# Apache

Apache webserver stuff

Enable .htaccess
SSL Redirect
Password access
- Apache 2.4+
- Apache 2.2
Generate .htaccess Passwords
- Creating the file and adding the first user
- Adding additional users
Config checks

# Enable .htaccess

Overrides will need to be allowed inside the <Directory> section of your .conf

AllowOverride ALL

# SSL Redirect

Instructions on how to redirect HTTP to HTTPS using .htaccess

RewriteEngine On
 # This will enable the Rewrite capabilities
RewriteCond %{HTTP:X-Forwarded-Proto} !https
 # We sit behind a load balancer on this service, so we need to check if https is being used by the end user
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [L,R=301]
 # This rule will redirect all users to the same location but using HTTPS.
 # R=301 sends a permanent redirect header to the client

# Password access

# Apache 2.4+

This isn't supported under Apache 2.2. We'll skip the password checks if they're not using HTTPS so that they can be redirected to HTTPS before being asked for a password. 192.168.0.1 will not be prompted for a password.

<If "%{HTTPS} == 'on'">
	AuthType Basic
	AuthName "Password Protected Area"
	AuthUserFile /etc/.htpasswd
	Require valid-user
	Allow from env=!HTTPS
	Require ip 192.168.0.1
</If>

# Apache 2.2

AuthType Basic
AuthName "Password Protected Area"
AuthUserFile /etc/.htpasswd
Require valid-user
Order deny,allow
Deny from all
Allow from 192.168.0.1
Satisfy any

# Generate .htaccess Passwords

# Creating the file and adding the first user

htpasswd -c /etc/.htpasswd <username>

# Adding additional users

htpasswd /etc/.htpasswd <username>

# Config checks

Show virtual servers and ports

apachectl -S

Check configuration files are correct

apachectl configtest

Reload config

apachectl graceful

← Smartctl Nginx →