How to Install and Secure Apache on a RockyLinux 9 VPS

Apache is a powerful, flexible, and widely-used web server. In this guide, we’ll walk you through the steps to install and secure Apache on a RockyLinux 9 VPS. By the end of this tutorial, your server will be ready to handle HTTP requests securely.

Step 1: Update Your System

Before installing any new software, it’s important to update your system to ensure all packages are up to date. Open your terminal and run:

sudo dnf update

Step 2: Install Apache

Once your system is updated, you can proceed to install Apache. Execute the following command:

sudo dnf install httpd

After the installation is complete, start the Apache service and enable it to run at startup:

sudo systemctl start httpd
sudo systemctl enable httpd

Step 3: Adjust Firewall Settings

To allow web traffic to your Apache server, you’ll need to adjust your firewall settings. Run the following commands to allow HTTP and HTTPS traffic:

sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload

Step 4: Set Up Hostname

Configure the hostname for your server. Edit the hostname file:

sudo nano /etc/hostname

Replace the existing hostname with your desired hostname, then save and exit the editor.

Edit the hosts file to associate the hostname with your server’s IP address:

sudo nano /etc/hosts

Add an entry at the end of the file:

your_server_ip   your_hostname

Save and exit the editor.

Step 5: Configure First Domain

To serve content for your domain, create a directory under Apache’s document root:

sudo mkdir /var/www/html/your_domain

Create a sample index.html file:

sudo nano /var/www/html/your_domain/index.html

Add some content to test:

<html>
<head><title>Welcome to Your Domain</title></head>
<body>
<h1>Success! Your Apache server is running on Your Domain.</h1>
</body>
</html>

Save and exit the editor.

Step 6: Secure Apache with Let’s Encrypt SSL

Securing your Apache server with SSL encryption is crucial for protecting data transmitted between the server and clients. We’ll use Let’s Encrypt to obtain a free SSL certificate. First, install the Certbot tool:

sudo dnf install certbot python3-certbot-apache

Next, obtain and install the SSL certificate:

sudo certbot --apache

Follow the prompts to select the domain and configure the SSL certificate. Certbot will automatically update your Apache configuration to use HTTPS.

Step 7: Test Apache Configuration

After securing Apache, it’s important to test the configuration to ensure everything is set up correctly. Run the following command:

sudo apachectl configtest

If the syntax is OK, restart Apache to apply the changes:

sudo systemctl restart httpd

Conclusion

Congratulations! You’ve successfully installed and secured Apache on your RockyLinux 9 VPS, set up hostname, configured your first domain, and enabled SSL with Let’s Encrypt. Your server is now ready to handle web traffic securely. For more advanced configurations and optimizations, refer to the official Apache documentation.