Skip to content


Installing Apache2

Install straight from the Ubuntu repositories:

sudo apt update && sudo apt install apache2

and enable:

sudo systemctl enable apache2 --now

Apache Configuration

Open the ports configuration file:

sudo nano /etc/apache2/ports.conf

Make sure the only listen directive is the following:

Listen 8080

Disable the SSL module as we won't be needing it:

sudo a2dismod ssl

Enable the RemoteIP module:

sudo a2enmod remoteip

Create a directory for our first website and apply initial permissions:

sudo mkdir -p /var/www/
sudo chown -R user:www-data /var/www/
sudo chmod -R 750 /var/www/

Set the html folder so future contents will inherit owner and group:

sudo chmod g+s /var/www/

Set the default permission of all future contents of the html folder to 750 for folders and 640 for files:

sudo setfacl -d -m g::r-X /var/www/
sudo setfacl -d -m o::--- /var/www/

Create the index.htm file:

nano /var/www/
<title>Welcome to!</title>
<h1>You are running on Ubuntu 20.04!</h1>

Create the virtualhost:

sudo nano /etc/apache2/sites-available/

    DocumentRoot /var/www/

    <Directory /var/www/>
        Options -Indexes +FollowSymLinks +MultiViews
        AllowOverride All
        Require all granted

    RemoteIPHeader X-Forwarded-For

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined


Amend the log format:

sudo nano /etc/apache2/apache2.conf

Change %h to %a in the combined log format:

LogFormat "%a %l %u %t \"%r\" %\>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined

and save.

Now we can remove potentially sensitive server info displayed to the end-user in the security.conf file:

sudo nano /etc/apache2/conf-available/security.conf

Set the following values:

ServerTokens Prod
ServerSignature Off

and save the file. Now enable the site:

sudo a2ensite

Disable the Apache2 default sites:

sudo a2dissite 000-default
sudo a2dissite 000-default-ssl

Restart Apache2:

sudo systemctl restart apache2

Check the config:

sudo apache2ctl configtest