Table of contents
- 1. How to start/stop the Apache server?
- 2. How to configure the Apache server?
- 3. How to configure your web application?
- 4. How to change the apache port?
- 5. How to publish my web page?
- 6. How to create a password to protect access to apache?
- 7. How to enable SSL to access through https?
- 8. How to create a SSL certificate?
- 9. How to force the HTTPS access?
- 10. How to confgure multiple SSL domains on the same IP address?
- 11. How to change the URL?
- 12. How to create a Virtual Host?
- 13. How to debug errors?
- 14. How to protect your application with a password?
- 15. How to add mod_xsendfile module in Apache?
- 1. How to start/stop the Apache server?
- 2. How to configure the Apache server?
- 3. How to configure your web application?
- 4. How to change the apache port?
- 5. How to publish my web page?
- 6. How to create a password to protect access to apache?
- 7. How to enable SSL to access through https?
- 8. How to create a SSL certificate?
- 9. How to force the HTTPS access?
- 10. How to confgure multiple SSL domains on the same IP address?
- 11. How to change the URL?
- 12. How to create a Virtual Host?
- 13. How to debug errors?
- 14. How to protect your application with a password?
- 15. How to add mod_xsendfile module in Apache?
How to start/stop the Apache server?
The Stacks include a graphical tool to manage the servers easily. You can find the "manager-windows.exe", "manager-osx" or "manager-linux" tool in your installation directory. Using this tool, you can Start, Stop or Restart the servers and check the log files. You can click on the icon to start it.
On Windows: You can also start the Manager tool from shortcuts: Start -> Program Files -> BitNami Stack -> Manager tool
If you prefer, you can use the "ctlscript.sh" utility from the command line. This script is in the installation directory.
On OS X: You can start the Manager tool from the installation directory or you can use the "ctlscript.sh" utility from a Terminal.
host:~ user$ cd /Applications/application-version host:~ user$ ./ctlscript.sh start
On Linux:
$ cd ~/applicaton-version $ ./ctlscript.sh start
How to configure the Apache server?
The main Apache configuration file is called httpd.conf and it is located at:
BitNami Installers
/installdir/apache2/conf/httpd.conf
BitNami Cloud Hosting and Virtual Machines
Ubuntu: /opt/bitnami/apache2/conf/httpd.conf
Amazon Linux / Red Hat Enterprise: /etc/httpd/conf/httpd.conf
Once Apache starts, it will create two log files, the access_log and the error_log /installdir/apache2/logs directory or in /var/log/httpd if you are using Amazon Linux or Red Hat Enterprise.
The access_log file is used to track client requests. When a client requests a document from the server, Apache records several parameters associated with the request in this file, such as: the IP address of the client, the document requested, the HTTP status code, and the current time.
The error_log file is used to record important events. This file includes error messages, startup messages, and any other significant events in the life cycle of the server. This is the first place to look when you run into a problem when using Apache.
If no error is found, you will see a message similar to:
Syntax OK /installdir/ctlscript.sh : httpd started
How to configure your web application?
All the BitNami applications add their own Apache configuration into the /installdir/apps/myapp/conf/myapp.conf file. This file usually have the following configuration for PHP-based applications (it could be different depending on the application):
Alias /myapp/ "/installdir/apps/myapp/htdocs/" Alias /myapp "/installdir/apps/myapp/htdocs" <Directory /installdir/apps/myapp/htdocs> Options +FollowSymLinks AllowOverride None <IfVersion < 2.3 > Order allow,deny Allow from all </IfVersion> <IfVersion >= 2.3> Require all granted </IfVersion> </Directory> Include /installdir/apps/myapp/conf/htaccess.conf
For security and performance reasons, it is advisable to not set "AllowOverride All" to anything other than "None". You can check the Apache note about this. BitNami applications have moved the configuration into the application ".htaccess" files to the "/installdir/apps/myapp/conf/htaccess.conf" file. You can find more info here.
How to change the apache port?
With the default configuration, Apache will wait for requests in the port 8080. You can change that by editing the httpd.conf file and modifiying the value specified in the Port directive. On Linux and OS X platforms you should install the Stack as root user to select a port number under 1024.
Listen 8080
Then it is necessary to restart the Apache server.
How to publish my web page?
If you already have a web page and you want to serve its content with Apache, you can do so simply by copying your files to the default document root directory: /installdir/apache2/htdocs/.
How to create a password to protect access to apache?
You can protect your application with a simple authentication method, using the mod_auth authentication module from Apache.
On Linux and OS X: Open the console that you can find in the installation directory and type the following.
$ cd your_installation_directory $ apache2/bin/htpasswd -cb apache2/users new_user new_password
On Windows: Open a console from the Start Menu shortcuts and type the following commands:
> cd your_installation_directory > apache2\bin\htpasswd -cb apache2\users new_user new_password
Then it is necessary to specify the following in the Apache configuration file. BitNami applications have their own configuration file that you can find at "installdir/apps/app_name/conf/app_name.conf".
Alias /my_application "/installdir/apps/my_application/htdocs" <Directory "/installdir/apps/my_application/htdocs"> AuthType Basic AuthName MyAuthName AuthUserFile "/installdir/apache2/users" Require valid-user <IfVersion < 2.3 > Order allow,deny Allow from all Satisfy all </IfVersion> <IfVersion >= 2.3> Require all granted </IfVersion> ErrorDocument 403 "Authentication error" </Directory>
How to enable SSL to access through https?
First, you need to have the SSL certificate and the SSL certificate key already in place. You can generate them on your own as explained in the next section or get them from one of many commercial cetrtificate authorities.
Check if you have the certificate file located at "/installdir/apache2/conf/server.crt" and the certificate key file at "/installdir/apache2/conf/server.key".
To enable SSL, you should uncomment the following line in the /installdir/apache2/conf/httpd.conf file:
LoadModule ssl_module modules/mod_ssl.so ... Include conf/extra/httpd-ssl.conf
Check that the HTTPS port is 443, or 8443 if you do not have permission to enable this port, in the /installdir/apache2/conf/extra/httpd-ssl.conf file:
Listen 443
Then restart the Apache server and try to access at "https://localhost:443".
Check that you have the certificate file at "/opt/bitnami/apache2/conf/server.crt" and the certificate key file at "/opt/bitnami/apache2/conf/server.key".
To enable SSL you should uncomment the following line in the /opt/bitnami/apache2/httpd.conf file:
LoadModule ssl_module modules/mod_ssl.so ... Include conf/extra/httpd-ssl.conf
Check that the HTTPS port is 443, or 8443 if you do not have permission to enable this port, in the /opt/bitnami/apache2/conf/extra/httpd-ssl.conf file:
Listen 443
Then restart the Apache server and try to access at "https://localhost:443".
Upload your certificate to the "/opt/bitnami/apache2/conf/server.crt" location and the certificate key file to "/opt/bitnami/apache2/conf/server.key". Server key may be already in the server if you followed the steps to create a certificate.
To enable SSL, you should uncomment the following line in the /opt/bitnami/apache2/httpd.conf file:
Include conf/extra/httpd-ssl.conf
It may happen, that your certificate authority will provide you with the file of PEM-encoded Server CA Certificates. If it is the case, you will need to place this file in /opt/bitnami/apache2/conf/server-ca.crt, and then edit the /opt/bitnami/apache2/conf/extra/httpd-ssl.conf file to uncomment the following line:
SSLCertificateChainFile "/opt/bitnami/apache2/conf/server-ca.crt"
Then restart the Apache server and try to access at "https://xyz.bitnamiapp.com".
$ sudo /opt/bitnami/ctlscript.sh restart apache
Note: You can find more info about how to upload and edit files in this page.
Once you have copied all the server certificate files, you may make them readable by root user only with the following commands:
$ sudo chown root:root /opt/bitnami/apache2/conf/server* $ sudo chmod 600 /opt/bitnami/apache2/conf/server*
Upload your certificate to the "/opt/bitnami/apache2/conf/server.crt" location and the certificate key file to "/opt/bitnami/apache2/conf/server.key". Server key may be already in the server if you followed the steps to create a certificate.
Edit the options "SSLCertificateFile" and "SSLCertificateKeyFile" in /etc/httpd/conf.d/ssl.conf so they point to your certificate files:
SSLCertificateFile /opt/bitnami/apache2/conf/server.crt
SSLCertificateKeyFile /opt/bitnami/apache2/conf/server.key
It may happen, that your certificate authority will provide you with the file of PEM-encoded Server CA Certificates. If it is the case, you will need to place this file in /opt/bitnami/apache2/conf/server-ca.crt, and then uncomment and configure the option SSLCertificateChainFile in /etc/httpd/conf.d/ssl.conf:
SSLCertificateChainFile "/opt/bitnami/apache2/conf/server-ca.crt"
Then restart the Apache server and try to access at "https://xyz.bitnamiapp.com".
$ sudo /opt/bitnami/ctlscript.sh restart apache
Note: You can find more info about how to upload and edit files in this page.
Once you have copied all the server certificate files, you may make them readable by root user only with the following commands:
$ sudo chown root:root /opt/bitnami/apache2/conf/server* $ sudo chmod 600 /opt/bitnami/apache2/conf/server*
<VirtualHost _default_:443> # General setup for the virtual host DocumentRoot "/opt/bitnami/apps/wordpress/htdocs" ServerName www.example.com:443
How to create a SSL certificate?
You can create your own SSL certificate with the OpenSSL binary. A certificate request can then be sent to a certificate authority to get it signed into a certificate, or if you have your own certificate authority, you may sign it yourself, or if you need a self-signed certificate (because you just want a test certificate or because you are setting up your own CA).
First create your private key:
$ /installdir/common/bin/openssl genrsa -out /installdir/apache2/conf/server.key 1024
The certificate request is created like this:
$ /installdir/common/bin/openssl req -new -key /installdir/apache2/conf/server.key -out /installdir/apache2/conf/cert.csr
Note: You should enter the server domain when the above command asks for the "Common Name"
Now, cert.csr can be sent to the certificate authority. When the certificate authority has then done the checks they need to do (and probably gotten payment from you), they will hand over your new certificate to you.
If you want to create a certificate for testing purposes, you can create a self-signed certificate:
$ /installdir/common/bin/openssl x509 -in /installdir/apache2/conf/cert.csr -out /installdir/apache2/conf/server.crt -req -signkey /installdir/apache2/conf/server.key -days 365
$ /installdir/common/bin/openssl rsa -des3 -in /installdir/apache2/conf/server.key -out privkey.pem
First create your private key:
$ sudo /opt/bitnami/common/bin/openssl genrsa -out /opt/bitnami/apache2/conf/server.key 1024
The certificate request is created like this:
$ sudo /opt/bitnami/common/bin/openssl req -new -key /opt/bitnami/apache2/conf/server.key -out /opt/bitnami/apache2/conf/cert.csr
Note: You should enter the server domain when the above command asks for the "Common Name"
Now, cert.csr can be sent to the certificate authority. When the certificate authority has then done the checks they need to do (and probably gotten payment from you), they will hand over your new certificate to you.
If you want to create a certificate for testing purposes, you can create a self-signed certificate:
$ sudo /opt/bitnami/common/bin/openssl x509 -in /opt/bitnami/apache2/conf/cert.csr -out /opt/bitnami/apache2/conf/server.crt -req -signkey /opt/bitnami/apache2/conf/server.key -days 365
$ sudo /opt/bitnami/common/bin/openssl rsa -des3 -in /opt/bitnami/apache2/conf/server.key -out privkey.pem
Note: If you are using Amazon Linux or RedHat Enterprise you should replace "/opt/bitnami/common/bin/openssl" with "openssl" in the commands above.
You can find more info about certificates at http://www.openssl.org.
How to force the HTTPS access?
It depends on your current Apache configuration but in most cases it should be enough to add the following lines at the end of the httpd.conf file:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
Then restart the Apache web server.
How to confgure multiple SSL domains on the same IP address?
There is an extension to the SSL protocol called "Server Name Indication". It allows you to use only one IP address for several SSL-protected sites. The only drawback is that some older web browsers do not support it. The example Apache configuration is shown below:
NameVirtualHost *:80 <VirtualHost *:80> ServerName my-wordpress.example.com DocumentRoot "/opt/bitnami/apps/wordpress/htdocs" </VirtualHost> <VirtualHost *:80> ServerName my-sugarcrm.example.com DocumentRoot "/opt/bitnami/apps/sugarcrm/htdocs" </VirtualHost> Listen 443 NameVirtualHost *:443 <VirtualHost *:443> SSLEngine on DocumentRoot "/opt/bitnami/apps/wordpress/htdocs" ServerName my-wordpress.example.com SSLCertificateFile "/opt/bitnami/apache2/conf/my-wordpress.crt" SSLCertificateKeyFile "/opt/bitnami/apache2/conf/my-wordpress.key" </VIrtualHost> <VirtualHost *:443> SSLEngine on DocumentRoot "/opt/bitnami/apps/sugarcrm/htdocs" ServerName my-sugarcrm.example.com SSLCertificateFile "/opt/bitnami/apache2/conf/my-sugarcrm.crt" SSLCertificateKeyFile "/opt/bitnami/apache2/conf/my-sugarcrm.key" </VIrtualHost>
You can learn more at the following pages:
How to change the URL?
1) An easy approach to have your application in the root URL is to uncomment the following lines in your application configuration file /installdir/apps/your_application/conf/your_application.conf. This approach only changes the initial page of your application, not the internal urls, all the links point to "http://yourdomain/your_application". If you do not see these lines you can add them at the end of the file. Note that "your_application" could be wordpress, joomla, drupal, etc.
# Uncomment the following lines to see your application in the root # of your URL. This is not compatible with more than one application. RewriteEngine On RewriteRule ^/$ /your_application/ [PT]
Using this configuration and restarting the Apache server you can see your initial page of your application in the root URL.
2) Another option is to configure your application to run in the root URL directly. The details are described below (if you have already configured the application using the first method, note that you have to revert the change before continuing with this approach).
If you want to change the default URL from http://your_domain/your_application to http://your_domain, you should add a "DocumentRoot" entry in your application conf file. Edit the /installdir/apps/your_application/conf/your_application.conf file to add this line and commenting the "Alias" entries.
your_application.conf file content:
DocumentRoot "/installdir/apps/your_application/htdocs" # Alias /your_application/ "/installdir/apps/your_application/htdocs/" # Alias /your_application "/installdir/apps/your_application/htdocs" (..)
Some applications also require changes in their configuration files or in the database.
If you want to change the default URL from http://your_domain/your_application to http://your_domain, you should add a "DocumentRoot" entry in your application conf file. Edit the /opt/bitnami/apps/your_application/conf/your_application.conf file to add this line and commenting the "Alias" entries. You can use the "nano" editor:
$ sudo nano /opt/bitnami/apps/your_application/conf/your_application.conf
your_application.conf file content:
DocumentRoot "/opt/bitnami/apps/your_application/htdocs" # Alias /your_application/ "/installdir/apps/your_application/htdocs/" # Alias /your_application "/installdir/apps/your_application/htdocs" (...)
Some applications also require changes in their configuration files or in the database.
If you want to change the default URL from http://your_domain/your_application to http://your_domain, you should add a "DocumentRoot" entry in your application conf file. Edit the /opt/bitnami/apps/your_application/conf/your_application.conf file to add this line and commenting the "Alias" entries. You can use the "nano" command line editor or you can also edit this file from your favorite FTP program.
$ sudo nano /opt/bitnami/apps/your_application/conf/your_application.conf
your_application.conf file content:
DocumentRoot "/opt/bitnami/apps/your_application/htdocs" # Alias /your_application/ "/installdir/apps/your_application/htdocs/" # Alias /your_application "/installdir/apps/your_application/htdocs" (...)
Some applications also require changes in their configuration files or in the database.
How to create a Virtual Host?
You can configure the URL for the applications using Virtual Hosts. You can access using "your_domain.com" or "example.your_domain.com" instead of "your_domain.com/application". In this example we are going to configure Wordpress to be accessible from "your_domain.com" and SugarCRM from "crm.your_domain.com"
1. Modify the lines below in the httpd.conf file:
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
#Deny from all
Allow from all
</Directory>
...
#Include "/installdir/apps/wordpress/conf/wordpress.conf"
Include "/installdir/apps/sugarcrm/conf/sugarcrm.conf"
Include "/installdir/apps/virtualhost.conf"
2. Write the following file "/installdir/apps/virtualhost.conf"
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin xx
DocumentRoot "/installdir/apps/wordpress/htdocs"
ServerName your_domain.com
ServerAlias www.your_domain.com
ErrorLog "logs/wordpress-error_log"
CustomLog "logs/wordpress-access_log" common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin xx
Redirect permanent / http://example.com/sugarcrm
ServerName crm.your_domain.com
ServerAlias www.crm.your_domain.com
ErrorLog "logs/sugar-error_log"
CustomLog "logs/sugar-access_log" common
</VirtualHost>
3. Update the URL if it is necessary. In the Wordpress case is necessary to run the following command to update the Wordpress database:
$ sudo /installdir/mysql/bin/mysql -u root -p -e "use bitnami_wordpress; update wp_options set option_value='http://your_domain.com' where option_name='siteurl' or option_name='home'"
4. Restart the Apache server:
$ sudo /installdir/ctlscript.sh restart apache
How to debug errors?
Once Apache starts, it will create two log files, the access_log and the error_log /installdir/apache2/logs directory. You can change these files to see the exact error in the application.
How to protect your application with a password?
To request a username and a password when accessing your application, follow these steps:
1. Run the htpasswd utility
$ sudo /installdir/apache2/bin/htpasswd -c /installdir/apache2/yourapplicationname_users username
AuthType Basic AuthName yourapplication AuthUserFile "/installdir/apache2/yourapplicationname_users" Require valid-user
3. Restart the Apache server:
$ sudo /installdir/ctlscript.sh restart apache
$ sudo /installdir/apache2/bin/htpasswd /installdir/apache2/yourapplicationname_users username
How to add mod_xsendfile module in Apache?
Since BitNami LAMP/MAMP/WAMP version 5.4.13-2, the mod_xsendfile module is already installed. To enable this module you only have to add the following line in the Apache httpd.conf file:
LoadModule xsendfile_module modules/mod_xsendfile.so
If you are using a previous version, it is easy to install this module on top of your existing Apache. It is necessary to have already installed the compilation tools. If you are using a BitNami Virtual Machine or Cloud Image you already have all the required components.
- Download latest version:
wget https://tn123.org/mod_xsendfile/mod_xsendfile-0.12.tar.gz
- Extract the content and install the module
$ tar -xzvf mod_xsendfile-0.12.tar.gz $ cd mod_xsendfile-0.12 $ sudo /opt/bitnami/apache2/bin/apxs -aci mod_xsendfile.c
If everything goes well, you can see the module at "/opt/bitnami/apache2/modules/mod_xsendfile.so". Check the mod_xsenfile configuration page to know how to configure this module for your application.
Comments