Debian: Web Server

From ReceptiveIT
Jump to: navigation, search

Installing Apache v2.0

monique:/# apt-get install apache2

Installing PHP5 =

monique:/# apt-get install php5

Setting up a secure web server

Generate self-signed certificate

openssl req -new > certificate.csr
openssl rsa -in privkey.pem -out certificate.pem
openssl x509 -in certificate.csr -out certificate.cert -req -signkey certificate.pem -days 3650

Modify the default virtualhost

vi /etc/apache2/sites-available/default

Look for

NameVirtualHost *
<VirtualHost *>

and change to

NameVirtualHost *:80
<VirtualHost *:80>

Create a file for the secure virtualhost

vi /etc/apache2/sites-available/secure
<VirtualHost *:443>
 SSLEngine on
 SSLOptions +StrictRequire
 SSLCertificateFile /etc/apache2/certificate.cert
 SSLCertificateKeyFile /etc/apache2/certificate.pem

 ServerAdmin [email protected]

 DocumentRoot /var/www/http
 <Directory />
  Options FollowSymLinks
  AllowOverride None
 </Directory>
 <Directory /var/www/http/>
  Options Indexes FollowSymLinks MultiViews
  AllowOverride None
  Order allow,deny
  allow from all
  # This directive allows us to have apache2's default start page
  # in /apache2-default/, but still have / go to the right place
  #RedirectMatch ^/$ /apache2-default/
 </Directory>

 ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
 <Directory "/usr/lib/cgi-bin">
  AllowOverride None
  Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
  Order allow,deny
  Allow from all
 </Directory>

 ErrorLog /var/log/apache2/error.log

 # Possible values include: debug, info, notice, warn, error, crit,
 # alert, emerg.
 LogLevel warn

CustomLog /var/log/apache2/access.log combined
ServerSignature On

Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
 Options Indexes MultiViews FollowSymLinks
 AllowOverride None
 Order deny,allow
 Deny from all
 Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>

</VirtualHost>

Turn on SSL

monique:/var/www# a2enmod ssl
Module ssl installed; run /etc/init.d/apache2 force-reload to enable.
monique:/var/www# /etc/init.d/apache2 force-reload