
How to setup the Apache Web Server Lab. We are using 3 VMs for this lab.
How to setup master system.
How to verify whether the master system is as per our requirements or not.
How to setup c10 system.
How to verify whether the c10 system is as per our requirements or not.
How to setup c20 system.
How to verify whether the c20 system is as per our requirements or not.
Check connectivity between different VMs.
Check connectivity between different VMs Demo.
Launch a single website with the Apache web server, configure the document root and /www/html index.html, and back up /etc/httpd/conf/httpd.conf before testing with elinks or curl at 172.24.0.1.
Verify or install the apache httpd package, set up the web root at /var/www/html, create index.html with a welcome message, and back up /etc/httpd/conf/httpd.conf as httpd.conf.bak for the lamp stack.
Create a default apache home page in /var/www/html with index.html containing 'Welcome to test web page', then back up /etc/httpd/conf/httpd.conf to httpd.conf.bak.
Edit the apache httpd.config to set the servername to 172.24.0.1 so the web server listens on that ip. Use vi or nano and grep to verify the servername line.
Learn to configure Apache by editing /etc/httpd/conf/httpd.conf to add the ServerName directive, set it to 172.24.0.1, save with vi, and verify the change using grep.
Start the Apache web server using systemctl start httpd, enable it permanently with systemctl enable httpd, and verify status with systemctl status httpd before testing.
Test web connectivity from the C10 system using text-based browsers elinks, lynx, and curl to access test page on port 80 served by Apache, confirming the web server is running.
Test web connectivity from the C20 by using elinks, lynx, and curl to access http://172.24.0.1 on port 80, confirming the web server is working.
Discover why index.html is used as the default page by the DirectoryIndex directive in httpd.config, and how to adjust the first file name.
Rename index.html to i.html and test how Apache serves the default page via DirectoryIndex; if index.html is missing, Apache shows the noindex page, verified with elinks.
Explore how Apache serves a default welcome page when index.html is missing, tracing the /var/www/html and /etc/httpd directories and the welcome.conf rules, including the noindex index at /usr/share/httpd/noindex/index.html.
Explore how Apache serves the default welcome page when no index.html exists, locate the welcome file at /usr/share/httpd/noindex/index.html, and customize the page.
Change the DirectoryIndex to include index.html and i.html so i.html is served first, then edit /etc/httpd/conf/httpd.conf, use service httpd configtest to verify syntax, and reload the server to avoid downtime.
Change the DirectoryIndex in /etc/httpd/conf/httpd.conf to i.html, save with vi, test syntax with httpd configtest, reload httpd, and verify i.html is served as the index from /var/www/html.
Understand how the DocumentRoot directs where website data is stored, with /var/www/html as the default in httpd.conf; learn how to change it if needed.
Discover how the Apache listen directive sets the default port to 80, change it to 90, test the config, and access the site by specifying the port.
Change the Apache listen port from 80 to 90 by editing the configuration file, testing syntax, and reloading, then access the site using the correct port in the URL.
Reverting Apache to its original settings, restore listen 80, remove servername and directoryindex changes, delete the i.html file, test syntax, and reload the server to prepare for virtual hosting.
Explore name based virtual hosting on a single IP with Apache, creating three sites on one server using separate directories under /var/www/html and testing with domain names.
Map www.example1.com, www.example2.com, and www.example3.com to 172.24.0.1 in the host file to enable name-based virtual hosting and simulate dns for Apache web server.
Edit the hosts file on Master, C10, and C20 to map www.example1.com, example2.com, and example3.com to 172.24.0.1 for apache web server testing.
Create home pages for three websites by making /var/www/html directories and adding index.html files with welcome messages for example1, example2, and example3, then verify with tree and configure httpd.conf.
Create three website home pages in the Apache web root by making directories example1, example2, and example3, each with an index.html welcoming users, and verify the structure with tree.
Configure the Apache httpd.conf file to set up three virtual hosts on 172.24.0.1, specifying server names and document roots for example1, example2, and example3.
Edit the httpd.conf to configure virtual hosts on 172.24.0.1 by adding NameVirtualHost and VirtualHost blocks with ServerName and DocumentRoot for www.example1.com, www.example2.com, and www.example3.com, then save and verify with tail.
Test the Apache configuration syntax with configtest and httpd -t, reload the httpd service, and verify name-based virtual hosting after confirming the syntax is okay.
Test name-based virtual hosting from the master system by accessing www.example1.com, www.example2.com, and example3 to verify distinct sites render correctly.
Test name-based virtual hosting from C10 and C20 clients using elinks to verify host file entries for www.example1.com, example2.com, and example3.com and observe which site appears when accessing 172.24.0.1.
Test name based virtual hosting from clients C10 and C20 by loading example1, example2, and example3 with elinks and verifying IP and name resolution in httpd.
Explore IP based virtual hosting with Apache by launching three sites on three IP addresses, configuring host entries, and accessing them via curl, elinks, or lynx.
Configure ip-based virtual hosting by adding three IP addresses to the network interface, update ifcfg-ens33 with IPADDR1, IPADDR2, IPADDR3 (172.24.0.1–0.3) and prefix 16, then restart and verify.
Add multiple ip addresses to the system by editing /etc/sysconfig/network-scripts/ifcfg-ens33, configuring ipaddr1 through ipaddr3, restarting the network, and verifying with ip a s to enable three websites.
Update the host files on the master DNS server and on C10 and C20 to map www.example1.com, www.example2.com, and www.example3.com to their respective IP addresses, then verify resolution.
Create IP-based virtual hosts by organizing /var/www/html into example1, example2, example3 with index.html files, verify the structure using tree, view each welcome page, and configure httpd.conf for hosting.
Add three virtualhost entries in the apache httpd config for 172.24.0.1, 172.24.0.2, and 172.24.0.3, serving from example1, example2.com, and example3; test syntax and reload, and compare name-based versus ip-based hosting.
Edit the httpd.conf on the master system by removing NameVirtualHost, configure three ip-based virtual hosts with 172.24.0.1, 172.24.0.2, and 172.24.0.3 and their server names, then test and restart httpd.
Test ip based virtual hosting across master, c10, and c20 using elinks to access sites by ip and by name. Confirm host file mappings route requests to the correct sites.
Demonstrates IP-based virtual hosting by launching three websites on different addresses and testing access by IP and by hostnames across master, C10, and C20 using elinks.
Explore host based security in Apache with the Require directive to grant or deny access by IP, network, hostname, or domain. Learn about RequireAll, RequireAny, and RequireNone.
demonstrates host based security by configuring httpd to deny example1 from all, deny example2 from ten systems while rest of network can access, and allow example3 from everywhere, with tests.
Shows host based security in Apache by editing /etc/httpd/conf/httpd.config, adding a Directory block for /var/www/html/example1 with require rules, testing syntax, and reloading httpd.
demonstrates host-based security case 1 by validating access controls on C10 and C20, denying example1.com from all, and allowing www.example3.com from everywhere.
Configure host-based access in apache using per-directory 'Require ip' rules for example1.com, example2.com, and example3.com. Validate access from specific ip addresses and the 172.24.0.0/16 network, noting default behavior.
Follow the case 2 demo as you edit the httpd configuration, set Require ip directives for specific addresses and networks, save, reload, and test access.
Demonstrates host-based security case 2 by validating access from master, c10, and c20 to example1.com and example2, with 172.24 network access allowed and 192.168 blocked.
Configure Apache httpd.config to allow all clients with 'Require all granted' and block the specific IP '172.24.0.10' with 'Require not IP 172.24.0.10', then test, reload, and verify access.
Explore host based security in Apache with case 3 demo by editing httpd.config, applying requires all, denying access to 172.24.0.10, and validating syntax before restarting the service.
Learn how to implement Apache user authentication by creating four Apache users (Ananitika, Vipin, Nanu, Kanu), storing passwords in /etc/httpd/webpass, and testing across systems C10 and C20.
Create apache users using the httpasswd command to add four users, storing credentials in /etc/httpd/webpass with -c for the file and -m for MD5 encryption; omit -c for subsequent users.
Create apache users by running httpasswd -c -m on the master system, naming the file webpass, to add anankita, vipin, kanu, and nanu with passwords like 123456, visible in /etc/httpd/webpass.
Edit httpd.conf to enable basic authentication for example1.com by configuring AuthType, AuthName, and AuthUserFile (/etc/httpd/webpass) with Require user anankita nanu; test with service httpd configtest and reload the service.
Edit httpd.conf to set up basic authentication for example1.com, using AuthType basic, AuthName Restricted Access, and AuthUserFile /etc/httpd/webpass with users anatika and nanu; test syntax and reload.
Test authentication from system C10 using elinks to access the site, showing access for anantika and nanu and unauthorized access for vipin and kanu.
Verify authentication by using elinks to access the protected page with credentials, confirming that only Anantika and Nanu can access while Vipin is unauthorized.
Learn to control site access with a .htaccess file in /var/www/html/example1 by configuring basic authentication and users, and enable it by setting AllowOverride AuthConfig in httpd.config.
Configure basic authentication with an .htaccess file in /var/www/html/example1, setting AuthType Basic, AuthName, and AuthUserFile /etc/httpd/webpass, and requiring users, then enable AllowOverride AuthConfig in /etc/httpd/conf/httpd.conf and restart httpd.
Verify authentication by testing .htaccess in the C10 system using elinks with anantika and vipin credentials, showing access for anantika and unauthorized access for vipin.
Configure Apache web server to grant access to all users listed in /etc/httpd/webpass by setting AuthType Basic, AuthName restricted Access, and Require valid-user in the .htaccess.
Demonstrate enabling access for all users by switching to the 'require valid-user' directive in .htaccess. Test access for multiple users to verify each can access, illustrating the option's purpose.
Configure Apache group-based authentication by defining webadmin and operator groups, updating .htaccess with AuthType Basic, AuthUserFile, and AuthGroupFile, and enforcing access to webadmin members only.
Demonstrates configuring group based authentication in Apache by creating a group file, updating .htaccess with auth group settings, and verifying access control for users.
remove user authentication settings by deleting .htaccess, webpass, and group files, edit httpd.conf to remove related entries, then run configtest and reload Apache.
Enable per-user web directories by letting each linux user host a site in their home directory, demonstrated with vipin and nanu, and verified using elinks to view the server’s sites.
Enable per-user hosting by uncommenting the UserDir public_html directive in the httpd configuration under /etc/httpd, then create a public_html with an index.html and reload the server for /~user access.
Learn how to enable the userdir public_html directive in apache by editing the userdir config in the conf.d directory and reloading the http service with systemctl.
Create two linux users, vipin and nanu, using useradd and set passwords. Verify users with /etc/passwd and passwd, and launch per-user based websites from each home directory.
Log in as a nanu user, create the public_html directory and an index.html file, then set permissions to 755 to launch a per-user web directory.
Create and configure the web root by logging in as nanu, creating public_html, setting 755 permissions, and adding index.html with welcome content to demonstrate the required directory structure.
Verify access to a user website by running elinks and reviewing permission denied errors caused by host file entries, then identify settings to rectify the issue.
Learn how to adjust /home/nanu permissions from 700 to 711, giving execute permission to group and others so they can enter the directory, and verify with pwd and ls -ld.
Change the home directory permissions for the nanu user by applying chmod 711, verify the location with pwd, and confirm updated permissions for others, completing the demo.
Verify user website access with elinks to the per-user web directory. Show home page served at http://172.240.1/~nanu via domain name, enabling own websites from the home directory.
Inspect Apache log files to troubleshoot access issues by viewing /var/log/httpd/access_log and /var/log/httpd/error_log. Tail commands reveal who accessed the server and when, supporting per-user web directory setups.
Discover the apache web server's indexes and directoryindex options, including default index.html behavior, and see how directory listings appear or are restricted via httpd.config in a three-site lab.
Explore the indexes option by building a directory tree in /var/www/html/example2, creating files s1, s2, t1, t2 and directories test and soft with mkdir, touch, rm, view with tree.
Edit the httpd.config to create /var/www/html/example2/test and configure -indexes to disable directory listing for the test directory, then test syntax with service httpd configtest and reload the httpd server.
Edit the httpd.conf file with vi to add directory entries for /var/www/html/example2/test and a soft directory with options -indexes, then verify syntax with httpd configtest and restart the httpd service.
Test the indexes option by using elinks --dump to view sites with and without index.html, showing when directory listings are displayed or blocked as forbidden.
Test the apache indexes option to reveal directory structures when no index.html exists, and observe that index.html presence prevents listing, while unauthorized access may show forbidden.
Enable a redirect in the 172.24.0.1 VirtualHost by using redirect permanent to send /index.html to /new.html, after creating new.html in /var/www/html/example1 and testing with http configtest before reloading httpd.
Create new.html, add a redirect permanent from index.html to http://172.24.0.1/new.html in httpd.conf, then test the config and reload the httpd service.
Test the redirect option in Apache web server using elinks --dump to verify a permanent redirect from index.html to new.html, configured in master, at http://172.24.0.1.
Modify lab settings for the lamp stack by cleaning /var/www/html, removing virtual host configurations, and updating httpd.conf and ifcfg-ens33 to a static 172.24.0.1 with 255.255.0.0, then restart networking and verify.
Learn to set up a LAMP stack with Linux, Apache, MariaDB, and PHP by creating a dynamic index.php and a practical lab using 172.24.0.1 and www.example.com.
Create a simple index.php in the /var/www/html directory, write a short php snippet that echoes a message, and restart the httpd server to test the page.
Discover why index.php serves as the default page by the DirectoryIndex directive. See how Apache reads httpd.conf and php.conf to decide which files are delivered.
Check web connectivity and confirm PHP is running on Apache by using elinks --dump to access http://172.24.0.1 or a specific file like index.php, verifying the Hello hi page output.
Edit the /etc/hosts file to map www.example.com to 172.24.0.1, verify with elinks --dump, and apply changes on all systems to ensure the php page loads by name.
Check whether mariadb-server and mariadb client are installed using rpm -q, install if needed with yum, then start and permanently enable the mariadb server using systemctl.
Connect to the MariaDB server using MySQL, verify connectivity by listing databases, and prepare to create our own database for PHP applications.
Create a mysql database named employee and a user aanya@localhost with full privileges, flush privileges, and verify the database creation to test the lamp stack connectivity.
Connect to the employee database using the aanya user with mysql, select the database, and run show tables to confirm no tables exist for the php app to fetch data.
Create a salary table with eno as a char primary key, department as varchar(15), and salary as int, then insert a sample record and verify with show tables.
Enter six salary records into a MySQL table, run select * from salary, and fetch data with a PHP application on Linux, illustrating Apache-MySQL-PHP link in lamp stack.
Create a simple lamp stack php app by coding index.php to connect to a mysql database, fetch four salary records, and display employee number, department, and salary.
Create, save, and test a sample php application offline by saving index.php to /var/www/html, review the index.php code, and run it with a running Apache web server and database.
Test lamp stack by using elinks to fetch data from master system's http://172.24.0.1, pulling records from MariaDB via a PHP frontend on Apache, and you can use the domain www.example.com.
Test the lamp application from a client system using the c10 system, inspect httpd error_log and access_log for connection details and errors, and confirm the lamp stack operates.
Configure https on apache using httpd.config and ssl.conf. Create a self-signed certificate master.crt and a private key named master key, store in /etc/pki tls, and test with elinks or curl.
Locate and inspect the ssl.conf file in /etc/httpd/conf.d, identify the ssl certificate and key files (localhost.crt and localhost.key), and use grep to extract the SSLCertificate settings.
Verify openssl and mod_ssl with rpm, install via yum if needed, then generate a 1024-bit RSA private key with openssl genrsa and save it as master.key.
Generate a 1024-bit private key named master key with openssl genrsa in /etc/httpd/conf.d, after verifying openssl and mod_ssl are installed, and note that viewing the key is discouraged.
Create a self-signed certificate for an https server using openssl req -new, generating master.crt in x509 format with country India, state Punjab, city Chandigarh, domain www.example.com, and admin@example.com.
Create a self-signed certificate using openssl req in the master system, naming the certificate master.crt with -x509, and enter details like IN, Punjab, Chandigarh, U-Net solutions, example.com, admin@example.com.
View and verify the Apache certificate files in /etc/httpd/conf.d, inspect master.crt with cat and ls -l, and move the certificate and private key to proper locations.
Move certificate and private key into proper directories for Apache; move master.crt to /etc/pki/tls/certs and master.key to /etc/pki/tls/private, then verify with ls.
Move the certificate into /etc/pki/tls/certs and the private key into /etc/pki/tls/private, then verify with ls to ensure SSL uses these files.
Modify ssl.conf to set the ssl certificate file to master.crt and the certificate key to master.key in /etc/httpd/conf.d, edit with vi, save with :wq, restart httpd, and test https server.
Verify https access with openssl s_client to connect to www.example.com:443 and inspect certificate details, including country, state, location, organization, common name, and email, noting if it is self-signed for testing and browser verification.
Verify https access using curl and elinks by bypassing self-signed certificate warnings with curl -k and setting elinks' cert_verify to 0, allowing data retrieval.
Verify https access using elinks and curl by adjusting self-signed certificate handling on the C10 client, toggling ssl_verify in /etc/elinks.conf, and confirming with elinks --dump.
Learn to verify https access using a GUI browser, handle self-signed certificates by adding a security exception, and test with openssl s_client, curl, and elinks after configuring the server.
There are mainly 3 web servers are available. They are Apache, Nginx and IIS. But Apache is the most used web server. Apache is very important part of LAMP (Linux, Apache, Mariadb, PHP) stack. This course covers simple as well as advanced topics. Step by step details of how we have setup the lab is also given. We are using CentOS 7 for Apache Web Server Implementation. What are the packages required for implementing various concepts. How to install those packages & verify.
How to use Apache Web Server. How to make changes in Apache configuration file. What is home page. What is DocumentRoot. How to change the web server listening port. How to Launch Single Website. How to launch multiple sites on single IP Address. Named Based Virtual Hosting. IP Based Virtual Hosting. How to test web sites. How to use elinks, curl and lynx browsers. What is Host Based Security. How to block access based on IPs and Networks. What is User Authentication. How to make sure that only authenticated users are able to access the website. What is the role of .htaccess file. Per-user web directories. How to enable users to launch their own websites using home directory. How to configure other options such as Indexes, Redirect. What is LAMP Stack. How to configure LAMP Stack. How to create and use databases. Launching a simple LAMP Application. How to Launch HTTPS Web Site. How to create private key and generate self signed certificate.