account, use the following command with the root password to log in.
Install Apache (HTTPD)
Apache, by default, is in the Rocky Linux app stream. This is more practical for most users as it is very stable and secure. To install Apache, open your terminal and execute the following command:
sudo dnf install httpd
Type “Y,” then press “ENTER KEY” to proceed.
Next, by default Apache (HTTPD) comes disabled and not activated. First, start the service.
sudo systemctl enable httpd --now
Example output if successful:
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
Check to see if HTTPD is running correctly using the following systemctl command:
systemctl status httpd
Example output if everything is ok:
Configure Firewall Rules
It does not automatically add firewall rules to the standard port 80 or 443 ports when installing Apache. Before you continue, you should set the following rules, this will depend on what ports you will use, but all options are listed.
Open port 80 or HTTP:
sudo firewall-cmd --permanent --zone=public --add-service=http
Open port 443 or HTTPS:
sudo firewall-cmd --permanent --zone=public --add-service=https
Reload firewall to make changes into effect
sudo firewall-cmd --reload
Alternatively, it is ideal to set SELinux permissions globally for your Apache server.
sudo setsebool -P httpd_unified 1
The command will update SELinux Boolean values and the -P flag to update the boot-time value, making the change persistent with system reboots. Overall, the httpd_unified is the Boolean value that will instruct SELinux to treat all Apache (HTTPD) processes as the same type.
Verify Apache (HTTPD) Web Server
Now that you have installed and configured it, it is time to test out to see if the HTTPD service is reachable and is working correctly by requesting a page.
You can access the default Apache landing page to check if the software runs correctly through your server’s IP address. To find this out, if you do not know, use the following command below:
You should get back the internal IP address the server is on as an example:
###EXAMPLE ONLY### 192.168.50.15
You may get 2 to 3 results back. Try each one until you find the correct IP address.
If you require your public IP address (external), use the following command instead:
curl -4 icanhazip.com
You may need to install the CURL package if it is missing. To do this, execute the following command:
sudo dnf install curl -y
Once you have your servers IP address, open up your favorite Internet Browser and enter the following:
You should get the following page in your Internet Browser:
Congratulations, you have installed the Apache (HTTPD) web server and are currently working.
The next step is to set up virtual hosts.
Create and or Configure Virtual Hosts for Apache
Using the Apache web server, you can create virtual hosts to manage configurations for more than one domain running on a single server. If you have used Nginx before, it is the equivalent of server blocks. In the example below, the tutorial will create a domain example-domain.com which you will replace with your domain name.
Create and or Configure Directories
Firstly, leave /var/www/html directory intact as the default directory, then create a new directory, for example-domain.com, as below:
sudo mkdir /var/www/example_domain
The next step is to assign ownership of the directory with the $USER environment variable:
sudo chown -R $USER:$USER /var/www/example_domain
Usually, the web roots permissions should be set correctly, and you can verify using the -ls l command:
ls -l /var/www/
As you can see, we have the permission of drwxr-xr-x, which is the equivalent of chmod 755. If you do not have this permission set, run the following command:
sudo chmod -R 755 /var/www/example_domain
Now create a sample page index.html using your favorite text editor. The tutorial will use nano as below:
sudo nano /var/www/example_domain/index.html
In the file, copy and paste the following code:
<html> <head> <title>Welcome to Website!</title> </head> <body> <h1>Success! The virtual host is working! You did not mess it up thanks to Linuxcapable.com</h1> </body> </html>
Save the file (CTRL+O), then exit (CTRL+X).
Create Virtual Host
Now that you have created a landing page and set correct ownership and permissions. By default, the required directories will need to be made and set up.
First, make the directories needed for sites-available and sites-enabled. Nginx users would be familiar with this setup as well.
sudo mkdir /etc/httpd/sites-available sudo mkdir /etc/httpd/sites-enabled
The next step you must do is instruct Apache to look for virtual host files that will need to be located at /etc/httpd/sites-available directory.
Open up the configuration file.
sudo nano /etc/httpd/conf/httpd.conf
Add the following to the end of the file.
Optionally, you can disable the default folder that Apache looks for virtual hosts files which maybe wanted to avoid confusion.
Just place a comment next to IncludeOptional conf.d/*.conf.
#IncludeOptional conf.d/*.conf IncludeOptional sites-enabled/*.conf
Example in the environment:
Save the file (CTRL+O), then exit (CTRL+X).
Next, use your favorite text editor to create a virtual host configuration file located at /etc/httpd/sites-available/example_domain.conf as below:
sudo nano /etc/httpd/sites-available/example_domain.conf
Now, copy and paste the following into the configuration block file, note to replace your ServerName, ServerAlias, and Document root with your own:
<VirtualHost *:80> ServerAdmin webmaster@localhost ServerName example_domain ServerAlias www.example_domain DocumentRoot /var/www/example_domain </VirtualHost>
Note, remember do not forget to change the required Server directives to your own.
Save the configuration file using (CTRL+O) and exit with (CTRL+X).
Enable Virtual Host
The next step is to enable the virtual host. Initially, you created two directories, sites-available and sites-enabled. Now, you will need to create a symlink to sites-enabled to activate the virtual host.
To create a symlink, use the following example in your terminal.
sudo ln -s /etc/httpd/sites-available/example_domain.conf /etc/httpd/sites-enabled/
Once done, restart the Apache service.
sudo systemctl restart httpd
Open your Internet Browser and type in your domain name HTTP://example_domain where you should get the following landing page you created in the index.html file:
Congratulations, you have successfully created your virtual host and made it work successfully on your domain.
Secure Apache with Let’s Encrypt SSL Free Certificate
Ideally, you would want to run your Apache on HTTPS using an SSL certificate. The best way to do this is to use Let’s Encrypt, a free, automated, and open certificate authority run by the nonprofit Internet Security Research Group (ISRG).
First, install the EPEL repository and the mod_ssl package for better-updated packages and security.
sudo dnf install epel-release mod_ssl -y
Next, install the certbot package as follows:
sudo dnf install python3-certbot-apache -y
Once installed, run the following command to start the creation of your certificate:
sudo certbot --apache --agree-tos --redirect --hsts --staple-ocsp --email firstname.lastname@example.org -d www.example.com
This is the ideal setup that includes force HTTPS 301 redirects, Strict-Transport-Security header, and OCSP Stapling. Just make sure to adjust the e-mail and domain name to your requirements.
Now your URL will be https://www.example.com instead of HTTP://www.example.com.
Note, if you use the old HTTP URL, it will automatically redirect to HTTPS.
Optionally, you can set a cron job to renew the certificates automatically. Certbot offers a script that does this automatically, and you can first test to make sure everything is working by performing a dry run.
sudo certbot renew --dry-run
If everything is working, open your crontab window by using the following terminal command.
sudo crontab -e
Next, specify the time when it should auto-renew. This should be checked daily at a minimum, and if the certificate needs to be renewed, the script will not update the certificate. If you need help with finding a good time to set, use the crontab.guru free tool.
00 00 */1 * * /usr/sbin/certbot-auto renew
Save (CTRL+O) then exit (CTRL+X), and the cronjob will be automatically enabled.
Managing Apache Service
Now that you have Apache running on your server successfully, some management keynotes are as follows.
Apache Server Logs
Apache server logs can be found in the directory var/www/example_domain with custom.log and error.log respectfully being the default access and error names given. This can be changed to other names in your virtual host configuration file in the future.
The following commands that you will undoubtedly use in your day-to-day management when working with Apache. Some of the most common are:
To stop Apache webserver:
sudo systemctl stop httpd
To start Apache webserver:
sudo systemctl start httpd
To restart Apache webserver:
sudo systemctl restart httpd
To reload Apache webserver (For more minor changes not requiring a restart):
sudo systemctl reload httpd
To disable Apache on server boot:
sudo systemctl disable httpd
To start Apache on server boot (Automatically enabled on installation):
sudo systemctl enable httpd
How to Update Apache (HTTPD)
To update Apache in the future, this is done with the command you used to check if your system is up to date. Note, always create backups or images if you have an Apache service running critical services. Usually, it’s pretty safe to upgrade, but sometimes bugs can occur like any software upgrade.
To update Apache, use the following command:
sudo dnf upgrade --refresh
How to Remove (Uninstall) Apache (HTTPD)
To remove Apache if you no longer use it, this can be done using the following command:
sudo dnf autoremove httpd
This command will also remove any unused dependencies that came with the installation.
Comments and Conclusion
In the tutorial, you have learned how to install Apache (HTTPD) on Rock Linux 8. Overall, Apache has been the most used web application server in the World for decades. However, Nginx has finally overtaken the lead just slightly.
Apache is still one of the most deployed and recognized web applications, especially with combing LAMP stack, which is often used for back-end web servers. You will find more friendly options for Apache than Nginx, leading newer users to get into hosting their web server, perhaps to try Apache over Nginx as the first step.