apache httpd reference
key paths (debian/ubuntu)
- Config root:
/etc/apache2/
- Virtual hosts:
/etc/apache2/sites-available/ & sites-enabled/
- Modules:
/etc/apache2/mods-available/ & mods-enabled/
- Logs:
/var/log/apache2/access.log, error.log
service control
| Action | Command |
|---|
| Start/Stop/Restart | sudo systemctl start|stop|restart apache2 |
| Reload config | sudo systemctl reload apache2 |
| Enable at boot | sudo systemctl enable apache2 |
| Check status | systemctl status apache2 |
config checks
| Task | Command |
|---|
| Syntax test | sudo apachectl configtest |
| List loaded modules | apachectl -M |
| Virtual host map | apachectl -S |
enable/disable vhosts & modules
| Action | Command |
|---|
| Enable site | sudo a2ensite example.conf |
| Disable site | sudo a2dissite example.conf |
| Enable module | sudo a2enmod rewrite |
| Disable module | sudo a2dismod php8.2 |
| Reload after changes | sudo systemctl reload apache2 |
minimal virtual host (http)
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example
ErrorLog ${APACHE_LOG_DIR}/example-error.log
CustomLog ${APACHE_LOG_DIR}/example-access.log combined
</VirtualHost>
redirect http→https
<VirtualHost *:80>
ServerName example.com
RewriteEngine On
RewriteRule ^/(.*)$ https://example.com/$1 [R=301,L]
</VirtualHost>
basic auth snippet
<Directory /var/www/secure>
AuthType Basic
AuthName \"Restricted\"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
</Directory>
# create user: htpasswd -c /etc/apache2/.htpasswd alice
ssl (with let's encrypt)
sudo apt install certbot python3-certbot-apache
sudo certbot --apache -d example.com -d www.example.com
sudo systemctl reload apache2
performance knobs
- MPM: switch between
mpm_prefork and mpm_event (a2dismod/a2enmod).
KeepAlive On; tune KeepAliveTimeout (1–5s typical).- Enable compression:
a2enmod deflate and set AddOutputFilterByType DEFLATE text/html text/css application/javascript.
- Cache static:
ExpiresActive On, ExpiresByType text/css \"access plus 7 days\", etc.
logs and debugging
- Tail combined logs:
sudo tail -f /var/log/apache2/access.log /var/log/apache2/error.log
- Per-vhost logs defined via
ErrorLog and CustomLog.
- Increase verbosity: set
LogLevel debug inside a vhost/location for temporary troubleshooting.
common errors & fixes
- 403 forbidden: check
DocumentRoot path permissions; ensure Require all granted present or proper AllowOverride with .htaccess.
- ah00558 fqdn warning: set
ServerName in /etc/apache2/apache2.conf (e.g., ServerName localhost).
- redirect loop after https rewrite: guard with
RewriteCond %{HTTPS} off before the RewriteRule.
- permission denied on logs: check ownership/SELinux; on RHEL run
restorecon -R /var/log/httpd.
- module not loaded: enable needed module via
a2enmod rewrite ssl headers then reload.
Return to Home