Install Apache2 on Ubuntu 16.04
Apache2 on Ubuntu with free SSL certificate
Nowadays, a website is the flagship of any company, hardly any company passes on the opportunity to show their presence online. So how do you make a server display a web page? There are many correct answers. We’ll show you one of them today. In this article, we will explain to you step by step how to install Apache2 on an Ubuntu server and then do it with a free SSL certificate from Let’s Encrypt. This is less effort than you might think. But first things first:
Preparing Ubuntu-Server for Apache2
Create a server with Ubuntu 16.04 LTS at a cloud provider of your choice – at gridscale, you only need a few seconds. After starting the server, connect via SSH as root and update your server with the following command:
apt -y update && apt -y upgrade && apt -y dist-upgrade
Then you install Apache and Let’s Encrypt over apt.
apt -y install apache2 python-letsencrypt-apache
Once the installation is complete, you can already see a test web page on your server. Just open your browser and enter the IP of your server as the address. Now we’ll show you how you can keep it safe and where you can insert your content.
Assign a domain to the web page
Do you already have a domain or sub-domain for your website? Now put an A record on the IPv4 address and an AAAA record on the IPv6 address of your server in the DNS settings of your domain provider. Depending on the provider, changing the DNS settings may take anywhere from a few seconds to several hours. You can get information about this from your provider. To test whether your domain is already redirected to your server, you can open it in your browser. If you see the same content as with the IP, this is already a good sign.
In the current configuration, any domain pointing to the server would show up on the same web page. However, since you may want to run several websites on one server, I recommend you assign the domain to a vHost. To do this, create a config file in the editor of your choice, simply take the default config as a template.
cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/meine-domain.conf
Of course, you can give your config file any name. The important thing is to know which file is assigned to which domain. Next, you edit the config file with an editor of your choice, for simplicity I choose nano.
In the first line, your top-level or sub-domain is entered instead of the asterisk. Attention: Please do not enter “www.my-domain.com”, instead go with “my-domain.com” or “my.sub-domain.com”. In addition, the domain is still registered under #ServerName, simply replace “www.example.com” with your domain. Again without “www.” However, in order for the website to be reached under the old-fashioned www.my-domain.com-address, an alias is entered. For this purpose, another entry is created under the entry ServerName: ServerAlias www.my-domain.com. In addition, you should provide a valid e-mail address at ServerAdmin and set the path to your web root directory under DocumentRoot. This can be / var / www / my-domain / for example. The rest of the settings will become interesting later.
Now we have a config, which points to a non-existing folder, we need to change it quickly.
mkdir /var/www/meine-domain && chown www-data:www-data /var/www/meine-domain/
Please pay attention to the exact spelling of the folder – it must exactly match the path in the config, also case-sensitive are relevant. Next, you enable the new Config and deactivate the old:
a2ensite meine-domain.config && a2dissite 000-default .conf
Afterwards, Apache has to be restarted again:
service apache2 restart
Now you can create an SSL certificate for your website. This not only contributes to security but also to the Google ranking, secure sites are more popular than unsafe sites.
To do this, run the following command if you have a sub-domain:
letsencrypt --apache -d meine.sub-domain.de
If you have a top-level domain, the command looks like this:
letsencrypt --apache -d my-domain.com -d www.my-domain.com
If everything worked, you should now be asked for your e-mail address. This is important only for reminders to renew and/or restore your certificates. You will not receive any advertising or spam at this address. In the next step, you are asked to accept the terms of Let’s Encrypt. In the last step, you will be asked how you want to configure your server. Please select “Secure”. This ensures that all HTTP requests are automatically routed to HTTPS. Then you will be congratulated on your new certificate. This is now valid for 90 days before it has to be renewed. Simply enter the following command:
When it is time, you will be informed by e-mail.
Securing Your Server
To make your server even safer, you should close all unnecessary ports. So that you don’t accidentally block yourself while closing the open ports, please enter the following commands in exactly the same order:
ufw allow ssh
ufw allow http
ufw allow https
Confirm the question with Y for yes. Now things are coming along quite nicely. At the moment your server is directly allocated to your domain, can present itself with an SSL certificate and there are no unnecessary ports open. All that is missing is content. You can load this into the directory you created / var / www / my-domain / , then it will become available immediately.
If you want to know how to make your server more secure by using SSH-Keys, check out this article: Create SSH-Keys on Ubuntu 16.04Zurück zur Tutorial Übersicht Back to Tutorial Overview
Apache2 on Ubuntu with free SSL certificate Nowadays, a website is the flagship of any company, hardly any company passes on the opportunity to show their presence online. So how do you make a server display a web page? There are many correct answers. We’ll show you one of them today. In this article, we […]
Thank you for your feedback!
We will get back to you as soon as the article is finished.