Having a web server like Apache is a great starting point for getting started with web technology on Linux. So, in this post, you will learn how to install and secure Apache on Debian 11 and get it ready for the work you need to do with it.
Introducing to Apache webserver
According to the Apache Web server site
The Apache HTTP Server Project is a collaborative software development effort aimed at creating a robust, commercial-grade, featureful, and freely available source code implementation of an HTTP (Web) server.
We often talk about Apache webserver but the program itself is called httpd, however, we will continue to use the term Apache Web Server to refer to it.
Apache Web server is one of the most popular web servers out there along with Nginx and others. Now the next question is what is a Web Server?
A web server is a computer program that is responsible for processing a server-side application. The web server waits for a browser to make a request, such as accessing a web page and responds to the request by sending HTML code via a network data transfer.
So if you intend to develop a web application, you will necessarily have to use a web server to make your website available. Some advantages of using Apache are the following:
- Use the .htaccess file to configure whatever you want.
- It is one of the web servers with more years in the market, super reliable.
Apache can be customized, its structure is based on modules. - It allows you to activate and deactivate functionalities.
- OpenSource so we can examine the source code and its functionalities.
So, let’s go for it.
Install and Secure Apache on Debian 11
Apache Web Server is available from the official repositories. So, first of all, we have to open a terminal or connect via SSH to the server
sudo apt update
And you can install Apache Web Server by running the following command
sudo apt install apache2
This will install the Apache Web Server from the official repositories along with its dependencies.
Also, you can search for Apache related packages in the official repositories as follows
sudo apt search apache2
So, now Apache Web Server is installed on the system.
Setting the Firewall for Apache Web Server
Like almost any web server, Apache runs on ports 80 and 443 in the case of HTTPS. So we need to make some changes to the firewall.
So, to open these ports, you can run
sudo ufw allow 80 sudo ufw allow 443
This is at the system level but if you have other firewalls protecting your server, you have to open those ports on it.
This way, the server will now allow requests on those ports and Apache will work. So, open your browser and go to http://your-server-IP or http://your-domain and you will see this:
Working with the Apache Web Server service on Debian 11
Apache web server is managed through a system service. This means that we have to use the systemctl command to start or manage it.
So, if you want to start it you have to run
sudo systemctl start apache2
To stop it, just run
sudo systemctl stop apache2
In case you make changes to the Apache configuration, you will have to restart Apache for these changes to take effect.
sudo systemctl restart apache2
Or:
sudo systemctl reload apache2
Also, it is a good idea to check the status of the service to see if Apache is working properly.
sudo systemctl status apache2
So the operation of the service is similar to other services like MariaDB.
Secure Apache webserver
One of the fastest and most efficient ways to secure an Apache installation is to modify the /etc/apache2/conf-enabled/security.conf file and add certain parameters.
So, create a backup of this file before editing it
sudo cp /etc/apache2/conf-enabled/security.conf /etc/apache2/conf-enabled/security.conf.bak
And now you can edit it
sudo nano /etc/apache2/conf-enabled/security.conf
And add the following content. If there are items already in the file just update it.
Save the changes and close the file.
We have to modify another file called /etc/apache2/mods-enabled/ssl.conf with which we can define other features that allow us to increase the security of Apache.
Again, back up the file first
sudo cp /etc/apache2/mods-enabled/ssl.conf /etc/apache2/mods-enabled/ssl.conf.bak
Edit it
sudo nano /etc/apache2/mods-enabled/ssl.conf
And add the following
SSLProtocol -all +TLSv1.2 SSLCipherSuite HIGH:!aNULL:!MD5
Save the changes and restart apache to apply them.
sudo systemctl restart apache2
Now Apache is ready to use.
Conclusion
Apache Web Server is one of the most popular web applications and proof of this is that almost 40% of all websites are hosted with Apache. In addition to this, it is quite flexible and easy to implement configurations.
So, what do you think of Apache and its web server? Leave us a comment and help us grow.