Install Apache2 on Ubuntu 16.04
Apache2 on Ubuntu with free SSL certificate
A website is nowadays the sign of any company, hardly any company renounces the possibility to show on the Internet presence. But how do I make a server display a web page? There are many correct answers. One of them I’ll show you today. In this article, I will explain to you step by step how to install Apache2 on an Ubuntu server and then do it with a free SSL certificate from Let’s Encrypt. This is less effort than you might think. But one by one.
Preparing Ubuntu-Server for Apache2
Create a server with Ubuntu 16.04 LTS at a cloud provider of your choice – at gridscale you only need a few seconds. After starting the server, connect via SSH as root and update your server with the following command:
apt -y update && apt -y upgrade && apt -y dist-upgrade
Then you install Apache and Let’s Encrypt over apt.
apt -y install apache2 python-letsencrypt-apache
Once the installation is complete, you can already see a test web page on your server. Just open your browser and enter the IP of your server as the address. Now I’ll show you how you can keep it safe and where you can insert your content.
Assign a domain to the web page
Do you already have a domain or sub-domain for your website? Now put an A record on the IPv4 address and an AAAA record on the IPv6 address of your server in the DNS settings of your domain provider. Depending on the provider, changing the DNS settings may take a few seconds or several hours. You can get information about this at your provider. To test whether your domain is already redirected to your server, you can open it in your browser. Now you see the same content as with the IP, this is already a good sign.
In the current configuration, any domain pointing to the server would show up on the same web page. However, since you may want to run several websites on one server, I recommend you to assign the domain to a vHost. To do this, create a config file in the editor of your choice, simply take the default config as a template.
cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/meine-domain.conf
Of course, you can give your config file any name. The important thing is to know which file is assigned to which domain. Next, you edit the config file with an editor of your choice, for simplicity I choose nano.
In the first line, your top-level or sub-domain is entered instead of the asterisk. Attention: Please do not enter “www.my-domain.com”, instead go on with “my-domain.com” or “my.sub-domain.com”. In addition, the domain is still registered under #ServerName, simply replace “www.example.com” with your domain. Here also please again without “www.” However, in order for the website to be reached under the old-fashioned www.my-domain.com-address, an alias is entered. For this purpose, another entry is created under the entry ServerName: ServerAlias www.my-domain.com. In addition, you should provide a valid e-mail address at ServerAdmin and set the path to your web root directory under DocumentRoot. This can be / var / www / my-domain / for example. The rest of the settings will become interesting later.
Now we have a config, which points to a non-existing folder, we need to change it quickly.
mkdir /var/www/meine-domain && chown www-data:www-data /var/www/meine-domain/
Please pay attention to the exact spelling of the folder – it must exactly match the path in the config, also case-sensitive are relevant. Next, you enable the new Config and deactivate the old:
a2ensite meine-domain.config && a2dissite 000-default .conf
Afterwards, Apache has to be restarted again:
service apache2 restart
Now you can create an SSL certificate for your website. This not only contributes to security, but also in the Google ranking, secure sites are more popular than unsafe.
To do this, run the following command if you have a sub-domain:
letsencrypt --apache -d meine.sub-domain.de
If you have a top-level domain, the command looks like that:
letsencrypt --apache -d my-domain.com -d www.my-domain.com
If everything worked, you should now be asked for your e-mail address. This is important only for remembering to renew your certificates and to restore them. You will not receive any advertising or spam at this address. In the next step, you are asked to accept the terms of Let’s Encrypt. In the last step, you will be asked how you want to configure your server. Please select “Secure”. This ensures that all HTTP requests are automatically routed to HTTPS. Then you will be congratulated on your new certificate. This is now valid for 90 days and then has to be renewed. Simply enter the following command:
When it is time, you will be informed by e-mail.
Secruring Server absichern
To make your server even safer, you should close all unnecessary ports. If you do not accidentally block yourself with open ports, please enter the following commands in exactly the same order:
ufw allow ssh
ufw allow http
ufw allow https
Confirm the question with Y for yes. Now we are quite a bit further. At the moment your server has a direct assignment to your domain, can present itself with an SSL certificate and there is no unnecessary port open. All that is missing is content. This you load into the directory you created / var / www / my-domain / high, then it is immediately available.
If you want to know how to make your server more secure by using SSH-Keys, check out this article: Create SSH-Keys on Ubuntu 16.04
Apache2 on Ubuntu with free SSL certificate A website is nowadays the sign of any company, hardly any company renounces the possibility to show on the Internet presence. But how do I make a server display a web page? There are many correct answers. One of them I’ll show you today. In this article, I will […]
Thank you for your feedback!
We will get back to you as soon as the article is finished.