Setting up Apache on Ubuntu
Apache has been serving websites since 1995 and it’s still one of the most common web servers on Linux. It’s flexible, well-documented, and available in every distribution’s package manager.
Installation
sudo apt install apache2
sudo systemctl enable apache2
sudo systemctl start apache2
Check it’s running:
systemctl status apache2
curl -I localhost
You should see the default Apache welcome page at http://your-server-ip.
Directory structure
/etc/apache2/— configuration root/etc/apache2/apache2.conf— main config file/etc/apache2/ports.conf— listening ports/etc/apache2/sites-available/— virtual host configs/etc/apache2/sites-enabled/— enabled sites (symlinks to sites-available)/etc/apache2/mods-available/— available modules/etc/apache2/mods-enabled/— enabled modules/var/www/html/— default document root
Virtual hosts
Virtual hosts let you serve multiple sites from one server.
Create a config file:
sudo nano /etc/apache2/sites-available/mysite.conf
<VirtualHost *:80>
ServerName mysite.com
ServerAlias www.mysite.com
DocumentRoot /var/www/mysite
<Directory /var/www/mysite>
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/mysite-error.log
CustomLog ${APACHE_LOG_DIR}/mysite-access.log combined
</VirtualHost>
Enable the site:
sudo a2ensite mysite.conf
sudo systemctl reload apache2
Disable the default site:
sudo a2dissite 000-default.conf
Modules
Apache’s functionality is modular. Enable and disable modules:
sudo a2enmod rewrite # enable URL rewriting
sudo a2enmod ssl # enable HTTPS
sudo a2enmod headers # enable header manipulation
sudo a2dismod status # disable status module
After enabling modules, restart Apache:
sudo systemctl restart apache2
Common modules:
mod_rewrite— URL rewriting (almost always needed)mod_ssl— HTTPS supportmod_proxy— reverse proxymod_headers— HTTP header manipulationmod_expires— cache control
.htaccess
.htaccess files allow per-directory configuration without editing the main config. They’re slower than main config changes because Apache reads them on every request.
Enable .htaccess in the virtual host config:
<Directory /var/www/mysite>
AllowOverride All
</Directory>
Common .htaccess uses:
# Redirect to HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Block access to .htaccess itself
<Files ".htaccess">
Require all denied
</Files>
For production, prefer virtual host config over .htaccess for performance.
Security basics
Disable directory listing:
<Directory /var/www/mysite>
Options -Indexes
</Directory>
Hide Apache version:
ServerTokens Prod
ServerSignature Off
Add to /etc/apache2/conf-enabled/security.conf.
Disable unnecessary modules. Every module is potential attack surface.
HTTPS with Let’s Encrypt
Install certbot:
sudo apt install certbot python3-certbot-apache
Get a certificate:
sudo certbot --apache -d mysite.com -d www.mysite.com
Certbot modifies your Apache config to use HTTPS and sets up automatic renewal.
Test renewal:
sudo certbot renew --dry-run
Performance tuning
KeepAlive (persistent connections):
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
MPM (Multi-Processing Module). Check which you’re using:
apache2ctl -V | grep MPM
For mpm_prefork (default, process-based):
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxRequestWorkers 150
MaxConnectionsPerChild 0
</IfModule>
For higher traffic, consider switching to mpm_event or mpm_worker (thread-based).
Log files
/var/log/apache2/access.log— all requests/var/log/apache2/error.log— errors and warnings
Monitor in real time:
sudo tail -f /var/log/apache2/access.log
Common mistakes
Forgetting to reload after config changes. sudo systemctl reload apache2 or sudo systemctl restart apache2.
Not enabling mod_rewrite. WordPress, Laravel, and most frameworks need it. sudo a2enmod rewrite.
DocumentRoot permissions. Apache needs read access to the document root. Check file permissions if you get 403 errors.
Using .htaccess in production. It works but adds overhead. Move rules to the virtual host config.
Remarks
Apache is battle-tested and flexible. The a2ensite/a2dissite/a2enmod commands make management straightforward. For simple sites, the defaults work fine. For production, enable only the modules you need, use the event MPM for better performance, and prefer virtual host config over .htaccess.
Related Posts
Vim survival guide for Linux admins
The minimum vim knowledge you need to survive on a Linux server. Editing config files without wanting to throw your keyboard.
Linux memory management: free, vmstat, and /proc
Understanding how Linux uses memory. Reading free correctly, using vmstat, and what /proc/meminfo actually tells you.
tmux: terminal multiplexing made simple
Using tmux to manage terminal sessions. Panes, windows, and why your SSH sessions should survive disconnects.