How to Install Apache 2.4 on Arch Linux

Published on: Fri, May 31, 2019 at 11:23 am EST
Arch Linux Guides Web Servers

Prerequisites

  • A Vultr server running up to date Arch Linux. See this guide for more information.
  • Sudo access.
    • Commands required to be run as root are prefixed by #, and ones that can be run as a regular user by $. The recommended way to run commands as root is to, as a regular user, prefix each of them with sudo.
  • Have a text editor installed, and be familiar with it, such as vi, vim, nano, emacs and so on.

Install Apache 2.4 Web Server

If you are using a firewall, you will need to enable incoming TCP traffic to port 80.

Install Apache:

# pacman -S apache

Start Apache, and make it start after every boot:

# systemctl enable --now httpd

Test that Apache is running. Visit http://YOUR-SERVER-WEB-ADDRESS-OR-IP, and you will see a page showing "Index of /". Run ip addr if you need to know the IP address.

Apache's configuration file is /etc/httpd/conf/httpd.conf. Although Apache is started by the root user, User http makes it immediately switch to running as this user for security reasons. DocumentRoot "/srv/http" sets where it will look for web files. CustomLog "/var/log/httpd/access_log" common sets where accesses to Apache that are successful will be logged. ErrorLog "/var/log/httpd/error_log" sets where accesses to Apache that error will be logged.

Disabling Indexes

By default, if Apache is given a directory that it does not find an index file with an extension it's configured to use, it will automatically generate an index showing the directory's contents. This can be considered a security vulnerability. To disable it, edit /etc/httpd/conf/httpd.conf and within <Directory "/srv/http">, from Options, delete Indexes. Once restarted, Apache will give an "Access forbidden!" error message, unless a file like /srv/http/index.html exists.

Restart Apache:

# systemctl restart httpd

User Directories

By default, a user's ~/public_html/ directory will be shown at http://YOUR-SERVER-WEB-ADDRESS-OR-IP/~USERNAME/. But, the user http must have executable bit access to the user directory and its public_html directory:

$ mkdir ~/public_html
$ chmod o+x ~/
$ chmod o+x ~/public_html

Additionally, the user http must have read access to individual files. If necessary, run the following command:

$ chmod o+r ~/public_html/<FILES>

If you want to disable user's public_html directories from being on your web server, regardless of directory and file permissions, comment this line (add # to the beginning) in /etc/httpd/conf/httpd.conf:

Include conf/extra/httpd-userdir.conf

Restart Apache:

# systemctl restart httpd

Virtual Hosts

You can host multiple domain names from the same Apache server, and serve them different content.

Create a folder to hold your virtual host configurations:

# mkdir /etc/httpd/conf/vhosts

Create a configuration file for each virtual host, such as /etc/httpd/conf/vhosts/YOUR-DOMAIN-NAME.com:

<VirtualHost *:80>
    ServerAdmin webmaster@YOUR-DOMAIN-NAME.com
    DocumentRoot "/srv/YOUR-DOMAIN-NAME.com"
    ServerName YOUR-DOMAIN-NAME.com
    ServerAlias YOUR-DOMAIN-NAME.com
    ErrorLog "/var/log/httpd/YOUR-DOMAIN-NAME.com-error_log"
    CustomLog "/var/log/httpd/YOUR-DOMAIN-NAME.com-access_log" common

    <Directory "/srv/YOUR-DOMAIN-NAME.com">
        Require all granted
    </Directory>
</VirtualHost>

Make the virtual host serving directory:

# mkdir /srv/YOUR-DOMAIN-NAME.com

At the end of /etc/httpd/conf/httpd.conf, include each of these virtual host configuration files:

Include conf/vhosts/YOUR-DOMAIN-NAME.com

Restart Apache:

# systemctl restart httpd

Requests Apache receives to YOUR-DOMAIN-NAME.com will be served out of /srv/YOUR-DOMAIN-NAME.com. Note requests to Apache not matching a specific ServerName or ServerAlias, just the IP address, or another domain name resolving to your IP, will still be served out of the first virtual host that is included. That said, you should still consider anything in the general DocumentRoot, which defaults to /srv/http, to be somehow accessible.

Want to contribute ?

You could earn up to $300 by adding new articles