To create Apache on a Linux server, install the Apache package, start and enable the service, open firewall ports 80/443, verify with a browser or curl, add a Virtual Host for your domain, and secure it with a free Let’s Encrypt SSL. On Ubuntu use apt; on RHEL-family distros use dnf.
Setting up the Apache web server is one of the most reliable ways to host websites on Linux. In this guide, I’ll show you exactly how to create Apache on a Linux server from scratch, configure virtual hosts, enable HTTPS, harden security, and optimize performance—step by step and beginner-friendly.
Primary keyword focus: How to Create Apache on Linux Server. Secondary keywords included naturally: install Apache, Apache web server, virtual hosts, Let’s Encrypt SSL, hardening, performance tuning.
What is Apache and Why Use it?
Apache HTTP Server is an open source web server that powers millions of sites. It’s stable, widely supported, modular, and works across all major Linux distributions.
If you want a proven, flexible server for PHP apps, static websites, and CMSs like WordPress, Apache is a top choice.
Prerequisites
- A Linux server (Ubuntu/Debian or RHEL/CentOS/AlmaLinux/Rocky)
- Root or sudo access
- A domain name (optional but recommended)
- Firewall access (UFW or firewalld) and open ports 80/443
- DNS A record pointing to your server’s public IP (for HTTPS)
Install Apache on Popular Linux Distributions
Ubuntu / Debian
sudo apt update
sudo apt install -y apache2
sudo systemctl enable --now apache2
sudo ufw allow 'Apache Full' # opens ports 80 and 443
sudo ufw statusRHEL / CentOS / AlmaLinux / Rocky
sudo dnf install -y httpd
sudo systemctl enable --now httpd
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reloadTip: On SELinux-enabled systems, if your site needs network calls (e.g., to a database on another host), enable the boolean:
sudo setsebool -P httpd_can_network_connect 1Verify Apache Is Running
Open your browser and visit http://your_server_ip or http://your_domain. You should see the Apache default page. Or verify with curl:
curl -I http://SERVER_IP
# Expect: HTTP/1.1 200 OKCreate Your First Apache Virtual Host
Virtual hosts let you host multiple sites on one server. Replace example.com with your domain.
Ubuntu / Debian: sites-available + a2ensite
sudo mkdir -p /var/www/example.com/public_html
sudo chown -R $USER:$USER /var/www/example.com/public_html
echo "<h1>Hello from example.com</h1>" | sudo tee /var/www/example.com/public_html/index.html
sudo nano /etc/apache2/sites-available/example.com.confPaste this vhost:
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com/public_html
<Directory /var/www/example.com/public_html>
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/example_error.log
CustomLog ${APACHE_LOG_DIR}/example_access.log combined
</VirtualHost>sudo a2ensite example.com.conf
sudo a2dissite 000-default.conf
sudo a2enmod rewrite headers
sudo apachectl configtest
sudo systemctl reload apache2RHEL Family: conf.d
sudo mkdir -p /var/www/example.com/public_html
sudo chown -R apache:apache /var/www/example.com
echo "<h1>Hello from example.com</h1>" | sudo tee /var/www/example.com/public_html/index.html
sudo nano /etc/httpd/conf.d/example.com.confPaste this vhost:
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com/public_html
<Directory /var/www/example.com/public_html>
AllowOverride All
Require all granted
</Directory>
ErrorLog /var/log/httpd/example_error.log
CustomLog /var/log/httpd/example_access.log combined
</VirtualHost>sudo apachectl configtest
sudo systemctl reload httpdAdd HTTPS with Let’s Encrypt (Free SSL)
SSL is essential for security and SEO. Use Certbot to request and auto-configure HTTPS certificates.
Ubuntu / Debian
sudo apt install -y certbot python3-certbot-apache
sudo certbot --apache -d example.com -d www.example.com
# Choose redirect to force HTTPS
sudo systemctl status certbot.timer # auto-renewalRHEL / CentOS / AlmaLinux / Rocky
sudo dnf install -y certbot python3-certbot-apache
# If EPEL is required: sudo dnf install -y epel-release
sudo certbot --apache -d example.com -d www.example.com
sudo systemctl status certbot-renew.timerCertificates renew automatically. You can test renewal with:
sudo certbot renew --dry-runServe PHP (LAMP Stack)
If you plan to run WordPress or PHP apps, add PHP and its Apache module.
Ubuntu / Debian
sudo apt install -y php libapache2-mod-php php-mysql php-cli php-xml php-curl
sudo systemctl reload apache2
echo "<?php phpinfo(); ?>" | sudo tee /var/www/example.com/public_html/info.phpRHEL Family
sudo dnf install -y php php-mysqlnd php-cli php-xml php-curl
sudo systemctl reload httpd
echo "<?php phpinfo(); ?>" | sudo tee /var/www/example.com/public_html/info.phpVisit https://example.com/info.php to confirm. Remove this file afterward for security.
Essential Apache Security Hardening
- Keep packages updated: apt upgrade or dnf upgrade regularly.
- Hide version info: set ServerTokens Prod and ServerSignature Off.
- Disable directory listing: Options -Indexes in Directory blocks.
- Strict permissions: files 640, directories 750; owned by a deploy user and group readable by web server.
- Use HTTPS only: redirect HTTP to HTTPS in your vhost.
- Enable security modules: ModSecurity (WAF) and mod_evasive where supported.
- Backups: automate site and config backups off-server.
# Ubuntu/Debian
sudo nano /etc/apache2/conf-available/security.conf
# RHEL family
sudo nano /etc/httpd/conf.d/security.conf
# Add:
ServerTokens Prod
ServerSignature Off
TraceEnable OffPerformance Tuning Basics
- Use the event MPM for modern, scalable performance (great for HTTPS).
- Enable compression and caching headers to reduce payloads.
- Right-size KeepAlive (On; KeepAliveTimeout 2–5; MaxKeepAliveRequests 100–200).
- Serve static assets via CDN when possible.
- Profile with Apache logs and a lightweight load test (ab or wrk).
# Switch to event MPM (Ubuntu/Debian)
sudo a2dismod mpm_prefork
sudo a2enmod mpm_event
sudo systemctl restart apache2
# Compression and cache headers
# Ubuntu: /etc/apache2/conf-available/performance.conf
# RHEL: /etc/httpd/conf.d/performance.conf
AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css text/javascript application/javascript application/json
Header set Cache-Control "public, max-age=31536000" "expr=%{REQUEST_URI} -strmatch '*\\.(css|js|png|jpg|jpeg|gif|svg|woff|woff2)$'"
FileETag NoneUseful Management Commands
Service Control
# Ubuntu/Debian
sudo systemctl status apache2
sudo systemctl reload apache2
sudo systemctl restart apache2
# RHEL family
sudo systemctl status httpd
sudo systemctl reload httpd
sudo systemctl restart httpdLogs and Diagnostics
# Ubuntu/Debian
tail -f /var/log/apache2/access.log /var/log/apache2/error.log
# RHEL family
tail -f /var/log/httpd/access_log /var/log/httpd/error_log
# Validate configuration
sudo apachectl configtestTroubleshooting Common Issues
- 403 Forbidden: Ensure DocumentRoot exists, permissions are correct, and Directory block includes “Require all granted”. On SELinux, run restorecon -Rv /var/www.
- 404 Not Found: Check VirtualHost ServerName/ServerAlias matches your requested host and DNS points to the server.
- Site loads over HTTP only: Ensure port 443 is open, SSL cert installed, and HTTPS vhost exists. Certbot can automate this.
- Rewrite rules not working: Confirm AllowOverride All and that mod_rewrite is enabled.
- Port conflicts: Verify nothing else binds to 80/443 (sudo ss -tulpn | grep :80).
When to Consider Managed Hosting
If you’d rather focus on your app than server administration, a managed VPS or Dedicated Server can save hours weekly. At YouStable, we provide optimized Linux servers with one-click LAMP images, built-in firewalls, 24×7 monitoring, and expert support to keep Apache fast, secure, and always up-to-date.
Best Practices Checklist
- Install Apache and enable the service on boot.
- Open HTTP/HTTPS in your firewall.
- Create separate virtual hosts per domain.
- Enable HTTPS with Let’s Encrypt and auto-renewal.
- Harden: hide server tokens, disable indexes, tighten permissions.
- Tune: event MPM, compression, cache headers, sensible KeepAlive.
- Monitor logs and set up automated backups.
FAQ’s
Which Linux distro is best for Apache?
Ubuntu and Debian are popular for simplicity and documentation. RHEL-based distros (AlmaLinux/Rocky) are favored in enterprises for long-term support and SELinux. Apache runs great on all; choose the ecosystem you’re comfortable supporting.
Where is the Apache configuration file on Linux?
Ubuntu/Debian use /etc/apache2/ with vhosts in sites-available and sites-enabled. RHEL-family distros use /etc/httpd/ with vhosts typically in conf.d. The main file is apache2.conf (Debian) or httpd.conf (RHEL), which includes additional *.conf files.
How do I host multiple websites on one server?
Create a VirtualHost for each domain with its own DocumentRoot. On Ubuntu, enable with a2ensite; on RHEL, drop a .conf into /etc/httpd/conf.d. Point each domain’s DNS A record to your server’s IP and reload Apache.
How do I change Apache’s default port?
Update the Listen directive and any VirtualHost blocks. On Ubuntu/Debian, edit /etc/apache2/ports.conf and vhost files; on RHEL, edit the relevant .conf files. Open the new port in your firewall and reload Apache. Avoid using privileged ports without proper firewalling.
Is Apache free and secure for production use?
Yes. Apache is open-source, battle-tested, and secure when maintained correctly. Keep packages updated, enforce HTTPS, harden configurations, and monitor logs. Consider a managed provider like YouStable if you need expert help with ongoing security and performance.
Conclusion
You’ve learned how to create Apache on a Linux server, configure virtual hosts, add HTTPS, secure the stack, and tune performance. Follow the checklist, automate updates and backups, and you’ll have a fast, resilient web server ready for WordPress, Laravel, or any PHP site—managed or self-hosted.
