Apache Config & HTTPS/SSL Notes

apache-notes.md

Apache Ubuntu Starter Kit

Links

• Let's Encrypt Apache - Ubuntu 18.04 (Bionic)
• Comparison of Let's Encrypt setup (post cerbot) for NodeJS, Apache& NGINX
• Important Apache files and directories

Installing Apache (Ubuntu 18.04)

• Installing Apache
• Restart server: sudo service apache2 restart (same for stop, start)

Making and enabling an Apache config (.conf) file

• cd /etc/apache2/sites-available
• sudo vim mysite.com.conf
• Add config information
• sudo a2ensite mysite.com.conf
• If this worked, should appear in /etc/apache2/sites-enabled
• It will tell you if there was an error, but you'll often need to see logs for detail.
• To restart Apache to effect these changes, run sudo systemctl reload apache2
• See logs for Apache and individual sites at /var/log/apache2/
• To test for config errors: sudo apache2ctl configtest

Modules

• Modules available: /etc/apache2/mods-available
• Enable a module: a2enmod [module filename]
• Enabled mods: /etc/apache2/mods-enabled

Key Tips

• Key modules to enable (a2enmod): ssl, proxy, proxy_http
• Directing a url: ServerName and ServerAlias
  • Both can be used in the same file - no need for duplicate .conf file for each subdomain
  • Any number of ServerAlias lines can be used for an arbitrary number of domains (though using your DNS records might be the best first defense)
• Encrypt easily with certbot (see Let's Encrypt link above)
  • Will edit your config files and make a -le-ssl.conf suffix file automatically for your https version
  • Must have the DNS (Google Domains etc.) pointed to it (A record) for verification/completion
• Node server and other port-based microservices use Proxy, straight static serving (e.g. React app) don't need this.