After reading several
tutorials and guides on how to install the Apache server in Ubuntu
, the vast majority can be summarized in two lines because they only show the installation process, skipping the configuration completely. In this tutorial, we will not only show
how to install the Apache server, but we will also show how to configure it
correctly so as not to compromise security, at the same time we will optimize resource consumption and explain several useful commands.
Installing Apache will be the first step to have a LAMP environment on our server (Linux, Apache, MySQL, PHP) and this will be the second in a series of articles designed to configure our own server to host a WordPress blog.
Before going into the subject, I must clarify that all the steps described in this tutorial have been tested on a
VPS server
with
Ubuntu 16.04 LTS x64
and
Ubuntu 14.04 LTS x64
.
How to install Apache server on Ubuntu.
Installing Apache on Ubuntu is a simple process that we can get using the
apt
package manager. We need to access our server through the console, in our case we will use
PuTTY
to access the terminal.
As we explained in a previous article, we must choose whether to do a default or custom installation of Apache. You can see the differences between one option and another in the article about
installing LAMP stack or custom environment in Ubuntu
.
Apache installation by default with the official Ubuntu repositories.
If we decide to do a default installation, we will execute the commands:
sudo apt-get update
sudo apt-get install apache2
At the time of writing this article, with this option we will install version 2.4.18 of Apache. With this option we will not install the latest version available, but when using the official Ubuntu repositories we will have stability guarantees.
As I have been able to read, the Ubuntu package update policy only makes an update every six months unless it is a matter of serious security or functionality problems, since in that case it acts as soon as possible.
Custom Apache installation using unofficial repositories.
We can also choose to use a custom repository, I strongly recommend using the
Ondřej Surý PPA repository
, since this technician is in charge of software packaging tasks in the Debian distribution.
Using this custom repository we usually have the latest version of Apache available. At the time of writing this tutorial, version 2.4.20 is available, which is the most recent.
If we choose this option, the command to install Apache is:
sudo add-apt-repository ppa:ondrej/apache2
sudo apt-get update
sudo apt-get install apache2
Once Apache is installed, we can verify that it has been installed correctly by accessing the address
http://la_IP_del_servidor
through the browser and something similar to the following image should be shown on the screen.
At this point we can already say that Apache has been installed correctly and now we proceed with the security configuration and basic optimization.
Security configurations and basic Apache optimizations.
By default, the mpm-event module will be installed and activated
, but in later steps, when we
install
PHP, the multiprocessing module will automatically switch to the mpm-prefork module, which will be the one we will use throughout this tutorial.
At this point, I recommend that you carefully read the article where we explain the
differences between Apache prefork, event and worker multiprocessing modules
.
As we said, by default the mpm-event module will be installed and activated and although it will be automatically changed during the installation of PHP, we will learn to switch between mpm modules and thus leave the mpm-prefork module already activated. We execute the following commands:
-
We deactivate the mpm-event module:
sudo a2dismod mpm_event
-
We activate the mpm-prefork module:
sudo a2enmod mpm_prefork
-
Restart Apache:
sudo service apache2 restart
If you look briefly, the
a2dismod
and
a2enmod
commands allow us to deactivate and activate modules in Apache.
To verify that the mpm module has been changed, we can execute the following command that shows us that mpm multiprocessing module is active in Apache:
sudo a2query -M
You can examine all the available options of the
a2query
command
a2query
executing the command:
sudo a2query -h
Other commands that can help us configure Apache are:
-
Show Apache active modules
:
sudo apache2ctl -M
-
Show Apache static modules
:
sudo apache2ctl -l
The
apache2ctl
command has more options, to consult all available options you must execute the command:
sudo apache2ctl -h
.
Basic security settings in Apache.
Next we will make several modifications to Apache's default settings, to make it a little more secure and not give useful information to potential malicious users.
The first will be to edit the configuration file for security settings, for this we execute the command:
sudo nano /etc/apache2/conf-enabled/security.conf
Within the content we look for the
ServerSignature
and
ServerTokens
variables, so that their values "‹"‹are as shown below:
ServerTokens Prod
ServerSignature Off
With the
ServerTokens Prod
option we will only show in the headers of the HTTP requests that our server is Apache, without showing version or operating system.
With the
ServerSignature Off
option we avoid displaying a footer in the documents generated by the server. These footers include the version of the server and operating system, so it is advisable to keep this data hidden.
Basic Apache optimization.
Next we will make several modifications to the Apache general configuration file to try to achieve better performance.
We will execute the following command:
sudo nano /etc/apache2/apache2.conf
We will adjust the values "‹"‹of the following variables as indicated below:
Timeout 150
MaxKeepAliveRequests 150
KeepAliveTimeout 3
About the KeepAlive option I recommend that you read the article where we explained
how to optimize KeepAlive on Apache servers
.
We will make a last optimization by disabling a module that we will not use and thus avoid consuming resources, it is
mod_status that only shows us statistics of how our server works
. To deactivate mod_status we will execute the command:
a2dismod status
Commands to restart, stop and start Apache.
To restart / stop / start Apache we can use the commands:
service apache2 restart
service apache2 stop
service apache2 start
We can also use the following commands that are more informative:
/etc/init.d/apache2 restart
/etc/init.d/apache2 stop
/etc/init.d/apache2 start
If what we want is to restart only the Apache configuration, it is sufficient to execute one of the following commands:
service apache2 reload
/etc/init.d/apache2 reload
So far for the moment, in the following article we will explain how to install MySQL (MariaDB) on our server. There are some pending things in the Apache configuration, but we will see them calmly when the time comes to install WordPress.
Finally, I recommend always having
Apache documentation
at hand, since this is where we can find the most detailed and orderly information.