How to make an Apache Webserver with SSL
Creating yourself a basic Apache webserver is often the first step in your web development journey. Apache is the base requirement for many web applications and products. Better yet you can use an Apache webserver to host your self-made or generated static websites with something like HUGO.
In this video we will be using Linode to host the server. You can use any VPS provider or even do this on your own hardware. Linode is the sponsor of the companion video attached to this article and if you use our link, you can get a $100 60-day credit. Below will be the full video and all the steps and commands needed.
Note: this article is a work in progress. Images coming soon.
VPN and Domain
First, setup your VPN. With Linode all you need to do is create a new Linode, select your distro, for this I use Ubuntu 22.04, and pick your region and plan. For the plan you can start with the $5/month plan as you can upgrade as needed. Pick a strong root password and if you'd like setup your SSH key for added security.
For my demo, I used Linodes domain manager. You can setup your domain using A records with your IP address. All I did was point the root '@' to the Linode IP. For more information on domain check the links below.
Initial Setup
After creating our Linode you can login via SSH on your local terminal application of choice. You will have the command on your dashboard. Once you sign in the very first thing you show do is update your server.
apt update && apt upgrade -yNext, lets change our host files to match with the domain we will be hosting.
nano /etc/hostnameChange the value 'localhost' to 'example.com' replacing example with your domain.
nano /etc/hostsAdd a new line under the local host line and match it with the image below.
Now, lets create a limited sudo user. You can make the username anything you'd like just replace 'brandon' with your username of preference. When you input the first command it will ask you for your name and other information. You can press enter to skip or fill out the information. Then we will add the user to the sudo group and switch to that user.
adduser brandonadduser brandon sudosu brandonThe steps below to disable root login are optional, but a recommended step for security.
Open the file sshd_config located in the /etc/ssh directory using nano or your favorite text editor.
sudo nano /etc/ssh/sshd_configChange the value of the key PermitRootLogin from yes to no
Save and close the file.
Next, you will restart the sshd daemon to read the configuration after the modifications you just made.
Use the following command to restart the daemon:
sudo systemctl restart sshdNow, it is recommended we reboot our server as some update will need you to and this will update the host files.
Install and Configure Apache
Now we get to install Apache and set up our very first website. Log back into your server via ssh this time using the username instead of root. Then type the command below to install the needed packages then check to see if it is running.
sudo apt install apache2 apache2-docs apache2-utilssystemctl status apache2At this point you can see if it is working on a web browser and check to see if the domain has fully proergated over if you changed any nameservers. Simply copy/paste your IP into the address bar of the web browser and you should see the Apache2 Default Page. Use the commands below to disable the dault website as we will be creating out own directories and configuration later.
sudo a2dissite 000-default.confsudo systemctl reload apache2Firewall Configuration
Now, we need to enable and allow some application with our firewall. The default firewall application in Ubuntu makes this really easy to do. To see a list of application just run the command below.
sudo ufw app listThe applications we will be allowing is Apache Full and OpenSSH
sudo ufw allow 'Apache Full'sudo ufw allow OpenSSHFrom here let's enable our firewall and check the status.
sudo ufw enablesudo ufw statusCreating Website
Creating directories for our website is easy and it will be done in the default /var/www/html directory. With the commands below replace 'example.com' with the domain you'll be using.
cd /var/www/htmlsudo mkdir example.comcd example.comsudo mkdir public_htmlsudo mkdir logssudo mkdir backupsWith our directories created we are going to go back to the location of the site configurations and create a new one for our website.
cd /etc/apache2/sites-availablesudo nano example.com.confWithin this configuration you'll want to copy/paste the configuration below. Replacing all the everything to match your setup.
<VirtualHost *:80>
ServerAdmin webmaster@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/html/example.com/public_html/
ErrorLog /var/www/html/example.com/logs/error.log
CustomLog /var/www/html/example.com/logs/access.log combined
</VirtualHost>Now, we run a few commands to enable our new configuration.
sudo a2ensite example.comsystemctl reload apache2Now, if you travel to your website, you should see the standard 'Index of /' page meaning so far, we have been successful! From here you can create an index.html file to confirm for sure. See example in video of how to do this.
Installing SSL Certification
An SSL certificate is a digital certificate that authenticates a website's identity and enables an encrypted connection. SSL stands for Secure Sockets Layer, a security protocol that creates an encrypted link between a web server and a web browser. In the modern web it is basic required. To install a SSL certificate make sure your domain is properly linked to your new Apache server and follow the steps below.
sudo apt install certbot python3-certbot-apachesudo certbot --apache -d example.comWhen you run the command above it will prompt you for more information. Read all the prompts and fill out any information as needed. You'll get a message if it was successful and now you can visit your new website with https.
Comments ()