This guide explains how to configure virtual hosts and secure your Apache server with SSL on Ubuntu. Learn how to set up multiple websites, enable necessary Apache modules, and secure your sites with HTTPS using SSL certificates.
25 min
Edited:16-09-2024
Assuming Apache is already installed on your Ubuntu server, the next step is to configure it to host multiple websites and secure them with SSL. Apache allows you to use virtual hosts to serve multiple domains from a single server. Additionally, using SSL certificates ensures that your website traffic is encrypted and secure. This guide covers the steps for configuring virtual hosts and securing your server with SSL.
If you did not install Apache on your server, you can follow this guide:
Apache uses virtual hosts to manage multiple websites on a single server. Each website or domain can have its own directory, log files, and configuration.
For each website, you'll need to create a directory to store your website’s files. For example, for a website called example.com, create a directory under /var/www:
1. sudo mkdir -p /var/www/example.com/html
Make sure the directory is owned by your user account so you can manage files, and set appropriate permissions:
1. sudo chown -R $USER:$USER /var/www/example.com/html
2. sudo chmod -R 755 /var/www/example.com
For testing, create a simple HTML file inside the example.com directory:
1. nano /var/www/example.com/html/index.html
Add the following content which is a simple HTML page:
1. <html>
2. <head>
3. <title>Welcome to Example.com!</title>
4. </head>
5. <body>
6. <h1>Success! The example.com virtual host is working!</h1>
7. </body>
8. </html>
Next, create a virtual host file in the /etc/apache2/sites-available/ directory for example.com:
1. sudo nano /etc/apache2/sites-available/example.com.conf
Add the following configuration, which tells Apache where to find the website files and how to log requests:
1. <VirtualHost *:80>
2. ServerAdmin [email protected]
3. ServerName example.com
4. ServerAlias www.example.com
5. DocumentRoot
6. /var/www/example.com/html
7. ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog
8. ${APACHE_LOG_DIR}/access.log combined
9. </VirtualHost>
Save the file and exit, and then If you don’t want to use the default Apache welcome page, disable the default site:
1. sudo a2dissite 000-default.conf
After setting up the virtual host, run a configuration test to ensure there are no syntax errors:
1. sudo apache2ctl configtest
If the output is Syntax OK, restart Apache to apply the changes:
1. sudo systemctl restart apache2
Now, visit your domain (http://example.com) in a browser to confirm that the website is being served correctly.
Apache has several modules that add functionality. For example, mod_rewrite allows for URL rewriting, and mod_ssl enables HTTPS. To enable URL rewriting, which is often needed for SEO-friendly URLs and redirect rules, use the following command:
1. sudo a2enmod rewrite sudo systemctl restart apache2
To support HTTPS connections, enable the SSL module:
1. sudo a2enmod ssl
2. sudo systemctl restart apache2
SSL certificates encrypt data transmitted between the server and clients, making your site more secure. You can either use a self-signed SSL certificate or, preferably, obtain a free SSL certificate from Let’s Encrypt.
Certbot is the tool used to obtain and manage SSL certificates from Let’s Encrypt.
You can install it with the command:
1. sudo apt install certbot python3-certbot-apache
Use Certbot to obtain and automatically configure an SSL certificate for your domain:
1. sudo certbot --apache -d example.com -d www.example.com
This command requests an SSL certificate for both example.com and www.example.com and configures your Apache virtual host to use SSL.
Once Certbot finishes, your website will be accessible over HTTPS. You can test this by visiting:
1. https://example.com
Let’s Encrypt certificates are valid for 90 days, but Certbot can automatically renew them before they expire. To ensure automatic renewal, Certbot sets up a cron job by default, but you can manually test the renewal process:
Run the following command to simulate the renewal process:
1. sudo certbot renew --dry-run
If the command succeeds, your certificates will automatically renew in the future.
Configuring Apache on Ubuntu to serve multiple websites and secure them with SSL is an essential part of hosting. By setting up virtual hosts, enabling important modules, and securing your sites with Let’s Encrypt SSL certificates, you ensure your server is efficient, secure, and ready to serve traffic. This configuration allows you to easily manage multiple domains and keep your users' data safe with encrypted connections.
14-10-2024
This article offers a detailed guide on installing and configuring IPTables on an Ubuntu VPS. IPTables is a powerful firewall tool that helps secure your server by controlling inbound and outbound traffic. Learn how to set up rules for traffic filtering, configure basic security policies, and apply custom rules to protect your VPS.
IPtables
security
12 min
This article offers a comprehensive guide on installing and configuring ModSecurity, a powerful web application firewall (WAF), on an Ubuntu VPS. Learn how to secure your server by filtering and monitoring HTTP requests, set up ModSecurity with Nginx or Apache, and apply rules to protect against common web attacks.
Modsecurity
security
10 min
14-10-2024
This article provides a comprehensive guide on installing and configuring PHP-FPM (FastCGI Process Manager) on an Ubuntu VPS. Learn how to optimize PHP performance for your web applications by configuring PHP-FPM with Nginx or Apache, managing pools, and fine-tuning settings for efficient processing of PHP scripts.
PHP-FPM
speed
optimise
12 min