How to Install and Secure Apache on a RockyLinux 9 VPS
Apache is a powerful, flexible, and widely-used web server. In this guide, we’ll walk you through the steps to install and secure Apache on a RockyLinux 9 VPS. By the end of this tutorial, your server will be ready to handle HTTP requests securely.
Step 1: Update Your System
Before installing any new software, it’s important to update your system to ensure all packages are up to date. Open your terminal and run:
sudo dnf update
Step 2: Install Apache
Once your system is updated, you can proceed to install Apache. Execute the following command:
sudo dnf install httpd
After the installation is complete, start the Apache service and enable it to run at startup:
sudo systemctl start httpd
sudo systemctl enable httpd
Step 3: Adjust Firewall Settings
To allow web traffic to your Apache server, you’ll need to adjust your firewall settings. Run the following commands to allow HTTP and HTTPS traffic:
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload
Step 4: Set Up Hostname
Configure the hostname for your server. Edit the hostname file:
sudo nano /etc/hostname
Replace the existing hostname with your desired hostname, then save and exit the editor.
Edit the hosts file to associate the hostname with your server’s IP address:
sudo nano /etc/hosts
Add an entry at the end of the file:
your_server_ip your_hostname
Save and exit the editor.
Step 5: Configure First Domain
To serve content for your domain, create a directory under Apache’s document root:
sudo mkdir /var/www/html/your_domain
Create a sample index.html file:
sudo nano /var/www/html/your_domain/index.html
Add some content to test:
<html>
<head><title>Welcome to Your Domain</title></head>
<body>
<h1>Success! Your Apache server is running on Your Domain.</h1>
</body>
</html>
Save and exit the editor.
Step 6: Secure Apache with Let’s Encrypt SSL
Securing your Apache server with SSL encryption is crucial for protecting data transmitted between the server and clients. We’ll use Let’s Encrypt to obtain a free SSL certificate. First, install the Certbot tool:
sudo dnf install certbot python3-certbot-apache
Next, obtain and install the SSL certificate:
sudo certbot --apache
Follow the prompts to select the domain and configure the SSL certificate. Certbot will automatically update your Apache configuration to use HTTPS.
Step 7: Test Apache Configuration
After securing Apache, it’s important to test the configuration to ensure everything is set up correctly. Run the following command:
sudo apachectl configtest
If the syntax is OK, restart Apache to apply the changes:
sudo systemctl restart httpd
Conclusion
Congratulations! You’ve successfully installed and secured Apache on your RockyLinux 9 VPS, set up hostname, configured your first domain, and enabled SSL with Let’s Encrypt. Your server is now ready to handle web traffic securely. For more advanced configurations and optimizations, refer to the official Apache documentation.