GIT – The Apache web server is a free open-source HTTP server, that powers most of the web servers accross the Internet. It’s easy to install and to configure and runs on most UNIX and UNIX-like platforms.
In this documentation we will be installing Apache from the FreeBSD Ports Collection. So first make sure that your ports are updated and then proceed with the installation.
In the following document we also cover how to install Apache with PHP support and create SSL certificates for Apache.
Now let’s install:
# cd /usr/ports/www/apache22 && make install clean
When you execute the above command you will be prompted to select different modules support to be installed, along with Apache. If you plan on using Apache together with a database backend for example MySQL or PostgreSQL, or LDAP, make sure you select the corresponding options as well. Otherwise you may safely leave the defaults if your only going to server simple HTML pages for example.
When ready select the OK button and press Enter. The Apache installation will start now. Once the installation is over you will see a similar output:
To run apache www server from startup, add apache22_enable="YES"
in your /etc/rc.conf. Extra options can be found in startup script.
Your hostname must be resolvable using at least 1 mechanism in
/etc/nsswitch typically DNS or /etc/hosts or apache might
have issues starting depending on the modules you are using.
Add the following lines to your /boot/loader.conf, otherwise when you first start Apache you will get warning messages. If you are installing Apache on jail system, you need to add the lines to the host system, not the jails itself:
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
If there are vulnerabilities in these programs there may be a security
risk to the system. FreeBSD makes no guarantee about the security of
ports included in the Ports Collection. Please type 'make deinstall'
to deinstall the port if this is a concern.
For more information, and contact details about the security
status of this software, see the following webpage:
===> Cleaning for php5-5.3.2
In case you need additional modules support for PHP like for example database support like MySQL, PostgreSQL you might want to install the lang/php5-extensions meta-port. If you need different kind of support for PHP, just go ahead and install the lang/php5-extensions module, select the modules you need and then install them.
# cd /usr/ports/lang/php5-extensions && make install clean
Now we need to copy the php.ini configuration file for your PHP installation. There are a number of sample configuration files in /usr/local/etc, that are preconfigured for different setups, so copy the one that most suits your installation.
In this example I’m copying the php.ini-production file for my setup.
The configuration of Apache is straight-forward and most of the configuration is already done for us. So we are just going to change a couple of things in the configuration.
If you have installed PHP support for Apache, as it was described in the previous step, add this line at the end of your Dynamic Shared Objects (DSO) Supportsection of your httpd.conf file. Do not add this line, in case you haven’t installed PHP support for Apache.
Now find the following Include lines and uncomment them. These lines are commented by default in the httpd.conf file.
# Virtual hosts
# Various default settings
# Secure (SSL/TLS) connections
Add these lines at the end of the config file only if you have installed Apache with PHP support:
# Needed by the Apache PHP modules
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
Now that we have configured the main Apache configuration file httpd.conf, we need to configure a couple of more files also from the/usr/local/etc/apache22/extra directory. So let’s go ahead and configure them.
Open for editing httpd-default.conf file:
# vim /usr/local/etc/apache22/extra/httpd-default.conf
Find the ServerTokens and ServerSignature lines and update them as follows:
By default ServerTokens and ServerSignature are configured to reveal a lot of information about the system we are running Apache on, so this is just for security measures, since we don’t want to reveal any information to the outside world about our system.
Now we are going to configure the default Apache vhost:
# vim /usr/local/etc/apache22/extra/httpd-vhosts.conf
Here’s mine httpd-vhosts.conf file. Feel free to suit it for your needs:
# Virtual Hosts
# If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
# Please see the documentation at
# for further details before you try to setup virtual hosts.
# You may use the command line option '-S' to verify your virtual host
# Use name-based virtual hosting.
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
If you do not want to enter the passphrase each time you start Apache, you need to do the following. You will need to enter the passphrase for one last time:
# cd /etc/ssl/apache
# cp server.key server.key-orig
# openssl rsa -in server.key-orig -out server.key
Now that we have our certificates we need to tell Apache where to find them, so open httpd-ssl.conf file for editing, so we can configure our default SSL vhost.
# vim /usr/local/etc/apache22/extra/httpd-ssl.conf
Here’s mine httpd-ssl.conf file. Feel free to suit it for needs. Most of this configuration is already present in your httpd-ssl.conf file, so you will need just to edit the corresponding lines (most of the comments were removed to make it smaller):