Apache HTTP Server Version 2.4

HowTO setup a Web Server using "Apache HTTP Server" on Ubuntu 20.04

INTRO - OBJ

In this guide we will Setup apache2 to serve multiple sites on the same server installation, also known as "virtual sites"
Later we will use certbot to get certificates for our domains and secure our connection in the browser.

BOOKs

  Apache: The Definitive Guide (3rd Edition)
  Pro Apache (3rd Edition)

DOCs

  Name-based Virtual Hosts (More than one web site per IP address)
  VirtualHost Examples

VIDs

  (YouTube) Apache Server | Setup Virtual Host on Ubuntu Server 20.04

CONFIGs

• /etc/apache2/apache2.conf
• /etc/apache2/sites-available/000-default.conf

-- Prerequisites

• DNS "A" record with blizblaze.com pointing to public IP of server
• DNS "A" record with www.blizblaze.com pointing to pub IP (optional)
• Router ports open/fwd "80,443"

00 Update

# updateCopy

-- Install pkg

# sudo apt install apache2Copy

-- Check install successful

# sudo systemctl status apache2Copy

-- Run Apache service on startup (not sure if required on newer systems, default is enable??)

• # sudo systemctl enable apache2

-- IF using ufw (uncomplicated Fire Wall, ports 80,443)

# sudo ufw allow 'Apache Full'Copy

-- Make DIR of Virtual site (Virtual site can have multiple DIRs/sites)

# sudo mkdir -p /var/www/blizblaze.comCopy

# sudo mkdir -p /var/www/blizblaze.usCopy

-- Change owner and permissions on newly created virtual DIRs /var/www/bliz*

# cd /var/wwwCopy

# sudo chown -R www-data:www-data blizblaze.comCopy

# sudo chown -R www-data:www-data blizblaze.usCopy

# sudo chmod -R 775 blizblaze.comCopy

# sudo chmod -R 775 blizblaze.usCopy

OR (Allow any user to modify web dir)

• # sudo chmod -R 777 /var/www/

-- Add admin/sudo user to 'www-data' group if not already done so (LOG OUT and back in for changes to take effect)

# sudo usermod -a -G www-data $USERCopy

-- Backup original virtual host config file "000-default.conf"

# cd /etc/apache2/sites-available/Copy

# sudo cp 000-default.conf 000-default.conf.origCopy

-- Create config for EACH virtual site/domain

# sudo cp 000-default.conf ./blizblaze.com.confCopy

# sudo cp 000-default.conf ./blizblaze.us.confCopy

-- Edit new config for EACH site/domain

# sudo nano /etc/apache2/sites-available/blizblaze.com.confCopy

<VirtualHost *:80>
  ServerAdmin webmaster@localhost       ;Leave alone
  ServerName blizblaze.net            ;add this line
  ServerAlias www.blizblaze.net        ;add this line
  DocumentRoot /var/www/blizblaze.net  ;Edit path
</VirtualHost>

NOTE

If you want to use another port other than the standard port 80 edit the line above "<VirtualHost *:80>"

<VirtualHost *:8080>

-- Enable each site/doman

# sudo a2ensite blizblaze.com.confCopy

# sudo a2ensite blizblaze.us.confCopy

-- Disable default site (optional but reccomended)

• # sudo a2dissite 000-default.conf

-- Restart apache

# sudo systemctl restart apache2Copy

DONE test site *open browser goto blizblaze.com

Lets Encrypt

HOW-To Secure Apache with Let's Encrypt (certbot) on Ubuntu 22.04, 20.04, 18.04, LTS

INTRO - OBJ

In this guide we will Setup secure connection on apache2 web server
We will use certbot and Let's Encrypts free service, setup auto renew every 45 days.

BOOKs

DOCs

  Certbot User Guide
  Where are my certificates?
  certbot.eff.org/instructions

VIDs

  How to Secure Apache with Let's Encrypt on Ubuntu 22.04 20.04 18.04 LTS
  OR
  Migrate Certbot certs

CONFIGs

/etc/letsencrypt/

/etc/letsencrypt/live/

/etc/letsencrypt/archive/blizblaze.com

Logs

/var/log/letsencrypt/

--Prerequisites

a working apache http 2.4 server install

00 Update

# update

01 Install certbot

# install certbot python3-certbot-apache -y

02 Obtain SSL Certs (this command gets cert AND has certbot edit your apache config file to serve it turning on HTTPS access in a single command)

# sudo certbot --apache

03 Restart apache

# sudo systemctl restart apache2

04 Test certbot config and setup (print any certificates)

# certbot certificates

DONE test site *open browser goto blizblaze.com

-- FAQ EXAMPLES
# Obtain and install a certificate:
certbot

# Obtain a certificate but don't install it anywhere:
certbot certonly

# You may specify multiple domains with -d and obtain and install different certificates by running Certbot multiple times:
certbot certonly -d example.com -d www.example.com
certbot certonly -d app.example.com -d api.example.com

**************************************
***** OLD Cert Migration INFO *****
**************************************

--Move only certs located in '/etc/letsencrypt/archive/blizblaze.com/' ;These are the files u are looking for!!!
--Other files located in "/etc/letsencrypt" entire DIR from old server to backup ;DO NOT MOVE ENTIRE DIR
--If symlinks are not created on new server automatically, u will need to create them manually ;they will not be automatic
--IF error while installing config file '/etc/letsencrypt/cli.ini' choose Y for "install the package maintainer's version"
--after cp old certs to new server run command '#sudo certbot --apache' this recreates files
/etc/apache2/sites-enabled/000-default-le-ssl.conf -> /etc/apache2/sites-available/000-default-le-ssl.conf
--IF error with certbot command, may need to comment out line on config file '/etc/letsencrypt/cli.ini'
#preconfigured-renewal = True