Author |
Topic: Install Apache httpd on AWS EC2 instance |
|
Linux member offline |
|
posts: |
120 |
joined: |
01/24/2011 |
from: |
San Jose, CA |
|
|
|
|
|
Install Apache httpd on AWS EC2 instance |
So now we have: A basic Linux box running in the cloud; A public static ipAddress binding to the instance/box; A public domain pointing to the ipAddress and hence the box; A Tomcat container running in the box;
Now we want an extra Apache web server sitting in front of Tomcat. Why? The advantages are: Apache is efficient in handling static contents via caching mechanism. Apache supports multiple domains on the same ipAddress via VirtualHost Better security by hiding Tomcat
AWS micro EC2 instance supports the yum package manager, which installs RPM packages from a repository.
# yum install httpd
The main stuff is loaded under /etc/httpd
Before starting our server, we can configure parameters in Apache’s "/etc/httpd/conf/httpd.conf". For example, the default document root is:
DocumentRoot /var/www/html
You may want to change it into:
DocumentRoot /home/ec2-user/public_html
Let’s create a HTML file named "test.html" in public_html directory:
<html>
<body>
<p>Apache httpd server is running on AWS EC2 instance!</p>
</body>
</html>
Now it's time to start the server:
# /etc/init.d/httpd start
If you want your server to survive box reboot:
# chkconfig httpd on
|
|
|
|
|
|
|
Linux member offline |
|
posts: |
120 |
joined: |
01/24/2011 |
from: |
San Jose, CA |
|
|
|
|
|
Running multiple name-based websites on a single IP address |
Your server has a single IP address, for example, 123.123.123.123, and multiple aliases (CNAMES) point to this machine in DNS. Specifically, You want to run a web server for www.example1.com and www.example2.com on the same machine.
example1.com --- DNS ---|
|
|--- 123.123.123.123 ---> /home/ec2-user
| + -- /example1.com
example2.com --- DNS ---| + -- /html
- -- index.html
+ -- /example2.com
+ -- /html
- -- index.html
Here is the corresponding settings in "/etc/httpd/conf/httpd.conf"
# Ensure that Apache listens on port 80
Listen 80
# Listen for virtual host requests on IP addresse: 123.123.123.123
NameVirtualHost 123.123.123.123:80
<VirtualHost 123.123.123.123:80>
DocumentRoot /home/ec2-user/example1.com/html
ServerName example1.com
ServerAlias www.example1.com
# Other directives here
</VirtualHost>
<VirtualHost 123.123.123.123:80>
DocumentRoot /www/ec2-user/example2.com/html
ServerName example2.com
ServerAlias www.example2.com
# Other directives here
</VirtualHost>
|
|
|
|
|
|
|
Linux member offline |
|
posts: |
120 |
joined: |
01/24/2011 |
from: |
San Jose, CA |
|
|
|
|
|
A working case for name-based virtual hosting |
For same reason, the name-based virtual hosting on explicit IP address is not working on AWS EC2 Micro instance. But the wildcard * is working which means it is going to accept all requests to this server. Any request with unmatched domain/server name will be served by the first <VirtualHost> block, which is the default one.
# Listen for virtual host requests
NameVirtualHost *:80
<VirtualHost *:80>
ServerName example1.com
ServerAlias www.example1.com
DocumentRoot /home/ec2-user/example1.com/html
SuexecUserGroup ec2-user ec2-user
<Directory /home/ec2-user/example1.com/html>
Options Indexes Includes FollowSymLinks
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName example2.com
ServerAlias www.example2.com
DocumentRoot /www/ec2-user/example2.com/html
<Directory /home/ec2-user/example2.com/html>
Options Indexes Includes FollowSymLinks
AllowOverride All
</Directory>
</VirtualHost>
|
|
|
|
|
|
|
AwsEC2 member offline |
|
posts: |
39 |
joined: |
08/28/2012 |
from: |
CA |
|
|
|
|
|
Side Notes |
1) The settings should be
# Listen for virtual host requests
NameVirtualHost *:80
<VirtualHost *:80>
ServerName example1.com
ServerAlias www.example1.com
DocumentRoot /home/ec2-user/example1.com/html
SuexecUserGroup ec2-user ec2-user
<Directory /home/ec2-user/example1.com/html>
Options Indexes Includes FollowSymLinks
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName example2.com
ServerAlias www.example2.com
DocumentRoot /home/ec2-user/example2.com/html
<Directory /home/ec2-user/example2.com/html>
Options Indexes Includes FollowSymLinks
AllowOverride All
</Directory>
</VirtualHost>
2) Error Forbidden: http://www.example1.com/ returns the followings
Forbidden
You don't have permission to access / on this server.
Apache/2.2.22 (Amazon) Server at www.example1.com Port 80
By default, the folder /home/ec2-user comes with the permission rwx------. Even though you have made all your document root /home/ec2-user/example1.com/html accessible by 'others' via rwxr-xr-x, http://www.example1.com/index.html will be forbidden. You have to allow the read permission from the very top node.
+ -- home rwxr-xr-x root
+ -- ec2-user rwxr-xr-x ec2-user
+ -- example1.com rwxr-xr-x ec2-user
+ -- html rwxr-xr-x ec2-user
- -- index.html rwxr-xr-x ec2-user
+ -- example2.com rwxr-xr-x ec2-user
+ -- html rwxr-xr-x ec2-user
- -- index.html rwxr-xr-x ec2-user
3) For testing purpose, you can fake the DNS from the local file
Location: C:\Windows\System32\drivers\etc\hosts
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
123.123.123.123 example1.com www.example1.com
123.123.123.123 example2.com www.example2.com
Apparently, it works only from your local machine.
Type into your browser: http://www.example1.com, you should get response similar like:
This is content from index file for www.example1.com
|
|
|
|
|
|
|
AwsEC2 member offline |
|
posts: |
39 |
joined: |
08/28/2012 |
from: |
CA |
|
|
|
|
|
|
For Apache2.4:
If you want to avoid the following rejection:
Forbidden
You don't have permission to access / on this server.
Apache/2.4.7 (Ubuntu) Server at 10.11.10.182 Port 80
you have to specifically give the permission inside file /etc/apache2/sites-enabled/canvas.conf:
<Directory /var/canvas/public>
Options All
AllowOverride All
Require all granted
</Directory>
Because, the main configuration file /etc/apache2/apache2.conf has the following:
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
which must be overridden from sub-directory.
|
|
|
|
|
|
|
AwsEC2 member offline |
|
posts: |
39 |
joined: |
08/28/2012 |
from: |
CA |
|
|
|
|
|
Restart httpd after configuration file change |
# systemctl restart httpd
or
# service httpd restart
To show status
# systemctl status httpd.service -l
|
|
|
|
|
|
|