Open main menu

Changes

133 bytes removed ,  14:21, 20 May 2020
Apache (the webserver) is a [https://www.apache.org/free/ freely licensed] project of the Apache Software Foundation.
== Docs ==
In addition to the extensive [http://httpd.apache.org online documentation of the Apache project], you should consult the local documentation on your system under /usr/share/doc/apache2.2-common or similar
The [https://help.ubuntu.com/lts/serverguide/httpd.html Ubuntu Server Guide] is also a helpful documentation source.
== Canonical Domain ==
Here is how we use Apache to answer requests to our multiple registered TLDs, but direct everything to our canonical "bare" domain.
<source lang="apache">
RewriteRule ^/?(.*) https://equality-tech.com/$1 [L,R=301,NE]
</source>
* Flags: No Case, Last, Redirect permanent, No Escape <ref>https://httpd.apache.org/docs/current/rewrite/flags.html#flag_ne</ref>
* Response Code: 301 = Permanent <ref>https://tools.ietf.org/html/rfc2616</ref>
*Flags: No Case, Last, Redirect permanent, No Escape <ref>https://httpd.apache.org/docs/current/rewrite/flags.html#flag_ne</ref>*Response Code: 301 = Permanent <ref>https://tools.ietf.org/html/rfc2616</ref> == Rewrites ==
Use .htaccess ONLY for testing rules on-the-fly during development
so that you don't have to constantly reload Apache.
you can place the rules in a <directory> stanza)
== Secure Server ==
These notes illustrate what I did for my Ubuntu system and are based on an instructional video from Linux Journal for RedHat systems see http://www.linuxjournal.com/video/set-secure-virtual-host-apache
</source>
== SSL Providers ==Check your domain registrar for their services or products around SSL certificates. There are a lot of Certificate Authorities to choose from. Plus a lot of options on those certificates. You can still get a free SSL certificate from StartSSL.com. However, a new and very interesting service is available from We use the [[TLS|Lets Encrypt]] project: They automate free certificate installation, making TLS security accessible to all. If you want expert help in getting your site secured, contact {{CompanyName}}
== Security ==
Check out the NIST and DISA checklist and STIG docs, they are good places to start - their checks are based on industry best practices and Apache httpd CVEs.
Thank the US tax payers =)
== Support / Customization ==
There is a presentation on http://OutOfOrder.cc about Mass Virtual Hosting approaches that is worth a look if you're considering that. OutOfOrder.cc is a collaborative effort between Paul Querna and Edward Rudd -- two guys who have a lot of experience with Apache.
== Quick Check ==
You have a bunch of virtual hosts configured by various files in your Apache's configuration directories. Since you can output them all with <code>apache2ctl -S</code>, you can also do a bit more parsing of the output to be able to quickly check if they're all responding.