Httpd Installation
Internal
Overview
This article document installation on Linux RHEL. For Mac or Windows installation, go to Mac and Windows.
Compilation
Installation
yum install httpd
Create the Operational Account
httpd installed with yum
If httpd is installed with yum, the installation script usually creates a user ("apache"). If yes, use that user. The default behavior is for the httpd to start as a root (via /etc/init.d/httpd) and then switch to the Unix user declared as in /etc/httpd/conf/httpd.conf as "User" and "Group".
httpd installed from scratch
Otherwise, if httpd is compiled from scratch, for security reasons, it's best if httpd is operated by its own Unix user and group, with as little permissions as possible.
groupadd -g 101 httpd useradd -c "httpd operational user" -d /home/httpd -g httpd -m -u 101 httpd
Set Standard Environment
httpd installed with yum
Configuration directory: /etc/httpd/conf and /etc/httpd/conf.d.
The module directory: /usr/lib/httpd/modules (linked from /etc/httpd)
The run directory: /var/run/httpd (linked from /etc/httpd)
The log directory: /var/log/httpd (linked from /etc/httpd)
When installed with yum, httpd is designed to be operated by root, and switch to "apache" at runtime, so add the following aliases to ~root/.bashrc:
... alias cda='cd /etc/httpd' alias cdac='cd /etc/httpd/conf' alias cdal='cd /var/log/httpd' alias cdar='cd /var/run/httpd' ...
httpd installed from scratch
In <httpd-user>/.bashrc:
... APACHE_HOME=/home/webr/httpd-2.2.17 PATH=${PATH}:${APACHE_HOME}/bin export PATH APACHE_HOME alias cda='cd ${APACHE_HOME}' alias cdal='cd ${APACHE_HOME}/logs' alias cdac='cd ${APACHE_HOME}/conf' ...
Create Start/Stop Scripts
httpd installed with yum
If httpd installed with yum, the startup scripts is already created (/etc/init.d/httpd). Use it.
httpd installed from scratch
Otherwise, create a similar one.
This also works:
$APACHE_HOME/bin/apachectl start $APACHE_HOME/bin/apachectl stop
Start at Boot
chkconfig --level 2345 httpd on
Configure iptables
iptables-save > /tmp/iptables.cfg
Add the following:
-A INPUT -p tcp -m state --state NEW --dport 80 -j ACCEPT -A INPUT -p tcp -m state --state NEW --dport 443 -j ACCEPT
right under the:
-A INPUT -m state --state ESTABLISHED -j ACCEPT
line. Then:
iptables-restore < /tmp/iptables.cfg iptables-save > /etc/sysconfig/iptables
If planning to only run the SSL version, do not add the port 80 line.
Reboot and make sure the server can be accessed
Configure
Modify ${APACHE_HOME}/conf/httpd.conf. See:
Prevent Access to the cgi-bin Script
Specify Require all denied in:
<Directory "/var/www/cgi-bin"> AllowOverride None Options None Require all denied </Directory>
Configure httpd to Start at Boot
systemctl enable httpd
Start and Smoke
Start the instance and make sure it starts fine with the default configuration.
Mac
brew install ?
Windows
- Download the installer
- Install on port 80, as a service
- Install in C:/httpd-2.2.22 ...
- Configure the service to start manually (by default it starts automatically)
- Manually start/stop the service