Apache []

Outils pour utilisateurs

Outils du site

Vous êtes ici : F1SLS Home » DOCUMENTATION » INFORMATIQUE » Linux » Apache
Apache

Différences

Ci-dessous, les différences entre deux révisions de la page.

Lien vers cette vue comparative

Les deux révisions précédentesRévision précédente
Prochaine révision		Révision précédente
documentation:informatique:linux:apache:index [2019/01/22 13:14] – [③] f1slsdocumentation:informatique:linux:apache:index [2019/05/05 16:22] (Version actuelle) f1sls
Ligne 1: Ligne 1:
 ====== Apache ====== ====== Apache ======
 +
 +===== Sécurité =====
 +  * https://bobcares.com/blog/apache-prevent-ddos/
  
 ===== SSL / https ===== ===== SSL / https =====
Ligne 55: Ligne 58:
 To override the default number of days for which the certificate is valid, you can specify -days X, where X is some other number. To override the default number of days for which the certificate is valid, you can specify -days X, where X is some other number.
  
-Easier Alternative for STEP 2+=== Easier Alternative for STEP 2 === 
 When the package ssl-cert is installed a self-signed certificate gets automatically created. The certificate is stored at When the package ssl-cert is installed a self-signed certificate gets automatically created. The certificate is stored at
  
Ligne 96: Ligne 100:
 If you have multiple sites on your server that will use distinct certificates, you will want to indicate so in their vhosts for apache SNI to function. If you can, it's even better to assign each site its own IP address to avoid use of SNI, since it does not work with all clients, but that's another matter, entirely. If you have multiple sites on your server that will use distinct certificates, you will want to indicate so in their vhosts for apache SNI to function. If you can, it's even better to assign each site its own IP address to avoid use of SNI, since it does not work with all clients, but that's another matter, entirely.
 ====⑤==== ====⑤====
 +After creating your SSL site, its time to enable it. To enable your newly created site you need to run this command.
 +
 +<code lang="bash">
 +$> a2ensite sitename
 +</code>
 +
 +Where "sitename" should be replace by the name of the site you have created in STEP 4, corresponding to the name of its vhost, and, consequently, its domain name (yoursite.
 +
 +====⑥====
 +
 +It is very important to tell the server to listen on port 443. That's why you need to add a line to ports.conf (/etc/apache2/ports.conf) file. After the modification your file should look something like this:
 +
 +<code lang="conf">
 +Listen 443
 +Listen 80
 +</code>
 +
 +====⑦====
 +Now restart the apache server to apply the changes.
 +
 +<code lang="bash">
 +$> /etc/init.d/apache2 restart
 +</code>
 +
 +or
 +
 +<code lang="bash">
 +$> service apache2 restart
 +</code>
 +
 +====⑧====
 +Open your browser and type:
 +
 +<code>
 +https://IP.ADDRESS.OF.SERVER
 +</code>
 +
 +where "IP.ADDRESS.OF.SERVER" is, you guessed it, the IP address of the server. If you have physical access and are working directly on the server, this could be ''https://127.0.0.1''. The loop-back address should take you to the default apache page and display the Certificate prompt.
 +
 +===== Redirection http ➡ https =====
 +[[https://www.tecmint.com/redirect-http-to-https-on-apache/|Source]]
 +==== Redirect HTTP to HTTPS on Apache Using .htaccess File ====
 +
 +For this method, make sure mod_rewrite is enabled, otherwise enable it like this on Ubuntu/Debian systems.
 +
 +<code lang="bash">
 +$ sudo a2enmod rewrite [Ubuntu/Debian]
 +</code>
 +
 +For CentOS/RHEL users, ensure that your have the following line in httpd.conf (mod_rewrite support – enabled by default).
 +
 +LoadModule rewrite_module modules/mod_rewrite.so
 +Now you just need to edit or create .htaccess file in your domain root directory and add these lines to redirect http to https.
 +
 +<code>
 +RewriteEngine On 
 +RewriteCond %{HTTPS}  !=on 
 +RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] 
 +</code>
 +
 +Now, when a visitor types http://www.yourdomain.com the server will automatically redirect HTTP to HTTPS  https://www.yourdomain.com.
 +
 +
 +==== Redirect HTTP to HTTPS on Apache Virtual Host ====
 +Additionally, to force all web traffic to use HTTPS, you can also configure your virtual host file. Normally, there are two important sections of a virtual host configurations if an SSL certificate is enabled; the first contains configurations for the non-secure port 80.
 +
 +The second is for the secure port 443. To redirect HTTP to HTTPS for all the pages of your website, first open the appropriate virtual host file. Then modify it by adding the configuration below.
 +
 +<code>
 +NameVirtualHost *:80
 +<VirtualHost *:80>
 +   ServerName www.yourdomain.com
 +   Redirect / https://www.yourdomain.com
 +</VirtualHost>
 +</code>
 +
 +<code>
 +<VirtualHost _default_:443>
 +   ServerName www.yourdomain.com
 +   DocumentRoot /usr/local/apache2/htdocs
 +   SSLEngine On
 +# etc...
 +</VirtualHost>
 +</code>
 +
 +Save and close the file, then restart the HTTP sever like this.
 +
 +<code lang="bash">
 +$ sudo systemctl restart apache2     [Ubuntu/Debian]
 +$ sudo systemctl restart httpd      [RHEL/CentOS]
 +</code>
  
 +While the ''<VirtualHost>'' is the most recommended solution because it is simpler and safer.
documentation/informatique/linux/apache/index.1548159261.txt.gz · Dernière modification : de f1sls

Outils de la page

Sauf mention contraire, le contenu de ce wiki est placé sous les termes de la licence suivante : CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki