Tutorial

How To Install the Apache Web Server on CentOS 8 [Quickstart]

Published on May 8, 2020
English
How To Install the Apache Web Server on CentOS 8 [Quickstart]

Introduction

The Apache HTTP server is the most widely-used web server in the world. It provides many powerful features including dynamically loadable modules, robust media support, and extensive integration with other popular software.

In this guide, you will install an Apache web server with virtual hosts on your CentOS 8 server. For a more detailed version of this tutorial, please refer to How To Install the Apache Web Server on CentOS 8.

Prerequisites

You will need the following to complete this guide:

Step 1 — Installing Apache

Apache is available within CentOS’s default software repositories, which means you can install it with the dnf package manager.

As the non-root sudo user configured in the prerequisites, install the Apache package:

  1. sudo dnf install httpd

After confirming the installation, dnf will install Apache and all required dependencies.

Step 2 – Adjusting the Firewall

By completing Step 4 of the Initial Server Setup with CentOS 8 guide mentioned in the prerequisites section, you will have already installed firewalld on your server to serve requests over HTTP.

If you also plan to configure Apache to serve content over HTTPS, you will also want to open up port 443 by enabling the https service:

  1. sudo firewall-cmd --permanent --add-service=https

Next, reload the firewall to put these new rules into effect:

  1. sudo firewall-cmd --reload

After the firewall reloads, you are ready to start the service and check the web server.

Step 3 — Checking your Web Server

Apache does not automatically start on CentOS once the installation completes, so you will need to start the Apache process manually:

  1. sudo systemctl start httpd

Verify that the service is running with the following command:

  1. sudo systemctl status httpd

You will receive an active status when the service is running:

Output
● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disa> Active: active (running) since Thu 2020-04-23 22:25:33 UTC; 11s ago Docs: man:httpd.service(8) Main PID: 14219 (httpd) Status: "Running, listening on: port 80" Tasks: 213 (limit: 5059) Memory: 24.9M CGroup: /system.slice/httpd.service ├─14219 /usr/sbin/httpd -DFOREGROUND ├─14220 /usr/sbin/httpd -DFOREGROUND ├─14221 /usr/sbin/httpd -DFOREGROUND ├─14222 /usr/sbin/httpd -DFOREGROUND └─14223 /usr/sbin/httpd -DFOREGROUND ...

Access the default Apache landing page to confirm that the software is running properly through your IP address:

http://your_server_ip

You’ll see the default CentOS 8 Apache web page:

Default Apache page for CentOS 8

This page indicates that Apache is working correctly. It also includes some basic information about important Apache files and directory locations.

When using the Apache web server, you can use virtual hosts (if you are more familiar with Nginx, these are similar to server blocks) to encapsulate configuration details and host more than one domain from a single server. In this step, you will set up a domain called example.com, but you should replace this with your own domain name. If you are setting up a domain name with DigitalOcean, please refer to our Networking Documentation.

Create the html directory for <p>example.com<^> as follows, using the -p flag to create any necessary parent directories:

  1. sudo mkdir -p /var/www/example.com/html

Create an additional directory to store log files for the site:

  1. sudo mkdir -p /var/www/example.com/log

Next, assign ownership of the html directory with the $USER environmental variable:

  1. sudo chown -R $USER:$USER /var/www/example.com/html

Make sure that your web root has the default permissions set:

  1. sudo chmod -R 755 /var/www

Next, create a sample index.html page using vi or your favorite editor:

  1. sudo vi /var/www/example.com/html/index.html

Press i to switch to INSERT mode and add the following sample HTML to the file:

/var/www/example.com/html/index.html
<html>
  <head>
    <title>Welcome to Example.com!</title>
  </head>
  <body>
    <h1>Success! The example.com virtual host is working!</h1>
  </body>
</html>

Save and close the file by pressing ESC, typing :wq, and pressing ENTER.

With your site directory and sample index file in place, you are almost ready to create the virtual host files. Virtual host files specify the configuration of your separate sites and tell the Apache web server how to respond to various domain requests.

Before you create your virtual hosts, you will need to create a sites-available directory to store them in. You will also create the sites-enabled directory that tells Apache that a virtual host is ready to serve to visitors. The sites-enabled directory will hold symbolic links to virtual hosts that we want to publish. Create both directories with the following command:

  1. sudo mkdir /etc/httpd/sites-available /etc/httpd/sites-enabled

Next, you will tell Apache to look for virtual hosts in the sites-enabled directory. To accomplish this, edit Apache’s main configuration file using vi or your favorite text editor and add a line declaring an optional directory for additional configuration files:

  1. sudo vi /etc/httpd/conf/httpd.conf

Press capital G to navigate towards the end of the file. Then press i to switch to INSERT mode and add the following line to the very end of the file:

/etc/httpd/conf/httpd.conf
...
# Supplemental configuration
#
# Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
IncludeOptional sites-enabled/*.conf

Save and close the file when you are done adding that line. Now that you have your virtual host directories in place, you will create your virtual host file.

Start by creating a new file in the sites-available directory:

  1. sudo vi /etc/httpd/sites-available/example.com.conf

Add in the following configuration block, and change the example.com domain to your domain name:

/etc/httpd/sites-available/example.com.conf
<VirtualHost *:80>
    ServerName www.example.com
    ServerAlias example.com
    DocumentRoot /var/www/example.com/html
    ErrorLog /var/www/example.com/log/error.log
    CustomLog /var/www/example.com/log/requests.log combined
</VirtualHost>

This will tell Apache where to find the root directly that holds the publicly accessible web documents. It also tells Apache where to store error and request logs for this particular site.

Save and close the file when you are finished.

Now that you have created the virtual host files, you will enable them so that Apache knows to serve them to visitors. To do this, create a symbolic link for each virtual host in the sites-enabled directory:

  1. sudo ln -s /etc/httpd/sites-available/example.com.conf /etc/httpd/sites-enabled/example.com.conf

Your virtual host is now configured and ready to serve content. Before restarting the Apache service, let’s make sure that SELinux has the correct policies in place for your virtual hosts.

SELinux is a Linux kernel security module that brings heightened security for Linux systems. CentOS 8 comes equipped with SELinux configured to work with the default Apache configuration. Since you changed the default configuration by setting up a custom log directory in the virtual hosts configuration file, you will receive an error if you attempt to start the Apache service. To resolve this, you need to update the SELinux policies to allow Apache to write to the necessary files.

There are different ways to set policies based on your environment’s needs as SELinux allows you to customize your security level. This step will cover two methods of adjusting Apache policies: universally and on a specific directory. Adjusting policies on directories is more secure, and is therefore the recommended approach.

Adjusting Apache Policies Universally

Setting the Apache policy universally will tell SELinux to treat all Apache processes identically by using the httpd_unified Boolean. While this approach is more convenient, it will not give you the same level of control as an approach that focuses on a file or directory policy.

Run the following command to set a universal Apache policy:

  1. sudo setsebool -P httpd_unified 1

The setsebool command changes SELinux Boolean values. The -P flag will update the boot-time value, making this change persist across reboots. httpd_unified is the Boolean that will tell SELinux to treat all Apache processes as the same type, so you enabled it with a value of 1.

Adjusting Apache Policies on a Directory

Individually setting SELinux permissions for the /var/www/example.com/log directory will give you more control over your Apache policies, but may also require more maintenance. Since this option is not universally setting policies, you will need to manually set the context type for any new log directories specified in your virtual host configurations.

First, check the context type that SELinux gave the /var/www/example.com/log directory:

  1. sudo ls -dlZ /var/www/example.com/log/

This command lists and prints the SELinux context of the directory. You will receive output similar to the following:

Output
drwxr-xr-x. 2 root root unconfined_u:object_r:httpd_sys_content_t:s0 6 Apr 23 23:51 /var/www/example.com/log/

The current context is httpd_sys_content_t, which tells SELinux that the Apache process can only read files created in this directory. In this tutorial, you will change the context type of the /var/www/example.com/log directory to httpd_log_t. This type will allow Apache to generate and append to web application log files:

  1. sudo semanage fcontext -a -t httpd_log_t "/var/www/example.com/log(/.*)?"

Next, use the restorecon command to apply these changes and have them persist across reboots:

  1. sudo restorecon -R -v /var/www/example.com/log

The -R flag runs this command recursively, meaning it will update any existing files to use the new context. The -v flag will print the context changes the command made. You will receive the following output confirming the changes:

Output
Relabeled /var/www/example.com/log from unconfined_u:object_r:httpd_sys_content_t:s0 to unconfined_u:object_r:httpd_log_t:s0

You can list the contexts once more to see the changes:

  1. sudo ls -dlZ /var/www/example.com/log/

The output reflects the updated context type:

Output
drwxr-xr-x. 2 root root unconfined_u:object_r:httpd_log_t:s0 6 Apr 23 23:51 /var/www/example.com/log/

Now that the /var/www/example.com/log directory is using the httpd_log_t type, you are ready to test your virtual host configuration.

Once the SELinux context has been updated with either method, Apache will be able to write to the /var/www/example.com/log directory. You can now successfully restart the Apache service:

  1. sudo systemctl restart httpd

List the contents of the /var/www/example.com/log directory to see if Apache created the log files:

  1. ls -lZ /var/www/example.com/log

You’ll receive confirmation that Apache was able to create the error.log and requests.log files specified in the virtual host configuration:

Output
-rw-r--r--. 1 root root system_u:object_r:httpd_log_t:s0 0 Apr 24 00:06 error.log -rw-r--r--. 1 root root system_u:object_r:httpd_log_t:s0 0 Apr 24 00:06 requests.log

Now that you have your virtual host set up and SELinux permissions updated, Apache will now serve your domain name. You can test this by navigating to http://example.com, where you should see something like this:

Success! The example.com virtual host is working!

This confirms that your virtual host is successfully configured and serving content. Repeat Steps 4 and 5 to create new virtual hosts with SELinux permissions for additional domains.

Conclusion

In this tutorial, you installed and managed the Apache web server. Now that you have your web server installed, you have many options for the type of content you can serve and the technologies you can use to create a richer experience.

If you’d like to build out a more complete application stack, you can look at this article on how to configure a LAMP stack on CentOS 8.

Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.

Learn more about our products

About the authors
Default avatar

Senior Manager, DevEd

Open source advocate and lover of education, culture, and community.



Still looking for an answer?

Ask a questionSearch for more help

Was this helpful?
 
Leave a comment


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Join the Tech Talk
Success! Thank you! Please check your email for further details.

Please complete your information!

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.