Cloud servers from $4/mo - Grab the Deal! Let’s start ->
English
Community
Sign In
Sign In

How to Disable Directory Browsing on Apache

How to Disable Directory Browsing on Apache
JC Brian Refugia
Technical writer
Apache
05.09.2024
Reading time: 9 min
Share

When using an Apache server, directory browsing creates a security issue since it allows unauthorized users to view the organization and contents of your website's directories. Directories without an index file, such as index.html or index.php, may by default allow users to view their contents through Apache. Directories without an index file, such as index.html or index.php, may by default allow users to view their contents through Apache. This feature is considered by many as a terrible practice for production servers, despite the fact that it can be helpful in some development contexts. In order to improve the safety features of the website and prevent unauthorized access to vital information, one should take the easy but crucial action of disabling directory browsing on the website's server. This tutorial will show how to prevent directory surfing on an Apache web server, so that directories stay hidden from the attackers. 

Prerequisites

  • A cloud server with installed and running Apache

  • Access to the Apache Server 

Understanding Directory Browsing in Apache

When no specified file (like index.html or index.php) is present to be displayed as the default page, the web server can show the contents of a directory. This is known as directory browsing in Apache. Users who have directory browsing enabled can view a list of files and folders within a directory by navigating to a URL that matches a directory path on the server. 

Depending on how the server is configured, directory browsing may or may not be enabled by default for Apache. The Apache configuration files' Options directive manages this behavior. The Indexes option there establishes whether directory browsing is permitted. Directory browsing will be available for the designated directories if the Indexes option is included in the configuration.

Directory browsing presents a number of risks in a production setting, even though it may be helpful for some types of file repositories or during development. Users may end up with access to private information—like configuration files, backup files, or temporary files—that were not intended to be shared with the public. Leaving a directory structure exposed could lead to the discovery of security flaws like outdated script versions, incorrect setups, or files containing known vulnerabilities. Directory browsing could be used by unauthorized users to obtain information for a more focused attack on the system or to download things that need to be kept secret.

Disabling Directory Browsing in the Main Configuration File

It's simple to disable directory browsing in the Apache main configuration file by changing the Options directive to make sure the Indexes option is disabled. This directive determines how directories behave in a number of ways, such as whether directory browsing is permitted. By modifying the primary Apache configuration file, you can turn off directory browsing as follows:

  1. Depending on your operating system, the primary Apache configuration file is normally found in one of the following directories:

    • Debian/Ubuntu
/etc/apache2/apache2.conf
    • CentOS/RHEL
/etc/httpd/conf/httpd.conf

  1. Make a backup on the configuration file above by running the command below.

sudo cp -rp /etc/apache2/apache2.conf /etc/apache2/apache2.conf.backup

  1. Open the file and edit it with a text editor such as Vim or Nano.

nano /etc/apache2/apache2.conf

  1. Find the Directory Configuration Block. There are multiple blocks in the configuration file. These blocks specify configurations for particular server folders. The root directory is the highest-level directory on the server, and the settings in the block are applicable to it. Look for a block that is similar to the following:
    Image4
    Within this block look for the line that contains Options (box in red).  It may include the Indexes option, which enables directory browsing.

  1. Remove the Indexes option from the Options directive to disable the directory browsing. This is how the modified directive should appear.
    Image2

  2. Save and exit on the editor.  For changes to take effect, restart the Apache service. Run the command below.

    • Debian/Ubuntu
sudo systemctl restart apache2
    • Centos/RHEL
sudo systemctl restart httpd

  1. Verify that directory browsing has been disabled in order to validate the modifications. Then, use a web browser to access a directory on the server without an index file. Users should get a "403 Forbidden" response instead of a directory listing, indicating that directory browsing is no longer permitted.

Disabling Directory Browsing in Virtual Host Files

With Apache, different websites may be operated; each with its own configuration, on a single server by using virtual hosts. One can change the configuration in the virtual host files to prevent directory browsing for particular websites or virtual hosts. Here's how to make this happen:

  1. Depending on your operating system, the primary Apache configuration file is normally found in one of the following directories:

    • Debian/Ubuntu
/etc/apache2/sites-available/
    • CentOS/RHEL
/etc/httpd/conf.d/

or

/etc/httpd/sites-available/

  1. Every virtual host will have a configuration file of its own, usually called example.com.conf or after the domain or website it serves. Make a backup on the configuration file above by running the command below.

sudo cp  /etc/apache2/sites-available/example.com.conf  /etc/apache2/sites-available/example.com.conf.backup

  1. Open the file above and edit it with a text editor such as Vim or Nano.

nano /etc/apache2/sites-available/example.com.conf

  1. Find the Directory Configuration Block. There are multiple blocks in the configuration file. These blocks specify configurations for particular server folders. The root directory is the highest-level directory on the server, and the settings in the block are applicable to it. Look for a block that is similar to the following:
    Image3
    Within this block look for the line that contains Options (box in red).  it may include the Indexes option, which enables directory browsing.

  2. Remove the Indexes option from the Options directive to disable the directory browsing. This is how the modified directive should appear.
    Image7

  3. Save and exit on the editor.  For changes to take effect, restart the Apache service. Run the command below.

    • Debian/Ubuntu

sudo systemctl restart apache2

    • Centos/RHEL

sudo systemctl restart httpd

  1. Verify that directory browsing has been disabled in order to validate the modifications. Then, use a web browser to access a directory on the server without an index file. Users should get a "403 Forbidden" response instead of a directory listing, indicating that directory browsing is no longer permitted.

Disabling Directory Browsing Using .htaccess Files

With Apache, the.htaccess file is a strong configuration tool that lets users change server settings for individual directories. One can change or create a.htaccess file in the directory where they wish to apply this setting if they don't have access to the main Apache configuration file or if they want to block directory browsing for a particular directory. Using a.htaccess file, users can prevent directory browsing as follows:

  1. To disable directory browsing, navigate to the desired directory. This could be any subdirectory inside the site itself or the document root of the website (/var/www/example.com, for example).

cd /var/www/example.com

  1. If there's already a .htaccess file in the directory, one can edit it with a text editor. Otherwise, one can make a fresh .htaccess file

sudo nano .htaccess

  1. Add the line below on the file then save and exit.

Options -Indexes

  1. Apache needs to be set up to permit .htaccess overrides in the appropriate directory in order for the .htaccess file to function. The AllowOverride directive in the virtual host or Apache configuration files controls this. Verify that the virtual host file or directory block in the Apache configuration permits overrides, as shown below.
    Image6

  2. Verify that directory browsing has been disabled in order to validate the modifications. Then, use a web browser to access a directory on the server without an index file. Users should get a "403 Forbidden" response instead of a directory listing, indicating that directory browsing is no longer permitted.

Troubleshooting Common Issues

Although it is usually simple to disable directory browsing on Apache, there are certain issues that make the setup not work as intended. Users can solve typical problems while deactivating directory browsing on Apache by checking the list of solutions provided below.

  1. Directory browsing remains enabled even after making changes to the. htaccess file or Apache settings. To make the modifications take effect, make sure to restart the Apache server. Use the command that is right for your operating system.

    • Debian/Ubuntu

sudo systemctl restart apache2

    • CentOS/RHEL

sudo systemctl restart httpd

  1. Check to see if the Apache user is allowed to view the modified configuration files or the .htaccess file. These files may not be readable by Apache due to incorrect file permissions. Perform the following if issue has been encountered.

sudo chmod 644 /path/to/.htaccess
    • Debian/Ubuntu
sudo chown www-data:www-data /path/to/.htaccess  
    • CentOS/RHEL
sudo chown apache:apache /path/to/.htaccess

  1. Users get a "403 Forbidden" error for all requests after disabling directory browsing, even when trying to access files that are supposed to be available. To enable Apache to serve files, make sure the directory permissions are set appropriately. Run the command to fix it.

sudo chmod 755 /var/www/example.com

  1. Make sure the AllowOverride directive in the Apache configuration is set to All, or at the very least, to allow the Options directive, especially if users are using a.htaccess file.
    Image6

  2. After changing the configuration to deactivate directory browsing, Apache either fails to start or restarts with issues. Before restarting Apache, run a syntax check on the configuration files to identify any errors.
sudo apachectl configtest

  1. For more details on the reason why Apache is not starting, review the Apache error logs.

    • Debian/Ubuntu
sudo tail -f /var/log/apache2/error.log 
    • CentOS/RHEL
sudo tail -f /var/log/httpd/error_log

CONCLUSION

One of the most important things one can do to secure the web server is to disable directory browsing on Apache. The directories' contents can be kept hidden from unauthorized users, lowering the possibility of vulnerable information and sensitive data being exposed. Using.htaccess files, virtual host file adjustments, and changes to the main Apache configuration file are some of the methods available to stop directory browsing. There is flexibility in each option based on the server configuration and access level. Knowing how to limit directory browsing at different levels is important for those who oversee a single site or a number of virtual hosts. It guarantees that the server is safe and properly setup. Even though the procedure is normally simple, be ready to troubleshoot common problems to make sure the modifications are implemented correctly, such as wrong permissions, conflicting setups, or syntax errors. These actions will help to safeguard information, improve the security of the Apache server, and give users a safer environment. Maintaining a strong and secure online infrastructure includes routinely checking and updating the server's settings, as well as turning off pointless functions like directory browsing.

Apache
05.09.2024
Reading time: 9 min
Share

Similar

Apache

How to Install Apache on CentOS

The Apache web server is the most widely used platform for deploying HTTP-based services. Its popularity is due to its support for dynamically loadable modules, compatibility with various file formats, and integration with other software tools. Prerequisites To install the Apache HTTP server following this guide, you will need: A local computer or a cloud server with CentOS 9 installed A user with sudo privileges or root Enabled firewalld Step 1: Install Apache The Apache package is available in the official CentOS repository, so you can install it using dnf. First, update the package list: sudo dnf update -y Run the following command to install Apache: sudo dnf install httpd -y The package manager will install the Apache web server and all necessary dependencies on CentOS. Step 2: Configuring the Firewall To operate the web server, you’ll need to configure the firewall to allow HTTP and HTTPS traffic: sudo firewall-cmd --permanent --add-service=httpsudo firewall-cmd --permanent --add-service=https After running these commands, restart the firewall to apply the new rules: sudo firewall-cmd --reload The Apache installation is now complete, and you can start the web server and check its functionality. Step 3: Checking the HTTP Server Once installed, Apache isn’t running yet, so you need to enable and start it using these commands: sudo systemctl enable httpdsudo systemctl start httpd To verify if the Apache service has started, use this command: sudo systemctl status httpd If the web server is running correctly, you should see a message showing the status as active (running): ● httpd.service - The Apache HTTP Server     Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; preset: disabled)     Active: active (running) since Thu 2024-11-07 07:34:27 GMT; 6s ago Another way to check is to open the server’s IP address in a browser: http://your_server_ip You can find your server’s IP on the server's Dashboard or in an email received after setting up the server. Step 4: Managing the Apache Service Now, you can try some systemctl commands for interacting with the Apache service.  For example, to stop the HTTP server, use: sudo systemctl stop httpd To start it again, use: sudo systemctl start httpd For a complete restart, such as when applying configuration changes: sudo systemctl restart httpd To reload Apache without interrupting active connections, use: sudo systemctl reload httpd We enabled Apache to start automatically when the server boots. If you prefer to disable this option, run: sudo systemctl disable httpd These commands allow you to manage the Apache process easily. Step 5: Setting Up Virtual Hosts The default Apache HTTP server configuration allows for hosting only one site. However, you can set up virtual hosts to host multiple sites with separate resources. Virtual hosts in Apache work similarly to those in Nginx. They allow you to separate configurations and host multiple domains on a single virtual or physical server. In this guide, we’ll use a placeholder site called example.com. When configuring, replace it with your actual domain. Create the html directory for example.com: sudo mkdir -p /var/www/example.com/html Create a directory for log files: sudo mkdir -p /var/www/example.com/log Set permissions for the html directory. Assign ownership to the $USER environment variable. sudo chown -R $USER:$USER /var/www/example.com/html Verify standard permissions for the root directory: sudo chmod -R 755 /var/www Create an index.html file. You can use any code editor to create this file. For example, with vi: sudo vi /var/www/example.com/html/index.html Add simple content to the file: <html> <head> <title>Welcome to Example.com!</title> </head> <body> <h1>Success! The example.com virtual host is working!</h1> </body> </html> After saving index.html, you’re nearly ready to set up the configuration files for each domain. These files will tell Apache how to handle requests for each virtual host. Create directories for virtual host configurations. The configuration files for individual domains are stored in a sites-available directory, while the sites-enabled directory will contain symbolic links to sites that are ready to receive traffic: sudo mkdir /etc/httpd/sites-available /etc/httpd/sites-enabled Now, you need to instruct the HTTP server to find virtual hosts in the sites-enabled directory. To do this, modify the main Apache configuration file by running the following command: sudo vi /etc/httpd/conf/httpd.conf Then, move the cursor to the very end of the file and add the following lines: # Supplemental configuration # # Load config files in the "/etc/httpd/conf.d" directory, if any. IncludeOptional conf.d/*.conf IncludeOptional sites-enabled/*.conf Now, it’s time to create the virtual host configuration file: sudo vi /etc/httpd/sites-available/example.com.conf In this file, add the following configuration: <VirtualHost *:80> ServerName www.example.com ServerAlias example.com DocumentRoot /var/www/example.com/html ErrorLog /var/www/example.com/log/error.log CustomLog /var/www/example.com/log/requests.log combined </VirtualHost> Make sure to replace example.com with your actual domain name. This configuration tells the web server where to find the site’s root directory and where to store the error and access logs. After saving and closing the file, you need to activate the virtual host by creating a symbolic link for the domain in the sites-enabled directory: sudo ln -s /etc/httpd/sites-available/example.com.conf /etc/httpd/sites-enabled/example.com.conf At this point, the configuration is complete, and the host is ready to function. However, before restarting the web server, it’s a good idea to check if the SELinux module is correctly handling requests. Step 6: Configuring Permissions in SELinux The SELinux (Security-Enhanced Linux) module enhances the operating system's security. CentOS comes with a preconfigured SELinux package that works with Apache. However, since we've made changes, starting the web server services might result in an error. To resolve this, you need to adjust SELinux policies for Apache. There are two ways to adjust these policies: a universal approach and a folder-specific approach. Option 1: Universal Approach This method allows the SELinux security module to use any Apache processes via the httpd_unified boolean variable. It’s convenient but doesn’t allow separate policies for individual directories and files. To enable the universal policy, run: sudo setsebool -P httpd_unified 1 The setsebool command is used to modify boolean values, and the -P flag ensures that the change is persistent across reboots. In this case, the httpd_unified boolean is activated with the value 1. Option 2: Adjusting SELinux Policies for Specific Directories This approach requires more steps but allows for more granular control over permissions for each directory or file. You’ll need to specify the context type for each new folder manually. For example, to check the parameters of the /var/www/example.com/log directory, run: sudo ls -dlZ /var/www/example.com/log/ You’ll see something like this: drwxr-xr-x. 2 root root unconfined_u:object_r:httpd_sys_content_t:s0 6 Nov 07 09:01 /var/www/example.com/log/ You can see that the context used is httpd_sys_content_t, meaning Apache can only read files placed in this folder. To change the context to httpd_log_t so that the web server can write to log files, run: sudo semanage fcontext -a -t httpd_log_t "/var/www/example.com/log(/.*)?" This command will set the correct context for the log directory and its contents, allowing Apache to write log entries. Apply the changes using the following command: sudo restorecon -R -v /var/www/example.com/log The -R flag allows the command to run recursively, updating existing files, and the -v flag will display the changes being made. You should see an output like this: Relabeled /var/www/example.com/log from unconfined_u:object_r:httpd_sys_content_t:s0 to unconfined_u:object_r:httpd_log_t:s0 If you want to verify that the context type has been updated, check the current status again: sudo ls -dlZ /var/www/example.com/log/ The output should look like this: drwxr-xr-x. 2 root root unconfined_u:object_r:httpd_log_t:s0 6 Nov 07 09:01 /var/www/example.com/log/ Step 7: Testing the Virtual Host After adjusting the SELinux permissions, the Apache server should now be able to write data to the /var/www/example.com/log directory. Let’s restart the Apache service: sudo systemctl restart httpd Next, list the contents of the /var/www/example.com/log directory to verify that the system has created the log files: ls -lZ /var/www/example.com/log You should see output similar to this: -rw-r--r--. 1 root root system_u:object_r:httpd_log_t:s0 0 Nov 07 09:06 error.log-rw-r--r--. 1 root root system_u:object_r:httpd_log_t:s0 0 Nov 07 09:06 requests.log The first line confirms the existence of the error.log file, and the second confirms the presence of the requests.log file. Now, you can check the functionality of the domain through a browser. You should see a message like: Success! The example.com virtual host is working This confirms that the virtual host has been successfully set up and is serving content. Repeat steps 5 and 6 for each new site, replacing the domain with the appropriate one. Conclusion In this tutorial, we've walked through installing and configuring Apache on CentOS 9, including setting up virtual hosts for multiple domains. We covered installation with dnf, configuring firewall rules, enabling Apache to start on boot, and managing its service using systemctl. We also explored SELinux configuration for proper permissions, ensuring Apache can read and write log files. With these steps, you'll have a functional web server ready to host sites and deploy content.
11 November 2024 · 8 min to read
Apache

How To Secure Apache with Let's Encrypt on CentOS 9

Securing your Apache web server with SSL is essential for protecting data and ensuring user trust. Let's Encrypt provides a free and automated way to obtain and install SSL certificates. This guide will walk you through the steps to secure Apache with Let's Encrypt on CentOS 9. In this tutorial, you will learn how to install and secure Apache with Let's Encrypt SSL certificates on a CentOS 9 server. This includes installing Apache, obtaining an SSL certificate from Let's Encrypt, configuring Apache to use the SSL certificate, and automating certificate renewal. Prerequisites Before you begin, ensure you have the following: A CentOS 9 cloud server with a sudo non-root user. A registered domain name pointing to your server's IP address. Installing Apache on CentOS 9 First, update your package index and install Apache: sudo dnf updatesudo dnf install httpd Configuring Apache Virtual Host To serve your website, you need to configure a virtual host for your domain. 1. Create a Directory for Your Website Create a directory where your website files will be stored. For example, if your domain is example.com:    sudo mkdir -p /var/www/example.com/htmlsudo chown -R $USER:$USER /var/www/example.com/htmlsudo chmod -R 755 /var/www/example.com 2. Create a Test Page Create a simple test page to ensure your virtual host is working: echo '<html><head><title>Welcome to Example.com!</title></head><body><h1>Success! The Example.com server block is working!</h1></body></html>' > /var/www/example.com/html/index.html 3. Create the Virtual Host Configuration File Create a configuration file for your virtual host:   sudo vi /etc/httpd/conf.d/example.com.conf Add the following configuration:     <VirtualHost *:80>ServerName example.comServerAlias www.example.comDocumentRoot /var/www/example.com/html<Directory /var/www/example.com/html>Options Indexes FollowSymLinksAllowOverride AllRequire all granted</Directory>ErrorLog /var/log/httpd/example.com_error.logCustomLog /var/log/httpd/example.com_access.log combined</VirtualHost> Replace example.com with your actual domain name. 4. Test the Configuration  Run the following command to check for syntax errors: sudo apachectl configtest If the output is `Syntax OK`, you can proceed. 5. Restart Apache Restart Apache to apply the new configuration: sudo systemctl start httpd Now check the status of the httpd service: sudo systemctl status httpd Now, you can access your website by typing your domain name in the web browser (e.g., http://example.com). If you see the test page, your Apache server is configured correctly. Enable Apache to start on boot: sudo systemctl enable httpd Installing Certbot Certbot is a straightforward tool that simplifies the process of obtaining a certificate from Let's Encrypt and installing it on your web server. To get started with Certbot, you first need to activate the EPEL repository. After that, you can install the Certbot Apache plugin by running these commands: sudo dnf install epel-release Install Certbot and the Apache plugin: sudo dnf install certbot python3-certbot-apache Obtaining an SSL Certificate Once Certbot is set up, you can proceed to request an SSL certificate for your domain. Execute the following command and follow the interactive prompts: sudo certbot --apache -d your_domain -d www.your_domain Throughout the process, you'll be asked to enter an email address for notifications and to accept the terms of service. Additionally, you'll have the option to redirect HTTP traffic to HTTPS, which is recommended for enhanced security. Verifying HTTPS Configuration Once the certificate is issued, Certbot will automatically adjust your Apache configuration. To confirm these changes, reload Apache with the following command: sudo systemctl restart httpd Next, open your web browser and visit your domain with https://. You should see a lock icon, signifying that your site is now secure. Automating Certificate Renewal Let's Encrypt certificates are valid for 90 days. To automate the renewal process, create a cron job: sudo crontab -e Add the following line to renew the certificate automatically: 0 0 * * * /usr/bin/certbot renew --quiet This cron job will run daily at midnight, and Certbot will renew the certificate if it is within 30 days of expiration. Configuring Apache to Use Let's Encrypt SSL Certbot automatically configures Apache to use the obtained SSL certificate. However, you can manually adjust the configuration if needed. Open the Apache SSL configuration file: sudo vi /etc/httpd/conf.d/ssl.conf Ensure the following lines are present and correctly configured: SSLCertificateFile /etc/letsencrypt/live/your_domain/fullchain.pemSSLCertificateKeyFile /etc/letsencrypt/live/your_domain/privkey.pemSSLCertificateChainFile /etc/letsencrypt/live/your_domain/chain.pem Restart Apache to apply the changes: sudo systemctl restart httpd Testing SSL Configuration Test your SSL configuration using an online tool like SSL Labs' SSL Test. Enter your domain to ensure everything is set up correctly. Troubleshooting Common Issues Issue: Certbot Command Not Found If you encounter a "command not found" error when running Certbot, ensure it is installed correctly and try reinstalling: sudo dnf install certbot python3-certbot-apache Issue: Apache Not Restarting If Apache fails to restart after configuring SSL, check the configuration files for syntax errors: sudo apachectl configtest Fix any errors and try restarting Apache again: sudo systemctl restart httpd Conclusion Securing Apache with Let's Encrypt SSL on CentOS 9 enhances the security of your web server and ensures the integrity of data transmitted between your server and clients. By following this guide, you have successfully installed Apache, obtained and configured an SSL certificate, and automated the renewal process.
29 August 2024 · 5 min to read
Ubuntu

Installing and Configuring Apache on Ubuntu 22.04

The term web server refers to both physical machines and specialized software. In software terms, a web server is a program that implements server logic in a client-server architecture: it accepts HTTP requests from clients and returns the appropriate responses. There are a large number of different web servers that offer their users additional functionality. The user can choose the most suitable solution for their tasks depending on their needs. The most common web servers in 2023 are Nginx and Apache. In this article, we will describe how to install and configure Apache on Ubuntu 22.04 operating system. Prerequisites To install the Apache HTTP server following this guide, you will need: A local computer or a cloud server with Ubuntu 22.04 installed Enabled firewalld What is Apache Apache HTTP Server, or simply Apache, is a free and open-source cross-platform web server. It was developed in 1995 by a group of developers to address the shortcomings of the then-popular NCSA HTTPd web server. NCSA HTTPd was one of the first web servers, developed in 1993 at NCSA, University of Illinois. It was distributed for free and allowed users to host their first web pages. Still, NCSA HTTPd had limited features compared to modern web servers and some other shortcomings that eventually led to the introduction of Apache. A year after its release, Apache gained popularity among hosting companies and developers due to its new functionality and cross-platform nature. In 2005, about 70% of all servers on the Internet were running Apache. Today, this figure is around 20%, and Apache's main competitor is Nginx. Apache consists of two main components: kernel and modules. The kernel performs basic web server functions: it processes configuration files, performs HTTP-related actions, and loads additional modules. Modules allow you to extend the basic functionality of the kernel: support for new programming languages, user authorization, increased security, etc. The Apache team works exclusively on the kernel. Overall, the pros of Apache include: Free software; Customization: Apache web server can be easily customized for specific goals and tasks thanks to many add-ons and its open-source code. Large community; Cross-platform; Good level of performance and security. As to the cons: Resource demanding, mainly when handling a large number of concurrent requests; Limited multithreading: Apache uses multiprocessing technology, placing each connection in a separate thread. The number of such threads is limited, which negatively affects the number of requests; Difficult to configure due to the large number of settings. Installing Apache There are several steps to install Apache: Step 1: Update apt package indexes Before installing any software on Ubuntu, the first thing to do is to update the package indexes. It will ensure that the repository has the latest packages available for installation. Run the following command: sudo apt update Step 2: Install the Apache web server Installing the Apache web server on Ubuntu is a simple process that involves running a single command and rebooting the system.  sudo apt install apache2 After that, reboot the system. Step 3: Start Apache and launch it at boot To start the Apache service, run this command: sudo systemctl start apache2 This command will have to be run every time you start the server. To avoid this, set Apache to start at boot: sudo systemctl enable apache2 Step 4: Check Apache server installation Let's check the status of the Apache service to make sure the installation was successful: service apache2 status Configuring firewall Now that you have installed Apache on Ubuntu, allow external connections through the UFW firewall. UFW (Uncomplicated Firewall) is a command line interface for the iptables Linux firewall. It makes firewall rule management easier and more accessible to newbies. UFW allows you to easily configure firewall rules such as opening or closing ports, blocking or allowing network access, etc. - You can skip this section if your server is not running UFW or does not have a firewall installed. But we recommend using a firewall to keep your device secure. With a firewall enabled, you may find that you cannot connect to the Apache server from a remote device because the ports that Apache uses are closed by default. These are port 80 (HTTP) and port 443 (HTTPS). Even if you plan to work only with HTTPS connections, it's a good idea to allow connections to port 80 so that you can redirect them to HTTPS. First of all, let's make sure that the UFW firewall is enabled: sudo ufw status We should see the Active status. If not, start the ufw service with the following command: sudo ufw enable To allow access to port 80, use the following command in the terminal: sudo ufw allow 80 Now, to use HTTPS, you also need to open port 443. Port 443 is the port that HTTPS runs on by default. So, if you visit a site that uses the "https://" protocol, your web browser will use this port. You can enable this port with this command: sudo ufw allow 443 Accessing your website Now that you have installed the Apache web server on Ubuntu and opened connections in the firewall let's try to access it. If you plan to connect from a remote device, the first thing you need to do is find out the IP address of the Apache server. There are several ways to find this out. The easiest way is to use the hostname command with the -I option. The command will return a list of IP addresses assigned to your device. hostname -I For example, our test server only has a local IP address: 192.168.0.215 This is the address you need to go to in a browser. If you are accessing directly from your Ubuntu server, you can use 127.0.0.1 or localhost instead. You should see a page similar to the one below. This indicates that you have successfully started Apache on Ubuntu. Virtual Servers and VPC with free 24/7 support Conclusion This material covered installing Apache on Ubuntu 22.04, configuring the firewall, and getting the server up and running. When developing a website or web application, these steps will be the first steps towards a finished product. You can rent a cloud server for your project at Hostman.
24 November 2023 · 5 min to read

Do you have questions,
comments, or concerns?

Our professionals are available to assist you at any moment,
whether you need help or are just unsure of where to start.
Email us
Hostman's Support