[ HOME | REFERENCE | FreeBSD | MySQL | PostgreSQL | Apache | qmail | PHP | Pure-FTPd ]


Apache, the most popular web server out there today. These notes will install Apache with SSL support. Again, these notes are to get the server up and running quickly. PHP5 will not be installed in the Apache NOTES. It has its own NOTES since there is a program that needs to be compiled with PHP5 that will first require qmail. That program is called courier-imap.

If you are not planning to install qmail, go to the PHP section after finished with these NOTES.

These NOTES were done with Apache 2.2.9.


  1. ports & rc configuration
  2. ssl
  3. default website
  4. virtual hosts
  5. logging
  6. start apache
  7. backup
  8. references

i. ports & rc configuration

Install apache22, cronolog, webalizer, from the ports collection. As root

# (cd /usr/ports/www/apache22 && make install clean)
# (cd /usr/ports/www/webalizer && make install clean)
# (cd /usr/ports/sysutils/cronolog && make install clean)

Note: Remember to update your ports collection before you installing anything. That way you have the lateset ports installed.

After installing from ports, go ahead and create a symlink for easier access to httpd.conf.

# ln -s /usr/local/etc/apache22/httpd.conf /etc/httpd.conf

Be sure to read through httpd.conf after you created the link.

# ee /etc/httpd.conf

There is a lot of information through here you do not want to miss out. I'm not going to go through each of the lines of httpd.conf and explain what they do. There are a lot of documentation on Apache.

But for the sake quick configuration:

Note: Again, do not do this blindly, read the documentation and the comments on each option. Line numbers are based on the vanilla ports installation of Apache 2 without PHP. Line number will change when you go through the PHP NOTES installation.

Edit /etc/rc.conf to enable Apache at startup

# echo 'apache22_enable="YES"' >> /etc/rc.conf
# echo 'apache22ssl_enable="YES"' >> /etc/rc.conf

ii. ssl

Next, create the directories and a self-signed certification for SSL

# mkdir -m 700 /usr/local/etc/apache22/ssl.crt
# mkdir -m 700 /usr/local/etc/apache22/ssl.csr
# mkdir -m 700 /usr/local/etc/apache22/ssl.key

Create a self-signed SSL certificate for testing.

# cd ~
# openssl req -new -x509 -nodes -out server.crt -keyout server.key

When it asks for Common Name put the hostname (fully qualified domain name) of your computer.

# cp server.crt /usr/local/etc/apache22/ssl.crt/server.crt
# cp server.key /usr/local/etc/apache22/ssl.key/server.key
# chmod 400 /usr/local/etc/apache22/ssl.crt/server.crt
# chmod 400 /usr/local/etc/apache22/ssl.key/server.key

Note: Read Apache's SSL page for more information on SSL and how to create a real SSL certificate for production purposes.

iii. default website

It's best to create a directory for your default website.

# mkdir -p /usr/data/www/

Note: I normally give the name of my default website directory the same name as my machine's host.

Change the default directories by modifying changing a few symbolic links in /usr/local/www/apache22.

# cd /usr/local/www/apache22
# mv data data-dist
# rm -rf cgi-bin
# mkdir /usr/data/www/
# ln -s /usr/data/www/ data
# ln -s /usr/data/www/ cgi-bin

You don't really need to change the default websites (the main website) in httpd.conf since now it's properly linked.

For testing the website, you might want to copy over the contents of data-dist to your actual default website directory. This isn't needed, but if you want to do it

# cp -R data-dist/ /usr/data/www/

Now when you start web server, at least when someone browses to it, there will be something.

iv. virtual hosts

I normally create directories for virtualhosts under /usr/data/www and name them after the virtual host. For example

# mkdir /usr/data/www/

Note: is just an example of a virtual host name.

Create a new folder in /usr/local/etc/apache22 called vhosts

# mkdir /usr/local/etc/apache22/vhosts

Add an include to include all virtual host's *.conf files to your httpd.conf

# echo "Include etc/apache22/vhosts/*.conf" >> /usr/local/etc/apache22/httpd.conf

Now you can create any number of virtual host *.conf files the vhosts directory to keep your virtual host sites organized.

Using the example in this section, this is a simple way to assemble your virtual host.

<VirtualHost *>
DocumentRoot /usr/data/www/
ServerAlias *

<VirtualHost *>
DocumentRoot /usr/data/www/
ServerAlias *

What's the first VirtualHost directive for? I noticed once you enable virtual hosts by uncommenting line 1122, the default website doesn't get reached. So I normally add it as the first virtuall host.

The ServerAlias can be other names for your virtual host. The mask character of * means anything will be pointed to that server. Pretty nifty if you ask me.

You can also read /usr/local/etc/apache22/extra/httpd-vhosts.conf for more examples on how to setup a virtual host.

v. logging

On a busy server, log files have the tendecy to get big. It's good to rotate them and save them for analyzing. I won't go through the merits of logging, so let's continue.

I use cronolog to aid Apache in logging.

Create a new directory under /usr/data to keep all your Apache log files and give access to www:www only!

# mkdir -p /usr/data/logs/apache/
# chown -R www:www /usr/data/logs/apache

Edit httpd.conf so cronolog will help handle your log files. Information about logging starts around line 226 or so. First edit how to handle logs for the default website along with any virtual website you don't specify for logs in the VirtualHost directive.

Note: In case you make an error, don't replace the original lines above, instead go ahead and comment it out and add the lines above below the original line.

Remember, that's for the default website, now you want to change your logging for your virtual hosts. Create a directory and remember to give access to www:www.

# mkdir /usr/data/logs/apache/
# chown -R www:www /usr/data/logs/apache/

Then in httpd.conf, go down to the virtual host section and add the LogFormat and CustomLog for your virtual host.

<VirtualHost *>
DocumentRoot /usr/data/www/
ServerAlias *

<VirtualHost *>
DocumentRoot /usr/data/www/
ServerAlias *
LogFormat "%v %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinevhost
CustomLog "|/usr/local/sbin/cronolog /usr/data/logs/apache/" combinevhost

Note: In case of page wrapping, it should always be on one line.

Do this for all your virtual hosts, but don't do it for the default host with the VirtualHost directive.

vi. start apache

You may want to check your httpd.conf for any errors before starting apache.

# apachectl configtest

If it's okay, then it's ready to start. Now, if you're going to continue NOTES, then install and configure qmail and PHP before starting Apache. There's no reason to right now. Otherwise, when starting Apache, use this command

# /usr/local/etc/rc.d/ start

That's it! Your web server should be running!

vii. backup


viii. references


$NOTES: /apache/, v.0.24 2010/12/11 13:44:34 PST /19709/ NkM$
Maintainer: Neafevoc K. Marindale